ILIAS  Release_4_0_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
Static Public Member Functions | Static Protected Attributes
ilShibbolethRoleAssignmentRules Class Reference

Shibboleth role assignment rules. More...

+ Collaboration diagram for ilShibbolethRoleAssignmentRules:

Static Public Member Functions

static getAllRules ()
static getCountRules ()
static updateAssignments ($a_usr_id, $a_data)
static doAssignments ($a_usr_id, $a_data)
static callPlugin ($a_plugin_id, $a_user_data)

Static Protected Attributes

static $active_plugins = null

Detailed Description

Shibboleth role assignment rules.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
$Id$

Definition at line 35 of file class.ilShibbolethRoleAssignmentRules.php.

Member Function Documentation

static ilShibbolethRoleAssignmentRules::callPlugin (   $a_plugin_id,
  $a_user_data 
)
static

Definition at line 127 of file class.ilShibbolethRoleAssignmentRules.php.

References $ok, and IL_COMP_SERVICE.

Referenced by ilShibbolethRoleAssignmentRule\matches().

{
global $ilPluginAdmin;
if(self::$active_plugins == null)
{
self::$active_plugins = $ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE,
'AuthShibboleth',
'shibhk');
}
$assigned = false;
foreach(self::$active_plugins as $plugin_name)
{
$ok = false;
$plugin_obj = $ilPluginAdmin->getPluginObject(IL_COMP_SERVICE,
'AuthShibboleth',
'shibhk',
$plugin_name);
if($plugin_obj instanceof ilShibbolethRoleAssignmentPlugin)
{
$ok = $plugin_obj->checkRoleAssignment($a_plugin_id,$a_user_data);
}
if($ok)
{
$assigned = true;
}
}
return $assigned;
}

+ Here is the caller graph for this function:

static ilShibbolethRoleAssignmentRules::doAssignments (   $a_usr_id,
  $a_data 
)
static

Definition at line 100 of file class.ilShibbolethRoleAssignmentRules.php.

References $ilDB, $ilLog, $ilSetting, $query, $res, $row, ilObject\_lookupTitle(), and DB_FETCHMODE_OBJECT.

Referenced by ShibAuth\login().

{
global $ilDB,$ilSetting,$rbacadmin,$ilLog;
$query = "SELECT rule_id FROM shib_role_assignment ";
$num_matches = 0;
$res = $ilDB->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
if($rule->matches($a_data))
{
$num_matches++;
$ilLog->write(__METHOD__.': Assigned to role '.ilObject::_lookupTitle($rule->getRoleId()));
$rbacadmin->assignUser($rule->getRoleId(),$a_usr_id);
}
}
// Assign to default if no matching found
if(!$num_matches)
{
$ilLog->write(__METHOD__.': Assigned to default role '.ilObject::_lookupTitle($ilSetting->get('shib_user_default_role')));
$rbacadmin->assignUser($ilSetting->get('shib_user_default_role'),$a_usr_id);
}
return true;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static ilShibbolethRoleAssignmentRules::getAllRules ( )
static

Definition at line 39 of file class.ilShibbolethRoleAssignmentRules.php.

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

Referenced by ilAuthShibbolethSettingsGUI\parseRulesTable().

{
global $ilDB;
$query = "SELECT rule_id FROM shib_role_assignment ORDER BY rule_id";
$res =$ilDB->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$rules[$row->rule_id] = new ilShibbolethRoleAssignmentRule($row->rule_id);
}
return $rules ? $rules : array();
}

+ Here is the caller graph for this function:

static ilShibbolethRoleAssignmentRules::getCountRules ( )
static

Definition at line 52 of file class.ilShibbolethRoleAssignmentRules.php.

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

Referenced by ilAuthShibbolethSettingsGUI\parseRulesTable(), and ilAuthShibbolethSettingsGUI\setSubTabs().

{
global $ilDB;
$query = "SELECT COUNT(*) num FROM shib_role_assignment ";
$res = $ilDB->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
return $row->num;
}
return 0;
}

+ Here is the caller graph for this function:

static ilShibbolethRoleAssignmentRules::updateAssignments (   $a_usr_id,
  $a_data 
)
static

Definition at line 65 of file class.ilShibbolethRoleAssignmentRules.php.

References $ilDB, $ilLog, $ilSetting, $query, $res, $row, ilObject\_lookupTitle(), and DB_FETCHMODE_OBJECT.

Referenced by ShibAuth\login().

{
global $ilDB,$rbacadmin,$rbacreview,$ilSetting,$ilLog;
$query = "SELECT rule_id,add_on_update,remove_on_update FROM shib_role_assignment ".
"WHERE add_on_update = 1 OR remove_on_update = 1";
$res = $ilDB->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
$matches = $rule->matches($a_data);
if($matches and $row->add_on_update)
{
$ilLog->write(__METHOD__.': Assigned to role '.ilObject::_lookupTitle($rule->getRoleId()));
$rbacadmin->assignUser($rule->getRoleId(),$a_usr_id);
}
if(!$matches and $row->remove_on_update)
{
$ilLog->write(__METHOD__.': Deassigned from role '.ilObject::_lookupTitle($rule->getRoleId()));
$rbacadmin->deassignUser($rule->getRoleId(),$a_usr_id);
}
}
// check if is assigned to minimum one global role
if(!array_intersect($rbacreview->assignedRoles($a_usr_id),$rbacreview->getGlobalRoles()))
{
$ilLog->write(__METHOD__.': Assigned to default role '.ilObject::_lookupTitle($ilSetting->get('shib_user_default_role')));
$rbacadmin->assignUser($ilSetting->get('shib_user_default_role'),$a_usr_id);
}
return true;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

Field Documentation

ilShibbolethRoleAssignmentRules::$active_plugins = null
staticprotected

Definition at line 37 of file class.ilShibbolethRoleAssignmentRules.php.

The documentation for this class was generated from the following file: