示例#1
0
文件: lib.php 项目: vohung96/mahara
/**
 * synchronize Mahara's groups with groups defined on a LDAP server
 *
 * @param string $institutionname Name of the institution to process
 * @param array $excludelist exclude LDAP groups matching these regular expressions in their names
 * @param array $includelist process only LDAP groups matching these regular expressions in their names
 * @param array $onlycontexts Restrict searching in these contexts (override values set in authentication plugin)
 * @param boolean $searchsub search in subcontexts (override values set in authentication plugin)
 * @param string $grouptype type of Mahara group to create, should be 'standard' or 'course'
 * @param string $groupattribute If this is present, then instead of searching for groups as objects in ldap,
 *     we search for distint values of this attribute in user accounts in LDAP, and create a group for each distinct value.
 * @param boolean $docreate create new accounts
 * @param boolean $dryrun dummy execution. Do not perform any database operations
 * @return boolean
 */
function auth_ldap_sync_groups($institutionname, $syncbyclass = false, $excludelist = null, $includelist = null, $onlycontexts = null, $searchsub = null, $grouptype = null, $docreate = null, $nestedgroups = null, $groupclass = null, $groupattribute = null, $syncbyattribute = false, $userattribute = null, $attrgroupnames = null, $dryrun = false)
{
    log_info('---------- started institution group sync for "' . $institutionname . '" at ' . date('r', time()) . ' ----------');
    if (get_config('auth_ldap_debug_sync_cron')) {
        log_debug("exclusion list : ");
        var_dump($excludelist);
        log_debug("inclusion list : ");
        var_dump($includelist);
    }
    $auths = get_records_select_array('auth_instance', "authname in ('cas', 'ldap') and institution=?", array($institutionname));
    if (get_config('auth_ldap_debug_sync_cron')) {
        log_debug("auths candidates : ");
        var_dump($auths);
    }
    if (count($auths) == 0) {
        log_warn(get_string('nomatchingauths', 'auth.ldap'));
        return false;
    }
    $result = true;
    foreach ($auths as $auth) {
        $instance = new AuthLdap($auth->id);
        $instance->set_config('syncgroupscron', true);
        $instance->set_config('syncgroupsbyclass', $syncbyclass);
        $instance->set_config('syncgroupsbyuserfield', $syncbyattribute);
        if ($excludelist !== null) {
            if (!is_array($excludelist)) {
                $excludelist = preg_split('/\\s*,\\s*/', trim($excludelist));
            }
            $instance->set_config('syncgroupsexcludelist', $excludelist);
        }
        if ($includelist !== null) {
            if (!is_array($includelist)) {
                $includelist = preg_split('/\\s*,\\s*/', trim($includelist));
            }
            $instance->set_config('syncgroupsincludelist', $includelist);
        }
        if ($onlycontexts !== null) {
            $instance->set_config('syncgroupscontexts', $onlycontexts);
        }
        if ($searchsub !== null) {
            $instance->set_config('syncgroupssearchsub', $searchsub);
        }
        if ($grouptype !== null) {
            $instance->set_config('syncgroupsgrouptype', $grouptype);
        }
        if ($nestedgroups !== null) {
            $instance->set_config('nestedgroups', $nestedgroups);
        }
        if ($groupclass !== null) {
            $instance->set_config('syncgroupsgroupclass', $groupclass);
        }
        if ($groupattribute !== null) {
            $instance->set_config('syncgroupsgroupattribute', $groupattribute);
        }
        if ($docreate !== null) {
            $instance->set_config('syncgroupsautocreate', $docreate);
        }
        $result = $result && $instance->sync_groups($dryrun);
    }
    log_info('---------- finished institution group sync at ' . date('r', time()) . ' ----------');
    return $result;
}