Index: ldapgroups.inc =================================================================== --- ldapgroups.inc (revision 348) +++ ldapgroups.inc (revision 368) @@ -77,10 +77,9 @@ */ function _ldapgroups_detect_groups($user) { global $_ldapgroups_ldap; - // Nothing to do if the user is not LDAP authentified // or there are no groups configured. - if (!(_ldapgroups_ldap_info($user, 'ldapgroups_in_dn') || _ldapgroups_ldap_info($user, 'ldapgroups_in_attr') || _ldapgroups_ldap_info($user, 'ldapgroups_as_entries'))) + if (!(_ldapgroups_ldap_info($user, 'ldapgroups_in_dn') || _ldapgroups_ldap_info($user, 'ldapgroups_in_attr') || _ldapgroups_ldap_info($user, 'ldapgroups_as_entries') || (bool) module_implements('detect_ldapgroups'))) return FALSE; // First try to connect with the stored user's DN and password. @@ -134,8 +133,10 @@ } } + // Strategy 4: Custom strategies defined in hooks + $hook_groups = module_invoke_all('detect_ldapgroups', $_ldapgroups_ldap, $user); $_ldapgroups_ldap->disconnect(); - return array_unique(array_merge($dn_groups, $attrib_groups, $entries_groups)); + return array_unique(array_merge($dn_groups, $attrib_groups, $entries_groups, $hook_groups)); } /** Index: ldapgroups.api.php =================================================================== --- ldapgroups.api.php (revision 0) +++ ldapgroups.api.php (revision 368) @@ -0,0 +1,31 @@ +ldap_dn will be of particular interest. + * @return + * Array of groupnames the user is in. + */ +function hook_detect_ldapgroups($ldap, $user) { + $detected_groups = array(); + $gid = $ldap->retrieveAttribute($user->ldap_dn, 'gidNumber'); + $gid = int($gid); + $entries = $ldap->search('ou=Group,dc=example,dc=com', "(gidNumber=$gid)"); + foreach ($entries as $entry) + $detected_groups[] = $entry['dn']; + return $detected_groups; +} +