ILIAS Release_3_7_x_branch .rev 46817: webservice/soap/classes/class.ilSoapUserAdministration.php Source File

Go to the documentation of this file.
00001 <?php
00002   /*
00003    +-----------------------------------------------------------------------------+
00004    | ILIAS open source                                                           |
00005    +-----------------------------------------------------------------------------+
00006    | Copyright (c) 1998-2006 ILIAS open source, University of Cologne            |
00007    |                                                                             |
00008    | This program is free software; you can redistribute it and/or               |
00009    | modify it under the terms of the GNU General Public License                 |
00010    | as published by the Free Software Foundation; either version 2              |
00011    | of the License, or (at your option) any later version.                      |
00012    |                                                                             |
00013    | This program is distributed in the hope that it will be useful,             |
00014    | but WITHOUT ANY WARRANTY; without even the implied warranty of              |
00015    | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               |
00016    | GNU General Public License for more details.                                |
00017    |                                                                             |
00018    | You should have received a copy of the GNU General Public License           |
00019    | along with this program; if not, write to the Free Software                 |
00020    | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA. |
00021    +-----------------------------------------------------------------------------+
00022   */
00023 
00024 
00033 include_once './webservice/soap/classes/class.ilSoapAdministration.php';
00034 
00035 class ilSoapUserAdministration extends ilSoapAdministration
00036 {
00037         function ilSoapUserAdministration()
00038         {
00039                 parent::ilSoapAdministration();
00040         }
00041 
00042 
00043         // Service methods
00044         function login($client,$username,$password)
00045         {
00046                 $this->__initAuthenticationObject();
00047                 $this->sauth->setClient($client);
00048                 $this->sauth->setUsername($username);
00049                 $this->sauth->setPassword($password);
00050 
00051                 $authenticated = true;
00052                 if(!$this->sauth->authenticate())
00053                 {
00054                         // Check if password is md5 crypted check for it
00055                         if(strlen($password) == 32)
00056                         {
00057                                 $this->__initAuthenticationObject();
00058                                 $this->sauth->setClient($client);
00059                                 $this->sauth->setUsername($username);
00060                                 $this->sauth->setPassword($password);
00061                                 $this->sauth->setPasswordType(IL_AUTH_MD5);
00062                                 if(!$this->sauth->authenticate())
00063                                 {
00064                                         $authenticated = false;
00065                                 }
00066                         }
00067                         else
00068                         {
00069                                 $authenticated = false;
00070                         }
00071                 }
00072                 if(!$authenticated)
00073                 {
00074                         return $this->__raiseError($this->sauth->getMessage(),$this->sauth->getMessageCode());
00075                 }
00076                 return $this->sauth->getSid().'::'.$client;
00077         }
00078 
00079         // Service methods
00080         function loginCAS($client, $PT, $username)
00081         {
00082                 $this->__initAuthenticationObject(AUTH_CAS);
00083                 $this->sauth->setClient($client);
00084                 $this->sauth->setUsername($username);
00085                 $this->sauth->setPT($PT);
00086                 $authenticated = true;
00087                 //include_once("./Services/CAS/classes/class.ilCASAuth.php");
00088                 //include_once("./Services/CAS/phpcas/source/CAS/CAS.php");
00089                 if(!$this->sauth->authenticate())
00090                 {
00091                         $authenticated = false;
00092                 }
00093                 if(!$authenticated)
00094                 {
00095                         return $this->__raiseError($this->sauth->getMessage(),$this->sauth->getMessageCode());
00096                 }
00097                 return $this->sauth->getSid().'::'.$client;
00098         }
00099 
00100         function logout($sid)
00101         {
00102                 if(!$this->__checkSession($sid))
00103                 {
00104                         return $this->__raiseError($this->sauth->getMessage(),$this->sauth->getMessageCode());
00105                 }
00106 
00107                 if(!$this->sauth->logout())
00108                 {
00109                         return $this->__raiseError($this->sauth->getMessage(),$this->sauth->getMessageCode());
00110                 }
00111 
00112                 return true;
00113         }
00114 
00115         function lookupUser($sid,$user_name)
00116         {
00117                 if(!$this->__checkSession($sid))
00118                 {
00119                         return $this->__raiseError($this->sauth->getMessage(),$this->sauth->getMessageCode());
00120                 }
00121 
00122                 if(!strlen($user_name))
00123                 {
00124                         return $this->__raiseError('No username given. Aborting','Client');
00125                 }
00126 
00127                 // Include main header
00128                 include_once './include/inc.header.php';
00129                 global $rbacsystem;
00130 
00131                 if(!$rbacsystem->checkAccess('read',USER_FOLDER_ID))
00132                 {
00133                         return $this->__raiseError('Check access failed.'.USER_FOLDER_ID,'Server');
00134                 }
00135 
00136                 $user_id = ilObjUser::getUserIdByLogin($user_name);
00137                 return $user_id ? $user_id : "0";
00138 
00139         }
00140 
00141         function getUser($sid,$user_id)
00142         {
00143                 if(!$this->__checkSession($sid))
00144                 {
00145                         return $this->__raiseError($this->sauth->getMessage(),$this->sauth->getMessageCode());
00146                 }
00147 
00148                 // Include main header
00149                 include_once './include/inc.header.php';
00150                 global $rbacsystem, $ilUser;
00151 
00152                 if(!$rbacsystem->checkAccess('read',USER_FOLDER_ID))
00153                 {
00154                         return $this->__raiseError('Check access failed.','Server');
00155                 }
00156 
00157                 if($ilUser->getLoginByUserId($user_id))
00158                 {
00159                         $tmp_user =& ilObjectFactory::getInstanceByObjId($user_id);
00160                         $usr_data = $this->__readUserData($tmp_user);
00161 
00162                         return $usr_data;
00163                 }
00164                 return $this->__raiseError('User does not exist','Client');
00165         }
00166 
00167         function updateUser($sid,$user_data)
00168         {
00169                 if(!$this->__checkSession($sid))
00170                 {
00171                         return $this->__raiseError($this->sauth->getMessage(),$this->sauth->getMessageCode());
00172                 }
00173 
00174                 // Include main header
00175                 include_once './include/inc.header.php';
00176                 global $rbacsystem, $ilUser, $log;
00177 
00178                 if(!$rbacsystem->checkAccess('write',USER_FOLDER_ID))
00179                 {
00180                         return $this->__raiseError('Check access failed.','Server');
00181                 }
00182 
00183                 if(!$user_obj =& ilObjectFactory::getInstanceByObjId($user_data['usr_id'],false))
00184                 {
00185                         return $this->__raiseError('User with id '.$user_data['usr_id'].' does not exist.','Client');
00186                 }
00187 
00188                 $user_old = $this->__readUserData($user_obj);
00189                 $user_new = $this->__substituteUserData($user_old,$user_data);
00190 
00191                 if(!$this->__validateUserData($user_data,false))
00192                 {
00193                         return $this->__raiseError($this->__getMessage(),'Client');
00194                 }
00195 
00196                 if(strlen($user_data['passwd']) != 32)
00197                 {
00198                         $user_new['passwd_type'] = IL_PASSWD_PLAIN;
00199                 }
00200                 else
00201                 {
00202                         $user_new['passwd_type'] = IL_PASSWD_MD5;
00203                 }
00204                 $this->__setUserData($user_obj,$user_new);
00205 
00206                 $log->write('SOAP: updateUser()');
00207                 $user_obj->update();
00208 
00209                 if($user_data['accepted_agreement'] and !$user_obj->hasAcceptedUserAgreement())
00210                 {
00211                         $user_obj->writeAccepted();
00212                 }
00213 
00214                 return true;
00215         }
00216 
00217         function updatePassword($sid,$user_id,$new_password)
00218         {
00219                 if(!$this->__checkSession($sid))
00220                 {
00221                         return $this->__raiseError($this->sauth->getMessage(),$this->sauth->getMessageCode());
00222                 }
00223 
00224                 // Include main header
00225                 include_once './include/inc.header.php';
00226                 global $rbacsystem;
00227 
00228                 if(!$rbacsystem->checkAccess('write',USER_FOLDER_ID))
00229                 {
00230                         return $this->__raiseError('Check access failed.','Server');
00231                 }
00232 
00233                 if(!$tmp_user =& ilObjectFactory::getInstanceByObjId($user_id,false))
00234                 {
00235                         return $this->__raiseError('No valid user_id given.','Client');
00236                 }
00237 
00238                 $tmp_user->replacePassword($new_password);
00239 
00240                 return true;
00241         }
00242 
00243         function addUser($sid,$user_data,$global_role_id)
00244         {
00245                 if(!$this->__checkSession($sid))
00246                 {
00247                         return $this->__raiseError($this->sauth->getMessage(),$this->sauth->getMessageCode());
00248                 }
00249 
00250                 // Include main header
00251                 include_once './include/inc.header.php';
00252                 global $rbacsystem, $rbacreview, $ilLog, $rbacadmin,$ilSetting;
00253 
00254                 if(!$rbacsystem->checkAccess('create_user',USER_FOLDER_ID))
00255                 {
00256                         return $this->__raiseError('Check access failed.','Server');
00257                 }
00258 
00259                 // Validate user_data
00260                 if(!$this->__validateUserData($user_data))
00261                 {
00262                         return $this->__raiseError($this->__getMessage(),'Client');
00263                 }
00264                 // Validate global role
00265                 if(!$global_role_id)
00266                 {
00267                         return $this->__raiseError('No role id given','Client');
00268                 }
00269 
00270                 // Validate global role
00271 
00272                 $global_roles = $rbacreview->getGlobalRoles();
00273 
00274                 if(!in_array($global_role_id,$global_roles))
00275                 {
00276                         return $this->__raiseError('Role with id: '.$global_role_id.' is not a valid global role','Client');
00277                 }
00278 
00279                 $new_user =& new ilObjUser();
00280 
00281                 if(strlen($user_data['passwd']) != 32)
00282                 {
00283                         $user_data['passwd_type'] = IL_PASSWD_PLAIN;
00284                 }
00285                 else
00286                 {
00287                         $user_data['passwd_type'] = IL_PASSWD_MD5;
00288                 }
00289         $this->__setUserData($new_user,$user_data);
00290 
00291                 $ilLog->write('SOAP: addUser()');
00292 
00293                 // Need this for entry in object_data
00294                 $new_user->setTitle($new_user->getFullname());
00295                 $new_user->setDescription($new_user->getEmail());
00296 
00297                 if ($user_data["import_id"] != "")
00298                 {
00299                         $new_user->setImportId($user_data["import_id"]);
00300                 }
00301 
00302                 $new_user->create();
00303 
00304 
00305                 $new_user->saveAsNew();
00306 
00307                 // If agreement is given. Set user agreement accepted.
00308                 if($user_data['accepted_agreement'])
00309                 {
00310                         $new_user->writeAccepted();
00311                 }
00312 
00313                 // Assign role
00314                 $rbacadmin->assignUser($global_role_id,$new_user->getId());
00315 
00316                 // Assign user prefs
00317                 $new_user->setLanguage($user_data['user_language']);
00318                 $new_user->setPref('style',$user_data['user_style']);
00319                 $new_user->setPref('skin',$user_data['user_skin']);
00320                 $new_user->setPref('hits_per_page',$ilSetting->get('hits_per_page'));
00321                 $new_user->setPref('show_users_online',$ilSetting->get('show_users_online'));
00322                 $new_user->writePrefs();
00323 
00324                 return $new_user->getId();
00325         }
00326 
00327         function deleteUser($sid,$user_id)
00328         {
00329                 if(!$this->__checkSession($sid))
00330                 {
00331                         return $this->__raiseError($this->sauth->getMessage(),$this->sauth->getMessageCode());
00332                 }
00333 
00334                 if(!isset($user_id))
00335                 {
00336                         return $this->__raiseError('No user_id given. Aborting','Client');
00337                 }
00338 
00339                 // Include main header
00340                 include_once './include/inc.header.php';
00341                 global $rbacsystem, $ilUser, $log;
00342 
00343                 if(!$rbacsystem->checkAccess('delete',USER_FOLDER_ID))
00344                 {
00345                         return $this->__raiseError('Check access failed.','Server');
00346                 }
00347 
00348                 if(!$ilUser->getLoginByUserId($user_id))
00349                 {
00350                         return $this->__raiseError('User id: '.$user_id.' is not a valid identifier. Aborting','Client');
00351                 }
00352                 if($ilUser->getId() == $user_id)
00353                 {
00354                         return $this->__raiseError('Cannot delete myself. Aborting','Client');
00355                 }
00356                 if($user_id == SYSTEM_USER_ID)
00357                 {
00358                         return $this->__raiseError('Cannot delete root account. Aborting','Client');
00359                 }
00360                 // Delete him
00361                 $log->write('SOAP: deleteUser()');
00362                 $delete_user =& ilObjectFactory::getInstanceByObjId($user_id,false);
00363                 $delete_user->delete();
00364 
00365                 return true;
00366         }
00367 
00368 
00369 
00370 
00371         // PRIVATE
00372         function __validateUserData(&$user_data,$check_complete = true)
00373         {
00374                 global $lng,$styleDefinition;
00375 
00376                 $this->__setMessage('');
00377 
00378                 if($check_complete)
00379                 {
00380                         if(!isset($user_data['login']))
00381                         {
00382                                 $this->__appendMessage('No login given.');
00383                         }
00384                         if(!isset($user_data['passwd']))
00385                         {
00386                                 $this->__appendMessage('No password given.');
00387                         }
00388                         if(!isset($user_data['email']))
00389                         {
00390                                 $this->__appendMessage('No email given');
00391                         }
00392                         if(!isset($user_data['user_language']))
00393                         {
00394                                 $user_data['user_language'] = $lng->getDefaultLanguage();
00395                         }
00396                 }
00397                 foreach($user_data as $field => $value)
00398                 {
00399                         switch($field)
00400                         {
00401                                 case 'login':
00402                                         if (!ilUtil::isLogin($value))
00403                                         {
00404                                                 $this->__appendMessage('Login invalid.');
00405                                         }
00406 
00407                                         // check loginname
00408                                         if($check_complete)
00409                                         {
00410                                                 if (loginExists($value))
00411                                                 {
00412                                                         $this->__appendMessage('Login already exists.');
00413                                                 }
00414                                         }
00415                                         break;
00416 
00417                                 case 'passwd':
00418                                         if (!ilUtil::isPassword($value))
00419                                         {
00420                                                 $this->__appendMessage('Password invalid.');
00421                                         }
00422                                         break;
00423 
00424                                 case 'email':
00425                                         if(!ilUtil::is_email($value))
00426                                         {
00427                                                 $this->__appendMessage('Email invalid.');
00428                                         }
00429                                         break;
00430 
00431                                 case 'time_limit_unlimited':
00432                                         if($value != 1)
00433                                         {
00434                                                 if($user_data['time_limit_from'] >= $user_data['time_limit_until'])
00435                                                 {
00436                                                         $this->__appendMessage('Time limit invalid');
00437                                                 }
00438                                         }
00439                                         break;
00440 
00441                                 case 'user_language':
00442                                         $lang_inst = $lng->getInstalledLanguages();
00443 
00444                                         if(!in_array($user_data['user_language'],$lang_inst))
00445                                         {
00446                                                 $this->__appendMessage('Language: '.$user_data['user_language'].' is not installed');
00447                                         }
00448                                         break;
00449 
00450 
00451                                 case 'user_skin':
00452                                 case 'user_style':
00453                                         if(($user_data['user_skin'] and !$user_data['user_style']) or
00454                                            (!$user_data['user_skin'] and $user_data['user_style']))
00455                                         {
00456                                                 $this->__appendMessage('user_skin, user_style not valid.');
00457                                         }
00458                                         elseif($user_data['user_skin'] and $user_data['user_style'])
00459                                         {
00460                                                 $ok = false;
00461                                                 $templates = $styleDefinition->getAllTemplates();
00462                                                 if (count($templates) > 0 && is_array ($templates))
00463                                                 {
00464                                                         foreach($templates as $template)
00465                                                         {
00466                                                                 $styleDef =& new ilStyleDefinition($template["id"]);
00467                                                                 $styleDef->startParsing();
00468                                                                 $styles = $styleDef->getStyles();
00469                                                                 foreach ($styles as $style)
00470                                                                 {
00471                                                                         if ($user_data['user_skin'] == $template["id"] &&
00472                                                                                 $user_data['user_style'] == $style["id"])
00473                                                                         {
00474                                                                                 $ok = true;
00475                                                                         }
00476                                                                 }
00477                                                         }
00478                                                         if(!$ok)
00479                                                         {
00480                                                                 $this->__appendMessage('user_skin, user_style not valid.');
00481                                                         }
00482                                                 }
00483                                         }
00484                                         break;
00485 
00486                                 case 'time_limit_owner':
00487                                         $type = ilObject::_lookupType($user_data['time_limit_owner'],true);
00488                                         if($type != 'cat' and $type != 'usrf')
00489                                         {
00490                                                 $this->__appendMessage('time_limit_owner must be ref_id of category or user folder'.$type);
00491                                         }
00492                                         break;
00493 
00494 
00495 
00496                                 default:
00497                                         continue;
00498                         }
00499                 }
00500                 return strlen($this->__getMessage()) ? false : true;
00501         }
00502 
00503         function __setUserData(&$user_obj,&$user_data)
00504         {
00505                 // Default to unlimited if no access period is given
00506                 if(!$user_data['time_limit_from'] and
00507                    !$user_data['time_limit_until'] and
00508                    !$user_data['time_limit_unlimited'])
00509                 {
00510                         $user_data['time_limit_unlimited'] = 1;
00511                 }
00512                 if(!$user_data['time_limit_owner'])
00513                 {
00514                         $user_data['time_limit_owner'] = USER_FOLDER_ID;
00515                 }
00516 
00517                 $user_obj->assignData($user_data);
00518 
00519                 if(isset($user_data['user_language']))
00520                 {
00521                         $user_obj->setLanguage($user_data['user_language']);
00522                 }
00523                 if(isset($user_data['user_skin']) and isset($user_data['user_style']))
00524                 {
00525                         $user_obj->setPref('skin',$user_data['user_skin']);
00526                         $user_obj->setPref('style',$user_data['user_style']);
00527                 }
00528                 return true;
00529         }
00530 
00531         function __readUserData(&$usr_obj)
00532         {
00533                 $usr_data['usr_id'] = $usr_obj->getId();
00534                 $usr_data['login'] = $usr_obj->getLogin();
00535                 $usr_data['passwd'] = $usr_obj->getPasswd();
00536                 $usr_data['passwd_type'] = $usr_obj->getPasswdType();
00537                 $usr_data['firstname'] = $usr_obj->getFirstname();
00538                 $usr_data['lastname'] = $usr_obj->getLastname();
00539                 $usr_data['title'] = $usr_obj->getUTitle();
00540                 $usr_data['gender'] = $usr_obj->getGender();
00541                 $usr_data['email'] = $usr_obj->getEmail();
00542                 $usr_data['institution'] = $usr_obj->getInstitution();
00543                 $usr_data['street'] = $usr_obj->getStreet();
00544                 $usr_data['city'] = $usr_obj->getCity();
00545                 $usr_data['zipcode'] = $usr_obj->getZipcode();
00546                 $usr_data['country'] = $usr_obj->getCountry();
00547                 $usr_data['phone_office'] = $usr_obj->getPhoneOffice();
00548                 $usr_data['last_login'] = $usr_obj->getLastLogin();
00549                 $usr_data['last_update'] = $usr_obj->getLastUpdate();
00550                 $usr_data['create_date'] = $usr_obj->getCreateDate();
00551                 $usr_data['hobby'] = $usr_obj->getHobby();
00552                 $usr_data['department'] = $usr_obj->getDepartment();
00553                 $usr_data['phone_home'] = $usr_obj->getPhoneHome();
00554                 $usr_data['phone_mobile'] = $usr_obj->getPhoneMobile();
00555                 $usr_data['fax'] = $usr_obj->getFax();
00556                 $usr_data['time_limit_owner'] = $usr_obj->getTimeLimitOwner();
00557                 $usr_data['time_limit_unlimited'] = $usr_obj->getTimeLimitUnlimited();
00558                 $usr_data['time_limit_from'] = $usr_obj->getTimeLimitFrom();
00559                 $usr_data['time_limit_until'] = $usr_obj->getTimeLimitUntil();
00560                 $usr_data['time_limit_message'] = $usr_obj->getTimeLimitMessage();
00561                 $usr_data['referral_commment'] = $usr_obj->getComment();
00562                 $usr_data['matriculation'] = $usr_obj->getMatriculation();
00563                 $usr_data['active'] = $usr_obj->getActive();
00564                 $usr_data['approve_date'] = $usr_obj->getApproveDate();
00565                 $usr_data['user_skin'] = $usr_obj->getPref('skin');
00566                 $usr_data['user_style'] = $usr_obj->getPref('style');
00567                 $usr_data['user_language'] = $usr_obj->getLanguage();
00568 
00569                 $usr_data['accepted_agreement'] = $usr_obj->hasAcceptedUserAgreement();
00570 
00571                 return $usr_data;
00572         }
00573 
00574         function __substituteUserData($user_old,$user_new)
00575         {
00576                 foreach($user_new as $key => $value)
00577                 {
00578                         $user_old[$key] = $value;
00579                 }
00580                 return $user_old ? $user_old : array();
00581         }
00582 
00589         function importUsers ($sid, $folder_id, $usr_xml, $conflict_rule, $send_account_mail)
00590         {
00591 
00592                 if(!$this->__checkSession($sid))
00593                 {
00594                         return $this->__raiseError($this->sauth->getMessage(),$this->sauth->getMessageCode());
00595                 }
00596 
00597 
00598                 // Include main header
00599                 include_once './include/inc.header.php';
00600                 include_once './classes/class.ilUserImportParser.php';
00601                 include_once './classes/class.ilObjRole.php';
00602                 include_once './classes/class.ilObjectFactory.php';
00603                 global $rbacreview, $rbacsystem, $tree, $lng;
00604 
00605         // this takes time but is nescessary
00606                 $error = false;
00607                 /*
00608 
00609                 // validate to prevent wrong XMLs
00610                 // does not work in php4 -> any ideas?
00611                 $this->dom = @domxml_open_mem($usr_xml, DOMXML_LOAD_VALIDATING, $error);
00612                 if ($error)
00613                 {
00614                     $msg = array();
00615                     foreach ($error as $err) {
00616                         $msg []= "(".$err["line"].",".$err["col"]."): ".$err["errormessage"];
00617                     }
00618                     return $this->__raiseError(join("\n",$msg), "Client");
00619                 }
00620                 */
00621 
00622                 switch ($conflict_rule)
00623                 {
00624                         case 2:
00625                                 $conflict_rule = IL_UPDATE_ON_CONFLICT;
00626                                 break;
00627                         case 3:
00628                                 $conflict_rule = IL_IGNORE_ON_CONFLICT;
00629                                 break;
00630                         default:
00631                                 $conflict_rule = IL_FAIL_ON_CONFLICT;
00632                 }
00633 
00634 
00635                 // folder id 0, means to check permission on user basis!
00636                 // must have create user right in time_limit_owner property (which is ref_id of container)
00637                 if ($folder_id != 0)
00638                 {
00639                 // determine where to import
00640                 if ($folder_id == -1)
00641                         $folder_id = USER_FOLDER_ID;
00642 
00643                         // get folder
00644                 $import_folder = ilObjectFactory::getInstanceByRefId($folder_id, false);
00645 
00646                 // id does not exist
00647                 if (!$import_folder)
00648                                 return $this->__raiseError('Wrong reference id.','Server');
00649 
00650                 // folder is not a folder, can also be a category
00651                 if ($import_folder->getType() != "usrf" && $import_folder->getType() != "cat")
00652                         return $this->__raiseError('Folder must be a usr folder or a category.','Server');
00653 
00654                 // check access to folder
00655                 if(!$rbacsystem->checkAccess('create_user',$folder_id))
00656                 {
00657                         return $this->__raiseError('Missing permission for creating users within '.$import_folder->getTitle(),'Server');
00658                 }
00659                 }
00660 
00661                 // first verify
00662 
00663 
00664                 $importParser = new ilUserImportParser("", IL_VERIFY, $conflict_rule);
00665                 $importParser->setUserMappingMode(IL_USER_MAPPING_ID);
00666                 $importParser->setXMLContent($usr_xml);
00667                 $importParser->startParsing();
00668 
00669                 switch ($importParser->getErrorLevel())
00670                 {
00671                         case IL_IMPORT_SUCCESS :
00672                                 break;
00673                         case IL_IMPORT_WARNING :
00674                                 return $this->__getImportProtocolAsXML ($importParser->getProtocol("User Import Log - Warning"));
00675                                 break;
00676                         case IL_IMPORT_FAILURE :
00677                                 return $this->__getImportProtocolAsXML ($importParser->getProtocol("User Import Log - Failure"));
00678                 }
00679 
00680                 // verify is ok, so get role assignments
00681 
00682                 $importParser = new ilUserImportParser("", IL_EXTRACT_ROLES, $conflict_rule);
00683                 $importParser->setXMLContent($usr_xml);
00684             $importParser->setUserMappingMode(IL_USER_MAPPING_ID);
00685                 $importParser->startParsing();
00686 
00687                 $roles = $importParser->getCollectedRoles();
00688 
00689         #       print_r($roles);
00690 
00691 
00692                 // get global roles
00693                 $all_gl_roles = $rbacreview->getRoleListByObject(ROLE_FOLDER_ID);
00694 
00695         #       print_r($all_gl_roles );
00696 
00697                 $permitted_global_roles = array();
00698 
00699                 foreach ($all_gl_roles as $obj_data)
00700                 {
00701                         // check assignment permission if called from local admin
00702                         if($folder_id != USER_FOLDER_ID && $folder_id != 0)
00703                         {
00704                                 if(!ilObjRole::_getAssignUsersStatus($obj_data['obj_id']))
00705                                 {
00706                                     continue;
00707                                 }
00708                         }
00709                         // exclude anonymous role from list
00710                         if ($obj_data["obj_id"] != ANONYMOUS_ROLE_ID)
00711                         {
00712                                 // do not allow to assign users to administrator role if current user does not has SYSTEM_ROLE_ID
00713                                 if ($obj_data["obj_id"] != SYSTEM_ROLE_ID or in_array(SYSTEM_ROLE_ID,$_SESSION["RoleId"]))
00714                                 {
00715                                         $permitted_global_roles[$obj_data["obj_id"]] = $obj_data["title"];
00716                                 }
00717                         }
00718                 }
00719 
00720         #       print_r($permitted_global_roles);
00721 
00722                 // get local roles
00723                 $loc_roles = $rbacreview->getAssignableRoles();
00724 
00725         //      print_r($loc_roles);
00726 
00727                 $permitted_local_roles = array();
00728 
00729                 foreach ($loc_roles as $key => $loc_role)
00730                 {
00731                                 // fetch context path of role
00732                                 $rolf = $rbacreview->getFoldersAssignedToRole($loc_role["obj_id"],true);
00733 
00734                                 // only process role folders that are not set to status "deleted"
00735                                 // and for which the user has write permissions.
00736                                 // We also don't show the roles which are in the ROLE_FOLDER_ID folder.
00737                                 // (The ROLE_FOLDER_ID folder contains the global roles).
00738                                 if (!$rbacreview->isDeleted($rolf[0])
00739                                 && $rbacsystem->checkAccess('write',$tree->getParentId($rolf[0]))
00740                                 && $rolf[0] != ROLE_FOLDER_ID
00741                                 )
00742                                 {
00743                                         // A local role is only displayed, if it is contained in the subtree of
00744                                         // the localy administrated category. If the import function has been
00745                                         // invoked from the user folder object, we show all local roles, because
00746                                         // the user folder object is considered the parent of all local roles.
00747                                         // Thus, if we start from the user folder object, we initialize the
00748                                         // isInSubtree variable with true. In all other cases it is initialized
00749                                         // with false, and only set to true if we find the object id of the
00750                                         // locally administrated category in the tree path to the local role.
00751                                         $isInSubtree = $folder_id == USER_FOLDER_ID || $folder_id == 0;
00752 
00753                                         $path = "";
00754 
00755                                         if ($tree->isInTree($rolf[0]))
00756                                         {
00757 
00758                                                 // Create path. Paths which have more than 4 segments
00759                                                 // are truncated in the middle.
00760                                                 $tmpPath = $tree->getPathFull($rolf[0]);
00761 
00762                         for ($i = 1, $n = count($tmpPath) - 1; $i < $n; $i++)
00763                                                 {
00764                                                         if ($i > 1)
00765                                                         {
00766                                                                 $path = $path.' > ';
00767                                                         }
00768                                                         if ($i < 3 || $i > $n - 3)
00769                                                         {
00770                                                                 $path = $path.$tmpPath[$i]['title'];
00771                                                         }
00772                                                         else if ($i == 3 || $i == $n - 3)
00773                                                         {
00774                                                                 $path = $path.'...';
00775                                                         }
00776 
00777                                                         $isInSubtree |= $tmpPath[$i]['ref_id'] == $folder_id;
00778                                                 }
00779                                         }
00780                                         if ($loc_role["role_type"] != "Global" && $isInSubtree)
00781                                         {
00782                                             $permitted_local_roles[$loc_role['obj_id']] = $loc_role["title"];
00783                                         }
00784                                 }
00785                 } //foreach local role
00786 
00787 
00788                 //print_r($permitted_local_roles);
00789 
00790                 // roles to be assigned, skip if one is not allowed!
00791 
00792                 $permitted_roles = array();
00793 
00794                 foreach ($roles as $role_id => $role)
00795                 {
00796                         $role_name = $role["name"];
00797 
00798                         if (is_numeric ($role_id))
00799                         {
00800                                 // ok, we have a numeric role id
00801                         } elseif (ilUtil::__extractId($role_id,IL_INST_ID)) 
00802                         // detect role id from ilias conform id
00803                         {
00804                                 $role_id = ilUtil::__extractId($role_id,IL_INST_ID);
00805                         } else
00806                         // detect rolename as primery key, which is alphanumeric and not an ilias id
00807                         {
00808                                 $role = ilSoapUserAdministration::__getRoleForRolename ($role_id);
00809                                 if (is_object($role))
00810                                 {
00811                                         $role_name = $role->title;
00812                                         $role_id = $role->role_id;
00813                                 }
00814                         }
00815                         if (array_search($role_name, $permitted_local_roles) || array_search($role_name, $permitted_global_roles))
00816                                 $permitted_roles[$role_id] = $role_id;
00817                         else return $this->__raiseError("Could not find role ".$role_name.". Either you use an invalid/deleted role or you try to assign a local role into the non-standard user folder and this role is not in its subtree.",'Server');
00818                 }
00819 #                       echo $role_id;
00820 #                       echo $role_name;
00821 #                       echo IL_INST_ID;
00822 
00823                 $global_roles = $rbacreview->getGlobalRoles();
00824 #print_r ($permitted_roles);
00825                 //print_r ($global_roles);
00826 
00827 
00828 
00829                 foreach ($permitted_roles as $role_id => $role_name)
00830                 {
00831                     if ($role_id != "")
00832                                 {
00833                                         if (in_array($role_id, $global_roles))
00834                                         {
00835                                                 if ($role_id == SYSTEM_ROLE_ID && ! in_array(SYSTEM_ROLE_ID, $_SESSION["RoleId"])
00836                                                 || ($folder_id != USER_FOLDER_ID && $folder_id != 0 && ! ilObjRole::_getAssignUsersStatus($role_id))
00837                                                 )
00838                                                 {
00839                                                         return $this->__raiseError($lng->txt("usrimport_with_specified_role_not_permitted")." $role_name ($role_id)",'Server');
00840                                                 }
00841                                         }
00842                                         else
00843                                         {
00844                                                 $rolf = $rbacreview->getFoldersAssignedToRole($role_id,true);
00845                                                 if ($rbacreview->isDeleted($rolf[0])
00846                                                                 || ! $rbacsystem->checkAccess('write',$tree->getParentId($rolf[0])))
00847                                                 {
00848 
00849                                                         return $this->__raiseError($lng->txt("usrimport_with_specified_role_not_permitted")." $role_name ($role_id)","Server");
00850                                                 }
00851                                         }
00852                                 }
00853                 }
00854 
00855                 //print_r ($permitted_roles);
00856 
00857                 $importParser = new ilUserImportParser("", IL_USER_IMPORT, $conflict_rule);
00858                 $importParser->setSendMail($send_account_mail);
00859                 $importParser->setUserMappingMode(IL_USER_MAPPING_ID);
00860                 $importParser->setFolderId($folder_id);
00861                 $importParser->setXMLContent($usr_xml);
00862 
00863                 $importParser->setRoleAssignment($permitted_roles);
00864 
00865                 $importParser->startParsing();
00866 
00867                 if ($importParser->isSuccess())
00868                   return $this->__getUserMappingAsXML ($importParser->getUserMapping());
00869 
00870                 return $this->__getImportProtocolAsXML ($importParser->getProtocol());
00871 
00872         }
00873 
00877         function __getRoleForRolename ($role_name)
00878         {
00879                 global $ilDB;
00880                 $sql = "SELECT * FROM role_data r, object_data o WHERE o.type='role' and o.title='$role_name' and r.role_id = o.obj_id";
00881 
00882                 $r = $ilDB->query($sql);
00883 
00884                 return $r ? $r->fetchRow(DB_FETCHMODE_OBJECT) : null;
00885         }
00886 
00890         function getUsersForContainer($sid, $ref_id, $attachRoles, $active)
00891         {
00892 
00893             if(!$this->__checkSession($sid))
00894                 {
00895                         return $this->__raiseError($this->sauth->getMessage(),$this->sauth->getMessageCode());
00896                 }
00897 
00898                 // Include main header
00899                 include_once './include/inc.header.php';
00900         global $ilDB, $rbacreview, $rbacsystem;
00901 
00902 
00903 
00904                 if ($ref_id == -1)
00905                         $ref_id = USER_FOLDER_ID;
00906 
00907 //echo "ref_id:".$ref_id;
00908 
00909                 if(!$rbacsystem->checkAccess('read', $ref_id))
00910                 {
00911                         return $this->__raiseError('Check access failed.','Server');
00912                 }
00913 
00914                 if (!$object = ilObjectFactory::getInstanceByRefId($ref_id, false))
00915                 {
00916                         return $this->__raiseError("No object for reference id $ref_id", "Server");
00917                 }
00918 
00919 
00920                 $type = $object->getType();
00921 
00922                 if ($type =="cat" || $type == "crs" || $type=="grp" || $type=="usrf")
00923                 {
00924                     $data = array();
00925                         switch ($type) {
00926                             case "usrf":
00927                                 $data = ilSoapUserAdministration::__getUserFolderUsers(USER_FOLDER_ID, $active);
00928                                 break;
00929                                 case "cat":
00930                                         $data = ilSoapUserAdministration::__getUserFolderUsers($ref_id, $active);
00931                                         break;
00932                                 case "crs":
00933                                 {
00934                                         $object->initCourseMemberObject();
00935 
00936                                         // GET ALL MEMBERS
00937                                         $members = array();
00938                                         $roles = $object->__getLocalRoles();
00939 
00940                                         foreach($roles as $role_id)
00941                                         {
00942                                                 $members = array_merge($rbacreview->assignedUsers($role_id, array()),$members);
00943                                         }
00944 
00945                                         $data = $members;
00946 
00947                                         break;
00948                                 }
00949                                 case "grp":
00950                                         $member_ids = $object->getGroupMemberIds();
00951                                         $data = ilSoapUserAdministration::__getGroupMemberData($member_ids, $active);
00952                                         break;
00953                         }
00954 
00955 
00956 
00957                         if (is_array($data))
00958                         {
00959                           include_once './webservice/soap/classes/class.ilSoapUserObjectXMLWriter.php';
00960 
00961                           $xmlWriter = new ilSoapUserObjectXMLWriter();
00962                                 $xmlWriter->setObjects($data);
00963 
00964                                 $xmlWriter->setAttachRoles ($attachRoles);
00965 
00966                                 if($xmlWriter->start())
00967                                 {
00968                                         return $xmlWriter->getXML();
00969                                 }
00970                         }
00971                         return $this->__raiseError('Error in processing information. This is likely a bug.','Server');
00972                 }
00973                 return $this->__raiseError('Type '.$type.' not yet supported','Client');
00974         }
00975 
00976 
00980         function getUserForRole($sid, $role_id, $attachRoles, $active)
00981         {
00982 
00983                 if(!$this->__checkSession($sid))
00984                 {
00985                         return $this->__raiseError($this->sauth->getMessage(),$this->sauth->getMessageCode());
00986                 }
00987 
00988                 // Include main header
00989                 include_once './include/inc.header.php';
00990                 include_once './classes/class.ilObjRole.php';
00991                 global $ilDB, $rbacreview, $rbacsystem, $tree;
00992 
00993 
00994                 $global_roles = $rbacreview->getGlobalRoles();
00995 
00996 
00997                 if (in_array($role_id, $global_roles))
00998                 {
00999                         if ($role_id == SYSTEM_ROLE_ID && ! in_array(SYSTEM_ROLE_ID, $_SESSION["RoleId"])
01000                         )
01001                         {
01002                                 return $this->__raiseError("Role access not permitted. ($role_id)","Server");
01003                         }
01004                 }
01005                 else
01006                 {
01007                         $rolf = $rbacreview->getFoldersAssignedToRole($role_id,true);
01008                         if ($rbacreview->isDeleted($rolf[0])
01009                                         || ! $rbacsystem->checkAccess('write',$tree->getParentId($rolf[0])))
01010                         {
01011                                 return $this->__raiseError("Role access not permitted. ($role_id)","Server");
01012                         }
01013                 }
01014 
01015                 $data = array();
01016 
01017                 $query = "SELECT usr_data.*, usr_pref.value AS language
01018                           FROM  usr_pref,usr_data
01019                           LEFT JOIN rbac_ua ON usr_data.usr_id=rbac_ua.usr_id
01020                           WHERE
01021                            usr_pref.usr_id = usr_data.usr_id AND
01022                            usr_pref.keyword = 'language' AND
01023                            rbac_ua.rol_id='".$role_id."'";
01024 
01025                  if (is_numeric($active) && $active > -1)
01026                         $query .= " AND usr_data.active = '$active'";
01027 
01028                  $query .= " ORDER BY usr_data.lastname, usr_data.firstname ";
01029 
01030                  //echo $query;
01031 
01032                  $r = $ilDB->query($query);
01033 
01034          while ($row = $r->fetchRow(DB_FETCHMODE_ASSOC))
01035          {
01036                $data[] = $row;
01037          }
01038 
01039                 include_once './webservice/soap/classes/class.ilSoapUserObjectXMLWriter.php';
01040 
01041                 $xmlWriter = new ilSoapUserObjectXMLWriter();
01042                 $xmlWriter->setAttachRoles($attachRoles);
01043                 $xmlWriter->setObjects($data);
01044 
01045                 if($xmlWriter->start())
01046                 {
01047                         return $xmlWriter->getXML();
01048                 }
01049                 return $this->__raiseError('Error in getUsersForRole','Server');
01050         }
01051 
01052 
01058         function __getUserFolderUsers ($ref_id, $active) {
01059                 global $ilDB;
01060                 $data = array();
01061                 $query = "SELECT usr_data.*, usr_pref.value AS language FROM usr_data LEFT JOIN usr_pref ON usr_pref.usr_id = usr_data.usr_id and usr_pref.keyword = 'language' WHERE 1 ";
01062 
01063                 if (is_numeric($active) && $active > -1)
01064                         $query .= " AND usr_data.active = '$active'";
01065 
01066                 if ($ref_id != USER_FOLDER_ID)
01067                     $query .= " AND usr_data.time_limit_owner = $ref_id";
01068 
01069                 $query .= " ORDER BY usr_data.lastname, usr_data.firstname ";
01070                 //echo $query;
01071                 $result = $ilDB->query($query);
01072 
01073                 while ($row = $result->fetchRow(DB_FETCHMODE_ASSOC))
01074                 {
01075                         array_push($data, $row);
01076                 }
01077 
01078                 return $data;
01079         }
01080 
01084         function __getGroupMemberData ($a_mem_ids, $active = -1)
01085         {
01086                 global $rbacadmin, $rbacreview, $ilDB;
01087 
01088                 $query = "SELECT usr_data.*, usr_pref.value AS language
01089                           FROM usr_data
01090                           LEFT JOIN usr_pref ON usr_pref.usr_id = usr_data.usr_id AND usr_pref.keyword = 'language' 
01091                           WHERE usr_data.usr_id IN (".implode(',',$a_mem_ids).")";
01092 
01093             if (is_numeric($active) && $active > -1)
01094                         $query .= " AND active = '$active'";
01095 
01096                 $query .= " ORDER BY usr_data.lastname, usr_data.firstname ";
01097 
01098             $r = $ilDB->query($query);
01099 
01100                 while($row = $r->fetchRow(DB_FETCHMODE_ASSOC))
01101                 {
01102                         $mem_arr[] = $row;
01103                 }
01104 
01105                 return $mem_arr ? $mem_arr : array();
01106         }
01107 
01112         function __getImportProtocolAsXML ($a_array){
01113                 include_once './webservice/soap/classes/class.ilXMLResultSet.php';
01114                 include_once './webservice/soap/classes/class.ilXMLResultSetWriter.php';
01115 
01116                 $xmlResultSet = new ilXMLResultSet ();
01117         $xmlResultSet->addColumn ("userid");
01118                 $xmlResultSet->addColumn ("login");
01119                 $xmlResultSet->addColumn ("action");
01120         $xmlResultSet->addColumn ("message");
01121 
01122                 foreach ($a_array as $username => $messages)
01123                 {
01124                         foreach ($messages as $message)
01125                         {
01126 
01127                                 $xmlRow = new ilXMLResultSetRow ();
01128                                 $xmlRow->setValue (0, 0);
01129                                 $xmlRow->setValue (1, $username);
01130                                 $xmlRow->setValue (2, "");
01131                                 $xmlRow->setValue (3, $message);
01132 
01133                                 $xmlResultSet->addRow ($xmlRow);
01134                         }
01135                 }
01136 
01137                 $xml_writer = new ilXMLResultSetWriter ($xmlResultSet);
01138 
01139                 if ($xml_writer->start ())
01140                         return $xml_writer->getXML();
01141 
01142                 return $this->__raiseError('Error in __getImportProtocolAsXML','Server');
01143         }
01144 
01151     function __getUserMappingAsXML ($a_array) {
01152                 include_once './webservice/soap/classes/class.ilXMLResultSet.php';
01153                 include_once './webservice/soap/classes/class.ilXMLResultSetWriter.php';
01154 
01155                 $xmlResultSet = new ilXMLResultSet ();
01156         $xmlResultSet->addColumn ("userid");
01157                 $xmlResultSet->addColumn ("login");
01158                 $xmlResultSet->addColumn ("action");
01159         $xmlResultSet->addColumn ("message");
01160 
01161                 if (count($a_array))
01162         foreach ($a_array as $username => $message)
01163                 {
01164                         $xmlRow = new ilXMLResultSetRow ();
01165                         $xmlRow->setValue (0, $username);
01166                         $xmlRow->setValue (1, $message["login"]);
01167                         $xmlRow->setValue (2, $message["action"]);
01168                         $xmlRow->setValue (3, $message["message"]);
01169 
01170                         $xmlResultSet->addRow ($xmlRow);
01171                 }
01172 
01173                 $xml_writer = new ilXMLResultSetWriter ( $xmlResultSet);
01174 
01175                 if ($xml_writer->start ())
01176                         return $xml_writer->getXML();
01177 
01178                 return $this->__raiseError('Error in __getUserMappingAsXML','Server');
01179 
01180         }
01181 
01190         function searchUser ($sid, $a_keyfields, $query_operator, $a_keyvalues, $attach_roles, $active) {
01191 
01192             if(!$this->__checkSession($sid))
01193                 {
01194                         return $this->__raiseError($this->sauth->getMessage(),$this->sauth->getMessageCode());
01195                 }
01196 
01197 
01198                 // Include main header
01199                 include_once './include/inc.header.php';
01200                 global $ilDB, $rbacsystem;
01201 
01202                 if(!$rbacsystem->checkAccess('read', USER_FOLDER_ID))
01203                 {
01204                         return $this->__raiseError('Check access failed.','Server');
01205                 }
01206 
01207 
01208         if (!count($a_keyfields))
01209            $this->__raiseError('At least one keyfield is needed','Client');
01210 
01211         if (!count ($a_keyvalues))
01212            $this->__raiseError('At least one keyvalue is needed','Client');
01213 
01214         if (!strcasecmp($query_operator,"and")==0 || !strcasecmp($query_operator,"or") == 0)
01215            $this->__raiseError('Query operator must be either \'and\' or \'or\'','Client');
01216 
01217 
01218         $query = $this->__buildSearchQuery ($a_keyfields, $query_operator, $a_keyvalues);
01219 
01220                 $query = "SELECT usr_data.*, usr_pref.value AS language
01221                           FROM usr_data
01222                           LEFT JOIN usr_pref
01223                           ON usr_pref.usr_id = usr_data.usr_id AND usr_pref.keyword = 'language' 
01224                           WHERE 1 ".$query;
01225 
01226              if (is_numeric($active) && $active > -1)
01227                         $query .= " AND active = '$active'";
01228 
01229                  $query .= " ORDER BY usr_data.lastname, usr_data.firstname ";
01230 
01231                  //echo $query;
01232 
01233              $r = $ilDB->query($query);
01234 
01235              $data = array();
01236 
01237                  while($row = $r->fetchRow(DB_FETCHMODE_ASSOC))
01238                  {
01239                       $data[] = $row;
01240                  }
01241 
01242                  include_once './webservice/soap/classes/class.ilSoapUserObjectXMLWriter.php';
01243 
01244                  $xmlWriter = new ilSoapUserObjectXMLWriter();
01245                  $xmlWriter->setAttachRoles($attach_roles);
01246                  $xmlWriter->setObjects($data);
01247 
01248                  if($xmlWriter->start())
01249                  {
01250                         return $xmlWriter->getXML();
01251                  }
01252 
01253                  return $this->__raiseError('Error in searchUser','Server');
01254            }
01255 
01264         function __buildSearchQuery ($a_keyfields, $queryOperator, $a_keyvalues) {
01265             $query = array();
01266 
01267             $allowed_fields = array ("firstname","lastname","email","login","matriculation","institut","department","title");
01268 
01269             foreach ($a_keyfields as $keyfield)
01270             {
01271                 $keyfield = strtolower($keyfield);
01272 
01273                 if (!in_array($keyfield, $allowed_fields))
01274                    continue;
01275 
01276                 $field_query = array ();
01277                 foreach ($a_keyvalues as $keyvalue)
01278                 {
01279                     if (strlen($keyvalue) >= 3) {
01280                         $field_query []= $keyfield." like '%".$keyvalue."%'";
01281                     }
01282 
01283                 }
01284                 if (count($field_query))
01285                    $query [] = join(" OR ", $field_query);
01286 
01287             }
01288 
01289             return count ($query) ? " AND ((". join(") ".strtoupper($queryOperator)." (", $query) ."))" : "AND 0";
01290         }
01291 
01292         // has new mail
01293         function hasNewMail($sid)
01294         {
01295                 if(!$this->__checkSession($sid))
01296                 {
01297                         return $this->__raiseError($this->sauth->getMessage(),$this->sauth->getMessageCode());
01298                 }
01299 
01300                 // Include main header
01301                 include_once './include/inc.header.php';
01302                 include_once ("./classes/class.ilMailbox.php");
01303                 global $ilUser;
01304 
01305                 if (ilMailbox::hasNewMail($ilUser->getId()) > 0)
01306                 {
01307                         return true;
01308                 }
01309                 else
01310                 {
01311                         return false;
01312                 }
01313         }
01314 
01315 }
01316 ?>