RolesService
in package
Service for managing user roles based on Microsoft 365 group membership.
Table of Contents
Properties
- $configFactory : ConfigFactoryInterface
- $configuredRoles : array<string, array<string|int, string>>|null
- Cached configured role mappings.
- $defaultRole : string
- The deault role to give to users if any.
- $graphService : GraphService
- $logger : LoggerInterface
- The logger service.
- $safeRoles : array<string|int, string>|null
- Cached safe roles list.
- $userGroups : array<int, array<string, mixed>>|null
- Cached user groups from Microsoft 365.
Methods
- __construct() : mixed
- Constructs a RolesService object.
- clearCache() : void
- Clears cached data to force fresh retrieval.
- handleRoles() : void
- Updates user roles based on Microsoft 365 group membership.
- calculateUserRoles() : array<string|int, string>
- Calculates the roles a user should have based on their group membership.
- createGroupLookup() : array<string, bool>
- Creates a lookup array for efficient group membership checking.
- getConfiguredRoles() : array<string, array<string|int, string>>
- Gets the configured roles from configuration.
- getSafeRoles() : array<string|int, string>
- Gets the list of safe roles that should not be removed.
- getUserGroups() : array<int, array<string, mixed>>
- Gets the user's Microsoft 365 groups.
- updateUserRoles() : void
- Updates the user's roles by removing unsafe roles and adding new ones.
Properties
$configFactory read-only
private
ConfigFactoryInterface
$configFactory
$configuredRoles
Cached configured role mappings.
private
array<string, array<string|int, string>>|null
$configuredRoles
= NULL
$defaultRole
The deault role to give to users if any.
private
string
$defaultRole
= ''
$graphService read-only
private
GraphService
$graphService
$logger
The logger service.
private
LoggerInterface
$logger
$safeRoles
Cached safe roles list.
private
array<string|int, string>|null
$safeRoles
= NULL
$userGroups
Cached user groups from Microsoft 365.
private
array<int, array<string, mixed>>|null
$userGroups
= NULL
Methods
__construct()
Constructs a RolesService object.
public
__construct(GraphService $graphService, ConfigFactoryInterface $configFactory, LoggerChannelFactoryInterface $loggerFactory) : mixed
Parameters
- $graphService : GraphService
- $configFactory : ConfigFactoryInterface
- $loggerFactory : LoggerChannelFactoryInterface
clearCache()
Clears cached data to force fresh retrieval.
public
clearCache() : void
handleRoles()
Updates user roles based on Microsoft 365 group membership.
public
handleRoles(UserInterface $account) : void
Parameters
- $account : UserInterface
-
The user account to update.
Tags
calculateUserRoles()
Calculates the roles a user should have based on their group membership.
private
calculateUserRoles(array<string, array<string|int, string>> $configuredRoles) : array<string|int, string>
Parameters
- $configuredRoles : array<string, array<string|int, string>>
-
The configured role mappings.
Tags
Return values
array<string|int, string> —Array of role IDs the user should have.
createGroupLookup()
Creates a lookup array for efficient group membership checking.
private
createGroupLookup(array<int, array<string, mixed>> $userGroups) : array<string, bool>
Parameters
- $userGroups : array<int, array<string, mixed>>
-
The user's Microsoft 365 groups.
Return values
array<string, bool> —Lookup array with group identifiers as keys.
getConfiguredRoles()
Gets the configured roles from configuration.
private
getConfiguredRoles() : array<string, array<string|int, string>>
Return values
array<string, array<string|int, string>> —Array mapping group identifiers to role arrays.
getSafeRoles()
Gets the list of safe roles that should not be removed.
private
getSafeRoles() : array<string|int, string>
Return values
array<string|int, string> —Array of safe role IDs.
getUserGroups()
Gets the user's Microsoft 365 groups.
private
getUserGroups() : array<int, array<string, mixed>>
Tags
Return values
array<int, array<string, mixed>> —Array of group data from Microsoft Graph API.
updateUserRoles()
Updates the user's roles by removing unsafe roles and adding new ones.
private
updateUserRoles(UserInterface $account, array<string|int, string> $newRoles) : void
Parameters
- $account : UserInterface
-
The user account to update.
- $newRoles : array<string|int, string>
-
Array of role IDs to assign.