Skip to content
Snippets Groups Projects
Commit d97dee74 authored by John Barclay's avatar John Barclay
Browse files

Patch to allow clearing of past ldap authorization user data

parent 278872bd
No related branches found
No related tags found
No related merge requests found
......@@ -190,6 +190,7 @@ class LdapAuthorizationConsumerAbstract {
*/
public function authorizationGrant(&$user, &$user_auth_data, $consumers, $ldap_entry = NULL, $user_save = TRUE) {
$this->filterOffPastAuthorizationRecords($user, $user_auth_data);
$this->grantsAndRevokes('grant', $user, $user_auth_data, $consumers, $ldap_entry, $user_save);
}
......@@ -213,9 +214,29 @@ class LdapAuthorizationConsumerAbstract {
*/
public function authorizationRevoke(&$user, &$user_auth_data, $consumers, $ldap_entry, $user_save = TRUE) {
$this->filterOffPastAuthorizationRecords($user, $user_auth_data);
$this->grantsAndRevokes('revoke', $user, $user_auth_data, $consumers, $ldap_entry, $user_save);
}
/**
* this is a function to clear off
*/
public function filterOffPastAuthorizationRecords(&$user, &$user_auth_data, $time = NULL) {
if ($time != NULL || variable_get('ldap_help_user_data_clear', 0)) {
$clear_time = ($time) ? $time : variable_get('ldap_help_user_data_clear_set_date', 0);
if ($clear_time > 0 && $clear_time < time()) {
foreach ($user_auth_data as $consumer_id => $entry) {
if ($entry['date_granted'] < $clear_time) {
unset($user_auth_data[$consumer_id]);
if (isset($user->data['ldap_authorization'][$this->consumerType][$consumer_id])) {
unset($user->data['ldap_authorization'][$this->consumerType][$consumer_id]);
}
}
}
}
}
}
/**
* some authorization schemes such as organic groups, require a certain order. implement this method
* to sort consumer ids/authorization ids
......
......@@ -12,4 +12,6 @@
function ldap_help_uninstall() {
//$result = db_query('DELETE FROM {variables} WHERE name like "ldap_authentication_%"');
variable_del('ldap_help_watchdog_detail');
variable_del('ldap_help_user_data_clear');
variable_del('ldap_help_user_data_clear_set_date');
}
......@@ -73,7 +73,7 @@ function ldap_help_menu() {
}
function ldap_help_form_ldap_servers_settings_alter(&$form, &$form_state) {
$form['watchdog_detail'] = array('#type' => 'fieldset', '#title' => t('Log detailed LDAP Actions'));
$form['watchdog_detail'] = array('#type' => 'fieldset', '#title' => t('Development'));
$form['watchdog_detail']['watchdog_detail'] = array(
'#type' => 'checkbox',
'#title' => t('Enabled Detailed LDAP Watchdog logging. This is generally for
......@@ -81,6 +81,19 @@ function ldap_help_form_ldap_servers_settings_alter(&$form, &$form_state) {
on.'),
'#default_value' => variable_get('ldap_help_watchdog_detail', 0),
);
$date = variable_get('ldap_help_user_data_clear_set_date', time());
$form['watchdog_detail']['user_data_clear'] = array(
'#type' => 'checkbox',
'#title' => t('Discard and ignore user authorization data stored by ldap module in user records data before %date.
This is useful for implementers of development versions of the module
that may have corrupt user data from the past.', array('%date' => date('Y-m-d H:i:s', $date))),
'#default_value' => variable_get('ldap_help_user_data_clear', 0),
); //array('%date' => date('Y-m-d H:i:s', $date))
$form['watchdog_detail']['user_data_clear_date'] = array(
'#type' => 'checkbox',
'#title' => t('Reset the clear date to the current date %date', array('%date' => date('Y-m-d H:i:s'))),
'#default_value' => variable_get('ldap_help_user_data_clear_set_date', 0),
);
$form['#submit'][] = 'ldap_help_watchdog_detail_submit';
}
......@@ -91,6 +104,12 @@ function ldap_help_watchdog_detail_submit($form, &$form_state) {
if ($watchdog_detail != variable_get('ldap_help_watchdog_detail', 0)) {
variable_set('ldap_help_watchdog_detail', $watchdog_detail);
}
if ($form_state['values']['user_data_clear'] != variable_get('ldap_help_user_data_clear', 0)) {
variable_set('ldap_help_user_data_clear', $form_state['values']['user_data_clear']);
}
if ($form_state['values']['user_data_clear_date'] != 0) {
variable_set('ldap_help_user_data_clear_set_date', time());
}
}
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment