$type)); $types['ldap_og']['og_'. $type] = array( 'name' => 'Organic Groups '. $name . 'Memberships', 'description' => 'Grant and revoke Organic Groups memberships based on LDAP.', ); } return $types; } /** * implements hook_ldap_authorization * * ldap authorization has determined that an authorization mapping of type $authz_type (e.g. drupal_role, og_membership) * with an id of $authz_id (e.g. administrator, baking club) * should be granted or revoked ($op = grant || revoke ) from $user. * * The ldap entry used to derive the mapping is included, but need not be used * * The $user object is passed by reference and does not need to be saved. it will be saved later * */ function og_ldap_ldap_authorization(&$user, $op, $authz_type = NULL, $authz_id = NULL, &$ldap_entry = NULL) { if (! ($og_group_type = _og_ldap_authz_type_to_og($authz_type)) { return; } $og_group_name = $authz_id; // rename variable for code clarity switch ($op) { case 'grant': _og_ldap_add_group($og_group_name, $og_group_type) /** * code to add $user to og group named $og_group_name * **/ // below is just for development drupal_set_message($user->name ." added to og group $og_group_name", 'status'); break; case 'revoke': /** * code to remove $user from og group named $og_group_name * **/ // below is just for development drupal_set_message($user->name ." removed from og group $og_group_name", 'status'); break; case 'check_and_repair': /** * code to check that a user is og $og_group_name and add them if not * **/ break; break; } } /** * Helper function: parse authorization type id into og group type * e.g. og_ => */ function _og_ldap_authz_type_to_og($authz_type) { if (strpos($authz_type, 'og_') !== 0 ) { return FALSE; } else { $parts = explode('_', $authz_type, 1); $og_group_type = $parts[1]; return $og_group_type; } } /** * Helper function: if group doesn't exist, add it */ function _og_ldap_add_group($group, $type) { return TRUE; /** slight tweaks for d7 below **/ $group_name = $group['og']; $result = db_result(db_query("SELECT n.title FROM {node} n WHERE n.type = '%s' AND n.title = '%s'", variable_get('og_ldap_group_type_'. $type, 'group'), $group_name)); if (!$result) { // TODO: This needs a config form (for og settings etc) $node = new stdClass(); $node->type = $type; $node->uid = 1; $node->status = TRUE; $node->title = $group_name; /* OG stuff */ $node->og_public = TRUE; $node->og_register = FALSE; $node->og_directory = TRUE; $node->og_description = $group_name; $node->og_website = ''; $node->og_selective = OG_CLOSED; node_save($node); } } /** * implements hook_FORM_ID_form_alter() */ function og_ldap_form_ldap_authorization_admin_form_alter(&$form, &$form_state, $form_id) /** $authz_type = ...in form if ($type = _og_ldap_authz_type_to_og($authz_type)) { $name = node_get_types('name', array('type' => $type)); $form['og_ldap_'. $type] = array( '#type' => 'checkbox', '#title' => t('Enable'), '#default_value' => variable_get('og_ldap_'. $type, 0), '#description' => t('Should this group type by synced with LDAP?'), ); $form['og_ldap_ldap_only_'. $type] = array( '#type' => 'checkbox', '#title' => t('LDAP members only'), '#default_value' => variable_get('og_ldap_ldap_only_'. $type, 0), '#description' => t('Should members of an organic group that are not a member of a coresponding LDAP group be removed?'), ); } **/ }