ILIAS  Release_3_10_x_branch Revision 61812
 All Data Structures Namespaces Files Functions Variables Groups Pages
Public Member Functions | Static Public Member Functions | Protected Attributes | Private Member Functions | Private Attributes | Static Private Attributes
ilLDAPRoleAssignments Class Reference
+ Collaboration diagram for ilLDAPRoleAssignments:

Public Member Functions

 getPossibleRoles ()
 Get possible roles this array is used for ilUserImportParser::setRoleAssignment.
 assignedRoles ($a_external_name, $a_user_att)
 get assigned roles for a specific user

Static Public Member Functions

static _getInstanceByServer (ilLDAPServer $a_server)
 get instance by server_id
static _getDistinctAttributeNamesByServerId ($a_server_id)
 Get distinct attribute names.

Protected Attributes

 $db

Private Member Functions

 __construct ($a_server)
 Singleton.
 isGroupMember ($a_dn, $a_ldap_account, $a_user_data)
 Check if user is member.
 fetchAttributeMappings ()
 fetch attribute mappings
 fetchGroupMappings ()
 Fetch group mappings.
 fetchDefaultRole ()
 fetch default role

Private Attributes

 $server = null
 $server_id
 $default_role
 $all_roles = array()
 $att_mappings = array()
 $grp_mappings = array()

Static Private Attributes

static $instances = array()

Detailed Description

Author
Stefan Meyer smeye.nosp@m.r@da.nosp@m.tabay.nosp@m..de
Version
$Id$

Definition at line 34 of file class.ilLDAPRoleAssignments.php.

Constructor & Destructor Documentation

ilLDAPRoleAssignments::__construct (   $a_server)
private

Singleton.

private

Parameters
objectilLDAPServer

Definition at line 54 of file class.ilLDAPRoleAssignments.php.

References fetchAttributeMappings(), fetchDefaultRole(), and fetchGroupMappings().

{
global $ilDB;
$this->server = $a_server;
$this->server_id = $this->server->getServerId();
$this->db = $ilDB;
$this->fetchAttributeMappings();
$this->fetchGroupMappings();
$this->fetchDefaultRole();
}

+ Here is the call graph for this function:

Member Function Documentation

static ilLDAPRoleAssignments::_getDistinctAttributeNamesByServerId (   $a_server_id)
static

Get distinct attribute names.

Parameters
intLDAP server id public

Definition at line 94 of file class.ilLDAPRoleAssignments.php.

References $res, and DB_FETCHMODE_OBJECT.

Referenced by ilLDAPQuery\fetchUserProfileFields(), and ilLDAPServer\getPearAtributeArray().

{
global $ilDB;
$query = "SELECT DISTINCT(att_name) as att FROM ldap_role_assignments ".
"WHERE type = ".ilLDAPRoleAssignmentRule::TYPE_ATTRIBUTE." ".
"AND server_id = ".$ilDB->quote($a_server_id)." ";
$res = $ilDB->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$attributes[] = strtolower(trim($row->att));
}
return $attributes ? $attributes : array();
}

+ Here is the caller graph for this function:

static ilLDAPRoleAssignments::_getInstanceByServer ( ilLDAPServer  $a_server)
static

get instance by server_id

public

Parameters
objectldap server

Definition at line 75 of file class.ilLDAPRoleAssignments.php.

References ilLDAPServer\getServerId().

Referenced by ilLDAPAttributeToUser\initLDAPRoleAssignments(), ilAuthLDAP\loginObserver(), and ilAuthContainerLDAP\loginObserver().

{
$a_server_id = $a_server->getServerId();
if(isset(self::$instances[$a_server_id]))
{
return self::$instances[$a_server_id];
}
return self::$instances[$a_server_id] = new ilLDAPRoleAssignments($a_server);
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilLDAPRoleAssignments::assignedRoles (   $a_external_name,
  $a_user_att 
)

get assigned roles for a specific user

public

Parameters
stringexternal username
arrayaray of ldap user attributes

Definition at line 130 of file class.ilLDAPRoleAssignments.php.

References $ilLog, ilObject\_lookupTitle(), and isGroupMember().

{
global $ilLog;
$default_roles[] = array('id' => $this->default_role,
'type' => 'Global',
'action' => 'Attach');
$ilLog->write(__METHOD__.': Fetch assignable roles...');
foreach($this->att_mappings as $name => $values)
{
if(!isset($a_user_att[$name]))
{
continue;
}
if(!is_array($a_user_att[$name]))
{
$attribute_val = array(0 => $a_user_att[$name]);
}
else
{
$attribute_val = $a_user_att[$name];
}
foreach($attribute_val as $value)
{
$value = strtolower($value);
if(!isset($this->att_mappings[$name][$value]))
{
continue;
}
else
{
$role = $this->att_mappings[$name][$value];
$ilLog->write(__METHOD__.': Found role mapping for '.$a_external_name.' => '.ilObject::_lookupTitle($role));
$roles[] = array('id' => $role,
'type' => 'Global',
'action' => 'Attach');
break;
}
}
}
// Check group membership
foreach($this->grp_mappings as $dn => $mapping_data)
{
if($this->isGroupMember($dn,$a_external_name,$a_user_att))
{
$ilLog->write(__METHOD__.': Found LDAP group => role mapping for '.$a_external_name.' => '.ilObject::_lookupTitle($mapping_data['role']));
$roles[] = array('id' => $mapping_data['role'],
'type' => 'Global',
'action' => 'Attach');
}
}
return $roles ? $roles : $default_roles;
}

+ Here is the call graph for this function:

ilLDAPRoleAssignments::fetchAttributeMappings ( )
private

fetch attribute mappings

private

Definition at line 241 of file class.ilLDAPRoleAssignments.php.

References $res, and DB_FETCHMODE_OBJECT.

Referenced by __construct().

{
$query = "SELECT * FROM ldap_role_assignments ".
"WHERE server_id = ".$this->db->quote($this->server_id)." ".
"AND type = ".ilLDAPRoleAssignmentRule::TYPE_ATTRIBUTE." ";
$res = $this->db->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$this->att_mappings[strtolower($row->att_name)][strtolower($row->att_value)] = $row->role_id;
$this->all_roles[$row->role_id] = $row->role_id;
}
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignments::fetchDefaultRole ( )
private

fetch default role

private

Definition at line 284 of file class.ilLDAPRoleAssignments.php.

References $default_role, and ilLDAPAttributeMapping\_lookupGlobalRole().

Referenced by __construct().

{
include_once('Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
$this->default_role = ilLDAPAttributeMapping::_lookupGlobalRole($this->server_id);
$this->all_roles[$this->default_role] = $this->default_role;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilLDAPRoleAssignments::fetchGroupMappings ( )
private

Fetch group mappings.

private

Definition at line 260 of file class.ilLDAPRoleAssignments.php.

References $res, and DB_FETCHMODE_OBJECT.

Referenced by __construct().

{
$query = "SELECT * FROM ldap_role_assignments ".
"WHERE server_id = ".$this->db->quote($this->server_id)." ".
"AND type = ".ilLDAPRoleAssignmentRule::TYPE_GROUP." ";
$res = $this->db->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$this->grp_mappings[strtolower($row->dn)]['attribute'] = strtolower($row->attribute);
$this->grp_mappings[strtolower($row->dn)]['isdn'] = $row->isdn;
$this->grp_mappings[strtolower($row->dn)]['role'] = $row->role_id;
$this->all_roles[$row->role_id] = $row->role_id;
}
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignments::getPossibleRoles ( )

Get possible roles this array is used for ilUserImportParser::setRoleAssignment.

public

Parameters
arrayarray role_id => role_id

Definition at line 117 of file class.ilLDAPRoleAssignments.php.

{
return $this->all_roles ? $this->all_roles : array();
}
ilLDAPRoleAssignments::isGroupMember (   $a_dn,
  $a_ldap_account,
  $a_user_data 
)
private

Check if user is member.

private

Parameters
stringgroup dn
stringldap account
arrayuser_data

Definition at line 198 of file class.ilLDAPRoleAssignments.php.

References $ilLog, $res, and IL_LDAP_SCOPE_BASE.

Referenced by assignedRoles().

{
global $ilLog;
if($this->grp_mappings[$a_dn]['isdn'])
{
$user_cmp = $a_user_data['dn'];
}
else
{
$user_cmp = $a_ldap_account;
}
include_once('Services/LDAP/classes/class.ilLDAPQuery.php');
include_once('Services/LDAP/classes/class.ilLDAPServer.php');
try
{
$query = new ilLDAPQuery($this->server);
$query->bind();
$res = $query->query($a_dn,
sprintf('(%s=%s)',
$this->grp_mappings[$a_dn]['attribute'],
$user_cmp),
IL_LDAP_SCOPE_BASE,
array('dn'));
return $res->numRows() ? true : false;
}
catch(ilLDAPQueryException $e)
{
$ilLog->write(__METHOD__.': Caught Exception: '.$e->getMessage());
return false;
}
}

+ Here is the caller graph for this function:

Field Documentation

ilLDAPRoleAssignments::$all_roles = array()
private

Definition at line 41 of file class.ilLDAPRoleAssignments.php.

ilLDAPRoleAssignments::$att_mappings = array()
private

Definition at line 42 of file class.ilLDAPRoleAssignments.php.

ilLDAPRoleAssignments::$db
protected

Definition at line 45 of file class.ilLDAPRoleAssignments.php.

ilLDAPRoleAssignments::$default_role
private

Definition at line 40 of file class.ilLDAPRoleAssignments.php.

Referenced by fetchDefaultRole().

ilLDAPRoleAssignments::$grp_mappings = array()
private

Definition at line 43 of file class.ilLDAPRoleAssignments.php.

ilLDAPRoleAssignments::$instances = array()
staticprivate

Definition at line 36 of file class.ilLDAPRoleAssignments.php.

ilLDAPRoleAssignments::$server = null
private

Definition at line 38 of file class.ilLDAPRoleAssignments.php.

ilLDAPRoleAssignments::$server_id
private

Definition at line 39 of file class.ilLDAPRoleAssignments.php.

The documentation for this class was generated from the following file: