ILIAS  Release_4_1_x_branch Revision 61804
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilObjPrivacySecurityGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 include_once("./classes/class.ilObjectGUI.php");
4 include_once('./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
5 include_once('./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
6 
18 class ilObjPrivacySecurityGUI extends ilObjectGUI
19 {
20  private static $ERROR_MESSAGE;
26  public function __construct($a_data, $a_id, $a_call_by_reference = true, $a_prepare_output = true)
27  {
28  $this->type = 'ps';
29  parent::ilObjectGUI($a_data, $a_id, $a_call_by_reference, $a_prepare_output);
30 
31  $this->lng->loadLanguageModule('ps');
32 
33  ilObjPrivacySecurityGUI::$ERROR_MESSAGE = array (
34  ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS => $this->lng->txt("ps_error_message_https_header_missing"),
35  ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE => $this->lng->txt('https_not_possible'),
36  ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE => $this->lng->txt('http_not_possible'),
37  ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH => $this->lng->txt('ps_error_message_invalid_password_min_length'),
38  ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH => $this->lng->txt('ps_error_message_invalid_password_max_length'),
39  ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE => $this->lng->txt('ps_error_message_invalid_password_max_age'),
40  ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS => $this->lng->txt('ps_error_message_invalid_login_max_attempts'),
41  ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2 => $this->lng->txt('ps_error_message_password_min2_because_chars_numbers'),
42  ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3 => $this->lng->txt('ps_error_message_password_min3_because_chars_numbers_sc'),
43  ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH => $this->lng->txt('ps_error_message_password_max_less_min')
44  );
45  }
46 
53  public function executeCommand()
54  {
55  global $rbacsystem,$ilErr,$ilAccess;
56 
57  $next_class = $this->ctrl->getNextClass($this);
58  $cmd = $this->ctrl->getCmd();
59 
60  $this->prepareOutput();
61 
62  if(!$ilAccess->checkAccess('read','',$this->object->getRefId()))
63  {
64  $ilErr->raiseError($this->lng->txt('no_permission'),$ilErr->WARNING);
65  }
66 
67  switch($next_class)
68  {
69  case 'ilpermissiongui':
70  $this->tabs_gui->setTabActive('perm_settings');
71  include_once("Services/AccessControl/classes/class.ilPermissionGUI.php");
72  $perm_gui =& new ilPermissionGUI($this);
73  $ret =& $this->ctrl->forwardCommand($perm_gui);
74  break;
75 
76  default:
77  if(!$cmd || $cmd == 'view')
78  {
79  $cmd = "showPrivacy";
80  }
81 
82  $this->$cmd();
83  break;
84  }
85  return true;
86  }
87 
94  public function getAdminTabs()
95  {
96  global $rbacsystem;
97 
98  if ($rbacsystem->checkAccess("visible,read",$this->object->getRefId()))
99  {
100  $this->tabs_gui->addTarget("show_privacy",
101  $this->ctrl->getLinkTarget($this, "showPrivacy"),
102  'showPrivacy');
103  $this->tabs_gui->addTarget("show_security",
104  $this->ctrl->getLinkTarget($this, "showSecurity"),
105  'showSecurity');
106 
107  }
108 
109  if ($rbacsystem->checkAccess('edit_permission',$this->object->getRefId()))
110  {
111  $this->tabs_gui->addTarget("perm_settings",
112  $this->ctrl->getLinkTargetByClass('ilpermissiongui',"perm"),
113  array(),'ilpermissiongui');
114  }
115  }
116 
122  public function showPrivacy()
123  {
124  $privacy = ilPrivacySettings::_getInstance();
125 
126  $this->tabs_gui->setTabActive('show_privacy');
127 
128  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
129  $form = new ilPropertyFormGUI();
130  $form->setFormAction($this->ctrl->getFormAction($this));
131  $form->setTitle($this->lng->txt('ps_privacy_protection'));
132 
133  include_once('Services/Membership/classes/class.ilMemberAgreement.php');
134  if(ilMemberAgreement::_hasAgreements())
135  {
136  $html = new ilNonEditableValueGUI();
137  $html->setValue($this->lng->txt('ps_warning_modify'));
138  $form->addItem($html);
139  }
140 
141  $value = array();
142  if($privacy->enabledCourseExport())
143  {
144  $value[] = "export_course";
145  }
146  if($privacy->enabledGroupExport())
147  {
148  $value[] = "export_group";
149  }
150  if($privacy->courseConfirmationRequired())
151  {
152  $value[] = "export_confirm_course";
153  }
154  if($privacy->groupConfirmationRequired())
155  {
156  $value[] = "export_confirm_group";
157  }
158  if($privacy->enabledGroupAccessTimes())
159  {
160  $value[] = "grp_access_times";
161  }
162  if($privacy->enabledCourseAccessTimes())
163  {
164  $value[] = "crs_access_times";
165  }
166  $group = new ilCheckboxGroupInputGUI($this->lng->txt('ps_profile_export'),'profile_protection');
167  $group->setValue($value);
168  $check = new ilCheckboxOption();
169  $check->setTitle($this->lng->txt('ps_export_course'));
170  $check->setValue('export_course');
171  $group->addOption($check);
172  $check = new ilCheckboxOption();
173  $check->setTitle($this->lng->txt('ps_export_groups'));
174  $check->setValue('export_group');
175  $group->addOption($check);
176  $check = new ilCheckboxOption();
177  $check->setTitle($this->lng->txt('ps_export_confirm'));
178  $check->setValue('export_confirm_course');
179  $group->addOption($check);
180  $check = new ilCheckboxOption();
181  $check->setTitle($this->lng->txt('ps_export_confirm_group'));
182  $check->setValue('export_confirm_group');
183  $group->addOption($check);
184  $check = new ilCheckboxOption();
185  $check->setTitle($this->lng->txt('ps_show_grp_access'));
186  $check->setValue('grp_access_times');
187  $group->addOption($check);
188  $check = new ilCheckboxOption();
189  $check->setTitle($this->lng->txt('ps_show_crs_access'));
190  $check->setValue('crs_access_times');
191  $group->addOption($check);
192  $form->addItem($group);
193 
194  $check = new ilCheckboxInputGui($this->lng->txt('enable_fora_statistics'), 'fora_statistics');
195  $check->setInfo($this->lng->txt('enable_fora_statistics_desc'));
196  $check->setChecked($privacy->enabledForaStatistics());
197  $form->addItem($check);
198 
199  $check = new ilCheckboxInputGui($this->lng->txt('enable_anonymous_fora'), 'anonymous_fora');
200  $check->setInfo($this->lng->txt('enable_anonymous_fora_desc'));
201  $check->setChecked($privacy->enabledAnonymousFora());
202  $form->addItem($check);
203 
204  $check = new ilCheckboxInputGui($this->lng->txt('rbac_log'), 'rbac_log');
205  $check->setInfo($this->lng->txt('rbac_log_info'));
206  $check->setChecked($privacy->enabledRbacLog());
207  $form->addItem($check);
208 
209  $age = new ilNumberInputGUI($this->lng->txt('rbac_log_age'),'rbac_log_age');
210  $age->setInfo($this->lng->txt('rbac_log_age_info'));
211  $age->setValue($privacy->getRbacLogAge());
212  $age->setMinValue(1);
213  $age->setMaxValue(24);
214  $age->setSize(2);
215  $age->setMaxLength(2);
216  $check->addSubItem($age);
217 
218  $form->addCommandButton('save_privacy',$this->lng->txt('save'));
219  $this->tpl->setContent($form->getHTML());
220  }
221 
227  public function showSecurity()
228  {
229  global $ilSetting;
230 
231  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
232 
233  $security = ilSecuritySettings::_getInstance();
234 
235  $this->tabs_gui->setTabActive('show_security');
236 
237  $form = new ilPropertyFormGUI();
238  $form->setFormAction($this->ctrl->getFormAction($this));
239  $form->setTitle($this->lng->txt('ps_security_protection'));
240 
241  // Form checkbox
242  $check = new ilCheckboxInputGUI($this->lng->txt('ps_auto_https'),'auto_https_detect_enabled');
243  $check->setOptionTitle($this->lng->txt('ps_auto_https_description'));
244  $check->setChecked($security->isAutomaticHTTPSEnabled() ? 1 : 0);
245  $check->setValue(1);
246 
247  $text = new ilTextInputGUI($this->lng->txt('ps_auto_https_header_name'),'auto_https_detect_header_name');
248  $text->setValue($security->getAutomaticHTTPSHeaderName());
249  $text->setSize(24);
250  $text->setMaxLength(64);
251  $check->addSubItem($text);
252 
253  $text = new ilTextInputGUI($this->lng->txt('ps_auto_https_header_value'),'auto_https_detect_header_value');
254  $text->setValue($security->getAutomaticHTTPSHeaderValue());
255  $text->setSize(24);
256  $text->setMaxLength(64);
257  $check->addSubItem($text);
258 
259  $form->addItem($check);
260 
261  $check2 = new ilCheckboxInputGUI($this->lng->txt('activate_https'),'https_enabled');
262  $check2->setChecked($security->isHTTPSEnabled() ? 1 : 0);
263  $check2->setValue(1);
264  $form->addItem($check2);
265 
266  $radio_group = new ilRadioGroupInputGUI($this->lng->txt('ps_account_security_mode'), 'account_security_mode' );
267  $radio_group->setValue($security->getAccountSecurityMode());
268 
269  $radio_opt = new ilRadioOption($this->lng->txt('ps_account_security_mode_default'),ilSecuritySettings::ACCOUNT_SECURITY_MODE_DEFAULT);
270  $radio_group->addOption($radio_opt);
271 
272  $radio_opt = new ilRadioOption($this->lng->txt('ps_account_security_mode_customized'),ilSecuritySettings::ACCOUNT_SECURITY_MODE_CUSTOMIZED);
273 
274  $check = new ilCheckboxInputGUI($this->lng->txt('ps_password_chars_and_numbers_enabled'),'password_chars_and_numbers_enabled');
275  $check->setChecked( $security->isPasswordCharsAndNumbersEnabled() ? 1 : 0 );
276  //$check->setOptionTitle($this->lng->txt('ps_password_chars_and_numbers_enabled'));
277  $check->setInfo($this->lng->txt('ps_password_chars_and_numbers_enabled_info'));
278  $radio_opt->addSubItem($check);
279 
280  $check = new ilCheckboxInputGUI($this->lng->txt('ps_password_special_chars_enabled'),'password_special_chars_enabled');
281  $check->setChecked( $security->isPasswordSpecialCharsEnabled() ? 1 : 0 );
282  //$check->setOptionTitle($this->lng->txt('ps_password_special_chars_enabled'));
283  $check->setInfo($this->lng->txt('ps_password_special_chars_enabled_info'));
284  $radio_opt->addSubItem($check);
285 
286  $text = new ilTextInputGUI($this->lng->txt('ps_password_min_length'),'password_min_length');
287  $text->setInfo($this->lng->txt('ps_password_min_length_info'));
288  $text->setValue( $security->getPasswordMinLength() );
289  $text->setSize(1);
290  $text->setMaxLength(2);
291  $radio_opt->addSubItem($text);
292 
293  $text = new ilTextInputGUI($this->lng->txt('ps_password_max_length'),'password_max_length');
294  $text->setInfo($this->lng->txt('ps_password_max_length_info'));
295  $text->setValue( $security->getPasswordMaxLength() );
296  $text->setSize(2);
297  $text->setMaxLength(3);
298  $radio_opt->addSubItem($text);
299 
300  $text = new ilTextInputGUI($this->lng->txt('ps_password_max_age'),'password_max_age');
301  $text->setInfo($this->lng->txt('ps_password_max_age_info'));
302  $text->setValue( $security->getPasswordMaxAge() );
303  $text->setSize(2);
304  $text->setMaxLength(3);
305  $radio_opt->addSubItem($text);
306 
307  $text = new ilTextInputGUI($this->lng->txt('ps_login_max_attempts'),'login_max_attempts');
308  $text->setInfo($this->lng->txt('ps_login_max_attempts_info'));
309  $text->setValue( $security->getLoginMaxAttempts() );
310  $text->setSize(1);
311  $text->setMaxLength(2);
312  $radio_opt->addSubItem($text);
313 
314  $radio_group->addOption($radio_opt);
315  $form->addItem($radio_group);
316 
317  $check = new ilCheckboxInputGUI($this->lng->txt('ps_password_change_on_first_login_enabled'),'password_change_on_first_login_enabled');
318  $check->setInfo($this->lng->txt('ps_password_change_on_first_login_enabled_info'));
319  $check->setChecked( $security->isPasswordChangeOnFirstLoginEnabled() ? 1 : 0 );
320  $form->addItem($check);
321 
322  // file suffix replacement
323  $ti = new ilTextInputGUI($this->lng->txt("file_suffix_repl"), "suffix_repl_additional");
324  $ti->setMaxLength(200);
325  $ti->setSize(40);
326  $ti->setInfo($this->lng->txt("file_suffix_repl_info")." ".SUFFIX_REPL_DEFAULT);
327  $ti->setValue($ilSetting->get("suffix_repl_additional"));
328  $form->addItem($ti);
329 
330  // prevent login from multiple pcs at the same time
331  $objCb = new ilCheckboxInputGUI($this->lng->txt('ps_prevent_simultaneous_logins'), 'ps_prevent_simultaneous_logins');
332  $objCb->setChecked((int)$security->isPreventionOfSimultaneousLoginsEnabled());
333  $objCb->setValue(1);
334  $objCb->setOptionTitle($this->lng->txt('ps_prevent_simultaneous_logins_info'));
335  $form->addItem($objCb);
336 
337 
338  $form->addCommandButton('save_security',$this->lng->txt('save'));
339  $this->tpl->setContent($form->getHTML());
340  }
341 
348  public function save_privacy()
349  {
350  global $ilErr,$ilAccess, $ilSetting;
351 
352  if(!$ilAccess->checkAccess('write','',$this->object->getRefId()))
353  {
354  $ilErr->raiseError($this->lng->txt('no_permission'),$ilErr->WARNING);
355  }
356 
357  if((int) $_POST['rbac_log_age'] > 24)
358  {
359  $_POST['rbac_log_age'] = 24;
360  }
361  else if((int) $_POST['rbac_log_age'] < 1)
362  {
363  $_POST['rbac_log_age'] = 1;
364  }
365 
366  $_POST['profile_protection'] = isset($_POST['profile_protection']) ? $_POST['profile_protection'] : array();
367 
368  $privacy = ilPrivacySettings::_getInstance();
369  $privacy->enableCourseExport((int) in_array('export_course', $_POST['profile_protection']));
370  $privacy->enableGroupExport((int) in_array('export_group', $_POST['profile_protection']));
371  $privacy->setCourseConfirmationRequired((int) in_array('export_confirm_course', $_POST['profile_protection']));
372  $privacy->setGroupConfirmationRequired((int) in_array('export_confirm_group', $_POST['profile_protection']));
373  $privacy->showGroupAccessTimes((int) in_array('grp_access_times', $_POST['profile_protection']));
374  $privacy->showCourseAccessTimes((int) in_array('crs_access_times', $_POST['profile_protection']));
375  $privacy->enableForaStatistics ((int) $_POST['fora_statistics']);
376  $privacy->enableAnonymousFora ((int) $_POST['anonymous_fora']);
377  $privacy->enableRbacLog((int) $_POST['rbac_log']);
378  $privacy->setRbacLogAge((int) $_POST['rbac_log_age']);
379 
380  // validate settings
381  $code = $privacy->validate();
382 
383  // if error code != 0, display error and do not save
384  if ($code != 0)
385  {
386  $msg = $this->getErrorMessage ($code);
387  ilUtil::sendFailure($msg);
388  }
389  else
390  {
391  $privacy->save();
392  include_once('Services/Membership/classes/class.ilMemberAgreement.php');
393  ilMemberAgreement::_reset();
394  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
395  }
396 
397  $this->showPrivacy();
398  }
399 
406  public function save_security()
407  {
408  global $ilErr,$ilAccess, $ilSetting;
409 
410  if(!$ilAccess->checkAccess('write','',$this->object->getRefId()))
411  {
412  $ilErr->raiseError($this->lng->txt('no_permission'),$ilErr->WARNING);
413  }
414 
415 
416  $security = ilSecuritySettings::_getInstance();
417 
418  // auto https detection settings
419  $security->setAutomaticHTTPSEnabled((int) $_POST["auto_https_detect_enabled"]);
420  $security->setAutomaticHTTPSHeaderName(ilUtil::stripSlashes($_POST["auto_https_detect_header_name"]));
421  $security->setAutomaticHTTPSHeaderValue(ilUtil::stripSlashes($_POST["auto_https_detect_header_value"]));
422 
423  // prevention of simultaneous logins with the same account
424  $security->setPreventionOfSimultaneousLogins((bool)$_POST['ps_prevent_simultaneous_logins']);
425 
426  // ilias https handling settings
427  $security->setHTTPSEnabled($_POST["https_enabled"]);
428 
429  // account security settings
430  $security->setAccountSecurityMode((int) $_POST["account_security_mode"]);
431  $security->setPasswordCharsAndNumbersEnabled((bool) $_POST["password_chars_and_numbers_enabled"]);
432  $security->setPasswordSpecialCharsEnabled((bool) $_POST["password_special_chars_enabled"]);
433  $security->setPasswordMinLength((int) $_POST["password_min_length"]);
434  $security->setPasswordMaxLength((int) $_POST["password_max_length"]);
435  $security->setPasswordMaxAge((int) $_POST["password_max_age"]);
436  $security->setLoginMaxAttempts((int) $_POST["login_max_attempts"]);
437 
438  // change password on first login settings
439  $security->setPasswordChangeOnFirstLoginEnabled((bool) $_POST['password_change_on_first_login_enabled']);
440 
441  // file suffic replacements
442  $ilSetting->set("suffix_repl_additional", $_POST["suffix_repl_additional"]);
443 
444  // validate settings
445  $code = $security->validate();
446 
447  // if error code != 0, display error and do not save
448  if ($code != 0)
449  {
450  $msg = $this->getErrorMessage ($code);
451  ilUtil::sendFailure($msg);
452  } else
453  {
454  $security->save();
455  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
456  }
457 
458  $this->showSecurity();
459  }
460 
461 
469  private static function getErrorMessage ($code) {
470  return ilObjPrivacySecurityGUI::$ERROR_MESSAGE[$code];
471  }
472 }
473 ?>