1 -- Update member privileges from LDAP

2 -- --------------------------------------------------------------------------

3 --

4 -- arguments:

5 -- member: the member for which the privileges should be updated

6 -- ldap_entry: the ldap entry to be used for updating the privileges

7 --

8 -- returns:

9 -- err: an error code, if an error occured (string)

10 -- err2: Error dependent extra error information

11

12 function ldap.update_member_privileges(member, ldap_entry)

13

14 local privileges, err = config.ldap.member.privilege_map(ldap_entry, member)

15

16 if err then

17 return false, "privilege_map_error", err

18 end

19

20 local privileges_by_unit_id = {}

21 for i, privilege in ipairs(privileges) do

22 privileges_by_unit_id[privilege.unit_id] = privilege

23 end

24

25 local current_privileges = Privilege:by_member_id(member.id)

26 local current_privilege_ids = {}

27

28 for i, privilege in ipairs(current_privileges) do

29 if privileges_by_unit_id[privilege.unit_id] then

30 current_privilege_ids[privilege.unit_id] = privilege

31 else

32 privilege:destroy()

33 end

34 end

35

36 for i, privilege in ipairs(privileges) do

37 local current_privilege = current_privilege_ids[privilege.unit_id]

38 if not current_privilege then

39 current_privilege = Privilege:new()

40 current_privilege.member_id = member.id

41 current_privileges[#current_privileges+1] = current_privilege

42 end

43 for key, val in pairs(privilege) do

44 current_privilege[key] = val

45 end

46 end

47

48 for i, privilege in ipairs(current_privileges) do

49 local err = privilege:try_save()

50 if err then

51 return false, "privilege_save_error", err

52 end

53 end

54

55 return true

56 end