Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
The LDAP Data module will create content profile nodes without checking the user/role permissions first.
This is a problem if your site is set up to have specific content profiles for specific roles. This means that on login all LDAP authenticated users will have every content profile node type created causing drastic bloat of unwanted nodes to the DB.
The offending code (line 263: ldapdata.module)
// If needed, get the content profile nodes
$content_profile_nodes = array();
if ( ! empty($content_profile_fields) ) {
$cp_types = content_profile_get_types('types');
foreach ($cp_types as $type_obj) {
$type = $type_obj->type;
$profile = content_profile_load($type, $account->uid, '', TRUE);
if (!$profile) {
$profile = new stdClass();
$profile->type = $type;
$profile->title = (isset($account->name) ? $account->name : '');
$profile->uid = $account->uid;
node_save($profile); // Create node to get CCK fields
}
$content_profile_nodes[] = $profile;
}
}
Comment | File | Size | Author |
---|---|---|---|
#2 | ldapdata_permissions-20130916.patch | 822 bytes | aCCa |
#1 | ldapdata_permissions-1901500.patch | 812 bytes | jklmnop |
Comments
Comment #1
jklmnop CreditAttribution: jklmnop commentedHere is a patch for the 6.x-1.0-beta3 tag.
Comment #2
aCCa CreditAttribution: aCCa commentedI think your patch doesn't work when you are syncing users with ldap_sync.
The logged in user in this case is (usually) admin with full permission and your control on the permission is bypassed.
This is my correction, that should work in any case:
Also patch attached...