Index: ldapgroups.admin.inc
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/ldap_integration/ldapgroups.admin.inc,v
retrieving revision 1.2
diff -u -r1.2 ldapgroups.admin.inc
--- ldapgroups.admin.inc 19 Feb 2009 16:56:16 -0000 1.2
+++ ldapgroups.admin.inc 12 Mar 2009 19:31:49 -0000
@@ -64,13 +64,15 @@
);
}
elseif ($op == 'edit' && $sid) {
- $edit = db_fetch_array(db_query("SELECT ldapgroups_in_dn, ldapgroups_dn_attribute, ldapgroups_in_attr, ldapgroups_attr, ldapgroups_as_entries, ldapgroups_entries, ldapgroups_entries_attribute FROM {ldapauth} WHERE sid = %d", $sid));
+ $edit = db_fetch_array(db_query("SELECT * FROM {ldapauth} WHERE sid = %d", $sid));
+
+ drupal_set_title(t('Settings for LDAP group %group.', array('%group' => $edit['name'])));
$form['group_dn'] = array(
'#type' => 'fieldset',
'#title' => t('Group by DN'),
'#collapsible' => TRUE,
- '#collapsed' => FALSE,
+ '#collapsed' => !$edit['ldapgroups_in_dn'],
);
$form['group_dn']['ldapgroups_in_dn'] = array(
'#type' => 'checkbox',
@@ -91,7 +93,7 @@
'#type' => 'fieldset',
'#title' => t('Group by attribute'),
'#collapsible' => TRUE,
- '#collapsed' => FALSE,
+ '#collapsed' => !$edit['ldapgroups_in_attr'],
);
$form['group_attr']['ldapgroups_in_attr'] = array(
'#type' => 'checkbox',
@@ -101,7 +103,7 @@
$form['group_attr']['ldapgroups_attr'] = array(
'#type' => 'textarea',
'#title' => t('Attribute names (one per line)'),
- '#default_value' => $edit['ldapgroups_attr'],
+ '#default_value' => implode("\n", ($edit['ldapgroups_attr'] ? unserialize($edit['ldapgroups_attr']) : array())),
'#cols' => 50,
'#rows' => 6,
'#description' => t('If the groups are stored in the user entries, along with the rest of their data, then enter here a list of attributes which may contain them.'),
@@ -111,7 +113,7 @@
'#type' => 'fieldset',
'#title' => t('Group by entry'),
'#collapsible' => TRUE,
- '#collapsed' => FALSE,
+ '#collapsed' => !$edit['ldapgroups_as_entries'],
);
$form['group_entry']['ldapgroups_as_entries'] = array(
'#type' => 'checkbox',
@@ -121,7 +123,7 @@
$form['group_entry']['ldapgroups_entries'] = array(
'#type' => 'textarea',
'#title' => t('Nodes containing groups (one per line)'),
- '#default_value' => $edit['ldapgroups_entries'],
+ '#default_value' => implode("\n", ($edit['ldapgroups_entries'] ? unserialize($edit['ldapgroups_entries']) : array())),
'#cols' => 50,
'#rows' => 6,
'#description' => t('Enter here a list of nodes from where groups should be searched for. The module will look them up recursively from the given nodes.'),
@@ -134,6 +136,52 @@
'#maxlength' => 255,
'#description' => t('Name of the multivalued attribute which holds the CNs of group members, for example: !attr', array('!attr' => theme('placeholder', LDAPGROUPS_DEFAULT_ENTRIES_ATTRIBUTE))),
);
+ $form['group_filter'] = array(
+ '#type' => 'fieldset',
+ '#title' => t('LDAP group to Drupal role filtering'),
+ '#description' => t('The module automatically decides names for the Drupal roles based in the names of the LDAP groups. For example:- LDAP group: Admins => Drupal role: Admins
- LDAP group: ou=Underlings,dc=myorg,dc=mytld => Drupal role: Underlings.
'),
+ '#collapsible' => TRUE,
+ '#collapsed' => !($edit['ldapgroups_mappings'] || $edit['ldapgroups_filter_php']),
+ );
+ $mappings = '';
+ foreach (($edit['ldapgroups_mappings'] ? unserialize($edit['ldapgroups_mappings']) : array()) as $group => $role)
+ $mappings .= $group .'|'. $role ."\n";
+ $form['group_filter']['ldapgroups_mappings'] = array(
+ '#type' => 'textarea',
+ '#title' => t('Mapping of LDAP groups to Drupal roles'),
+ '#default_value' => $mappings,
+ '#cols' => 50,
+ '#rows' => 5,
+ '#description' => t('Enter a list of LDAP groups and their Drupal role mappings, one per line with a | delimiter. Should be in the form [ldap group]|[drupal role] such as:
cn=ED IT NAG Staff,DC=ad,DC=uiuc,DC=edu|admin
cn=Ed Webs UIUC Webmasters,DC=ad,DC=uiuc,DC=edu|committee member.'),
+ );
+ $form['group_filter']['ldapgroups_mappings_filter'] = array(
+ '#type' => 'checkbox',
+ '#title' => t('Use LDAP group to Drupal roles filtering'),
+ '#default_value' => $edit['ldapgroups_mappings_filter'],
+ '#description' => t('If enabled, only above mapped groups will be mapped to Drupal roles. If not enabled, a drupal role will be created for every group the user is associated with.')
+ );
+ $form['group_filter']['ldapgroups_filter_php'] = array(
+ '#type' => 'textarea',
+ '#title' => t('PHP to filter roles by'),
+ '#default_value' => $edit['ldapgroups_filter_php'],
+ '#cols' => 25,
+ '#rows' => 5,
+ '#description' => t('Enter PHP to filter LDAP groups. Careful, bad PHP code here will break your site. If left empty, no filtering will be done. The code will be evaluated in the _ldapgroups_filter() function\'s context. It should return a filtered groups array. The code is evaluated before the above mapping is applied.'),
+ );
+ $form['groups_limit'] = array(
+ '#type' => 'fieldset',
+ '#title' => t('LDAP group to Drupal role limits'),
+ '#collapsible' => TRUE,
+ '#collapsed' => !$edit['ldapgroups_groups'],
+ );
+ $form['groups_limit']['ldapgroups_groups'] = array(
+ '#type' => 'textarea',
+ '#title' => t('LDAP groups which allow automatic account creation'),
+ '#default_value' => implode("\n", ($edit['ldapgroups_groups'] ? unserialize($edit['ldapgroups_groups']) : array())),
+ '#cols' => 50,
+ '#rows' => 5,
+ '#description' => t('Leave blank to automatically create accounts for all LDAP authenticated users. Otherwise, enter a one per line list of LDAP groups. If the user is not in any of those groups, the login will be denied.'),
+ );
$form['sid'] = array(
'#type' => 'hidden',
@@ -153,6 +201,59 @@
}
/**
+ * Validate hook for the settings form.
+ */
+function ldapgroups_admin_edit_validate($form, &$form_state) {
+ $op = $form_state['clicked_button']['#value'];
+ $values = $form_state['values'];
+ switch ($op) {
+ case t('Update'):
+ if ($values['ldapgroups_in_dn'] && !trim($values['ldapgroups_dn_attribute']))
+ form_set_error('ldapgroups_dn_attribute', t('DN attribute is missing.'));
+ if ($values['ldapgroups_in_attr'] && !trim($values['ldapgroups_attr']))
+ form_set_error('ldapgroups_attr', t('Attribute names are missing.'));
+ if ($values['ldapgroups_as_entries'] && !trim($values['ldapgroups_entries']))
+ form_set_error('ldapgroups_entries', t('Nodes are missing.'));
+ if ($values['ldapgroups_as_entries'] && !trim($values['ldapgroups_entries_attribute']))
+ form_set_error('ldapgroups_entries_attribute', t('Attribute is missing.'));
+
+ $form_state['ldapgroups_attr'] = array();
+ foreach ((trim($values['ldapgroups_attr']) ? explode("\n", trim($values['ldapgroups_attr'])) : array()) as $line)
+ if (trim($line))
+ $form_state['ldapgroups_attr'][] = trim($line);
+ $form_state['ldapgroups_attr'] = !empty($form_state['ldapgroups_attr']) ? serialize($form_state['ldapgroups_attr']) : '';
+
+ $form_state['ldapgroups_entries'] = array();
+ foreach ((trim($values['ldapgroups_entries']) ? explode("\n", trim($values['ldapgroups_entries'])) : array()) as $line)
+ if (trim($line))
+ $form_state['ldapgroups_entries'][] = trim($line);
+ $form_state['ldapgroups_entries'] = !empty($form_state['ldapgroups_entries']) ? serialize($form_state['ldapgroups_entries']) : '';
+
+ $form_state['ldapgroups_mappings'] = array();
+ $ldapgroups_role_mappings = TRUE;
+ foreach ((trim($values['ldapgroups_mappings']) ? explode("\n", trim($values['ldapgroups_mappings'])) : array()) as $line) {
+ if (count($mapping = explode('|', trim($line))) == 2)
+ $form_state['ldapgroups_mappings'] += array(trim($mapping[0]) => trim($mapping[1]));
+ else
+ $ldapgroups_role_mappings = FALSE;
+ }
+ $form_state['ldapgroups_mappings'] = !empty($form_state['ldapgroups_mappings']) ? serialize($form_state['ldapgroups_mappings']) : '';
+ if (!$ldapgroups_role_mappings)
+ form_set_error('ldapgroups_mappings', t('Bad mapping syntax.'));
+
+ if ($values['ldapgroups_mappings_filter'] && !trim($values['ldapgroups_mappings']))
+ form_set_error('ldapgroups_mappings', t('Mappings are missing.'));
+
+ $form_state['ldapgroups_groups'] = array();
+ foreach ((trim($values['ldapgroups_groups']) ? explode("\n", trim($values['ldapgroups_groups'])) : array()) as $line)
+ if (trim($line))
+ $form_state['ldapgroups_groups'][] = trim($line);
+ $form_state['ldapgroups_groups'] = !empty($form_state['ldapgroups_groups']) ? serialize($form_state['ldapgroups_groups']) : '';
+ break;
+ }
+}
+
+/**
* Submit hook for the settings form.
*/
function ldapgroups_admin_edit_submit($form, &$form_state) {
@@ -162,7 +263,7 @@
case t('Update'):
// Update the ldapgroups configuration.
- db_query("UPDATE {ldapauth} SET ldapgroups_in_dn = %d, ldapgroups_dn_attribute = '%s', ldapgroups_in_attr = %d, ldapgroups_attr = '%s', ldapgroups_as_entries = %d, ldapgroups_entries = '%s', ldapgroups_entries_attribute = '%s' WHERE sid = %d", $values['ldapgroups_in_dn'], $values['ldapgroups_dn_attribute'], $values['ldapgroups_in_attr'], $values['ldapgroups_attr'], $values['ldapgroups_as_entries'], $values['ldapgroups_entries'], $values['ldapgroups_entries_attribute'], $values['sid']);
+ db_query("UPDATE {ldapauth} SET ldapgroups_in_dn = %d, ldapgroups_dn_attribute = '%s', ldapgroups_in_attr = %d, ldapgroups_attr = '%s', ldapgroups_as_entries = %d, ldapgroups_entries = '%s', ldapgroups_entries_attribute = '%s', ldapgroups_mappings = '%s', ldapgroups_mappings_filter = %d, ldapgroups_filter_php = '%s', ldapgroups_groups = '%s' WHERE sid = %d", $values['ldapgroups_in_dn'], trim($values['ldapgroups_dn_attribute']), $values['ldapgroups_in_attr'], $form_state['ldapgroups_attr'], $values['ldapgroups_as_entries'], $form_state['ldapgroups_entries'], trim($values['ldapgroups_entries_attribute']), $form_state['ldapgroups_mappings'], $values['ldapgroups_mappings_filter'], trim($values['ldapgroups_filter_php']), $form_state['ldapgroups_groups'], $values['sid']);
drupal_set_message(t('The configuration options have been saved.'));
$form_state['redirect'] = 'admin/settings/ldap/ldapgroups';
break;
@@ -170,7 +271,7 @@
if ($values['confirm'] == 1) {
// Settings reset.
- db_query("UPDATE {ldapauth} SET ldapgroups_in_dn = 0, ldapgroups_dn_attribute = '', ldapgroups_in_attr = 0, ldapgroups_attr = '', ldapgroups_as_entries = 0, ldapgroups_entries = '', ldapgroups_entries_attribute = '' WHERE sid = %d", $values['sid']);
+ db_query("UPDATE {ldapauth} SET ldapgroups_in_dn = 0, ldapgroups_dn_attribute = '', ldapgroups_in_attr = 0, ldapgroups_attr = '', ldapgroups_as_entries = 0, ldapgroups_entries = '', ldapgroups_entries_attribute = ''i, ldapgroups_mappings = '', ldapgroups_mappings_filter = '0', ldapgroups_filter_php = '', ldapgroups_groups = '' WHERE sid = %d", $values['sid']);
drupal_set_message(t('The configuration options have been reset to their default values.'));
}
$form_state['redirect'] = 'admin/settings/ldap/ldapgroups';
Index: ldapgroups.install
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/ldap_integration/ldapgroups.install,v
retrieving revision 1.2
diff -u -r1.2 ldapgroups.install
--- ldapgroups.install 19 Feb 2009 16:56:16 -0000 1.2
+++ ldapgroups.install 12 Mar 2009 19:31:49 -0000
@@ -49,6 +49,27 @@
'type' => 'varchar',
'length' => 255,
));
+ db_add_field($ret, 'ldapauth', 'ldapgroups_mappings', array(
+ 'type' => 'text',
+ 'not null' => FALSE,
+ 'default' => '',
+ ));
+ db_add_field($ret, 'ldapauth', 'ldapgroups_mappings_filter', array(
+ 'type' => 'int',
+ 'size' => 'tiny',
+ 'not null' => TRUE,
+ 'default' => '0',
+ ));
+ db_add_field($ret, 'ldapauth', 'ldapgroups_filter_php', array(
+ 'type' => 'text',
+ 'not null' => FALSE,
+ 'default' => '',
+ ));
+ db_add_field($ret, 'ldapauth', 'ldapgroups_groups', array(
+ 'type' => 'text',
+ 'not null' => FALSE,
+ 'default' => '',
+ ));
return $ret;
}
@@ -67,6 +88,10 @@
db_drop_field($ret, 'ldapauth', 'ldapgroups_as_entries');
db_drop_field($ret, 'ldapauth', 'ldapgroups_entries');
db_drop_field($ret, 'ldapauth', 'ldapgroups_entries_attribute');
+ db_drop_field($ret, 'ldapauth', 'ldapgroups_mappings');
+ db_drop_field($ret, 'ldapauth', 'ldapgroups_mappings_filter');
+ db_drop_field($ret, 'ldapauth', 'ldapgroups_filter_php');
+ db_drop_field($ret, 'ldapauth', 'ldapgroups_groups');
return $ret;
}
Index: ldapgroups.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/ldap_integration/ldapgroups.module,v
retrieving revision 1.25
diff -u -r1.25 ldapgroups.module
--- ldapgroups.module 19 Feb 2009 16:56:16 -0000 1.25
+++ ldapgroups.module 12 Mar 2009 19:31:49 -0000
@@ -18,7 +18,7 @@
* Implements hook_init().
*/
function ldapgroups_init() {
- include_once(drupal_get_path('module', 'ldapgroups') .'/ldap_integration/ldapgroups.conf.php');
+ //include_once(drupal_get_path('module', 'ldapgroups') .'/ldap_integration/ldapgroups.conf.php');
require_once(drupal_get_path('module', 'ldapgroups') .'/ldap_integration/LDAPInterface.php');
}
@@ -77,29 +77,35 @@
$authmap = user_get_authmaps($account->name);
if (!isset($authmap['ldapauth'])) {
// This user is not authenticated via lapauth.
- return TRUE;
+ return;
}
// Setup the global $_ldapgroups_ldap object.
if (!_ldapgroups_ldap_init($account))
return;
+
+ // First, we figure out the appropriate groups.
+ $groups = _ldapgroups_detect_groups($account);
+
+ // Then, we take every mapped role from the user, later below
+ // Apply groups restrictions.
+ if (count(array_intersect($groups, _ldapgroups_ldap_info($account, 'ldapgroups_groups'))) == 0) {
+ $account = user_load(0);
+ return;
+ }
- // First, we take every mapped role from the user, later below
// we'll grant back those deserved.
$account->ldap_drupal_roles = isset($account->ldap_drupal_roles) ? $account->ldap_drupal_roles : array();
foreach ($account->ldap_drupal_roles as $role) {
_ldapgroups_deny_role($account, $role);
}
- // Then, we figure out the appropriate groups.
- $groups = _ldapgroups_detect_groups($account);
- if ($groups === FALSE) {
- // Oh, this means this user didn't even have to be here. Bye!
+ // Are there LDAP groups for the user?
+ if ($groups === FALSE)
return TRUE;
- }
// Next, we apply site-specific rules.
- $roles = function_exists('ldapgroups_roles_filter') ? ldapgroups_roles_filter($groups) : $groups;
+ $roles = _ldapgroups_filter($account, $groups);
// At this point, the roles are in the full DN format.
// Turn them in into friendly names.
@@ -107,10 +113,10 @@
// Finally, we grant the roles.
// Need to check for empty roles.
if (!empty($roles)) {
- $ldapgroups_role_mappings = ldapgroups_role_mappings();
+ $ldapgroups_mappings = _ldapgroups_ldap_info($account, 'ldapgroups_mappings');
foreach ($roles as $role) {
- if (isset($ldapgroups_role_mappings[$role])) {
- $friendly_role = $ldapgroups_role_mappings[$role];
+ if (isset($ldapgroups_mappings[$role])) {
+ $friendly_role = $ldapgroups_mappings[$role];
}
else if (preg_match('/^[^=]*=([^,]*),.*$/', $role, $matches)) {
$friendly_role = $matches[1];
@@ -145,17 +151,7 @@
// Nothing to do if the user is not LDAP authentified
// or there are no groups configured.
-
- $row = db_fetch_object(db_query("SELECT ldapgroups_in_dn, ldapgroups_in_attr, ldapgroups_as_entries, ldapgroups_dn_attribute, ldapgroups_attr, ldapgroups_entries, ldapgroups_entries_attribute FROM {ldapauth} WHERE sid = %d", $_ldapgroups_ldap->getOption('sid')));
- $groups_in_dn = $row->ldapgroups_in_dn;
- $groups_in_attr = $row->ldapgroups_in_attr;
- $groups_as_entries = $row->ldapgroups_as_entries;
-
- $group_dn_attribute = $row->ldapgroups_dn_attribute ? $row->ldapgroups_dn_attribute : LDAPGROUPS_DEFAULT_DN_ATTRIBUTE;
- $group_attr = $row->ldapgroups_attr;
- $group_entries = $row->ldapgroups_entries ? $row->ldapgroups_entries : '';
-
- if (!($groups_in_dn || $groups_in_attr || $groups_as_entries))
+ if (!(_ldapgroups_ldap_info($user, 'ldapgroups_in_dn') || _ldapgroups_ldap_info($user, 'ldapgroups_in_attr') || _ldapgroups_ldap_info($user, 'ldapgroups_as_entries')))
return FALSE;
// First try to connect with the stored user's DN and password.
@@ -178,11 +174,11 @@
// Strategy 1: group extracted from user's DN.
$dn_groups = array();
- if ($groups_in_dn && $dn_group_attr = $group_dn_attribute) {
+ if (_ldapgroups_ldap_info($user, 'ldapgroups_in_dn')) {
$pairs = explode(',', $user->ldap_dn);
foreach ($pairs as $p) {
$pair = explode('=', $p);
- if (trim($pair[0]) == $dn_group_attr) {
+ if (trim($pair[0]) == _ldapgroups_ldap_info($user, 'ldapgroups_dn_attribute')) {
$dn_groups[] = trim($pair[1]);
}
}
@@ -190,9 +186,8 @@
// Strategy 2: groups in user attributes.
$attrib_groups = array();
- if ($groups_in_attr && $attributes = $group_attr) {
- $attributes_array = explode("\r\n", $attributes);
- foreach ($attributes_array as $attribute) {
+ if (_ldapgroups_ldap_info($user, 'ldapgroups_in_attr')) {
+ foreach (_ldapgroups_ldap_info($user, 'ldapgroups_attr') as $attribute) {
$tmp = $_ldapgroups_ldap->retrieveMultiAttribute($user->ldap_dn, $attribute);
$attrib_groups = array_merge($attrib_groups, $tmp);
}
@@ -200,13 +195,11 @@
// Strategy 3: groups as entries.
$entries_groups = array();
- if ($groups_as_entries && $branches = $group_entries) {
- $branches_array = explode("\r\n", $branches);
- $group_attr = ($row->ldapgroups_entries_attribute ? $row->ldapgroups_entries_attribute : LDAPGROUPS_DEFAULT_ENTRIES_ATTRIBUTE);
- foreach ($branches_array as $branch) {
- $entries = $_ldapgroups_ldap->search($branch, "$group_attr=$user->ldap_dn", array($group_attr));
+ if (_ldapgroups_ldap_info($user, 'ldapgroups_as_entries')) {
+ foreach (_ldapgroups_ldap_info($user, 'ldapgroups_entries') as $branch) {
+ $entries = $_ldapgroups_ldap->search($branch, "$group_attr=$user->ldap_dn", array(_ldapgroups_ldap_info($user, 'ldapgroups_entries_attribute')));
if ($entries['count'] == 0) {
- $entries = $_ldapgroups_ldap->search($branch, "$group_attr=$user->name", array($group_attr));
+ $entries = $_ldapgroups_ldap->search($branch, "$group_attr=$user->name", array(_ldapgroups_ldap_info($user, 'ldapgroups_entries_attribute')));
}
foreach ($entries as $entry) {
if (isset($entry['dn'])) {
@@ -275,6 +268,37 @@
}
/**
+ * Filters groups only to a explicitely defined groups.
+ *
+ * @param $groups
+ * An array of the LDAP groups.
+ *
+ * @return
+ * An array of the filtered groups.
+ */
+function _ldapgroups_filter($account, $groups) {
+ $roles = $groups;
+
+ if (_ldapgroups_ldap_info($account, 'ldapgroups_mappings_filter') && count(_ldapgroups_ldap_info($account, 'ldapgroups_mappings') > 0)) {
+ $roles = array();
+ foreach ($groups as $group) {
+ $group = preg_replace('/\s+/', '', $group);
+ foreach (_ldapgroups_ldap_info($account, 'ldapgroups_mappings') as $approved_group => $role) {
+ $approved_group = preg_replace('/\s+/', '', $approved_group);
+ if (strcasecmp($approved_group, $group) == 0)
+ $roles[] = $role;
+ }
+ }
+ $groups = $roles;
+ }
+
+ if ($code = _ldapgroups_ldap_info($account, 'ldapgroups_filter_php'))
+ $roles = eval($code);
+
+ return $roles;
+}
+
+/**
* Initiates the LDAPInterfase class.
*
* @param $sid
@@ -299,3 +323,50 @@
}
}
+/**
+ * Retrieve the saved ldapgroups saved setting.
+ *
+ * @param $user
+ * An user object.
+ * @param $req
+ * An attribute name.
+ *
+ * @return
+ * The attribute value.
+ */
+function _ldapgroups_ldap_info(&$user, $req) {
+ $sid = isset($user->ldap_config) ? $user->ldap_config : NULL;
+
+ if (!isset($sid))
+ return;
+
+ static $info = array();
+ if (!isset($info[$sid]))
+ $info[$sid] = db_fetch_object(db_query("SELECT * FROM {ldapauth} WHERE sid = %d", $sid));
+
+ switch ($req) {
+ case 'ldapgroups_in_dn':
+ return $info[$sid]->ldapgroups_in_dn;
+ case 'ldapgroups_dn_attribute':
+ return !empty($info[$sid]->ldapgroups_dn_attribute) ? $info[$sid]->ldapgroups_dn_attribute : LDAPGROUPS_DEFAULT_DN_ATTRIBUTE;
+ case 'ldapgroups_in_attr':
+ return $info[$sid]->ldapgroups_in_attr;
+ case 'ldapgroups_attr':
+ return !empty($info[$sid]->ldapgroups_attr) ? unserialize($info[$sid]->ldapgroups_attr) : array();
+ case 'ldapgroups_as_entries':
+ return $info[$sid]->ldapgroups_as_entries;
+ case 'ldapgroups_entries':
+ return !empty($info[$sid]->ldapgroups_entries) ? unserialize($info[$sid]->ldapgroups_entries) : array();
+ case 'ldapgroups_entries_attribute':
+ return !empty($info[$sid]->ldapgroups_entries_attribute) ? $info[$sid]->ldapgroups_entries_attribute : LDAPGROUPS_DEFAULT_ENTRIES_ATTRIBUTE;
+ case 'ldapgroups_mappings':
+ return !empty($info[$sid]->ldapgroups_mappings) ? unserialize($info[$sid]->ldapgroups_mappings) : array();
+ case 'ldapgroups_mappings_filter':
+ return $info[$sid]->ldapgroups_mappings_filter;
+ case 'ldapgroups_filter_php':
+ return $info[$sid]->ldapgroups_filter_php;
+ case 'ldapgroups_groups':
+ return !empty($info[$sid]->ldapgroups_groups) ? unserialize($info[$sid]->ldapgroups_groups) : array();
+ }
+}
+