ILIAS  Release_4_1_x_branch Revision 61804
 All Data Structures Namespaces Files Functions Variables Groups Pages
ilLDAPRoleAssignmentRule Class Reference
+ Collaboration diagram for ilLDAPRoleAssignmentRule:

Public Member Functions

 matches ($a_user_data)
 Check if a rule matches.
 _getRules ()
 Get all rules.
 setRoleId ($a_role_id)
 set role id
 getRoleId ()
 get role id
 getRuleId ()
 get id
 setServerId ($a_id)
 set server id
 getServerId ()
 get server id
 setType ($a_type)
 set type
 getType ()
 getType
 setDN ($a_dn)
 set dn
 getDN ()
 get dn
 setMemberAttribute ($a_attribute)
 public
 getMemberAttribute ()
 get attribute
 setMemberIsDN ($a_status)
 set member attribute is dn
 isMemberAttributeDN ()
 is member attribute dn
 setAttributeName ($a_name)
 set attribute name
 getAttributeName ()
 get attribute name
 setAttributeValue ($a_value)
 set attribute value
 getAttributeValue ()
 get atrtibute value
 enableAddOnUpdate ($a_status)
 isAddOnUpdateEnabled ()
 enableRemoveOnUpdate ($a_status)
 isRemoveOnUpdateEnabled ()
 setPluginId ($a_id)
 getPluginId ()
 isPluginActive ()
 conditionToString ()
 condition to string
 create ()
 create
 update ()
 update
 validate ()
 validate
 delete ()
 delete rule

Static Public Member Functions

static _getInstanceByRuleId ($a_rule_id)
 get instance by rule id
static hasRulesForUpdate ()
 Check if there any rule for updates.

Data Fields

const TYPE_GROUP = 1
const TYPE_ATTRIBUTE = 2
const TYPE_PLUGIN = 3

Protected Member Functions

 wildcardCompare ($a_str1, $a_str2)

Private Member Functions

 __construct ($a_id=0)
 Constructor.
 isGroupMember ($a_user_data)
 Check if user is member of specific group.
 read ()
 load from db

Private Attributes

 $server_id = 0
 $plugin_active = false
 $add_on_update = false
 $remove_on_update = false
 $plugin_id = 0

Static Private Attributes

static $instances = null

Detailed Description

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
$Id$

Definition at line 32 of file class.ilLDAPRoleAssignmentRule.php.

Constructor & Destructor Documentation

ilLDAPRoleAssignmentRule::__construct (   $a_id = 0)
private

Constructor.

private

Parameters
intrule id

Definition at line 54 of file class.ilLDAPRoleAssignmentRule.php.

References $ilDB, and read().

{
global $ilDB;
$this->db = $ilDB;
$this->rule_id = $a_id;
$this->read();
}

+ Here is the call graph for this function:

Member Function Documentation

static ilLDAPRoleAssignmentRule::_getInstanceByRuleId (   $a_rule_id)
static

get instance by rule id

public

Parameters
intrule id

Definition at line 72 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by _getRules(), ilLDAPSettingsGUI\confirmDeleteRules(), ilLDAPSettingsGUI\deleteRules(), ilLDAPSettingsGUI\editRoleAssignment(), ilLDAPRoleAssignmentRules\getAssignmentsForCreation(), ilLDAPRoleAssignmentRules\getAssignmentsForUpdate(), ilLDAPSettingsGUI\loadRoleAssignmentRule(), and ilLDAPSettingsGUI\roleAssignments().

{
if(isset(self::$instances[$a_rule_id]))
{
return self::$instances[$a_rule_id];
}
return self::$instances[$a_rule_id] = new ilLDAPRoleAssignmentRule($a_rule_id);
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::_getRules ( )

Get all rules.

public

Definition at line 214 of file class.ilLDAPRoleAssignmentRule.php.

References $ilDB, $query, $res, $row, _getInstanceByRuleId(), and DB_FETCHMODE_OBJECT.

Referenced by ilLDAPSettingsGUI\getRoleAssignmentTable(), and ilLDAPSettingsGUI\roleAssignments().

{
global $ilDB;
$query = "SELECT rule_id FROM ldap_role_assignments ";
$res = $ilDB->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$rules[] = self::_getInstanceByRuleId($row->rule_id);
}
return $rules ? $rules : array();
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::conditionToString ( )

condition to string

public

Definition at line 465 of file class.ilLDAPRoleAssignmentRule.php.

References $lng, getAttributeName(), getAttributeValue(), getDN(), getPluginId(), and getType().

{
global $lng;
switch($this->getType())
{
case self::TYPE_PLUGIN:
return $lng->txt('ldap_plugin_id').': '.$this->getPluginId();
case self::TYPE_GROUP:
$dn_arr = explode(',',$this->getDN());
return $dn_arr[0];
case self::TYPE_ATTRIBUTE:
return $this->getAttributeName().'='.$this->getAttributeValue();
}
}

+ Here is the call graph for this function:

ilLDAPRoleAssignmentRule::create ( )

create

public

Parameters

Definition at line 492 of file class.ilLDAPRoleAssignmentRule.php.

References $ilDB, $query, $res, getAttributeName(), getAttributeValue(), getDN(), getMemberAttribute(), getPluginId(), getRoleId(), getServerId(), getType(), isAddOnUpdateEnabled(), isMemberAttributeDN(), and isRemoveOnUpdateEnabled().

{
global $ilDB;
$next_id = $ilDB->nextId('ldap_role_assignments');
$query = "INSERT INTO ldap_role_assignments (server_id,rule_id,type,dn,attribute,isdn,att_name,att_value,role_id, ".
"add_on_update, remove_on_update, plugin_id ) ".
"VALUES( ".
$this->db->quote($this->getServerId(),'integer').", ".
$this->db->quote($next_id,'integer').", ".
$this->db->quote($this->getType(),'integer').", ".
$this->db->quote($this->getDN(),'text').", ".
$this->db->quote($this->getMemberAttribute(),'text').", ".
$this->db->quote($this->isMemberAttributeDN(),'integer').", ".
$this->db->quote($this->getAttributeName(),'text').", ".
$this->db->quote($this->getAttributeValue(),'text').", ".
$this->db->quote($this->getRoleId(),'integer').", ".
$this->db->quote($this->isAddOnUpdateEnabled(), 'integer').', '.
$this->db->quote($this->isRemoveOnUpdateEnabled(), 'integer').', '.
$this->db->quote($this->getPluginId(),'integer').' '.
")";
$res = $ilDB->manipulate($query);
$this->rule_id = $next_id;
return true;
}

+ Here is the call graph for this function:

ilLDAPRoleAssignmentRule::delete ( )

delete rule

public

Definition at line 602 of file class.ilLDAPRoleAssignmentRule.php.

References $ilDB, $query, $res, and getRuleId().

{
global $ilDB;
$query = "DELETE FROM ldap_role_assignments ".
"WHERE rule_id = ".$this->db->quote($this->getRuleId(),'integer')." ";
$res = $ilDB->manipulate($query);
return true;
}

+ Here is the call graph for this function:

ilLDAPRoleAssignmentRule::enableAddOnUpdate (   $a_status)

Definition at line 423 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by read().

{
$this->add_on_update = $a_status;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::enableRemoveOnUpdate (   $a_status)

Definition at line 433 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by read().

{
$this->remove_on_update = $a_status;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::getAttributeName ( )

get attribute name

public

Definition at line 395 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by conditionToString(), create(), matches(), update(), and validate().

{
return $this->attribute_name;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::getAttributeValue ( )

get atrtibute value

public

Definition at line 418 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by conditionToString(), create(), matches(), update(), and validate().

{
return $this->attribute_value;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::getDN ( )

get dn

public

Definition at line 326 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by conditionToString(), create(), isGroupMember(), update(), and validate().

{
return $this->dn;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::getMemberAttribute ( )

get attribute

public

Definition at line 349 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by create(), isGroupMember(), update(), and validate().

{
return $this->member_attribute;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::getPluginId ( )

Definition at line 448 of file class.ilLDAPRoleAssignmentRule.php.

References $plugin_id.

Referenced by conditionToString(), create(), matches(), update(), and validate().

{
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::getRoleId ( )

get role id

public

Definition at line 245 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by create(), update(), and validate().

{
return $this->role_id;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::getRuleId ( )

get id

public

Definition at line 256 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by delete(), read(), and update().

{
return $this->rule_id;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::getServerId ( )

get server id

public

Definition at line 279 of file class.ilLDAPRoleAssignmentRule.php.

References $server_id.

Referenced by create(), and update().

{
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::getType ( )

getType

public

Parameters

Definition at line 303 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by conditionToString(), create(), isPluginActive(), matches(), update(), and validate().

{
return $this->type;
}

+ Here is the caller graph for this function:

static ilLDAPRoleAssignmentRule::hasRulesForUpdate ( )
static

Check if there any rule for updates.

Returns

Definition at line 85 of file class.ilLDAPRoleAssignmentRule.php.

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

Referenced by ilAuthContainerApache\updateRequired(), and ilAuthContainerLDAP\updateRequired().

{
global $ilDB;
$query = 'SELECT COUNT(*) num FROM ldap_role_assignments '.
'WHERE add_on_update = 1 '.
'OR remove_on_update = 1 ';
$res = $ilDB->query($query);
return $row->num > 0;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::isAddOnUpdateEnabled ( )

Definition at line 428 of file class.ilLDAPRoleAssignmentRule.php.

References $add_on_update.

Referenced by create(), and update().

{
return (bool) $this->add_on_update;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::isGroupMember (   $a_user_data)
private

Check if user is member of specific group.

private

Parameters
arrayuser data
arrayuser_data

Definition at line 168 of file class.ilLDAPRoleAssignmentRule.php.

References $ilLog, $query, $res, $server, ilLDAPServer\_getFirstActiveServer(), getDN(), ilLDAPServer\getInstanceByServerId(), getMemberAttribute(), IL_LDAP_SCOPE_BASE, and isMemberAttributeDN().

Referenced by matches().

{
global $ilLog;
if($this->isMemberAttributeDN())
{
$user_cmp = $a_user_data['dn'];
}
else
{
$user_cmp = $a_user_data['ilExternalAccount'];
}
include_once('Services/LDAP/classes/class.ilLDAPQuery.php');
include_once('Services/LDAP/classes/class.ilLDAPServer.php');
try
{
$query->bind();
$res = $query->query($this->getDN(),
sprintf('(%s=%s)',
$user_cmp),
array('dn'));
return $res->numRows() ? true : false;
}
{
$ilLog->write(__METHOD__.': Caught Exception: '.$e->getMessage());
return false;
}
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::isMemberAttributeDN ( )

is member attribute dn

public

Definition at line 372 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by create(), isGroupMember(), and update().

{
return (bool) $this->member_is_dn;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::isPluginActive ( )

Definition at line 453 of file class.ilLDAPRoleAssignmentRule.php.

References getType(), and TYPE_PLUGIN.

{
return (bool) $this->getType() == self::TYPE_PLUGIN;
}

+ Here is the call graph for this function:

ilLDAPRoleAssignmentRule::isRemoveOnUpdateEnabled ( )

Definition at line 438 of file class.ilLDAPRoleAssignmentRule.php.

References $remove_on_update.

Referenced by create(), and update().

{
return (bool) $this->remove_on_update;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::matches (   $a_user_data)

Check if a rule matches.

Returns
Parameters
object$a_user_data

Definition at line 102 of file class.ilLDAPRoleAssignmentRule.php.

References $ilLog, ilObject\_lookupTitle(), ilLDAPRoleAssignmentRules\callPlugin(), getAttributeName(), getAttributeValue(), getPluginId(), getType(), isGroupMember(), and wildcardCompare().

{
global $ilLog;
switch($this->getType())
{
case self::TYPE_PLUGIN:
include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
return ilLDAPRoleAssignmentRules::callPlugin($this->getPluginId(), $a_user_data);
case self::TYPE_ATTRIBUTE:
$attn = strtolower($this->getAttributeName());
if(!isset($a_user_data[$attn]))
{
return false;
}
if(!is_array($a_user_data[$attn]))
{
$attribute_val = array(0 => $a_user_data[$attn]);
}
else
{
$attribute_val = $a_user_data[$attn];
}
foreach($attribute_val as $value)
{
if($this->wildcardCompare(trim($this->getAttributeValue()),trim($value)))
{
$ilLog->write(__METHOD__.': Found role mapping: '.ilObject::_lookupTitle($this->getRoleId()));
return true;
}
/*
if(trim($value) == trim($this->getAttributeValue()))
{
$ilLog->write(__METHOD__.': Found role mapping: '.ilObject::_lookupTitle($this->getRoleId()));
return true;
}
*/
}
return false;
case self::TYPE_GROUP:
return $this->isGroupMember($a_user_data);
}
}

+ Here is the call graph for this function:

ilLDAPRoleAssignmentRule::read ( )
private

load from db

private

Definition at line 618 of file class.ilLDAPRoleAssignmentRule.php.

References $ilDB, $query, $res, $row, DB_FETCHMODE_OBJECT, enableAddOnUpdate(), enableRemoveOnUpdate(), getRuleId(), setAttributeName(), setAttributeValue(), setDN(), setMemberAttribute(), setMemberIsDN(), setPluginId(), setRoleId(), setServerId(), and setType().

Referenced by __construct().

{
global $ilDB;
$query = "SELECT * FROM ldap_role_assignments ".
"WHERE rule_id = ".$this->db->quote($this->getRuleId(),'integer')." ";
$res = $this->db->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$this->setServerId($row->server_id);
$this->setType($row->type);
$this->setDN($row->dn);
$this->setMemberAttribute($row->attribute);
$this->setMemberIsDN($row->isdn);
$this->setAttributeName($row->att_name);
$this->setAttributeValue($row->att_value);
$this->setRoleId($row->role_id);
$this->enableAddOnUpdate($row->add_on_update);
$this->enableRemoveOnUpdate($row->remove_on_update);
$this->setPluginId($row->plugin_id);
}
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::setAttributeName (   $a_name)

set attribute name

public

Parameters

Definition at line 384 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by read().

{
$this->attribute_name = $a_name;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::setAttributeValue (   $a_value)

set attribute value

public

Parameters
stringvalue

Definition at line 407 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by read().

{
$this->attribute_value = $a_value;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::setDN (   $a_dn)

set dn

public

Parameters
stringdn

Definition at line 315 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by read().

{
$this->dn = $a_dn;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::setMemberAttribute (   $a_attribute)

public

Parameters

Definition at line 338 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by read().

{
$this->member_attribute = $a_attribute;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::setMemberIsDN (   $a_status)

set member attribute is dn

public

Parameters
boolstatus

Definition at line 361 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by read().

{
$this->member_is_dn = $a_status;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::setPluginId (   $a_id)

Definition at line 443 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by read().

{
$this->plugin_id = $a_id;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::setRoleId (   $a_role_id)

set role id

public

Parameters
introle id of global role

Definition at line 234 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by read().

{
$this->role_id = $a_role_id;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::setServerId (   $a_id)

set server id

public

Parameters
intserver id

Definition at line 268 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by read().

{
$this->server_id = $a_id;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::setType (   $a_type)

set type

public

Parameters
inttype

Definition at line 291 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by read().

{
$this->type = $a_type;
}

+ Here is the caller graph for this function:

ilLDAPRoleAssignmentRule::update ( )

update

public

Definition at line 526 of file class.ilLDAPRoleAssignmentRule.php.

References $ilDB, $query, $res, getAttributeName(), getAttributeValue(), getDN(), getMemberAttribute(), getPluginId(), getRoleId(), getRuleId(), getServerId(), getType(), isAddOnUpdateEnabled(), isMemberAttributeDN(), and isRemoveOnUpdateEnabled().

{
global $ilDB;
$query = "UPDATE ldap_role_assignments ".
"SET server_id = ".$this->db->quote($this->getServerId(),'integer').", ".
"type = ".$this->db->quote($this->getType(),'integer').", ".
"dn = ".$this->db->quote($this->getDN(),'text').", ".
"attribute = ".$this->db->quote($this->getMemberAttribute(),'text').", ".
"isdn = ".$this->db->quote($this->isMemberAttributeDN(),'integer').", ".
"att_name = ".$this->db->quote($this->getAttributeName(),'text').", ".
"att_value = ".$this->db->quote($this->getAttributeValue(),'text').", ".
"role_id = ".$this->db->quote($this->getRoleId(),'integer').", ".
"add_on_update = ".$this->db->quote($this->isAddOnUpdateEnabled(),'integer').', '.
'remove_on_update = '.$this->db->quote($this->isRemoveOnUpdateEnabled(),'integer').', '.
'plugin_id = '.$this->db->quote($this->getPluginId(),'integer').' '.
"WHERE rule_id = ".$this->db->quote($this->getRuleId(),'integer')." ";
$res = $ilDB->manipulate($query);
return true;
}

+ Here is the call graph for this function:

ilLDAPRoleAssignmentRule::validate ( )

validate

public

Definition at line 553 of file class.ilLDAPRoleAssignmentRule.php.

References $ilErr, getAttributeName(), getAttributeValue(), getDN(), getMemberAttribute(), getPluginId(), getRoleId(), and getType().

{
global $ilErr;
$ilErr->setMessage('');
if(!$this->getRoleId())
{
$ilErr->setMessage('fill_out_all_required_fields');
return false;
}
switch($this->getType())
{
case self::TYPE_GROUP:
if(!strlen($this->getDN()) or !strlen($this->getMemberAttribute()))
{
$ilErr->setMessage('fill_out_all_required_fields');
return false;
}
break;
case self::TYPE_ATTRIBUTE:
if(!strlen($this->getAttributeName()) or !strlen($this->getAttributeValue()))
{
$ilErr->setMessage('fill_out_all_required_fields');
return false;
}
break;
case self::TYPE_PLUGIN:
if(!$this->getPluginId())
{
$ilErr->setMessage('ldap_err_missing_plugin_id');
return false;
}
break;
default:
$ilErr->setMessage('ldap_no_type_given');
return false;
}
return true;
}

+ Here is the call graph for this function:

ilLDAPRoleAssignmentRule::wildcardCompare (   $a_str1,
  $a_str2 
)
protected

Definition at line 153 of file class.ilLDAPRoleAssignmentRule.php.

References $GLOBALS.

Referenced by matches().

{
$pattern = str_replace('*','.*?', $a_str1);
$GLOBALS['ilLog']->write(__METHOD__.': Replace pattern:'. $pattern.' => '.$a_str2);
return (bool) preg_match('/^'.$pattern.'$/i',$a_str2);
}

+ Here is the caller graph for this function:

Field Documentation

ilLDAPRoleAssignmentRule::$add_on_update = false
private

Definition at line 42 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by isAddOnUpdateEnabled().

ilLDAPRoleAssignmentRule::$instances = null
staticprivate

Definition at line 34 of file class.ilLDAPRoleAssignmentRule.php.

ilLDAPRoleAssignmentRule::$plugin_active = false
private

Definition at line 41 of file class.ilLDAPRoleAssignmentRule.php.

ilLDAPRoleAssignmentRule::$plugin_id = 0
private

Definition at line 44 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by getPluginId().

ilLDAPRoleAssignmentRule::$remove_on_update = false
private

Definition at line 43 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by isRemoveOnUpdateEnabled().

ilLDAPRoleAssignmentRule::$server_id = 0
private

Definition at line 40 of file class.ilLDAPRoleAssignmentRule.php.

Referenced by getServerId().

const ilLDAPRoleAssignmentRule::TYPE_ATTRIBUTE = 2
const ilLDAPRoleAssignmentRule::TYPE_GROUP = 1
const ilLDAPRoleAssignmentRule::TYPE_PLUGIN = 3

The documentation for this class was generated from the following file: