ILIAS  Release_4_0_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilLDAPSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
33 class ilLDAPSettingsGUI
34 {
35  private $ref_id = null;
36 
37  public function __construct($a_auth_ref_id)
38  {
39  global $lng,$ilCtrl,$tpl,$ilTabs;
40 
41  $this->ctrl = $ilCtrl;
42  $this->tabs_gui = $ilTabs;
43  $this->lng = $lng;
44  $this->lng->loadLanguageModule('ldap');
45 
46  $this->tpl = $tpl;
47 
48  $this->ctrl->saveParameter($this,'ldap_server_id');
49  $this->ref_id = $a_auth_ref_id;
50 
51 
52  $this->initServer();
53  }
54 
55  public function executeCommand()
56  {
57  global $ilAccess,$ilias, $ilErr, $ilCtrl;
58 
59  $next_class = $this->ctrl->getNextClass($this);
60  $cmd = $this->ctrl->getCmd();
61 
62  if(!$ilAccess->checkAccess('write','',$this->ref_id) && $cmd != "serverList")
63  {
64  ilUtil::sendFailure($this->lng->txt('msg_no_perm_write'), true);
65  $ilCtrl->redirect($this, "serverList");
66  }
67 
68 
69  switch($next_class)
70  {
71  default:
72  if(!$cmd)
73  {
74  $cmd = "serverList";
75  }
76  $this->$cmd();
77  break;
78  }
79  return true;
80  }
81 
88  public function roleAssignments()
89  {
90  global $rbacreview;
91 
92  $this->setSubTabs();
93  $this->tabs_gui->setSubTabActive('ldap_role_assignments');
94 
95  $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.ldap_role_assignments.html','Services/LDAP');
96 
97  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
98  $this->initFormRoleAssignments('create',$this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId(0));
99  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL',$this->form->getHTML());
100 
101 
102  if(count($rules = ilLDAPRoleAssignmentRule::_getRules()))
103  {
104  include_once("./Services/LDAP/classes/class.ilLDAPRoleAssignmentTableGUI.php");
105  $table_gui = new ilLDAPRoleAssignmentTableGUI($this,'roleAssignments');
106  $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
107  $table_gui->parse($rules);
108  $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
109  $table_gui->setSelectAllCheckbox("rule_id");
110  $this->tpl->setVariable('RULES_TBL',$table_gui->getHTML());
111  }
112 
113  }
114 
121  public function editRoleAssignment()
122  {
123  if(!(int) $_GET['rule_id'])
124  {
125  ilUtil::sendFailure($this->lng->txt('select_one'));
126  $this->roleAssignments();
127  return false;
128  }
129  $this->setSubTabs();
130  $this->tabs_gui->setSubTabActive('ldap_role_assignments');
131 
132  $this->ctrl->saveParameter($this,'rule_id',(int) $_GET['rule_id']);
133  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
134  $this->initFormRoleAssignments('edit',
135  $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId((int) $_GET['rule_id']));
136  $this->setValuesByArray();
137  $this->tpl->setContent($this->form->getHTML());
138  }
139 
140 
145  protected function setValuesByArray()
146  {
147  global $rbacreview;
148 
149  $role_id = $this->role_mapping_rule->getRoleId();
150  if($rbacreview->isGlobalRole($role_id))
151  {
152  $val['role_name'] = 0;
153  $val['role_id'] = $role_id;
154  }
155  else
156  {
157  $val['role_name'] = 1;
158  $val['role_search'] = ilObject::_lookupTitle($role_id);
159  }
160  $val['add_missing'] = (int) $this->role_mapping_rule->isAddOnUpdateEnabled();
161  $val['remove_deprecated'] = (int) $this->role_mapping_rule->isRemoveOnUpdateEnabled();
162  $val['type'] = (int) $this->role_mapping_rule->getType();
163  $val['dn'] = $this->role_mapping_rule->getDN();
164  $val['at'] = $this->role_mapping_rule->getMemberAttribute();
165  $val['isdn'] = $this->role_mapping_rule->isMemberAttributeDN();
166  $val['name'] = $this->role_mapping_rule->getAttributeName();
167  $val['value'] = $this->role_mapping_rule->getAttributeValue();
168  $val['plugin_id'] = $this->role_mapping_rule->getPluginId();
169 
170  $this->form->setValuesByArray($val);
171  }
172 
179  public function updateRoleAssignment()
180  {
181  global $ilErr,$ilAccess;
182 
183  if(!$ilAccess->checkAccess('write','',$this->ref_id))
184  {
185  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
186  $this->roleAssignment();
187  return false;
188  }
189 
190  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
191  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
192 
193  $this->initFormRoleAssignments('edit');
194  if(!$this->form->checkInput() or ($err = $this->checkRoleAssignmentInput((int) $_REQUEST['rule_id'])))
195  {
196  if($err)
197  {
198  ilUtil::sendFailure($this->lng->txt($err));
199  }
200 
201  $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.ldap_role_assignments.html','Services/LDAP');
202 
203  // DONE: wrap this
204  $this->form->setValuesByPost();
205  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL',$this->form->getHTML());
206  #$this->tpl->setVariable('RULES_TBL',$this->getRoleAssignmentTable());
207  $this->tabs_gui->setSubTabActive('shib_role_assignment');
208  return true;
209 
210  }
211 
212  // Might redirect
213  $this->roleSelection();
214 
215  $this->rule->update();
216  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
217  $this->roleAssignments();
218  return true;
219  }
220 
228  public function confirmDeleteRules()
229  {
230  if(!is_array($_POST['rule_ids']))
231  {
232  ilUtil::sendFailure($this->lng->txt('select_one'));
233  $this->roleAssignments();
234  return false;
235  }
236  $this->setSubTabs();
237  $this->tabs_gui->setSubTabActive('ldap_role_assignments');
238 
239  include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
240  $c_gui = new ilConfirmationGUI();
241 
242  // set confirm/cancel commands
243  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules"));
244  $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass"));
245  $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignments");
246  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules");
247 
248  // add items to delete
249  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
250  foreach($_POST["rule_ids"] as $rule_id)
251  {
252  $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
253  $c_gui->addItem('rule_ids[]',$rule_id,$rule->conditionToString());
254  }
255  $this->tpl->setContent($c_gui->getHTML());
256  }
257 
264  public function deleteRules()
265  {
266  if(!is_array($_POST['rule_ids']))
267  {
268  ilUtil::sendFailure($this->lng->txt('select_once'));
269  $this->roleAssignments();
270  return false;
271  }
272  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
273  foreach($_POST["rule_ids"] as $rule_id)
274  {
275  $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
276  $rule->delete();
277  }
278  ilUtil::sendSuccess($this->lng->txt('ldap_deleted_rule'));
279  $this->roleAssignments();
280  return true;
281  }
282 
289  public function addRoleAssignment()
290  {
291  global $ilErr,$ilAccess;
292 
293  if(!$ilAccess->checkAccess('write','',$this->ref_id))
294  {
295  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
296  $this->roleAssignment();
297  return false;
298  }
299 
300  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
301  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
302 
303  $this->initFormRoleAssignments('create');
304  if(!$this->form->checkInput() or ($err = $this->checkRoleAssignmentInput()))
305  {
306  if($err)
307  {
308  ilUtil::sendFailure($this->lng->txt($err));
309  }
310 
311  $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.ldap_role_assignments.html','Services/LDAP');
312 
313  // DONE: wrap this
314  $this->form->setValuesByPost();
315  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL',$this->form->getHTML());
316  $this->tpl->setVariable('RULES_TBL',$this->getRoleAssignmentTable());
317  $this->tabs_gui->setSubTabActive('shib_role_assignment');
318  return true;
319 
320  }
321 
322  // Might redirect
323  $this->roleSelection();
324 
325  $this->rule->create();
326  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
327  unset($_POST);
328  $this->roleAssignments();
329  return true;
330  }
331 
336  protected function roleSelection()
337  {
338  if($this->rule->getRoleId() > 0)
339  {
340  return false;
341  }
342 
343  $_SESSION['ldap_role_ass']['rule_id'] = $_REQUEST['rule_id'] ? $_REQUEST['rule_id'] : 0;
344  $_SESSION['ldap_role_ass']['role_search'] = $this->form->getInput('role_search');
345  $_SESSION['ldap_role_ass']['add_on_update'] = $this->form->getInput('add_on_update');
346  $_SESSION['ldap_role_ass']['remove_on_update'] = $this->form->getInput('remove_deprecated');
347  $_SESSION['ldap_role_ass']['type'] = $this->form->getInput('type');
348  $_SESSION['ldap_role_ass']['dn'] = $this->form->getInput('dn');
349  $_SESSION['ldap_role_ass']['at'] = $this->form->getInput('at');
350  $_SESSION['ldap_role_ass']['isdn'] = $this->form->getInput('isdn');
351  $_SESSION['ldap_role_ass']['name'] = $this->form->getInput('name');
352  $_SESSION['ldap_role_ass']['value'] = $this->form->getInput('value');
353  $_SESSION['ldap_role_ass']['plugin'] = $this->form->getInput('plugin_id');
354 
355  $this->ctrl->saveParameter($this,'rule_id');
356  $this->ctrl->redirect($this,'showRoleSelection');
357  }
358 
359 
360 
365  protected function showRoleSelection()
366  {
367  $this->setSubTabs();
368  $this->tabs_gui->setSubTabActive('ldap_role_assignment');
369  $this->ctrl->saveParameter($this,'rule_id');
370 
371  include_once './Services/Search/classes/class.ilQueryParser.php';
372  $parser = new ilQueryParser($_SESSION['ldap_role_ass']['role_search']);
373  $parser->setMinWordLength(1,true);
374  $parser->setCombination(QP_COMBINATION_AND);
375  $parser->parse();
376 
377  include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
378  $object_search = new ilLikeObjectSearch($parser);
379  $object_search->setFilter(array('role'));
380  $res = $object_search->performSearch();
381 
382  $entries = $res->getEntries();
383 
384  include_once './Services/AccessControl/classes/class.ilRoleSelectionTableGUI.php';
385  $table = new ilRoleSelectionTableGUI($this,'showRoleSelection');
386  $table->setTitle($this->lng->txt('ldap_role_selection'));
387  $table->addMultiCommand('saveRoleSelection',$this->lng->txt('ldap_choose_role'));
388  $table->addCommandButton('roleAssignment',$this->lng->txt('cancel'));
389  $table->parse($entries);
390 
391  $this->tpl->setContent($table->getHTML());
392  return true;
393  }
394 
399  protected function saveRoleSelection()
400  {
401  global $ilErr,$ilAccess;
402 
403  if(!$ilAccess->checkAccess('write','',$this->ref_id))
404  {
405  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
406  $this->roleAssignment();
407  return false;
408  }
409 
410  if(!(int) $_REQUEST['role_id'])
411  {
412  ilUtil::sendFailure($this->lng->txt('select_one'));
413  $this->showRoleSelection();
414  return false;
415  }
416 
417  $this->loadRoleAssignmentRule((int) $_REQUEST['rule_id'],false);
418  $this->rule->setRoleId((int) $_REQUEST['role_id']);
419 
420  if((int) $_REQUEST['rule_id'])
421  {
422  $this->rule->update();
423  }
424  else
425  {
426  $this->rule->create();
427  }
428 
429  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
430  $this->roleAssignments();
431  return true;
432  }
433 
434 
440  protected function checkRoleAssignmentInput($a_rule_id = 0)
441  {
442  global $ilErr;
443 
444  $this->loadRoleAssignmentRule($a_rule_id);
445  $this->rule->validate();
446  return $ilErr->getMessage();
447  }
448 
449 
454  protected function getRoleAssignmentTable()
455  {
456  if(count($rules = ilLDAPRoleAssignmentRule::_getRules()))
457  {
458  include_once("./Services/LDAP/classes/class.ilLDAPRoleAssignmentTableGUI.php");
459  $table_gui = new ilLDAPRoleAssignmentTableGUI($this,'roleAssignments');
460  $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
461  $table_gui->parse($rules);
462  $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
463  $table_gui->setSelectAllCheckbox("rule_id");
464  return $table_gui->getHTML();
465  }
466  return '';
467  }
468 
469 
475  protected function loadRoleAssignmentRule($a_rule_id,$a_from_form = true)
476  {
477  if(is_object($this->rule))
478  {
479  return true;
480  }
481 
482  include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
483  $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id);
484 
485 
486  if($a_from_form)
487  {
488  if($this->form->getInput('role_name') == 0)
489  {
490  $this->rule->setRoleId($this->form->getInput('role_id'));
491  }
492  elseif($this->form->getInput('role_search'))
493  {
494  // Search role
495  include_once './Services/Search/classes/class.ilQueryParser.php';
496 
497  $parser = new ilQueryParser($this->form->getInput('role_search'));
498 
499  // TODO: Handle minWordLength
500  $parser->setMinWordLength(1,true);
501  $parser->setCombination(QP_COMBINATION_AND);
502  $parser->parse();
503 
504  include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
505  $object_search = new ilLikeObjectSearch($parser);
506  $object_search->setFilter(array('role'));
507  $res = $object_search->performSearch();
508 
509  $entries = $res->getEntries();
510  if(count($entries) == 1)
511  {
512  $role = current($entries);
513  $this->rule->setRoleId($role['obj_id']);
514  }
515  elseif(count($entries) > 1)
516  {
517  $this->rule->setRoleId(-1);
518  }
519  }
520 
521  $this->rule->setAttributeName($this->form->getInput('name'));
522  $this->rule->setAttributeValue($this->form->getInput('value'));
523  $this->rule->setDN($this->form->getInput('dn'));
524  $this->rule->setMemberAttribute($this->form->getInput('at'));
525  $this->rule->setMemberIsDN($this->form->getInput('isdn'));
526  $this->rule->enableAddOnUpdate($this->form->getInput('add_missing'));
527  $this->rule->enableRemoveOnUpdate($this->form->getInput('remove_deprecated'));
528  $this->rule->setPluginId($this->form->getInput('plugin_id'));
529  $this->rule->setType($this->form->getInput('type'));
530  return true;
531  }
532 
533  // LOAD from session
534  $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id);
535  $this->rule->setServerId(0);
536  $this->rule->enableAddOnUpdate((int) $_SESSION['ldap_role_ass']['add_missing']);
537  $this->rule->enableRemoveOnUpdate((int) $_SESSION['ldap_role_ass']['remove_deprecated']);
538  $this->rule->setType(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['type']));
539  $this->rule->setDN(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['dn']));
540  $this->rule->setMemberAttribute( ilUtil::stripSlashes($_SESSION['ldap_role_ass']['at']));
541  $this->rule->setMemberIsDN( ilUtil::stripSlashes($_SESSION['ldap_role_ass']['isdn']));
542  $this->rule->setAttributeName( ilUtil::stripSlashes($_SESSION['ldap_role_ass']['name']));
543  $this->rule->setAttributeValue(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['value']));
544  $this->rule->setPluginId(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['plugin_id']));
545  return true;
546  }
547 
548 
549  public function roleMapping()
550  {
551  $this->initRoleMapping();
552 
553  $this->setSubTabs();
554  $this->tabs_gui->setSubTabActive('ldap_role_mapping');
555 
556  $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.ldap_role_mapping.html','Services/LDAP');
557  $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this,'saveRoleMapping'));
558 
559  // Role Sync
560  $this->tpl->setVariable('TXT_ROLE_SETTINGS',$this->lng->txt('ldap_role_settings'));
561  $this->tpl->setVariable('TXT_ROLE_ACTIVE',$this->lng->txt('ldap_role_active'));
562  $this->tpl->setVariable('TXT_ROLE_BIND_USER',$this->lng->txt('ldap_role_bind_user'));
563  $this->tpl->setVariable('TXT_ROLE_BIND_PASS',$this->lng->txt('ldap_role_bind_pass'));
564  $this->tpl->setVariable('TXT_ROLE_ASSIGNMENTS',$this->lng->txt('ldap_role_assignments'));
565  $this->tpl->setVariable('TXT_BINDING',$this->lng->txt('ldap_server_binding'));
566 
567  $this->tpl->setVariable('TXT_ROLE_BIND_USER_INFO',$this->lng->txt('ldap_role_bind_user_info'));
568  $this->tpl->setVariable('TXT_ROLE_ASSIGNMENTS_INFO',$this->lng->txt('ldap_role_assignments_info'));
569 
570 
571  $mapping_data = $this->role_mapping->getMappings();
572  $mapping_data = $this->loadMappingCopy($mapping_data);
573  $this->loadMappingDetails();
574 
575  // Section new assignment
576  $this->tpl->setVariable('TXT_NEW_ASSIGNMENT',$this->lng->txt('ldap_new_role_assignment'));
577  $this->tpl->setVariable('TXT_URL',$this->lng->txt('ldap_server'));
578  $this->tpl->setVariable('TXT_DN',$this->lng->txt('ldap_group_dn'));
579  $this->tpl->setVariable('TXT_MEMBER',$this->lng->txt('ldap_group_member'));
580  $this->tpl->setVariable('TXT_MEMBER_ISDN',$this->lng->txt('ldap_memberisdn'));
581  $this->tpl->setVariable('TXT_ROLE',$this->lng->txt('ldap_ilias_role'));
582  $this->tpl->setVariable('TXT_ROLE_INFO',$this->lng->txt('ldap_role_info'));
583  $this->tpl->setVariable('TXT_DN_INFO',$this->lng->txt('ldap_dn_info'));
584  $this->tpl->setVariable('TXT_MEMBER_INFO',$this->lng->txt('ldap_member_info'));
585  $this->tpl->setVariable('TXT_MEMBERISDN',$this->lng->txt('ldap_memberisdn'));
586  $this->tpl->setVariable('TXT_INFO',$this->lng->txt('ldap_info_text'));
587  $this->tpl->setVariable('TXT_INFO_INFO',$this->lng->txt('ldap_info_text_info'));
588 
589 
590  $this->tpl->setVariable('ROLE_BIND_USER',$this->server->getRoleBindDN());
591  $this->tpl->setVariable('ROLE_BIND_PASS',$this->server->getRoleBindPassword());
592  $this->tpl->setVariable('CHECK_ROLE_ACTIVE',ilUtil::formCheckbox($this->server->enabledRoleSynchronization() ? true : false,
593  'role_sync_active',
594  1));
595 
596  // Section new assignment
597  $this->tpl->setVariable('URL',$mapping_data[0]['url'] ? $mapping_data[0]['url'] : $this->server->getUrl());
598  $this->tpl->setVariable('DN',$mapping_data[0]['dn']);
599  $this->tpl->setVariable('ROLE',$mapping_data[0]['role_name']);
600  $this->tpl->setVariable('MEMBER',$mapping_data[0]['member_attribute']);
601  $this->tpl->setVariable('CHECK_MEMBERISDN',ilUtil::formCheckbox($mapping_data[0]['memberisdn'],
602  'mapping[0][memberisdn]',
603  1));
604  $this->tpl->setVariable('MAPPING_INFO',$mapping_data[0]['info']);
605 
606  $info_type_checked = isset($mapping_data[0]['info_type']) ? $mapping_data[0]['info_type'] : 1;
607 
608  $this->tpl->setVariable('TXT_MAPPING_INFO_TYPE',$this->lng->txt('ldap_mapping_info_type'));
609  $this->tpl->setVariable('CHECK_MAPPING_INFO_TYPE',ilUtil::formCheckbox($info_type_checked,
610  'mapping[0][info_type]',
611  1));
612 
613  unset($mapping_data[0]);
614 
615  // Section assignments
616  if(count($mapping_data))
617  {
618  $this->tpl->setCurrentBlock('txt_assignments');
619  $this->tpl->setVariable('TXT_ASSIGNMENTS',$this->lng->txt('ldap_role_group_assignments'));
620  $this->tpl->parseCurrentBlock();
621 
622  $this->tpl->setCurrentBlock('delete_btn');
623  $this->tpl->setVariable('SOURCE',ilUtil::getImagePath("arrow_downright.gif"));
624  $this->tpl->setVariable('TXT_DELETE',$this->lng->txt('delete'));
625  $this->tpl->parseCurrentBlock();
626  }
627 
628  $mapping_data = $this->sortMappingData($mapping_data);
629 
630  foreach($mapping_data as $data)
631  {
632  $mapping_id = $data['mapping_id'];
633  if(in_array($mapping_id,$_SESSION['ldap_mapping_details']))
634  {
635  $this->tpl->setCurrentBlock('show_mapping_details');
636  $this->tpl->setVariable('ASS_GROUP_URL',$this->lng->txt('ldap_server_short'));
637  $this->tpl->setVariable('ASS_GROUP_DN',$this->lng->txt('ldap_group_dn_short'));
638  $this->tpl->setVariable('ASS_MEMBER_ATTR',$this->lng->txt('ldap_group_member_short'));
639  $this->tpl->setVariable('ASS_ROLE',$this->lng->txt('ldap_ilias_role_short'));
640  $this->tpl->setVariable('ASS_INFO',$this->lng->txt('ldap_info_text_short'));
641  $this->tpl->setVariable('ROW_ID',$mapping_id);
642  $this->tpl->setVariable('ROW_URL',$data['url']);
643  $this->tpl->setVariable('ROW_ROLE',$data['role_name'] ? $data['role_name'] : $data['role']);
644  $this->tpl->setVariable('ROW_DN',$data['dn']);
645  $this->tpl->setVariable('ROW_MEMBER',$data['member_attribute']);
646  $this->tpl->setVariable('TXT_ROW_MEMBERISDN',$this->lng->txt('ldap_memberisdn'));
647  $this->tpl->setVariable('ROW_CHECK_MEMBERISDN',ilUtil::formCheckbox($data['member_isdn'],
648  'mapping['.$mapping_id.'][memberisdn]',
649  1));
650  $this->tpl->setVariable('ROW_INFO',ilUtil::prepareFormOutput($data['info']));
651  $this->tpl->setVariable('TXT_ROW_INFO_TYPE',$this->lng->txt('ldap_mapping_info_type'));
652  $this->tpl->setVariable('ROW_CHECK_INFO_TYPE',ilUtil::formCheckbox($data['info_type'],
653  'mapping['.$mapping_id.'][info_type]',
654  1));
655  $this->tpl->parseCurrentBlock();
656  }
657 
658  // assignment row
659  $this->tpl->setCurrentBlock('assignments');
660 
661  // Copy link
662  $this->ctrl->setParameter($this,'mapping_id',$mapping_id);
663  $this->tpl->setVariable('COPY_LINK',$this->ctrl->getLinkTarget($this,'roleMapping'));
664  $this->tpl->setVariable('TXT_COPY',$this->lng->txt('copy'));
665  $this->ctrl->clearParameters($this);
666 
667  // Details link
668  if(!in_array($mapping_id,$_SESSION['ldap_mapping_details']))
669  {
670  $this->ctrl->setParameter($this,'details_show',$mapping_id);
671  $this->tpl->setVariable('DETAILS_LINK',$this->ctrl->getLinkTarget($this,'roleMapping'));
672  $this->tpl->setVariable('TXT_DETAILS',$this->lng->txt('show_details'));
673  $this->ctrl->clearParameters($this);
674  }
675  else
676  {
677  $this->ctrl->setParameter($this,'details_hide',$mapping_id);
678  $this->tpl->setVariable('DETAILS_LINK',$this->ctrl->getLinkTarget($this,'roleMapping'));
679  $this->tpl->setVariable('TXT_DETAILS',$this->lng->txt('hide_details'));
680  $this->ctrl->clearParameters($this);
681  }
682  if(!count($_SESSION['ldap_mapping_details']))
683  {
684  $this->tpl->setVariable('WIDTH',"50%");
685  }
686  $this->tpl->setVariable('ROW_CHECK',ilUtil::formCheckbox(0,
687  'mappings[]',$mapping_id));
688  $this->tpl->setVariable('TXT_TITLE_TITLE',$this->lng->txt('title'));
689  $this->tpl->setVariable('TXT_TITLE_ROLE',$this->lng->txt('obj_role'));
690  $this->tpl->setVariable('TXT_TITLE_GROUP',$this->lng->txt('obj_grp'));
691  $this->tpl->setVariable('TITLE_GROUP',$this->role_mapping->getMappingInfoString($mapping_id));
692  $this->tpl->setVariable('TITLE_TITLE',ilUtil::shortenText($data['obj_title'],30,true));
693  $this->tpl->setVariable('TITLE_ROLE',$data['role_name']);
694 
695  $this->tpl->parseCurrentBlock();
696  }
697 
698 
699  $this->tpl->setVariable('TXT_SAVE',$this->lng->txt('save'));
700  $this->tpl->setVariable('TXT_REQUIRED_FLD',$this->lng->txt('required_field'));
701  }
702 
703 
704  public function deleteRoleMapping()
705  {
706  if(!count($_POST['mappings']))
707  {
708  ilUtil::sendFailure($this->lng->txt('select_one'));
709  $this->roleMapping();
710  return false;
711  }
712 
713  $this->initRoleMapping();
714 
715  foreach($_POST['mappings'] as $mapping_id)
716  {
717  $this->role_mapping->delete($mapping_id);
718  }
719  ilUtil::sendSuccess($this->lng->txt('ldap_deleted_role_mapping'));
720  $this->roleMapping();
721  return true;
722  }
723 
724  public function reset()
725  {
726  unset($_POST['mapping_template']);
727  $this->userMapping();
728  }
729 
730  public function saveRoleMapping()
731  {
732  global $ilErr;
733 
734  $this->server->setRoleBindDN(ilUtil::stripSlashes($_POST['role_bind_user']));
735  $this->server->setRoleBindPassword(ilUtil::stripSlashes($_POST['role_bind_pass']));
736  $this->server->enableRoleSynchronization((int) $_POST['role_sync_active']);
737 
738  // Update or create
739  if($this->server->getServerId())
740  {
741  $this->server->update();
742  }
743  else
744  {
745  $_GET['ldap_server_id'] = $this->server->create();
746  }
747 
748  $this->initRoleMapping();
749  $this->role_mapping->loadFromPost($_POST['mapping']);
750  if(!$this->role_mapping->validate())
751  {
752  ilUtil::sendFailure($ilErr->getMessage());
753  $this->roleMapping();
754  return false;
755  }
756  $this->role_mapping->save();
757 
758  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
759  $this->roleMapping();
760  return true;
761  }
762 
763  public function userMapping($a_show_defaults = false)
764  {
765  $this->initAttributeMapping();
766 
767  $this->setSubTabs();
768  $this->tabs_gui->setSubTabActive('ldap_user_mapping');
769 
770  $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.ldap_user_mapping.html','Services/LDAP');
771  $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
772 
773  $this->tpl->setVariable('TXT_LDAP_MAPPING',$this->lng->txt('ldap_mapping_table'));
774  $this->tpl->setVariable('SELECT_MAPPING',$this->prepareMappingSelect());
775 
776  if($_POST['mapping_template'])
777  {
778  $this->tpl->setCurrentBlock('reset');
779  $this->tpl->setVariable('TXT_RESET',$this->lng->txt('reset'));
780  $this->tpl->parseCurrentBlock();
781  }
782 
783  foreach($this->getMappingFields() as $mapping => $translation)
784  {
785  $this->tpl->setCurrentBlock('attribute_row');
786  $this->tpl->setVariable('TXT_NAME',$translation);
787  $this->tpl->setVariable('FIELD_NAME',$mapping.'_value');
788  $this->tpl->setVariable('FIELD_VALUE',$this->mapping->getValue($mapping));
789  $this->tpl->setVariable('CHECK_FIELD',ilUtil::formCheckbox($this->mapping->enabledUpdate($mapping),$mapping.'_update',1));
790  $this->tpl->setVariable('UPDATE_INFO',$this->lng->txt('ldap_update_field_info'));
791  $this->tpl->parseCurrentBlock();
792  }
793 
794  // Show user defined fields
795  $this->initUserDefinedFields();
796  foreach($this->udf->getDefinitions() as $definition)
797  {
798  $this->tpl->setCurrentBlock('attribute_row');
799  $this->tpl->setVariable('TXT_NAME',$definition['field_name']);
800  $this->tpl->setVariable('FIELD_NAME','udf_'.$definition['field_id'].'_value');
801  $this->tpl->setVariable('FIELD_VALUE',$this->mapping->getValue('udf_'.$definition['field_id']));
802  $this->tpl->setVariable('CHECK_FIELD',ilUtil::formCheckbox($this->mapping->enabledUpdate('udf_'.$definition['field_id']),
803  'udf_'.$definition['field_id'].'_update',1));
804  $this->tpl->setVariable('UPDATE_INFO',$this->lng->txt('ldap_update_field_info'));
805  $this->tpl->parseCurrentBlock();
806 
807  }
808 
809  $this->tpl->setVariable('TXT_SAVE',$this->lng->txt('save'));
810  $this->tpl->setVariable('TXT_SHOW',$this->lng->txt('show'));
811  }
812 
813  public function chooseMapping()
814  {
815  if(!$_POST['mapping_template'])
816  {
817  $this->userMapping();
818  return;
819  }
820 
821  $this->initAttributeMapping();
822  $this->mapping->clearRules();
823 
824  include_once('Services/LDAP/classes/class.ilLDAPAttributeMappingUtils.php');
825  foreach(ilLDAPAttributeMappingUtils::_getMappingRulesByClass($_POST['mapping_template']) as $key => $value)
826  {
827  $this->mapping->setRule($key,$value,0);
828  }
829  $this->userMapping();
830  return true;
831  }
832 
833  public function saveMapping()
834  {
835  $this->initAttributeMapping();
836  foreach($this->getMappingFields() as $key => $mapping)
837  {
838  $this->mapping->setRule($key,ilUtil::stripSlashes($_POST[$key.'_value']),(int) $_POST[$key.'_update']);
839  }
840  $this->initUserDefinedFields();
841  foreach($this->udf->getDefinitions() as $definition)
842  {
843  $key = 'udf_'.$definition['field_id'];
844  $this->mapping->setRule($key,ilUtil::stripSlashes($_POST[$key.'_value']),(int) $_POST[$key.'_update']);
845  }
846 
847  $this->mapping->save();
848  $this->userMapping();
849 
850  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
851  unset($_POST['mapping_template']);
852  return;
853  }
854 
855  public function serverList()
856  {
857  global $ilAccess, $ilErr;
858 
859  if(!$ilAccess->checkAccess('read','',$this->ref_id) && $cmd != "serverList")
860  {
861  $ilErr->raiseError($this->lng->txt('msg_no_perm_write'),$ilErr->WARNING);
862  }
863 
864  $this->setSubTabs();
865  $this->tabs_gui->setSubTabActive('ldap_settings');
866 
867  $this->initForm();
868  $this->setServerFormValues();
869  return $this->tpl->setContent($this->form_gui->getHtml());
870  }
871 
872  public function setServerFormValues()
873  {
874  $this->form_gui->setValuesByArray(array(
875  'active' => $this->server->isActive(),
876  'server_name' => $this->server->getName(),
877  'server_url' => $this->server->getUrlString(),
878  'version' => $this->server->getVersion(),
879  'base_dn' => $this->server->getBaseDN(),
880  'referrals' => $this->server->isActiveReferrer(),
881  'tls' => $this->server->isActiveTLS(),
882  'binding_type' => $this->server->getBindingType(),
883  'bind_dn' => $this->server->getBindUser(),
884  'bind_pass' => $this->server->getBindPassword(),
885  'bind_pass_retype' => $this->server->getBindPassword(),
886  'search_base' => $this->server->getSearchBase(),
887  'user_scope' => $this->server->getUserScope(),
888  'user_attribute' => $this->server->getUserAttribute(),
889  'filter' => $this->server->getFilter(),
890  'group_dn' => $this->server->getGroupDN(),
891  'group_scope' => $this->server->getGroupScope(),
892  'group_filter' => $this->server->getGroupFilter(),
893  'group_member' => $this->server->getGroupMember(),
894  'memberisdn' => $this->server->enabledGroupMemberIsDN(),
895  'group' => $this->server->getGroupName(),
896  'group_attribute' => $this->server->getGroupAttribute(),
897  'group_optional' => $this->server->isMembershipOptional(),
898  'group_user_filter' => $this->server->getGroupUserFilter(),
899  'sync_on_login' => $this->server->enabledSyncOnLogin(),
900  'sync_per_cron' => $this->server->enabledSyncPerCron(),
901  'global_role' => ilLDAPAttributeMapping::_lookupGlobalRole($this->server->getServerId()),
902  'migration' => (int)$this->server->isAccountMigrationEnabled(),
903  ));
904  }
905 
906  private function initForm()
907  {
908  include_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
909 
910  $this->form_gui = new ilPropertyFormGUI();
911  $this->form_gui->setFormAction($this->ctrl->getFormAction($this, 'save'));
912  $this->form_gui->setTitle($this->lng->txt('ldap_configure'));
913 
914  $active = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_enable'), 'active');
915  $active->setValue(1);
916  $this->form_gui->addItem($active);
917 
918  $servername = new ilTextInputGUI($this->lng->txt('ldap_server_name'), 'server_name');
919  $servername->setRequired(true);
920  $servername->setInfo($this->lng->txt('ldap_server_name_info'));
921  $servername->setSize(32);
922  $servername->setMaxLength(32);
923  $this->form_gui->addItem($servername);
924 
925  $serverurl = new ilTextInputGUI($this->lng->txt('ldap_server'), 'server_url');
926  $serverurl->setRequired(true);
927  $serverurl->setInfo($this->lng->txt('ldap_server_url_info'));
928  $serverurl->setSize(64);
929  $serverurl->setMaxLength(255);
930  $this->form_gui->addItem($serverurl);
931 
932  $version = new ilSelectInputGUI($this->lng->txt('ldap_version'), 'version');
933  $version->setOptions(array(2 => 2, 3 => 3));
934  $version->setInfo($this->lng->txt('ldap_server_version_info'));
935  $this->form_gui->addItem($version);
936 
937  $basedsn = new ilTextInputGUI($this->lng->txt('basedn'), 'base_dn');
938  $basedsn->setRequired(true);
939  $basedsn->setSize(64);
940  $basedsn->setMaxLength(255);
941  $this->form_gui->addItem($basedsn);
942 
943  $referrals = new ilCheckboxInputGUI($this->lng->txt('ldap_referrals'), 'referrals');
944  $referrals->setValue(1);
945  $referrals->setInfo($this->lng->txt('ldap_referrals_info'));
946  $this->form_gui->addItem($referrals);
947 
948  $section_security = new ilFormSectionHeaderGUI();
949  $section_security->setTitle($this->lng->txt('ldap_server_security_settings'));
950  $this->form_gui->addItem($section_security);
951 
952  $tls = new ilCheckboxInputGUI($this->lng->txt('ldap_tls'), 'tls');
953  $tls->setValue(1);
954  $this->form_gui->addItem($tls);
955 
956  $binding = new ilRadioGroupInputGUI($this->lng->txt('ldap_server_binding'), 'binding_type' );
957  $anonymous = new ilRadioOption($this->lng->txt('ldap_bind_anonymous'), IL_LDAP_BIND_ANONYMOUS);
958  $binding->addOption($anonymous);
959  $user = new ilRadioOption($this->lng->txt('ldap_bind_user'), IL_LDAP_BIND_USER);
960  $dn = new ilTextInputGUI($this->lng->txt('ldap_server_bind_dn'), 'bind_dn');
961  $dn->setSize(64);
962  $dn->setMaxLength(255);
963  $user->addSubItem($dn);
964  $pass = new ilPasswordInputGUI($this->lng->txt('ldap_server_bind_pass'), 'bind_pass');
965  $pass->setSize(12);
966  $pass->setMaxLength(36);
967  $user->addSubItem($pass);
968  $binding->addOption($user);
969  $this->form_gui->addItem($binding);
970 
971  $section_auth = new ilFormSectionHeaderGUI();
972  $section_auth->setTitle($this->lng->txt('ldap_authentication_settings'));
973  $this->form_gui->addItem($section_auth);
974 
975  $search_base = new ilTextInputGUI($this->lng->txt('ldap_user_dn'), 'search_base');
976  $search_base->setInfo($this->lng->txt('ldap_search_base_info'));
977  $search_base->setSize(64);
978  $search_base->setMaxLength(255);
979  $this->form_gui->addItem($search_base);
980 
981  $user_scope = new ilSelectInputGUI($this->lng->txt('ldap_user_scope'), 'user_scope');
982  $user_scope->setOptions(array(IL_LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
983  IL_LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')));
984  $user_scope->setInfo($this->lng->txt('ldap_user_scope_info'));
985  $this->form_gui->addItem($user_scope);
986 
987  $user_attribute = new ilTextInputGUI($this->lng->txt('ldap_user_attribute'), 'user_attribute');
988  $user_attribute->setSize(16);
989  $user_attribute->setMaxLength(64);
990  $user_attribute->setRequired(true);
991  $this->form_gui->addItem($user_attribute);
992 
993  $filter = new ilTextInputGUI($this->lng->txt('ldap_search_filter'), 'filter');
994  $filter->setInfo($this->lng->txt('ldap_filter_info'));
995  $filter->setSize(64);
996  $filter->setMaxLength(255);
997  $this->form_gui->addItem($filter);
998 
999  $section_restrictions = new ilFormSectionHeaderGUI();
1000  $section_restrictions->setTitle($this->lng->txt('ldap_group_restrictions'));
1001  $this->form_gui->addItem($section_restrictions);
1002 
1003  $group_dn = new ilTextInputGUI($this->lng->txt('ldap_group_search_base'), 'group_dn');
1004  $group_dn->setInfo($this->lng->txt('ldap_group_dn_info'));
1005  $group_dn->setSize(64);
1006  $group_dn->setMaxLength(255);
1007  $this->form_gui->addItem($group_dn);
1008 
1009  $group_scope = new ilSelectInputGUI($this->lng->txt('ldap_group_scope'), 'group_scope');
1010  $group_scope->setOptions(array(IL_LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
1011  IL_LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')));
1012  $group_scope->setInfo($this->lng->txt('ldap_group_scope_info'));
1013  $this->form_gui->addItem($group_scope);
1014 
1015  $group_filter = new ilTextInputGUI($this->lng->txt('ldap_group_filter'), 'group_filter');
1016  $group_filter->setInfo($this->lng->txt('ldap_group_filter_info'));
1017  $group_filter->setSize(64);
1018  $group_filter->setMaxLength(255);
1019  $this->form_gui->addItem($group_filter);
1020 
1021  $group_member = new ilTextInputGUI($this->lng->txt('ldap_group_member'), 'group_member');
1022  $group_member->setInfo($this->lng->txt('ldap_group_member_info'));
1023  $group_member->setSize(32);
1024  $group_member->setMaxLength(255);
1025  $this->form_gui->addItem($group_member);
1026 
1027 
1028  $group_member_isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_memberisdn'), 'memberisdn');
1029  #$group_member_isdn->setInfo($this->lng->txt('ldap_group_member_info'));
1030  $this->form_gui->addItem($group_member_isdn);
1031  #$group_member->addSubItem($group_member_isdn);
1032 
1033  $group = new ilTextInputGUI($this->lng->txt('ldap_group_name'), 'group');
1034  $group->setInfo($this->lng->txt('ldap_group_name_info'));
1035  $group->setSize(32);
1036  $group->setMaxLength(255);
1037  $this->form_gui->addItem($group);
1038 
1039  $group_atrr = new ilTextInputGUI($this->lng->txt('ldap_group_attribute'), 'group_attribute');
1040  $group_atrr->setInfo($this->lng->txt('ldap_group_attribute_info'));
1041  $group_atrr->setSize(16);
1042  $group_atrr->setMaxLength(64);
1043  $this->form_gui->addItem($group_atrr);
1044 
1045  $group_optional = new ilCheckboxInputGUI($this->lng->txt('ldap_group_membership'), 'group_optional');
1046  $group_optional->setOptionTitle($this->lng->txt('ldap_group_member_optional'));
1047  $group_optional->setInfo($this->lng->txt('ldap_group_optional_info'));
1048  $group_optional->setValue(1);
1049  $group_user_filter = new ilTextInputGUI($this->lng->txt('ldap_group_user_filter'), 'group_user_filter');
1050  $group_user_filter->setSize(64);
1051  $group_user_filter->setMaxLength(255);
1052  $group_optional->addSubItem($group_user_filter);
1053  $this->form_gui->addItem($group_optional);
1054 
1055  $section_sync = new ilFormSectionHeaderGUI();
1056  $section_sync->setTitle($this->lng->txt('ldap_user_sync'));
1057  $this->form_gui->addItem($section_sync);
1058 
1059  $ci_gui = new ilCustomInputGUI($this->lng->txt('ldap_moment_sync'));
1060  $sync_on_login = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_login'), 'sync_on_login');
1061  $sync_on_login->setValue(1);
1062  $ci_gui->addSubItem($sync_on_login);
1063  $sync_per_cron = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_cron'), 'sync_per_cron');
1064  $sync_per_cron->setValue(1);
1065  $ci_gui->addSubItem($sync_per_cron);
1066  $ci_gui->setInfo($this->lng->txt('ldap_user_sync_info'));
1067  $this->form_gui->addItem($ci_gui);
1068 
1069  $global_role = new ilSelectInputGUI($this->lng->txt('ldap_global_role_assignment'), 'global_role');
1070  $global_role->setOptions($this->prepareRoleSelect(false));
1071  $global_role->setInfo($this->lng->txt('ldap_global_role_info'));
1072  $this->form_gui->addItem($global_role);
1073 
1074  $migr = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_migration'), 'migration');
1075  $migr->setInfo($this->lng->txt('auth_ldap_migration_info'));
1076  $migr->setValue(1);
1077  $this->form_gui->addItem($migr);
1078 
1079  $this->form_gui->addCommandButton('save', $this->lng->txt('save'));
1080  }
1081 
1082  /*
1083  * Update Settings
1084  */
1085  function save()
1086  {
1087  global $ilErr;
1088 
1089  $this->setSubTabs();
1090  $this->tabs_gui->setSubTabActive('ldap_settings');
1091 
1092  $this->initForm();
1093  if($this->form_gui->checkInput())
1094  {
1095  $this->server->toggleActive((int)$this->form_gui->getInput('active'));
1096  $this->server->setName($this->form_gui->getInput('server_name'));
1097  $this->server->setUrl($this->form_gui->getInput('server_url'));
1098  $this->server->setVersion($this->form_gui->getInput('version'));
1099  $this->server->setBaseDN($this->form_gui->getInput('base_dn'));
1100  $this->server->toggleReferrer($this->form_gui->getInput('referrals'));
1101  $this->server->toggleTLS($this->form_gui->getInput('tls'));
1102  $this->server->setBindingType((int)$this->form_gui->getInput('binding_type'));
1103  $this->server->setBindUser($this->form_gui->getInput('bind_dn'));
1104  $this->server->setBindPassword($this->form_gui->getInput('bind_pass'));
1105  $this->server->setSearchBase($this->form_gui->getInput('search_base'));
1106  $this->server->setUserScope($this->form_gui->getInput('user_scope'));
1107  $this->server->setUserAttribute($this->form_gui->getInput('user_attribute'));
1108  $this->server->setFilter($this->form_gui->getInput('filter'));
1109  $this->server->setGroupDN($this->form_gui->getInput('group_dn'));
1110  $this->server->setGroupScope((int)$this->form_gui->getInput('group_scope'));
1111  $this->server->setGroupFilter($this->form_gui->getInput('group_filter'));
1112  $this->server->setGroupMember($this->form_gui->getInput('group_member'));
1113  $this->server->enableGroupMemberIsDN((int)$this->form_gui->getInput('memberisdn'));
1114  $this->server->setGroupName($this->form_gui->getInput('group'));
1115  $this->server->setGroupAttribute($this->form_gui->getInput('group_attribute'));
1116  $this->server->setGroupUserFilter($this->form_gui->getInput('group_user_filter'));
1117  $this->server->toggleMembershipOptional((int)$this->form_gui->getInput('group_optional'));
1118  $this->server->enableSyncOnLogin((int)$this->form_gui->getInput('sync_on_login'));
1119  $this->server->enableSyncPerCron((int)$this->form_gui->getInput('sync_per_cron'));
1120  $this->server->setGlobalRole((int)$this->form_gui->getInput('global_role'));
1121  $this->server->enableAccountMigration((int)$this->form_gui->getInput('migration'));
1122 
1123  if(!$this->server->validate())
1124  {
1125  ilUtil::sendFailure($ilErr->getMessage());
1126  $this->form_gui->setValuesByPost();
1127  return $this->tpl->setContent($this->form_gui->getHtml());
1128  }
1129 
1130  // Update or create
1131  if($this->server->getServerId())
1132  {
1133  $this->server->update();
1134  }
1135  else
1136  {
1137  $_GET['ldap_server_id'] = $this->server->create();
1138  }
1139 
1140  // Now server_id exists => update LDAP attribute mapping
1141  $this->initAttributeMapping();
1142  $this->mapping->setRule('global_role', (int)$this->form_gui->getInput('global_role'), false);
1143  $this->mapping->save();
1144 
1145  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
1146  $this->form_gui->setValuesByPost();
1147  return $this->tpl->setContent($this->form_gui->getHtml());
1148  }
1149 
1150  $this->form_gui->setValuesByPost();
1151  return $this->tpl->setContent($this->form_gui->getHtml());
1152  }
1153 
1154 
1155 
1161  private function setSubTabs()
1162  {
1163  $this->tabs_gui->addSubTabTarget("ldap_settings",
1164  $this->ctrl->getLinkTarget($this,'serverList'),
1165  "serverList",get_class($this));
1166 
1167  // Disable all other tabs, if server hasn't been configured.
1168  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
1169  if(!count(ilLDAPServer::_getServerList()))
1170  {
1171  return true;
1172  }
1173 
1174  $this->tabs_gui->addSubTabTarget("ldap_user_mapping",
1175  $this->ctrl->getLinkTarget($this,'userMapping'),
1176  "userMapping",get_class($this));
1177 
1178  $this->tabs_gui->addSubTabTarget('ldap_role_assignments',
1179  $this->ctrl->getLinkTarget($this,'roleAssignments'),
1180  "roleAssignments",get_class($this));
1181 
1182  $this->tabs_gui->addSubTabTarget("ldap_role_mapping",
1183  $this->ctrl->getLinkTarget($this,'roleMapping'),
1184  "roleMapping",get_class($this));
1185 
1186  }
1187 
1188 
1189  private function initServer()
1190  {
1191  include_once './Services/LDAP/classes/class.ilLDAPServer.php';
1192  if(!$_GET['ldap_server_id'])
1193  {
1194  $_GET['ldap_server_id'] = ilLDAPServer::_getFirstServer();
1195  }
1196  $this->server = new ilLDAPServer((int) $_GET['ldap_server_id']);
1197  }
1198 
1199  private function initAttributeMapping()
1200  {
1201  include_once './Services/LDAP/classes/class.ilLDAPAttributeMapping.php';
1202  $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId((int) $_GET['ldap_server_id']);
1203  }
1204 
1205  private function initRoleMapping()
1206  {
1207  include_once './Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
1208  $this->role_mapping = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId((int) $_GET['ldap_server_id']);
1209  }
1210 
1216  private function prepareGlobalRoleSelection($a_as_select = true)
1217  {
1218  global $rbacreview,$ilObjDataCache;
1219 
1220  $global_roles = ilUtil::_sortIds($rbacreview->getGlobalRoles(),
1221  'object_data',
1222  'title',
1223  'obj_id');
1224 
1225  $select[0] = $this->lng->txt('links_select_one');
1226  foreach($global_roles as $role_id)
1227  {
1228  $select[$role_id] = ilObject::_lookupTitle($role_id);
1229  }
1230  return $select;
1231  }
1232 
1233 
1240  private function prepareRoleSelect($a_as_select = true)
1241  {
1242  global $rbacreview,$ilObjDataCache;
1243 
1244  include_once('./Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
1245 
1246  $global_roles = ilUtil::_sortIds($rbacreview->getGlobalRoles(),
1247  'object_data',
1248  'title',
1249  'obj_id');
1250 
1251  $select[0] = $this->lng->txt('links_select_one');
1252  foreach($global_roles as $role_id)
1253  {
1254  $select[$role_id] = ilObject::_lookupTitle($role_id);
1255  }
1256 
1257  if($a_as_select)
1258  {
1259  return ilUtil::formSelect(ilLDAPAttributeMapping::_lookupGlobalRole($this->server->getServerId()),
1260  'global_role',$select,false,true);
1261  }
1262  else
1263  {
1264  return $select;
1265  }
1266  }
1267 
1268 
1269  private function getMappingFields()
1270  {
1271  return array('gender' => $this->lng->txt('gender'),
1272  'firstname' => $this->lng->txt('firstname'),
1273  'lastname' => $this->lng->txt('lastname'),
1274  'title' => $this->lng->txt('person_title'),
1275  'institution' => $this->lng->txt('institution'),
1276  'department' => $this->lng->txt('department'),
1277  'street' => $this->lng->txt('street'),
1278  'city' => $this->lng->txt('city'),
1279  'zipcode' => $this->lng->txt('zipcode'),
1280  'country' => $this->lng->txt('country'),
1281  'phone_office' => $this->lng->txt('phone_office'),
1282  'phone_home' => $this->lng->txt('phone_home'),
1283  'phone_mobile' => $this->lng->txt('phone_mobile'),
1284  'fax' => $this->lng->txt('fax'),
1285  'email' => $this->lng->txt('email'),
1286  'hobby' => $this->lng->txt('hobby'),
1287  'matriculation' => $this->lng->txt('matriculation'));
1288  #'photo' => $this->lng->txt('photo'));
1289  }
1290 
1291  private function initUserDefinedFields()
1292  {
1293  include_once("./Services/User/classes/class.ilUserDefinedFields.php");
1294  $this->udf = ilUserDefinedFields::_getInstance();
1295  }
1296 
1297  private function prepareMappingSelect()
1298  {
1299  return ilUtil::formSelect($_POST['mapping_template'],'mapping_template',array(0 => $this->lng->txt('ldap_mapping_template'),
1300  "inetOrgPerson" => 'inetOrgPerson',
1301  "organizationalPerson" => 'organizationalPerson',
1302  "person" => 'person',
1303  "ad_2003" => 'Active Directory (Win 2003)'),false,true);
1304  }
1305 
1314  private function loadMappingCopy($a_mapping_data)
1315  {
1316  if(!isset($_GET['mapping_id']))
1317  {
1318  return $a_mapping_data;
1319  }
1320  $mapping_id = $_GET['mapping_id'];
1321  $a_mapping_data[0] = $a_mapping_data[$mapping_id];
1322 
1323  return $a_mapping_data;
1324  }
1325 
1332  private function loadMappingDetails()
1333  {
1334  if(!isset($_SESSION['ldap_mapping_details']))
1335  {
1336  $_SESSION['ldap_mapping_details'] = array();
1337  }
1338  if(isset($_GET['details_show']))
1339  {
1340  $_SESSION['ldap_mapping_details'][$_GET['details_show']] = $_GET['details_show'];
1341  }
1342  if(isset($_GET['details_hide']))
1343  {
1344  unset($_SESSION['ldap_mapping_details'][$_GET['details_hide']]);
1345  }
1346  }
1347 
1355  private function sortMappingData($a_mapping_data)
1356  {
1357  global $rbacreview,$ilObjDataCache;
1358 
1359  $new_mapping = array();
1360  $new_mapping = array();
1361  foreach($a_mapping_data as $mapping_id => $data)
1362  {
1363  $new_mapping[$mapping_id] = $data;
1364  $new_mapping[$mapping_id]['obj_id'] = $obj_id = $rbacreview->getObjectOfRole($data['role']);
1365  $new_mapping[$mapping_id]['obj_title'] = $ilObjDataCache->lookupTitle($obj_id);
1366  $new_mapping[$mapping_id]['mapping_id'] = $mapping_id;
1367  }
1368  return ilUtil::sortArray($new_mapping,'obj_title','DESC');
1369 
1370  }
1371 
1380  protected function initFormRoleAssignments($a_mode)
1381  {
1382  include_once('Services/Form/classes/class.ilPropertyFormGUI.php');
1383  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
1384 
1385  $this->form = new ilPropertyFormGUI();
1386  $this->form->setFormAction($this->ctrl->getFormAction($this));
1387 
1388  switch($a_mode)
1389  {
1390  case 'edit':
1391  $this->form->setTitle($this->lng->txt('ldap_edit_role_ass_rule'));
1392  $this->form->addCommandButton('updateRoleAssignment',$this->lng->txt('save'));
1393  $this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
1394  break;
1395  case 'create':
1396  $this->form->setTitle($this->lng->txt('ldap_add_role_ass_rule'));
1397  $this->form->addCommandButton('addRoleAssignment',$this->lng->txt('ldap_btn_add_role_ass'));
1398  $this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
1399  break;
1400  }
1401 
1402  // Role Selection
1403  $role = new ilRadioGroupInputGUI($this->lng->txt('ldap_ilias_role'),'role_name');
1404  $role->setRequired(true);
1405 
1406  $global = new ilRadioOption($this->lng->txt('ldap_global_role'),0);
1407  $role->addOption($global);
1408 
1409  $role_select = new ilSelectInputGUI('','role_id');
1410  $role_select->setOptions($this->prepareGlobalRoleSelection());
1411  $global->addSubItem($role_select);
1412 
1413  $local = new ilRadioOption($this->lng->txt('ldap_local_role'),1);
1414  $role->addOption($local);
1415 
1416  include_once './Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php';
1417  $role_search = new ilRoleAutoCompleteInputGUI('','role_search',$this,'addRoleAutoCompleteObject');
1418  $role_search->setSize(40);
1419  $local->addSubItem($role_search);
1420 
1421  $role->setInfo($this->lng->txt('ldap_role_name_info'));
1422  $this->form->addItem($role);
1423 
1424  // Update options
1425  $update = new ilNonEditableValueGUI($this->lng->txt('ldap_update_roles'),'update_roles');
1426  $update->setValue($this->lng->txt('ldap_check_role_assignment'));
1427 
1428  $add = new ilCheckboxInputGUI('','add_missing');
1429  $add->setOptionTitle($this->lng->txt('ldap_add_missing'));
1430  $update->addSubItem($add);
1431 
1432  $remove = new ilCheckboxInputGUI('','remove_deprecated');
1433  $remove->setOptionTitle($this->lng->txt('ldap_remove_deprecated'));
1434  $update->addSubItem($remove);
1435 
1436  $this->form->addItem($update);
1437 
1438 
1439 
1440  // Assignment Type
1441  $group = new ilRadioGroupInputGUI($this->lng->txt('ldap_assignment_type'),'type');
1442  #$group->setValue($current_rule->getType());
1443  $group->setRequired(true);
1444 
1445  // Option by group
1446  $radio_group = new ilRadioOption($this->lng->txt('ldap_role_by_group'),ilLDAPRoleAssignmentRule::TYPE_GROUP);
1447 
1448  $dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn'),'dn');
1449  #$dn->setValue($current_rule->getDN());
1450  $dn->setSize(32);
1451  $dn->setMaxLength(512);
1452  $dn->setInfo($this->lng->txt('ldap_role_grp_dn_info'));
1453  $radio_group->addSubItem($dn);
1454  $at = new ilTextInputGUI($this->lng->txt('ldap_role_grp_at'),'at');
1455  #$at->setValue($current_rule->getMemberAttribute());
1456  $at->setSize(16);
1457  $at->setMaxLength(128);
1458  $radio_group->addSubItem($at);
1459  $isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_role_grp_isdn'),'isdn');
1460  #$isdn->setChecked($current_rule->isMemberAttributeDN());
1461  $isdn->setInfo($this->lng->txt('ldap_group_member_info'));
1462  $radio_group->addSubItem($isdn);
1463  $radio_group->setInfo($this->lng->txt('ldap_role_grp_info'));
1464 
1465  $group->addOption($radio_group);
1466 
1467  // Option by Attribute
1468  $radio_attribute = new ilRadioOption($this->lng->txt('ldap_role_by_attribute'),ilLDAPRoleAssignmentRule::TYPE_ATTRIBUTE);
1469  $name = new ilTextInputGUI($this->lng->txt('ldap_role_at_name'),'name');
1470  #$name->setValue($current_rule->getAttributeName());
1471  $name->setSize(32);
1472  $name->setMaxLength(128);
1473  #$name->setInfo($this->lng->txt('ldap_role_at_name_info'));
1474  $radio_attribute->addSubItem($name);
1475 
1476  // Radio Attribute
1477  $val = new ilTextInputGUI($this->lng->txt('ldap_role_at_value'),'value');
1478  #$val->setValue($current_rule->getAttributeValue());
1479  $val->setSize(32);
1480  $val->setMaxLength(128);
1481  #$val->setInfo($this->lng->txt('ldap_role_at_value_info'));
1482  $radio_attribute->addSubItem($val);
1483  $radio_attribute->setInfo($this->lng->txt('ldap_role_at_info'));
1484 
1485  $group->addOption($radio_attribute);
1486 
1487  // Option by Plugin
1488  $pl_active = (bool) $this->hasActiveRoleAssignmentPlugins();
1489  $pl = new ilRadioOption($this->lng->txt('ldap_plugin'),3);
1490  $pl->setInfo($this->lng->txt('ldap_plugin_info'));
1491  $pl->setDisabled(!$pl_active);
1492 
1493  $id = new ilNumberInputGUI($this->lng->txt('ldap_plugin_id'),'plugin_id');
1494  $id->setDisabled(!$pl_active);
1495  $id->setSize(3);
1496  $id->setMaxLength(3);
1497  $id->setMaxValue(999);
1498  $id->setMinValue(1);
1499  $pl->addSubItem($id);
1500 
1501  $group->addOption($pl);
1502  $this->form->addItem($group);
1503  }
1504 
1509  private function hasActiveRoleAssignmentPlugins()
1510  {
1511  global $ilPluginAdmin;
1512 
1513  return count($ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE,'LDAP','ldaphk')) ? true : false;
1514  }
1515 
1516 
1520  function addRoleAutoCompleteObject()
1521  {
1522  include_once("./Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php");
1523  ilRoleAutoCompleteInputGUI::echoAutoCompleteList();
1524  }
1525 
1526 }
1527 ?>