ILIAS  Release_4_1_x_branch Revision 61804
 All Data Structures Namespaces Files Functions Variables Groups Pages
ilLDAPRoleAssignmentRules Class Reference

Do role assignemnts More...

+ Collaboration diagram for ilLDAPRoleAssignmentRules:

Static Public Member Functions

static getDefaultRole ()
 Get default global role.
static getAllPossibleRoles ()
 Get all assignable roles (used for import parser)
static getAttributeNames ()
 get all possible attribute names
static getAssignmentsForUpdate ($a_usr_id, $a_usr_name, $a_usr_data)
static getAssignmentsForCreation ($a_usr_name, $a_usr_data)
static callPlugin ($a_plugin_id, $a_user_data)
 Call plugin check if the condition matches.

Data Fields

const ROLE_ACTION_ASSIGN = 'Assign'
const ROLE_ACTION_DEASSIGN = 'Detach'

Static Protected Member Functions

static getAdditionalPluginAttributes ()
 Fetch additional attributes from plugin.
static parseRole ($a_role_id, $a_action)
 Parse role.

Static Protected Attributes

static $active_plugins = null
static $default_role = null

Detailed Description

Do role assignemnts

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
$Id$

Definition at line 32 of file class.ilLDAPRoleAssignmentRules.php.

Member Function Documentation

static ilLDAPRoleAssignmentRules::callPlugin (   $a_plugin_id,
  $a_user_data 
)
static

Call plugin check if the condition matches.

Returns
bool
Parameters
object$a_plugin_id
object$a_user_data

Definition at line 216 of file class.ilLDAPRoleAssignmentRules.php.

References $ok, and IL_COMP_SERVICE.

Referenced by ilLDAPRoleAssignmentRule\matches().

{
global $ilPluginAdmin;
if(self::$active_plugins == null)
{
self::$active_plugins = $ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE,
'LDAP',
'ldaphk');
}
$assigned = false;
foreach(self::$active_plugins as $plugin_name)
{
$ok = false;
$plugin_obj = $ilPluginAdmin->getPluginObject(IL_COMP_SERVICE,
'LDAP',
'ldaphk',
$plugin_name);
if($plugin_obj instanceof ilLDAPRoleAssignmentPlugin)
{
$ok = $plugin_obj->checkRoleAssignment($a_plugin_id,$a_user_data);
}
if($ok)
{
$assigned = true;
}
}
return $assigned;
}

+ Here is the caller graph for this function:

static ilLDAPRoleAssignmentRules::getAdditionalPluginAttributes ( )
staticprotected

Fetch additional attributes from plugin.

Returns

Definition at line 253 of file class.ilLDAPRoleAssignmentRules.php.

References $ok, and IL_COMP_SERVICE.

{
global $ilPluginAdmin;
if(self::$active_plugins == null)
{
self::$active_plugins = $ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE,
'LDAP',
'ldaphk');
}
$attributes = array();
foreach(self::$active_plugins as $plugin_name)
{
$ok = false;
$plugin_obj = $ilPluginAdmin->getPluginObject(IL_COMP_SERVICE,
'LDAP',
'ldaphk',
$plugin_name);
if($plugin_obj instanceof ilLDAPRoleAssignmentPlugin)
{
$attributes = array_merge($attributes,$plugin_obj->getAdditionalAttributeNames());
}
}
return $attributes ? $attributes : array();
}
static ilLDAPRoleAssignmentRules::getAllPossibleRoles ( )
static

Get all assignable roles (used for import parser)

Returns
array roles

Definition at line 63 of file class.ilLDAPRoleAssignmentRules.php.

References $ilDB, $query, $res, $row, DB_FETCHMODE_OBJECT, and getDefaultRole().

Referenced by ilLDAPAttributeToUser\refresh().

{
global $ilDB;
$query = "SELECT DISTINCT(role_id) FROM ldap_role_assignments ";
$res = $ilDB->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$roles[$row->role_id] = $row->role_id;
}
$roles[$gr] = $gr;
return $roles ? $roles : array();
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static ilLDAPRoleAssignmentRules::getAssignmentsForCreation (   $a_usr_name,
  $a_usr_data 
)
static
Returns
array role data
Parameters
object$a_usr_id
object$a_usr_datapublic

Definition at line 165 of file class.ilLDAPRoleAssignmentRules.php.

References $ilDB, $ilLog, $query, $res, $row, ilLDAPRoleAssignmentRule\_getInstanceByRuleId(), ilObject\_lookupTitle(), DB_FETCHMODE_OBJECT, parseRole(), and ROLE_ACTION_ASSIGN.

Referenced by ilAuthContainerApache\fetchData(), ilAuthContainerLDAP\loginObserver(), and ilLDAPAttributeToUser\usersToXML().

{
global $ilDB,$ilLog;
$query = "SELECT rule_id FROM ldap_role_assignments ";
$res = $ilDB->query($query);
$num_matches = 0;
$roles = array();
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
if($rule->matches($a_usr_data))
{
$num_matches++;
$ilLog->write(__METHOD__.': Assigned to role: '.$a_usr_name.' => '.ilObject::_lookupTitle($rule->getRoleId()));
$roles[] = self::parseRole($rule->getRoleId(),self::ROLE_ACTION_ASSIGN);
}
}
// DONE: check for global role
$found_global = false;
foreach($roles as $role_data)
{
if($role_data['type'] == 'Global')
{
$found_global = true;
break;
}
}
if(!$found_global)
{
$ilLog->write(__METHOD__.': No matching rule found. Assigning to default role.');
$roles[] = self::parseRole(
self::getDefaultRole(),
self::ROLE_ACTION_ASSIGN
);
}
return $roles ? $roles : array();
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static ilLDAPRoleAssignmentRules::getAssignmentsForUpdate (   $a_usr_id,
  $a_usr_name,
  $a_usr_data 
)
static

Definition at line 104 of file class.ilLDAPRoleAssignmentRules.php.

References $ilDB, $ilLog, $ilSetting, $query, $res, $row, ilLDAPRoleAssignmentRule\_getInstanceByRuleId(), ilObject\_lookupTitle(), DB_FETCHMODE_OBJECT, parseRole(), ROLE_ACTION_ASSIGN, and ROLE_ACTION_DEASSIGN.

Referenced by ilLDAPAttributeToUser\usersToXML().

{
global $ilDB,$rbacadmin,$rbacreview,$ilSetting,$ilLog;
$query = "SELECT rule_id,add_on_update,remove_on_update FROM ldap_role_assignments ".
"WHERE add_on_update = 1 OR remove_on_update = 1";
$res = $ilDB->query($query);
$roles = array();
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
$matches = $rule->matches($a_usr_data);
if($matches and $row->add_on_update)
{
$ilLog->write(__METHOD__.': Assigned to role: '.$a_usr_name.' => '.ilObject::_lookupTitle($rule->getRoleId()));
$roles[] = self::parseRole($rule->getRoleId(), self::ROLE_ACTION_ASSIGN);
}
if(!$matches and $row->remove_on_update)
{
$ilLog->write(__METHOD__.': Deassigned from role: '.$a_usr_name.' => '.ilObject::_lookupTitle($rule->getRoleId()));
$roles[] = self::parseRole($rule->getRoleId(), self::ROLE_ACTION_DEASSIGN);
}
}
// Check if there is minimum on global role
$deassigned_global = 0;
foreach($roles as $role_data)
{
if($role_data['type'] == 'Global' and
$role_data['action'] == self::ROLE_ACTION_DEASSIGN)
{
$deassigned_global++;
}
}
if(count($rbacreview->assignedGlobalRoles($a_usr_id)) == $deassigned_global)
{
$ilLog->write(__METHOD__.': No global role left. Assigning to default role.');
$roles[] = self::parseRole(
self::getDefaultRole(),
self::ROLE_ACTION_ASSIGN
);
}
return $roles ? $roles : array();
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static ilLDAPRoleAssignmentRules::getAttributeNames ( )
static

get all possible attribute names

Returns

Definition at line 82 of file class.ilLDAPRoleAssignmentRules.php.

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

Referenced by ilLDAPQuery\fetchUserProfileFields(), and ilLDAPServer\getPearAtributeArray().

{
global $ilDB;
$query = "SELECT DISTINCT(att_name) ".
"FROM ldap_role_assignments ";
$res = $ilDB->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$name = strtolower(trim($row->att_name));
if($name)
{
$names[] = $name;
}
}
$names = array_merge((array) $names, self::getAdditionalPluginAttributes());
return $names ? $names : array();
}

+ Here is the caller graph for this function:

static ilLDAPRoleAssignmentRules::getDefaultRole ( )
static

Get default global role.

Returns

Definition at line 45 of file class.ilLDAPRoleAssignmentRules.php.

References $default_role, ilLDAPServer\_getFirstActiveServer(), and ilLDAPAttributeMapping\_lookupGlobalRole().

Referenced by getAllPossibleRoles().

{
if(self::$default_role)
{
}
include_once './Services/LDAP/classes/class.ilLDAPAttributeMapping.php';
include_once './Services/LDAP/classes/class.ilLDAPServer.php';
return self::$default_role =
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static ilLDAPRoleAssignmentRules::parseRole (   $a_role_id,
  $a_action 
)
staticprotected

Parse role.

Returns
Parameters
int$a_role_id
string$a_action

Definition at line 288 of file class.ilLDAPRoleAssignmentRules.php.

Referenced by getAssignmentsForCreation(), and getAssignmentsForUpdate().

{
global $rbacreview;
return array(
'id' => $a_role_id,
'type' => $rbacreview->isGlobalRole($a_role_id) ? 'Global' : 'Local',
'action' => $a_action
);
}

+ Here is the caller graph for this function:

Field Documentation

ilLDAPRoleAssignmentRules::$active_plugins = null
staticprotected

Definition at line 37 of file class.ilLDAPRoleAssignmentRules.php.

ilLDAPRoleAssignmentRules::$default_role = null
staticprotected

Definition at line 38 of file class.ilLDAPRoleAssignmentRules.php.

Referenced by getDefaultRole().

const ilLDAPRoleAssignmentRules::ROLE_ACTION_ASSIGN = 'Assign'
const ilLDAPRoleAssignmentRules::ROLE_ACTION_DEASSIGN = 'Detach'

Definition at line 35 of file class.ilLDAPRoleAssignmentRules.php.

Referenced by getAssignmentsForUpdate().


The documentation for this class was generated from the following file: