I need to write an ldap authorization plugin for workbench access. The basic idea is to map ldap users to workbench authorizations. (The very basic architecture of ldap authorization is at http://www.gliffy.com/publish/2384881/ )

In the drupal role plugin for LDAP the "target/consumer" is a drupal role. In LDAP OG the "target/consumer" is an organic groups x role within group.

1) In workbench access would the target/consumer be a user section x access scheme?

2) In implementing this, I just need to write a class implementing the following methods that extends a class called "LdapAuthorizationConsumerAbstract". Does it look like I have the mappings correct below?

  • availableConsumerIDs() use? workbench_access_get_active_tree()
  • createConsumers() use? workbench_access_section_save()
  • authorizationGrant() use? workbench_access_user_section_save()
  • authorizationRevoke() use? workbench_access_user_section_delete()
  • revokeSingleAuthorization() use? workbench_access_user_section_save()
  • createSingleAuthorization() use? workbench_access_user_section_save()

Comments

agentrickard’s picture

Status: Active » Closed (works as designed)