00001 <?php
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00033 class ilLDAPSettingsGUI
00034 {
00035 private $ref_id = null;
00036
00037 public function __construct($a_auth_ref_id)
00038 {
00039 global $lng,$ilCtrl,$tpl,$ilTabs;
00040
00041 $this->ctrl = $ilCtrl;
00042 $this->tabs_gui = $ilTabs;
00043 $this->lng = $lng;
00044 $this->lng->loadLanguageModule('ldap');
00045
00046 $this->tpl = $tpl;
00047
00048 $this->ctrl->saveParameter($this,'ldap_server_id');
00049 $this->ref_id = $a_auth_ref_id;
00050
00051
00052 $this->initServer();
00053 }
00054
00055 public function executeCommand()
00056 {
00057 global $ilAccess,$ilErr;
00058
00059 if(!$ilAccess->checkAccess('write','',$this->ref_id))
00060 {
00061 $ilErr->raiseError($this->lng->txt('msg_no_perm_write'),$ilErr->WARNING);
00062 }
00063
00064 $next_class = $this->ctrl->getNextClass($this);
00065 $cmd = $this->ctrl->getCmd();
00066
00067 switch($next_class)
00068 {
00069 default:
00070 if(!$cmd)
00071 {
00072 $cmd = "serverList";
00073 }
00074 $this->$cmd();
00075 break;
00076 }
00077 return true;
00078 }
00079
00086 public function roleAssignments()
00087 {
00088 global $rbacreview;
00089
00090 $this->setSubTabs();
00091 $this->tabs_gui->setSubTabActive('ldap_role_assignments');
00092
00093 $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.ldap_role_assignments.html','Services/LDAP');
00094
00095 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
00096 $this->initFormRoleAssignments('create',$this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId(0));
00097 $this->tpl->setVariable('NEW_ASSIGNMENT_TBL',$this->form->getHTML());
00098
00099
00100 if(count($rules = ilLDAPRoleAssignmentRule::_getRules()))
00101 {
00102 include_once("./Services/LDAP/classes/class.ilLDAPRoleAssignmentTableGUI.php");
00103 $table_gui = new ilLDAPRoleAssignmentTableGUI($this,'roleAssignments');
00104 $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
00105 $table_gui->parse($rules);
00106 $table_gui->addCommandButton("updateRecords", $this->lng->txt("save"));
00107 $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
00108 $table_gui->setSelectAllCheckbox("rule_id");
00109 $this->tpl->setVariable('RULES_TBL',$table_gui->getHTML());
00110 }
00111 }
00112
00119 public function editRoleAssignment()
00120 {
00121 if(!$_GET['rule_id'])
00122 {
00123 ilUtil::sendinfo($this->lng->txt('select_one'));
00124 $this->roleAssignments();
00125 return false;
00126 }
00127 $this->setSubTabs();
00128 $this->tabs_gui->setSubTabActive('ldap_role_assignments');
00129
00130 $this->ctrl->saveParameter($this,'rule_id',(int) $_GET['rule_id']);
00131 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
00132 $this->initFormRoleAssignments('edit',
00133 $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId((int) $_GET['rule_id']));
00134 $this->tpl->setContent($this->form->getHTML());
00135 }
00136
00143 public function updateRoleAssignment()
00144 {
00145 global $ilErr;
00146
00147 if(!$_GET['rule_id'])
00148 {
00149 ilUtil::sendInfo($this->lng->txt('select_one'));
00150 $this->roleAssignments();
00151 return false;
00152 }
00153 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
00154 $role_assignment = ilLDAPRoleAssignmentRule::_getInstanceByRuleId((int) $_GET['rule_id']);
00155 $role_assignment->setDN(ilUtil::stripSlashes($_POST['dn']));
00156 $role_assignment->setMemberAttribute(ilUtil::stripSlashes($_POST['at']));
00157 $role_assignment->setMemberIsDN((int) $_POST['isdn']);
00158 $role_assignment->setAttributeName(ilUtil::stripSlashes($_POST['name']));
00159 $role_assignment->setAttributeValue(ilUtil::stripSlashes($_POST['value']));
00160 $role_assignment->setRoleId((int) $_POST['role']);
00161 $role_assignment->setType((int) $_POST['type']);
00162
00163 if(!$role_assignment->validate())
00164 {
00165 ilUtil::sendInfo($this->lng->txt($ilErr->getMessage()));
00166 $this->editRoleAssignment();
00167 return false;
00168 }
00169
00170 $role_assignment->update();
00171 ilUtil::sendInfo($this->lng->txt('settings_saved'));
00172 $this->roleAssignments();
00173 }
00174
00182 public function confirmDeleteRules()
00183 {
00184 if(!is_array($_POST['rule_ids']))
00185 {
00186 ilUtil::sendInfo($this->lng->txt('select_one'));
00187 $this->roleAssignments();
00188 return false;
00189 }
00190 $this->setSubTabs();
00191 $this->tabs_gui->setSubTabActive('ldap_role_assignments');
00192
00193 include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
00194 $c_gui = new ilConfirmationGUI();
00195
00196
00197 $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules"));
00198 $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass"));
00199 $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignments");
00200 $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules");
00201
00202
00203 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
00204 foreach($_POST["rule_ids"] as $rule_id)
00205 {
00206 $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
00207 $c_gui->addItem('rule_ids[]',$rule_id,$rule->conditionToString());
00208 }
00209 $this->tpl->setContent($c_gui->getHTML());
00210 }
00211
00218 public function deleteRules()
00219 {
00220 if(!is_array($_POST['rule_ids']))
00221 {
00222 ilUtil::sendInfo($this->lng->txt('select_once'));
00223 $this->roleAssignments();
00224 return false;
00225 }
00226 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
00227 foreach($_POST["rule_ids"] as $rule_id)
00228 {
00229 $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
00230 $rule->delete();
00231 }
00232 ilUtil::sendInfo($this->lng->txt('ldap_deleted_rule'));
00233 $this->roleAssignments();
00234 return true;
00235 }
00236
00243 public function addRoleAssignment()
00244 {
00245 global $ilErr;
00246
00247 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
00248 include_once('Services/LDAP/classes/class.ilLDAPServer.php');
00249
00250 $role_assignment = ilLDAPRoleAssignmentRule::_getInstanceByRuleId(0);
00251 $role_assignment->setServerId(ilLDAPServer::_getFirstActiveServer());
00252 $role_assignment->setDN(ilUtil::stripSlashes($_POST['dn']));
00253 $role_assignment->setMemberAttribute(ilUtil::stripSlashes($_POST['at']));
00254 $role_assignment->setMemberIsDN((int) $_POST['isdn']);
00255 $role_assignment->setAttributeName(ilUtil::stripSlashes($_POST['name']));
00256 $role_assignment->setAttributeValue(ilUtil::stripSlashes($_POST['value']));
00257 $role_assignment->setRoleId((int) $_POST['role']);
00258 $role_assignment->setType((int) $_POST['type']);
00259
00260 if(!$role_assignment->validate())
00261 {
00262 ilUtil::sendInfo($this->lng->txt($ilErr->getMessage()));
00263 $this->roleAssignments();
00264 return false;
00265 }
00266
00267 $role_assignment->create();
00268 ilUtil::sendInfo($this->lng->txt('settings_saved'));
00269 unset($_POST);
00270 $this->roleAssignments();
00271 }
00272
00273
00274 public function roleMapping()
00275 {
00276 $this->initRoleMapping();
00277
00278 $this->setSubTabs();
00279 $this->tabs_gui->setSubTabActive('ldap_role_mapping');
00280
00281 $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.ldap_role_mapping.html','Services/LDAP');
00282 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this,'saveRoleMapping'));
00283
00284
00285 $this->tpl->setVariable('TXT_ROLE_SETTINGS',$this->lng->txt('ldap_role_settings'));
00286 $this->tpl->setVariable('TXT_ROLE_ACTIVE',$this->lng->txt('ldap_role_active'));
00287 $this->tpl->setVariable('TXT_ROLE_BIND_USER',$this->lng->txt('ldap_role_bind_user'));
00288 $this->tpl->setVariable('TXT_ROLE_BIND_PASS',$this->lng->txt('ldap_role_bind_pass'));
00289 $this->tpl->setVariable('TXT_ROLE_ASSIGNMENTS',$this->lng->txt('ldap_role_assignments'));
00290 $this->tpl->setVariable('TXT_BINDING',$this->lng->txt('ldap_server_binding'));
00291
00292 $this->tpl->setVariable('TXT_ROLE_BIND_USER_INFO',$this->lng->txt('ldap_role_bind_user_info'));
00293 $this->tpl->setVariable('TXT_ROLE_ASSIGNMENTS_INFO',$this->lng->txt('ldap_role_assignments_info'));
00294
00295
00296 $mapping_data = $this->role_mapping->getMappings();
00297 $mapping_data = $this->loadMappingCopy($mapping_data);
00298 $this->loadMappingDetails();
00299
00300
00301 $this->tpl->setVariable('TXT_NEW_ASSIGNMENT',$this->lng->txt('ldap_new_role_assignment'));
00302 $this->tpl->setVariable('TXT_URL',$this->lng->txt('ldap_server'));
00303 $this->tpl->setVariable('TXT_DN',$this->lng->txt('ldap_group_dn'));
00304 $this->tpl->setVariable('TXT_MEMBER',$this->lng->txt('ldap_group_member'));
00305 $this->tpl->setVariable('TXT_MEMBER_ISDN',$this->lng->txt('ldap_memberisdn'));
00306 $this->tpl->setVariable('TXT_ROLE',$this->lng->txt('ldap_ilias_role'));
00307 $this->tpl->setVariable('TXT_ROLE_INFO',$this->lng->txt('ldap_role_info'));
00308 $this->tpl->setVariable('TXT_DN_INFO',$this->lng->txt('ldap_dn_info'));
00309 $this->tpl->setVariable('TXT_MEMBER_INFO',$this->lng->txt('ldap_member_info'));
00310 $this->tpl->setVariable('TXT_MEMBERISDN',$this->lng->txt('ldap_memberisdn'));
00311 $this->tpl->setVariable('TXT_INFO',$this->lng->txt('ldap_info_text'));
00312 $this->tpl->setVariable('TXT_INFO_INFO',$this->lng->txt('ldap_info_text_info'));
00313
00314
00315 $this->tpl->setVariable('ROLE_BIND_USER',$this->server->getRoleBindDN());
00316 $this->tpl->setVariable('ROLE_BIND_PASS',$this->server->getRoleBindPassword());
00317 $this->tpl->setVariable('CHECK_ROLE_ACTIVE',ilUtil::formCheckbox($this->server->enabledRoleSynchronization() ? true : false,
00318 'role_sync_active',
00319 1));
00320
00321
00322 $this->tpl->setVariable('URL',$mapping_data[0]['url'] ? $mapping_data[0]['url'] : $this->server->getUrl());
00323 $this->tpl->setVariable('DN',$mapping_data[0]['dn']);
00324 $this->tpl->setVariable('ROLE',$mapping_data[0]['role_name']);
00325 $this->tpl->setVariable('MEMBER',$mapping_data[0]['member_attribute']);
00326 $this->tpl->setVariable('CHECK_MEMBERISDN',ilUtil::formCheckbox($mapping_data[0]['memberisdn'],
00327 'mapping[0][memberisdn]',
00328 1));
00329 $this->tpl->setVariable('MAPPING_INFO',$mapping_data[0]['info']);
00330
00331 $info_type_checked = isset($mapping_data[0]['info_type']) ? $mapping_data[0]['info_type'] : 1;
00332
00333 $this->tpl->setVariable('TXT_MAPPING_INFO_TYPE',$this->lng->txt('ldap_mapping_info_type'));
00334 $this->tpl->setVariable('CHECK_MAPPING_INFO_TYPE',ilUtil::formCheckbox($info_type_checked,
00335 'mapping[0][info_type]',
00336 1));
00337
00338 unset($mapping_data[0]);
00339
00340
00341 if(count($mapping_data))
00342 {
00343 $this->tpl->setCurrentBlock('txt_assignments');
00344 $this->tpl->setVariable('TXT_ASSIGNMENTS',$this->lng->txt('ldap_role_group_assignments'));
00345 $this->tpl->parseCurrentBlock();
00346
00347 $this->tpl->setCurrentBlock('delete_btn');
00348 $this->tpl->setVariable('SOURCE',ilUtil::getImagePath("arrow_downright.gif"));
00349 $this->tpl->setVariable('TXT_DELETE',$this->lng->txt('delete'));
00350 $this->tpl->parseCurrentBlock();
00351 }
00352
00353 $mapping_data = $this->sortMappingData($mapping_data);
00354
00355 foreach($mapping_data as $data)
00356 {
00357 $mapping_id = $data['mapping_id'];
00358 if(in_array($mapping_id,$_SESSION['ldap_mapping_details']))
00359 {
00360 $this->tpl->setCurrentBlock('show_mapping_details');
00361 $this->tpl->setVariable('ASS_GROUP_URL',$this->lng->txt('ldap_server_short'));
00362 $this->tpl->setVariable('ASS_GROUP_DN',$this->lng->txt('ldap_group_dn_short'));
00363 $this->tpl->setVariable('ASS_MEMBER_ATTR',$this->lng->txt('ldap_group_member_short'));
00364 $this->tpl->setVariable('ASS_ROLE',$this->lng->txt('ldap_ilias_role_short'));
00365 $this->tpl->setVariable('ASS_INFO',$this->lng->txt('ldap_info_text_short'));
00366 $this->tpl->setVariable('ROW_ID',$mapping_id);
00367 $this->tpl->setVariable('ROW_URL',$data['url']);
00368 $this->tpl->setVariable('ROW_ROLE',$data['role_name'] ? $data['role_name'] : $data['role']);
00369 $this->tpl->setVariable('ROW_DN',$data['dn']);
00370 $this->tpl->setVariable('ROW_MEMBER',$data['member_attribute']);
00371 $this->tpl->setVariable('TXT_ROW_MEMBERISDN',$this->lng->txt('ldap_memberisdn'));
00372 $this->tpl->setVariable('ROW_CHECK_MEMBERISDN',ilUtil::formCheckbox($data['member_isdn'],
00373 'mapping['.$mapping_id.'][memberisdn]',
00374 1));
00375 $this->tpl->setVariable('ROW_INFO',ilUtil::prepareFormOutput($data['info']));
00376 $this->tpl->setVariable('TXT_ROW_INFO_TYPE',$this->lng->txt('ldap_mapping_info_type'));
00377 $this->tpl->setVariable('ROW_CHECK_INFO_TYPE',ilUtil::formCheckbox($data['info_type'],
00378 'mapping['.$mapping_id.'][info_type]',
00379 1));
00380 $this->tpl->parseCurrentBlock();
00381 }
00382
00383
00384 $this->tpl->setCurrentBlock('assignments');
00385
00386
00387 $this->ctrl->setParameter($this,'mapping_id',$mapping_id);
00388 $this->tpl->setVariable('COPY_LINK',$this->ctrl->getLinkTarget($this,'roleMapping'));
00389 $this->tpl->setVariable('TXT_COPY',$this->lng->txt('copy'));
00390 $this->ctrl->clearParameters($this);
00391
00392
00393 if(!in_array($mapping_id,$_SESSION['ldap_mapping_details']))
00394 {
00395 $this->ctrl->setParameter($this,'details_show',$mapping_id);
00396 $this->tpl->setVariable('DETAILS_LINK',$this->ctrl->getLinkTarget($this,'roleMapping'));
00397 $this->tpl->setVariable('TXT_DETAILS',$this->lng->txt('show_details'));
00398 $this->ctrl->clearParameters($this);
00399 }
00400 else
00401 {
00402 $this->ctrl->setParameter($this,'details_hide',$mapping_id);
00403 $this->tpl->setVariable('DETAILS_LINK',$this->ctrl->getLinkTarget($this,'roleMapping'));
00404 $this->tpl->setVariable('TXT_DETAILS',$this->lng->txt('hide_details'));
00405 $this->ctrl->clearParameters($this);
00406 }
00407 if(!count($_SESSION['ldap_mapping_details']))
00408 {
00409 $this->tpl->setVariable('WIDTH',"50%");
00410 }
00411 $this->tpl->setVariable('ROW_CHECK',ilUtil::formCheckbox(0,
00412 'mappings[]',$mapping_id));
00413 $this->tpl->setVariable('TXT_TITLE_TITLE',$this->lng->txt('title'));
00414 $this->tpl->setVariable('TXT_TITLE_ROLE',$this->lng->txt('obj_role'));
00415 $this->tpl->setVariable('TXT_TITLE_GROUP',$this->lng->txt('obj_grp'));
00416 $this->tpl->setVariable('TITLE_GROUP',$this->role_mapping->getMappingInfoString($mapping_id));
00417 $this->tpl->setVariable('TITLE_TITLE',ilUtil::shortenText($data['obj_title'],30,true));
00418 $this->tpl->setVariable('TITLE_ROLE',$data['role_name']);
00419
00420 $this->tpl->parseCurrentBlock();
00421 }
00422
00423
00424 $this->tpl->setVariable('TXT_SAVE',$this->lng->txt('save'));
00425 $this->tpl->setVariable('TXT_REQUIRED_FLD',$this->lng->txt('required_field'));
00426 }
00427
00428
00429 public function deleteRoleMapping()
00430 {
00431 if(!count($_POST['mappings']))
00432 {
00433 ilUtil::sendInfo($this->lng->txt('select_one'));
00434 $this->roleMapping();
00435 return false;
00436 }
00437
00438 $this->initRoleMapping();
00439
00440 foreach($_POST['mappings'] as $mapping_id)
00441 {
00442 $this->role_mapping->delete($mapping_id);
00443 }
00444 ilUtil::sendInfo($this->lng->txt('ldap_deleted_role_mapping'));
00445 $this->roleMapping();
00446 return true;
00447 }
00448
00449 public function reset()
00450 {
00451 unset($_POST['mapping_template']);
00452 $this->userMapping();
00453 }
00454
00455 public function saveRoleMapping()
00456 {
00457 global $ilErr;
00458
00459 $this->server->setRoleBindDN(ilUtil::stripSlashes($_POST['role_bind_user']));
00460 $this->server->setRoleBindPassword(ilUtil::stripSlashes($_POST['role_bind_pass']));
00461 $this->server->enableRoleSynchronization((int) $_POST['role_sync_active']);
00462
00463
00464 if($this->server->getServerId())
00465 {
00466 $this->server->update();
00467 }
00468 else
00469 {
00470 $_GET['ldap_server_id'] = $this->server->create();
00471 }
00472
00473 $this->initRoleMapping();
00474 $this->role_mapping->loadFromPost($_POST['mapping']);
00475 if(!$this->role_mapping->validate())
00476 {
00477 ilUtil::sendInfo($ilErr->getMessage());
00478 $this->roleMapping();
00479 return false;
00480 }
00481 $this->role_mapping->save();
00482
00483 ilUtil::sendInfo($this->lng->txt('settings_saved'));
00484 $this->roleMapping();
00485 return true;
00486 }
00487
00488 public function userMapping($a_show_defaults = false)
00489 {
00490 $this->initAttributeMapping();
00491
00492 $this->setSubTabs();
00493 $this->tabs_gui->setSubTabActive('ldap_user_mapping');
00494
00495 $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.ldap_user_mapping.html','Services/LDAP');
00496 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
00497
00498 $this->tpl->setVariable('TXT_LDAP_MAPPING',$this->lng->txt('ldap_mapping_table'));
00499 $this->tpl->setVariable('SELECT_MAPPING',$this->prepareMappingSelect());
00500
00501 if($_POST['mapping_template'])
00502 {
00503 $this->tpl->setCurrentBlock('reset');
00504 $this->tpl->setVariable('TXT_RESET',$this->lng->txt('reset'));
00505 $this->tpl->parseCurrentBlock();
00506 }
00507
00508 foreach($this->getMappingFields() as $mapping => $translation)
00509 {
00510 $this->tpl->setCurrentBlock('attribute_row');
00511 $this->tpl->setVariable('TXT_NAME',$translation);
00512 $this->tpl->setVariable('FIELD_NAME',$mapping.'_value');
00513 $this->tpl->setVariable('FIELD_VALUE',$this->mapping->getValue($mapping));
00514 $this->tpl->setVariable('CHECK_FIELD',ilUtil::formCheckbox($this->mapping->enabledUpdate($mapping),$mapping.'_update',1));
00515 $this->tpl->setVariable('UPDATE_INFO',$this->lng->txt('ldap_update_field_info'));
00516 $this->tpl->parseCurrentBlock();
00517 }
00518
00519
00520 $this->initUserDefinedFields();
00521 foreach($this->udf->getDefinitions() as $definition)
00522 {
00523 $this->tpl->setCurrentBlock('attribute_row');
00524 $this->tpl->setVariable('TXT_NAME',$definition['field_name']);
00525 $this->tpl->setVariable('FIELD_NAME','udf_'.$definition['field_id'].'_value');
00526 $this->tpl->setVariable('FIELD_VALUE',$this->mapping->getValue('udf_'.$definition['field_id']));
00527 $this->tpl->setVariable('CHECK_FIELD',ilUtil::formCheckbox($this->mapping->enabledUpdate('udf_'.$definition['field_id']),
00528 'udf_'.$definition['field_id'].'_update',1));
00529 $this->tpl->setVariable('UPDATE_INFO',$this->lng->txt('ldap_update_field_info'));
00530 $this->tpl->parseCurrentBlock();
00531
00532 }
00533
00534 $this->tpl->setVariable('TXT_SAVE',$this->lng->txt('save'));
00535 $this->tpl->setVariable('TXT_SHOW',$this->lng->txt('show'));
00536 }
00537
00538 public function chooseMapping()
00539 {
00540 if(!$_POST['mapping_template'])
00541 {
00542 $this->userMapping();
00543 return;
00544 }
00545
00546 $this->initAttributeMapping();
00547 $this->mapping->clearRules();
00548
00549 include_once('Services/LDAP/classes/class.ilLDAPAttributeMappingUtils.php');
00550 foreach(ilLDAPAttributeMappingUtils::_getMappingRulesByClass($_POST['mapping_template']) as $key => $value)
00551 {
00552 $this->mapping->setRule($key,$value,0);
00553 }
00554 $this->userMapping();
00555 return true;
00556 }
00557
00558 public function saveMapping()
00559 {
00560 $this->initAttributeMapping();
00561 foreach($this->getMappingFields() as $key => $mapping)
00562 {
00563 $this->mapping->setRule($key,ilUtil::stripSlashes($_POST[$key.'_value']),(int) $_POST[$key.'_update']);
00564 }
00565 $this->initUserDefinedFields();
00566 foreach($this->udf->getDefinitions() as $definition)
00567 {
00568 $key = 'udf_'.$definition['field_id'];
00569 $this->mapping->setRule($key,ilUtil::stripSlashes($_POST[$key.'_value']),(int) $_POST[$key.'_update']);
00570 }
00571
00572 $this->mapping->save();
00573 $this->userMapping();
00574
00575 ilUtil::sendInfo($this->lng->txt('settings_saved'));
00576 unset($_POST['mapping_template']);
00577 return;
00578 }
00579
00580 public function serverList()
00581 {
00582 $this->setSubTabs();
00583 $this->tabs_gui->setSubTabActive('ldap_settings');
00584
00585 $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.ldap_server_list.html','Services/LDAP');
00586 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
00587
00588
00589 $this->tpl->setVariable("TXT_LDAP_SERVER_SETTINGS",$this->lng->txt('ldap_configure'));
00590 $this->tpl->setVariable('TXT_ACTIVE',$this->lng->txt('auth_ldap_enable'));
00591 $this->tpl->setVariable('TXT_SERVER_NAME',$this->lng->txt('ldap_server_name'));
00592 $this->tpl->setVariable('TXT_SERVER_URL',$this->lng->txt('ldap_server'));
00593 $this->tpl->setVariable('TXT_SERVER_VERSION',$this->lng->txt('ldap_version'));
00594 $this->tpl->setVariable('TXT_BASE_DN',$this->lng->txt('basedn'));
00595 $this->tpl->setVariable('TXT_REFERRALS',$this->lng->txt('ldap_referrals'));
00596
00597 $this->tpl->setVariable('TXT_SECURITY_SETTINGS',$this->lng->txt('ldap_server_security_settings'));
00598 $this->tpl->setVariable('TXT_TLS',$this->lng->txt('ldap_tls'));
00599 $this->tpl->setVariable('TXT_BINDING',$this->lng->txt('ldap_server_binding'));
00600 $this->tpl->setVariable('TXT_ANONYMOUS',$this->lng->txt('ldap_bind_anonymous'));
00601 $this->tpl->setVariable('TXT_USER',$this->lng->txt('ldap_bind_user'));
00602 $this->tpl->setVariable('TXT_BIND_DN',$this->lng->txt('ldap_server_bind_dn'));
00603 $this->tpl->setVariable('TXT_BIND_PASSWD',$this->lng->txt('ldap_server_bind_pass'));
00604
00605 $this->tpl->setVariable('TXT_AUTH_SETTINGS',$this->lng->txt('ldap_authentication_settings'));
00606 $this->tpl->setVariable('TXT_USER_ATTRIBUTE',$this->lng->txt('ldap_user_attribute'));
00607 $this->tpl->setVariable('TXT_USER_SCOPE',$this->lng->txt('ldap_user_scope'));
00608 $this->tpl->setVariable('TXT_SEARCH_BASE',$this->lng->txt('ldap_user_dn'));
00609 $this->tpl->setVariable('TXT_FILTER',$this->lng->txt('ldap_search_filter'));
00610 $this->tpl->setVariable('TXT_REQUIRED_FLD',$this->lng->txt('required_field'));
00611
00612
00613 $this->tpl->setVariable('TXT_GROUP_RESTRICTIONS',$this->lng->txt('ldap_group_restrictions'));
00614 $this->tpl->setVariable('TXT_GROUP_DN',$this->lng->txt('ldap_group_search_base'));
00615 $this->tpl->setVariable('TXT_GROUP_SCOPE',$this->lng->txt('ldap_group_scope'));
00616 $this->tpl->setVariable('TXT_GROUP_FILTER',$this->lng->txt('ldap_group_filter'));
00617 $this->tpl->setVariable('TXT_MEMBER',$this->lng->txt('ldap_group_member'));
00618 $this->tpl->setVariable('TXT_MEMBERISDN',$this->lng->txt('ldap_memberisdn'));
00619 $this->tpl->setVariable('TXT_GROUP',$this->lng->txt('ldap_group_name'));
00620 $this->tpl->setVariable('TXT_GROUP_ATTRIBUTE',$this->lng->txt('ldap_group_attribute'));
00621 $this->tpl->setVariable('TXT_GROUP_MEMBERSHIP',$this->lng->txt('ldap_group_membership'));
00622 $this->tpl->setVariable('TXT_OPTIONAL',$this->lng->txt('ldap_group_member_optional'));
00623 $this->tpl->setVariable('TXT_GROUP_USER_FILTER',$this->lng->txt('ldap_group_user_filter'));
00624 $this->tpl->setVariable('TXT_OPTIONAL_INFO',$this->lng->txt('ldap_group_optional_info'));
00625
00626
00627 $this->tpl->setVariable('TXT_USER_SYNC',$this->lng->txt('ldap_user_sync'));
00628 $this->tpl->setVariable('TXT_MOMENT',$this->lng->txt('ldap_moment_sync'));
00629 $this->tpl->setVariable('TXT_LOGIN',$this->lng->txt('ldap_sync_login'));
00630 $this->tpl->setVariable('TXT_CRON',$this->lng->txt('ldap_sync_cron'));
00631 $this->tpl->setVariable('TXT_GLOBAL_ROLE',$this->lng->txt('ldap_global_role_assignment'));
00632
00633 $this->tpl->setVariable('TXT_SAVE',$this->lng->txt('save'));
00634
00635
00636 $this->tpl->setVariable('TXT_SERVER_NAME_INFO',$this->lng->txt('ldap_server_name_info'));
00637 $this->tpl->setVariable('TXT_SERVER_URL_INFO',$this->lng->txt('ldap_server_url_info'));
00638 $this->tpl->setVariable('TXT_SERVER_VERSION_INFO',$this->lng->txt('ldap_server_version_info'));
00639 $this->tpl->setVariable('TXT_REFERRALS_INFO',$this->lng->txt('ldap_referrals_info'));
00640 $this->tpl->setVariable('TXT_SEARCH_BASE_INFO',$this->lng->txt('ldap_search_base_info'));
00641 $this->tpl->setVariable('TXT_FILTER_INFO',$this->lng->txt('ldap_filter_info'));
00642 $this->tpl->setVariable('TXT_GROUP_DN_INFO',$this->lng->txt('ldap_group_dn_info'));
00643 $this->tpl->setVariable('TXT_GROUP_FILTER_INFO',$this->lng->txt('ldap_group_filter_info'));
00644 $this->tpl->setVariable('TXT_MEMBER_INFO',$this->lng->txt('ldap_group_member_info'));
00645 $this->tpl->setVariable('TXT_GROUP_INFO',$this->lng->txt('ldap_group_name_info'));
00646 $this->tpl->setVariable('TXT_GROUP_ATTRIBUTE_INFO',$this->lng->txt('ldap_group_attribute_info'));
00647 $this->tpl->setVariable('TXT_GROUP_SCOPE_INFO',$this->lng->txt('ldap_group_scope_info'));
00648 $this->tpl->setVariable('TXT_USER_SCOPE_INFO',$this->lng->txt('ldap_user_scope_info'));
00649 $this->tpl->setVariable('TXT_USER_SYNC_INFO',$this->lng->txt('ldap_user_sync_info'));
00650 $this->tpl->setVariable('TXT_GLOBAL_ROLE_INFO',$this->lng->txt('ldap_global_role_info'));
00651
00652
00653
00654 $this->tpl->setVariable('CHECK_ACTIVE',ilUtil::formCheckbox($this->server->isActive() ? true : false,'active',1));
00655 $this->tpl->setVariable('SERVER_NAME',$this->server->getName());
00656 $this->tpl->setVariable('SERVER_URL',$this->server->getUrlString());
00657 $this->tpl->setVariable('SELECT_VERSION',ilUtil::formSelect($this->server->getVersion(),
00658 'version',array(2 => 2,3 => 3),false,true));
00659 $this->tpl->setVariable('BASE_DN',$this->server->getBaseDN());
00660 $this->tpl->setVariable('CHECK_REFERRALS',ilUtil::formCheckbox($this->server->isActiveReferrer() ? true : false,'referrals',1));
00661 $this->tpl->setVariable('CHECK_TLS',ilUtil::formCheckbox($this->server->isActiveTLS() ? true : false,'tls',1));
00662
00663 $this->tpl->setVariable('RADIO_ANONYMOUS',ilUtil::formRadioButton($this->server->getBindingType() == IL_LDAP_BIND_ANONYMOUS ? true : false,
00664 'binding_type',IL_LDAP_BIND_ANONYMOUS));
00665 $this->tpl->setVariable('RADIO_USER',ilUtil::formRadioButton($this->server->getBindingType() == IL_LDAP_BIND_USER ? true : false,
00666 'binding_type',IL_LDAP_BIND_USER));
00667 $this->tpl->setVariable('BIND_DN',$this->server->getBindUser());
00668 $this->tpl->setVariable('BIND_PASS',$this->server->getBindPassword());
00669
00670 $this->tpl->setVariable('SEARCH_BASE',$this->server->getSearchBase());
00671 $this->tpl->setVariable('USER_ATTRIBUTE',$this->server->getUserAttribute());
00672 $this->tpl->setVariable('SELECT_USER_SCOPE',ilUtil::formSelect($this->server->getUserScope(),
00673 'user_scope',
00674 array(IL_LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
00675 IL_LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')),false,true));
00676 $this->tpl->setVariable('FILTER',$this->server->getFilter());
00677 $this->tpl->setVariable('GROUP_DN',$this->server->getGroupDN());
00678 $this->tpl->setVariable('SELECT_GROUP_SCOPE',ilUtil::formSelect($this->server->getGroupScope(),
00679 'group_scope',
00680 array(IL_LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
00681 IL_LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')),false,true));
00682 $this->tpl->setVariable('GROUP_FILTER',$this->server->getGroupFilter());
00683 $this->tpl->setVariable('GROUP_MEMBER',$this->server->getGroupMember());
00684 $this->tpl->setVariable('CHECK_MEMBERISDN',ilUtil::formCheckbox($this->server->enabledGroupMemberIsDN() ? 1 : 0,'memberisdn',1));
00685 $this->tpl->setVariable('GROUP',$this->server->getGroupName());
00686 $this->tpl->setVariable('GROUP_ATTRIBUTE',$this->server->getGroupAttribute());
00687 $this->tpl->setVariable('GROUP_USER_FILTER',$this->server->getGroupUserFilter());
00688
00689 $this->tpl->setVariable('CHECK_OPTIONAL',ilUtil::formCheckbox($this->server->isMembershipOptional() ? 1 : 0,
00690 'group_optional',
00691 1));
00692
00693 $this->tpl->setVariable('CHECK_LOGIN',ilUtil::formCheckbox($this->server->enabledSyncOnLogin() ? true : false,
00694 'sync_on_login',
00695 1));
00696 $this->tpl->setVariable('CHECK_CRON',ilUtil::formCheckbox($this->server->enabledSyncPerCron() ? true : false,
00697 'sync_per_cron',
00698 1));
00699 $this->tpl->setVariable('SELECT_GLOBAL_ROLE',$this->prepareRoleSelect());
00700
00701 return true;
00702 }
00703
00704
00705
00706
00707 function save()
00708 {
00709 global $ilErr;
00710
00711 $this->server->toggleActive((int) $_POST['active']);
00712 $this->server->setName(ilUtil::stripSlashes($_POST['server_name']));
00713 $this->server->setUrl(ilUtil::stripSlashes($_POST['server_url']));
00714 $this->server->setVersion(ilUtil::stripSlashes($_POST['version']));
00715 $this->server->setBaseDN(ilUtil::stripSlashes($_POST['base_dn']));
00716 $this->server->toggleReferrer(ilUtil::stripSlashes($_POST['referrals']));
00717 $this->server->toggleTLS(ilUtil::stripSlashes($_POST['tls']));
00718 $this->server->setBindingType((int) $_POST['binding_type']);
00719 $this->server->setBindUser(ilUtil::stripSlashes($_POST['bind_dn']));
00720 $this->server->setBindPassword(ilUtil::stripSlashes($_POST['bind_pass']));
00721 $this->server->setSearchBase(ilUtil::stripSlashes($_POST['search_base']));
00722 $this->server->setUserScope((int) $_POST['user_scope']);
00723 $this->server->setUserAttribute(ilUtil::stripSlashes($_POST['user_attribute']));
00724 $this->server->setFilter(ilUtil::stripSlashes($_POST['filter']));
00725 $this->server->setGroupDN(ilUtil::stripSlashes($_POST['group_dn']));
00726 $this->server->setGroupScope((int) $_POST['group_scope']);
00727 $this->server->setGroupFilter(ilUtil::stripSlashes($_POST['group_filter']));
00728 $this->server->setGroupMember(ilUtil::stripSlashes($_POST['group_member']));
00729 $this->server->enableGroupMemberIsDN((int) $_POST['memberisdn']);
00730 $this->server->setGroupName(ilUtil::stripSlashes($_POST['group']));
00731 $this->server->setGroupAttribute(ilUtil::stripSlashes($_POST['group_attribute']));
00732 $this->server->setGroupUserFilter(ilUtil::stripSlashes($_POST['group_user_filter']));
00733 $this->server->toggleMembershipOptional((int) $_POST['group_optional']);
00734 $this->server->enableSyncOnLogin((int) $_POST['sync_on_login']);
00735 $this->server->enableSyncPerCron((int) $_POST['sync_per_cron']);
00736 $this->server->setGlobalRole((int) $_POST['global_role']);
00737
00738 if(!$this->server->validate())
00739 {
00740 ilUtil::sendInfo($ilErr->getMessage());
00741 $this->serverList();
00742 return false;
00743 }
00744
00745
00746 if($this->server->getServerId())
00747 {
00748 $this->server->update();
00749 }
00750 else
00751 {
00752 $_GET['ldap_server_id'] = $this->server->create();
00753 }
00754
00755
00756 $this->initAttributeMapping();
00757 $this->mapping->setRule('global_role',(int) $_POST['global_role'],false);
00758 $this->mapping->save();
00759
00760 ilUtil::sendInfo($this->lng->txt('settings_saved'));
00761 $this->serverList();
00762 return true;
00763 }
00764
00765
00766
00772 private function setSubTabs()
00773 {
00774 $this->tabs_gui->addSubTabTarget("ldap_settings",
00775 $this->ctrl->getLinkTarget($this,'serverList'),
00776 "serverList",get_class($this));
00777
00778
00779 include_once('Services/LDAP/classes/class.ilLDAPServer.php');
00780 if(!count(ilLDAPServer::_getServerList()))
00781 {
00782 return true;
00783 }
00784
00785 $this->tabs_gui->addSubTabTarget("ldap_user_mapping",
00786 $this->ctrl->getLinkTarget($this,'userMapping'),
00787 "userMapping",get_class($this));
00788
00789 $this->tabs_gui->addSubTabTarget('ldap_role_assignments',
00790 $this->ctrl->getLinkTarget($this,'roleAssignments'),
00791 "roleAssignments",get_class($this));
00792
00793 $this->tabs_gui->addSubTabTarget("ldap_role_mapping",
00794 $this->ctrl->getLinkTarget($this,'roleMapping'),
00795 "roleMapping",get_class($this));
00796
00797 }
00798
00799
00800 private function initServer()
00801 {
00802 include_once './Services/LDAP/classes/class.ilLDAPServer.php';
00803 if(!$_GET['ldap_server_id'])
00804 {
00805 $_GET['ldap_server_id'] = ilLDAPServer::_getFirstServer();
00806 }
00807 $this->server = new ilLDAPServer((int) $_GET['ldap_server_id']);
00808 }
00809
00810 private function initAttributeMapping()
00811 {
00812 include_once './Services/LDAP/classes/class.ilLDAPAttributeMapping.php';
00813 $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId((int) $_GET['ldap_server_id']);
00814 }
00815
00816 private function initRoleMapping()
00817 {
00818 include_once './Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
00819 $this->role_mapping = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId((int) $_GET['ldap_server_id']);
00820 }
00821
00822 private function prepareRoleSelect($a_as_select = true)
00823 {
00824 global $rbacreview,$ilObjDataCache;
00825
00826 include_once('./Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
00827
00828 $global_roles = ilUtil::_sortIds($rbacreview->getGlobalRoles(),
00829 'object_data',
00830 'title',
00831 'obj_id');
00832
00833 $select[0] = $this->lng->txt('links_select_one');
00834 foreach($global_roles as $role_id)
00835 {
00836 $select[$role_id] = ilObject::_lookupTitle($role_id);
00837 }
00838
00839 if($a_as_select)
00840 {
00841 return ilUtil::formSelect(ilLDAPAttributeMapping::_lookupGlobalRole($this->server->getServerId()),
00842 'global_role',$select,false,true);
00843 }
00844 else
00845 {
00846 return $select;
00847 }
00848 }
00849
00850
00851 private function getMappingFields()
00852 {
00853 return array('gender' => $this->lng->txt('gender'),
00854 'firstname' => $this->lng->txt('firstname'),
00855 'lastname' => $this->lng->txt('lastname'),
00856 'title' => $this->lng->txt('person_title'),
00857 'institution' => $this->lng->txt('institution'),
00858 'department' => $this->lng->txt('department'),
00859 'street' => $this->lng->txt('street'),
00860 'city' => $this->lng->txt('city'),
00861 'zipcode' => $this->lng->txt('zipcode'),
00862 'country' => $this->lng->txt('country'),
00863 'phone_office' => $this->lng->txt('phone_office'),
00864 'phone_home' => $this->lng->txt('phone_home'),
00865 'phone_mobile' => $this->lng->txt('phone_mobile'),
00866 'fax' => $this->lng->txt('fax'),
00867 'email' => $this->lng->txt('email'),
00868 'hobby' => $this->lng->txt('hobby'),
00869 'matriculation' => $this->lng->txt('matriculation'));
00870 #'photo' => $this->lng->txt('photo'));
00871 }
00872
00873 private function initUserDefinedFields()
00874 {
00875 include_once("./Services/User/classes/class.ilUserDefinedFields.php");
00876 $this->udf = ilUserDefinedFields::_getInstance();
00877 }
00878
00879 private function prepareMappingSelect()
00880 {
00881 return ilUtil::formSelect($_POST['mapping_template'],'mapping_template',array(0 => $this->lng->txt('ldap_mapping_template'),
00882 "inetOrgPerson" => 'inetOrgPerson',
00883 "organizationalPerson" => 'organizationalPerson',
00884 "person" => 'person',
00885 "ad_2003" => 'Active Directory (Win 2003)'),false,true);
00886 }
00887
00896 private function loadMappingCopy($a_mapping_data)
00897 {
00898 if(!isset($_GET['mapping_id']))
00899 {
00900 return $a_mapping_data;
00901 }
00902
00903 $mapping_id = $_GET['mapping_id'];
00904 $a_mapping_data[0] = $a_mapping_data[$mapping_id];
00905
00906 return $a_mapping_data;
00907 }
00908
00915 private function loadMappingDetails()
00916 {
00917 if(!isset($_SESSION['ldap_mapping_details']))
00918 {
00919 $_SESSION['ldap_mapping_details'] = array();
00920 }
00921 if(isset($_GET['details_show']))
00922 {
00923 $_SESSION['ldap_mapping_details'][$_GET['details_show']] = $_GET['details_show'];
00924 }
00925 if(isset($_GET['details_hide']))
00926 {
00927 unset($_SESSION['ldap_mapping_details'][$_GET['details_hide']]);
00928 }
00929 }
00930
00938 private function sortMappingData($a_mapping_data)
00939 {
00940 global $rbacreview,$ilObjDataCache;
00941
00942 $new_mapping = array();
00943 $new_mapping = array();
00944 foreach($a_mapping_data as $mapping_id => $data)
00945 {
00946 $new_mapping[$mapping_id] = $data;
00947 $new_mapping[$mapping_id]['obj_id'] = $obj_id = $rbacreview->getObjectOfRole($data['role']);
00948 $new_mapping[$mapping_id]['obj_title'] = $ilObjDataCache->lookupTitle($obj_id);
00949 $new_mapping[$mapping_id]['mapping_id'] = $mapping_id;
00950 }
00951 return ilUtil::sortArray($new_mapping,'obj_title','DESC');
00952
00953 }
00954
00963 protected function initFormRoleAssignments($a_mode,ilLDAPRoleAssignmentRule $current_rule)
00964 {
00965 include_once('Services/Form/classes/class.ilPropertyFormGUI.php');
00966 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
00967
00968 $this->form = new ilPropertyFormGUI();
00969 $this->form->setFormAction($this->ctrl->getFormAction($this));
00970
00971 switch($a_mode)
00972 {
00973 case 'edit':
00974 $this->form->setTitle($this->lng->txt('ldap_edit_role_ass_rule'));
00975 $this->form->addCommandButton('updateRoleAssignment',$this->lng->txt('save'));
00976 $this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
00977 break;
00978 case 'create':
00979 $this->form->setTitle($this->lng->txt('ldap_add_role_ass_rule'));
00980 $this->form->addCommandButton('addRoleAssignment',$this->lng->txt('ldap_btn_add_role_ass'));
00981 $this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
00982 break;
00983 }
00984
00985 $role = new ilSelectInputGUI($this->lng->txt('ldap_ilias_role'),'role');
00986 $role->setValue($current_rule->getRoleId());
00987 $role->setOptions($this->prepareRoleSelect(false));
00988 $role->setRequired(true);
00989 $this->form->addItem($role);
00990
00991
00992 $group = new ilRadioGroupInputGUI($this->lng->txt('ldap_assignment_type'),'type');
00993 $group->setValue($current_rule->getType());
00994 $group->setRequired(true);
00995
00996
00997 $radio_group = new ilRadioOption($this->lng->txt('ldap_role_by_group'),ilLDAPRoleAssignmentRule::TYPE_GROUP);
00998
00999
01000 $dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn'),'dn');
01001 $dn->setValue($current_rule->getDN());
01002 $dn->setSize(32);
01003 $dn->setMaxLength(512);
01004 $dn->setInfo($this->lng->txt('ldap_role_grp_dn_info'));
01005 $radio_group->addSubItem($dn);
01006 $at = new ilTextInputGUI($this->lng->txt('ldap_role_grp_at'),'at');
01007 $at->setValue($current_rule->getMemberAttribute());
01008 $at->setSize(16);
01009 $at->setMaxLength(128);
01010 $radio_group->addSubItem($at);
01011 $isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_role_grp_isdn'),'isdn');
01012 $isdn->setChecked($current_rule->isMemberAttributeDN());
01013 $isdn->setInfo($this->lng->txt('ldap_group_member_info'));
01014 $radio_group->addSubItem($isdn);
01015 $radio_group->setInfo($this->lng->txt('ldap_role_grp_info'));
01016
01017 $group->addOption($radio_group);
01018
01019
01020 $radio_attribute = new ilRadioOption($this->lng->txt('ldap_role_by_attribute'),ilLDAPRoleAssignmentRule::TYPE_ATTRIBUTE);
01021 $name = new ilTextInputGUI($this->lng->txt('ldap_role_at_name'),'name');
01022 $name->setValue($current_rule->getAttributeName());
01023 $name->setSize(32);
01024 $name->setMaxLength(128);
01025 #$name->setInfo($this->lng->txt('ldap_role_at_name_info'));
01026 $radio_attribute->addSubItem($name);
01027
01028
01029 $val = new ilTextInputGUI($this->lng->txt('ldap_role_at_value'),'value');
01030 $val->setValue($current_rule->getAttributeValue());
01031 $val->setSize(32);
01032 $val->setMaxLength(128);
01033 #$val->setInfo($this->lng->txt('ldap_role_at_value_info'));
01034 $radio_attribute->addSubItem($val);
01035 $radio_attribute->setInfo($this->lng->txt('ldap_role_at_info'));
01036 $group->addOption($radio_attribute);
01037
01038 $this->form->addItem($group);
01039 }
01040 }
01041 ?>
