From c872fce60a8db0663a40bdaaa6f3e0ecbfe90aa0 Mon Sep 17 00:00:00 2001
From: "Quintino A. G. Souza" <quin@unicamp.br>
Date: Fri, 6 Mar 2026 13:53:12 -0300
Subject: [PATCH] Refatora hook_install para carregar configs LDAP a partir dos
 YAMLs
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Substitui a definição manual de valores no código PHP pela leitura dos
arquivos config/optional/ via FileStorage. Adiciona os YAMLs faltantes
(authorization.settings, ldap_servers.settings, ldap_authentication.settings)
e atualiza ldap_user.settings com os prov_module corretos.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 base_site_config.install                      | 138 ++----------------
 config/optional/authorization.settings.yml    |   1 +
 .../optional/ldap_authentication.settings.yml |  23 +++
 config/optional/ldap_servers.settings.yml     |   1 +
 config/optional/ldap_user.settings.yml        |  99 +++++++++++++
 5 files changed, 138 insertions(+), 124 deletions(-)
 create mode 100644 config/optional/authorization.settings.yml
 create mode 100644 config/optional/ldap_authentication.settings.yml
 create mode 100644 config/optional/ldap_servers.settings.yml
 create mode 100644 config/optional/ldap_user.settings.yml

diff --git a/base_site_config.install b/base_site_config.install
index f454438..6329acc 100644
--- a/base_site_config.install
+++ b/base_site_config.install
@@ -13,130 +13,20 @@
  * de conflito ao importar via config/install.
  */
 function base_site_config_install() {
-  $config_factory = \Drupal::configFactory();
+  $module_path = \Drupal::service('extension.list.module')->getPath('base_site_config');
+  $source = new \Drupal\Core\Config\FileStorage($module_path . '/config/optional');
 
-  // authorization.settings
-  $config_factory->getEditable('authorization.settings')
-    ->set('authorization_message', TRUE)
-    ->save();
+  $configs = [
+    'authorization.settings',
+    'ldap_servers.settings',
+    'ldap_authentication.settings',
+    'ldap_user.settings',
+  ];
 
-  // ldap_servers.settings
-  $config_factory->getEditable('ldap_servers.settings')
-    ->set('watchdog_detail', TRUE)
-    ->save();
-
-  // ldap_authentication.settings
-  $config_factory->getEditable('ldap_authentication.settings')
-    ->set('sids', [
-      'ads1_ime_unicamp_br' => 'ads1_ime_unicamp_br',
-      'ldap_ime_unicamp_br' => '0',
-    ])
-    ->set('authenticationMode', 'mixed')
-    ->set('loginUIUsernameTxt', '')
-    ->set('loginUIPasswordTxt', '')
-    ->set('ldapUserHelpLinkUrl', '')
-    ->set('ldapUserHelpLinkText', '')
-    ->set('emailOption', 'disable')
-    ->set('emailUpdate', 'update_notify')
-    ->set('emailTemplateHandling', 'none')
-    ->set('emailTemplate', '@username@example.com')
-    ->set('emailTemplateUsageResolveConflict', FALSE)
-    ->set('emailTemplateUsageNeverUpdate', FALSE)
-    ->set('emailTemplateUsagePromptUser', FALSE)
-    ->set('emailTemplateUsageRedirectOnLogin', FALSE)
-    ->set('emailTemplateUsagePromptRegex', '.*@example\.com')
-    ->set('passwordOption', 'hide')
-    ->set('allowOnlyIfTextInDn', [])
-    ->set('excludeIfTextInDn', [])
-    ->set('excludeIfNoAuthorizations', FALSE)
-    ->set('skipAdministrators', TRUE)
-    ->save();
-
-  // ldap_user.settings
-  $config_factory->getEditable('ldap_user.settings')
-    ->set('drupalAcctProvisionServer', 'ldap_ime_unicamp_br')
-    ->set('ldapEntryProvisionServer', 'ldap_ime_unicamp_br')
-    ->set('drupalAcctProvisionTriggers', ['drupal_on_update_create'])
-    ->set('ldapEntryProvisionTriggers', [])
-    ->set('orphanedIncludeDisabledUsers', TRUE)
-    ->set('orphanedDrupalAcctBehavior', 'user_cancel_delete')
-    ->set('orphanedDrupalAcctReportingInbox', '')
-    ->set('orphanedCheckQty', 100)
-    ->set('orphanedAccountCheckInterval', 'always')
-    ->set('userConflictResolve', 'resolve')
-    ->set('manualAccountConflict', 'conflict_associate')
-    ->set('acctCreation', 'ldap_behavior')
-    ->set('disableAdminPasswordField', FALSE)
-    ->set('userUpdateCronQuery', 'people_sync')
-    ->set('userUpdateCronInterval', 'always')
-    ->set('userUpdateOnly', FALSE)
-    ->set('ldapUserSyncMappings', [
-      'drupal' => [
-        'field-preferred_langcode' => [
-          'ldap_attr' => '[preferredLanguage]',
-          'user_attr' => '[field.preferred_langcode]',
-          'convert' => FALSE,
-          'user_tokens' => '',
-          'config_module' => 'ldap_user',
-          'prov_module' => 'ldap_user',
-          'prov_events' => ['create_drupal_user', 'sync_to_drupal_user'],
-        ],
-        'field-field_user_category' => [
-          'ldap_attr' => '[employeeType]',
-          'user_attr' => '[field.field_user_category]',
-          'convert' => FALSE,
-          'user_tokens' => '',
-          'config_module' => 'ldap_user',
-          'prov_module' => 'ldap_departments_sync',
-          'prov_events' => ['create_drupal_user', 'sync_to_drupal_user'],
-        ],
-        'field-field_user_dept_code' => [
-          'ldap_attr' => '[departmentNumber]',
-          'user_attr' => '[field.field_user_dept_code]',
-          'convert' => FALSE,
-          'user_tokens' => '',
-          'config_module' => 'ldap_user',
-          'prov_module' => 'ldap_departments_sync',
-          'prov_events' => ['create_drupal_user', 'sync_to_drupal_user'],
-        ],
-        'field-field_user_id_lattes' => [
-          'ldap_attr' => '[lattesId]',
-          'user_attr' => '[field.field_user_id_lattes]',
-          'convert' => FALSE,
-          'user_tokens' => '',
-          'config_module' => 'ldap_user',
-          'prov_module' => 'site_users',
-          'prov_events' => ['create_drupal_user', 'sync_to_drupal_user'],
-        ],
-        'field-field_user_name' => [
-          'ldap_attr' => '[displayName]',
-          'user_attr' => '[field.field_user_name]',
-          'convert' => FALSE,
-          'user_tokens' => '',
-          'config_module' => 'ldap_user',
-          'prov_module' => 'site_users',
-          'prov_events' => ['create_drupal_user'],
-        ],
-        'field-field_user_work_phone' => [
-          'ldap_attr' => '[telephoneNumber]',
-          'user_attr' => '[field.field_user_work_phone]',
-          'convert' => FALSE,
-          'user_tokens' => '',
-          'config_module' => 'ldap_user',
-          'prov_module' => 'ldap_departments_sync',
-          'prov_events' => ['create_drupal_user', 'sync_to_drupal_user'],
-        ],
-        'field-field_user_orcid' => [
-          'ldap_attr' => '[orcID]',
-          'user_attr' => '[field.field_user_orcid]',
-          'convert' => FALSE,
-          'user_tokens' => '',
-          'config_module' => 'ldap_user',
-          'prov_module' => 'site_users',
-          'prov_events' => ['create_drupal_user', 'sync_to_drupal_user'],
-        ],
-      ],
-      'ldap' => [],
-    ])
-    ->save();
+  foreach ($configs as $config_name) {
+    $data = $source->read($config_name);
+    if ($data !== FALSE) {
+      \Drupal::configFactory()->getEditable($config_name)->setData($data)->save();
+    }
+  }
 }
diff --git a/config/optional/authorization.settings.yml b/config/optional/authorization.settings.yml
new file mode 100644
index 0000000..e03d9c5
--- /dev/null
+++ b/config/optional/authorization.settings.yml
@@ -0,0 +1 @@
+authorization_message: true
diff --git a/config/optional/ldap_authentication.settings.yml b/config/optional/ldap_authentication.settings.yml
new file mode 100644
index 0000000..4457dd5
--- /dev/null
+++ b/config/optional/ldap_authentication.settings.yml
@@ -0,0 +1,23 @@
+langcode: en
+sids:
+  ads1_ime_unicamp_br: ads1_ime_unicamp_br
+  ldap_ime_unicamp_br: '0'
+authenticationMode: mixed
+loginUIUsernameTxt: ''
+loginUIPasswordTxt: ''
+ldapUserHelpLinkUrl: ''
+ldapUserHelpLinkText: ''
+emailOption: disable
+emailUpdate: update_notify
+emailTemplateHandling: none
+emailTemplate: '@username@example.com'
+emailTemplateUsageResolveConflict: false
+emailTemplateUsageNeverUpdate: false
+emailTemplateUsagePromptUser: false
+emailTemplateUsageRedirectOnLogin: false
+emailTemplateUsagePromptRegex: '.*@example\.com'
+passwordOption: hide
+allowOnlyIfTextInDn: {  }
+excludeIfTextInDn: {  }
+excludeIfNoAuthorizations: false
+skipAdministrators: true
diff --git a/config/optional/ldap_servers.settings.yml b/config/optional/ldap_servers.settings.yml
new file mode 100644
index 0000000..c4d13a8
--- /dev/null
+++ b/config/optional/ldap_servers.settings.yml
@@ -0,0 +1 @@
+watchdog_detail: true
diff --git a/config/optional/ldap_user.settings.yml b/config/optional/ldap_user.settings.yml
new file mode 100644
index 0000000..73f202c
--- /dev/null
+++ b/config/optional/ldap_user.settings.yml
@@ -0,0 +1,99 @@
+drupalAcctProvisionServer: ldap_ime_unicamp_br
+ldapEntryProvisionServer: ldap_ime_unicamp_br
+drupalAcctProvisionTriggers:
+  - drupal_on_update_create
+ldapEntryProvisionTriggers: {  }
+orphanedIncludeDisabledUsers: true
+orphanedDrupalAcctBehavior: user_cancel_delete
+orphanedDrupalAcctReportingInbox: ''
+orphanedCheckQty: 100
+orphanedAccountCheckInterval: always
+userConflictResolve: resolve
+manualAccountConflict: conflict_associate
+acctCreation: ldap_behavior
+disableAdminPasswordField: false
+userUpdateCronQuery: people_sync
+userUpdateCronInterval: always
+userUpdateOnly: false
+ldapUserSyncMappings:
+  drupal:
+    field-preferred_langcode:
+      ldap_attr: '[preferredLanguage]'
+      user_attr: '[field.preferred_langcode]'
+      convert: false
+      user_tokens: ''
+      config_module: ldap_user
+      prov_module: ldap_user
+      prov_events:
+        - create_drupal_user
+        - sync_to_drupal_user
+    field-field_user_category:
+      ldap_attr: '[employeeType]'
+      user_attr: '[field.field_user_category]'
+      convert: false
+      user_tokens: ''
+      config_module: ldap_user
+      prov_module: ldap_departments_sync
+      prov_events:
+        - create_drupal_user
+        - sync_to_drupal_user
+    field-field_user_dept_code:
+      ldap_attr: '[departmentNumber]'
+      user_attr: '[field.field_user_dept_code]'
+      convert: false
+      user_tokens: ''
+      config_module: ldap_user
+      prov_module: ldap_departments_sync
+      prov_events:
+        - create_drupal_user
+        - sync_to_drupal_user
+    field-field_user_id_lattes:
+      ldap_attr: '[lattesId]'
+      user_attr: '[field.field_user_id_lattes]'
+      convert: false
+      user_tokens: ''
+      config_module: ldap_user
+      prov_module: site_users
+      prov_events:
+        - create_drupal_user
+        - sync_to_drupal_user
+    field-field_user_name:
+      ldap_attr: '[displayName]'
+      user_attr: '[field.field_user_name]'
+      convert: false
+      user_tokens: ''
+      config_module: ldap_user
+      prov_module: site_users
+      prov_events:
+        - create_drupal_user
+    field-field_user_orcid:
+      ldap_attr: '[orcID]'
+      user_attr: '[field.field_user_orcid]'
+      convert: false
+      user_tokens: ''
+      config_module: ldap_user
+      prov_module: site_users
+      prov_events:
+        - create_drupal_user
+        - sync_to_drupal_user
+    field-field_user_work_phone:
+      ldap_attr: '[telephoneNumber]'
+      user_attr: '[field.field_user_work_phone]'
+      convert: false
+      user_tokens: ''
+      config_module: ldap_user
+      prov_module: ldap_departments_sync
+      prov_events:
+        - create_drupal_user
+        - sync_to_drupal_user
+    field-field_person_id:
+      ldap_attr: '[employeeNumber]'
+      user_attr: '[field.field_person_id]'
+      convert: false
+      user_tokens: ''
+      config_module: ldap_user
+      prov_module: site_users
+      prov_events:
+        - create_drupal_user
+        - sync_to_drupal_user
+  ldap: {  }