ILIAS  Release_4_0_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilShibbolethRoleAssignmentRules.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
24 include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php';
25 
35 class ilShibbolethRoleAssignmentRules
36 {
37  protected static $active_plugins = null;
38 
39  public static function getAllRules()
40  {
41  global $ilDB;
42 
43  $query = "SELECT rule_id FROM shib_role_assignment ORDER BY rule_id";
44  $res =$ilDB->query($query);
45  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
46  {
47  $rules[$row->rule_id] = new ilShibbolethRoleAssignmentRule($row->rule_id);
48  }
49  return $rules ? $rules : array();
50  }
51 
52  public static function getCountRules()
53  {
54  global $ilDB;
55 
56  $query = "SELECT COUNT(*) num FROM shib_role_assignment ";
57  $res = $ilDB->query($query);
58  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
59  {
60  return $row->num;
61  }
62  return 0;
63  }
64 
65  public static function updateAssignments($a_usr_id,$a_data)
66  {
67  global $ilDB,$rbacadmin,$rbacreview,$ilSetting,$ilLog;
68 
69  $query = "SELECT rule_id,add_on_update,remove_on_update FROM shib_role_assignment ".
70  "WHERE add_on_update = 1 OR remove_on_update = 1";
71 
72  $res = $ilDB->query($query);
73  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
74  {
75  $rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
76 
77  $matches = $rule->matches($a_data);
78  if($matches and $row->add_on_update)
79  {
80  $ilLog->write(__METHOD__.': Assigned to role '.ilObject::_lookupTitle($rule->getRoleId()));
81  $rbacadmin->assignUser($rule->getRoleId(),$a_usr_id);
82  }
83  if(!$matches and $row->remove_on_update)
84  {
85  $ilLog->write(__METHOD__.': Deassigned from role '.ilObject::_lookupTitle($rule->getRoleId()));
86  $rbacadmin->deassignUser($rule->getRoleId(),$a_usr_id);
87  }
88  }
89 
90  // check if is assigned to minimum one global role
91  if(!array_intersect($rbacreview->assignedRoles($a_usr_id),$rbacreview->getGlobalRoles()))
92  {
93  $ilLog->write(__METHOD__.': Assigned to default role '.ilObject::_lookupTitle($ilSetting->get('shib_user_default_role')));
94  $rbacadmin->assignUser($ilSetting->get('shib_user_default_role'),$a_usr_id);
95  }
96 
97  return true;
98  }
99 
100  public static function doAssignments($a_usr_id,$a_data)
101  {
102  global $ilDB,$ilSetting,$rbacadmin,$ilLog;
103 
104  $query = "SELECT rule_id FROM shib_role_assignment ";
105 
106  $num_matches = 0;
107  $res = $ilDB->query($query);
108  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
109  {
110  $rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
111  if($rule->matches($a_data))
112  {
113  $num_matches++;
114  $ilLog->write(__METHOD__.': Assigned to role '.ilObject::_lookupTitle($rule->getRoleId()));
115  $rbacadmin->assignUser($rule->getRoleId(),$a_usr_id);
116  }
117  }
118  // Assign to default if no matching found
119  if(!$num_matches)
120  {
121  $ilLog->write(__METHOD__.': Assigned to default role '.ilObject::_lookupTitle($ilSetting->get('shib_user_default_role')));
122  $rbacadmin->assignUser($ilSetting->get('shib_user_default_role'),$a_usr_id);
123  }
124  return true;
125  }
126 
127  public static function callPlugin($a_plugin_id,$a_user_data)
128  {
129  global $ilPluginAdmin;
130 
131  if(self::$active_plugins == null)
132  {
133  self::$active_plugins = $ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE,
134  'AuthShibboleth',
135  'shibhk');
136  }
137 
138  $assigned = false;
139  foreach(self::$active_plugins as $plugin_name)
140  {
141  $ok = false;
142  $plugin_obj = $ilPluginAdmin->getPluginObject(IL_COMP_SERVICE,
143  'AuthShibboleth',
144  'shibhk',
145  $plugin_name);
146 
147  if($plugin_obj instanceof ilShibbolethRoleAssignmentPlugin)
148  {
149  $ok = $plugin_obj->checkRoleAssignment($a_plugin_id,$a_user_data);
150  }
151 
152  if($ok)
153  {
154  $assigned = true;
155  }
156  }
157  return $assigned;
158  }
159 }
160 ?>