24 include_once(
'Services/LDAP/classes/class.ilLDAPServer.php');
66 if(is_object(self::$instance))
84 if(!$this->active_servers)
90 if(isset($this->mapping_info_strict[$a_obj_id]) and is_array($this->mapping_info_strict[$a_obj_id]))
92 return $this->mapping_info_strict[$a_obj_id];
97 if(isset($this->mapping_info[$a_obj_id]) and is_array($this->mapping_info[$a_obj_id]))
99 return $this->mapping_info[$a_obj_id];
116 public function assign($a_role_id,$a_usr_id)
119 if(!$this->active_servers)
130 $this->log->write(
'LDAP assign: User ID: '.$a_usr_id.
' has no LDAP account');
133 $this->log->write(
'LDAP assign: User ID: '.$a_usr_id.
' Role Id: '.$a_role_id);
153 if(!$this->active_servers)
163 foreach($rbacreview->assignedUsers($a_role_id) as
$usr_id)
183 if(!$this->active_servers)
195 $this->log->write(
'LDAP deassign: User ID: '.$a_usr_id.
' Role Id: '.$a_role_id);
209 foreach($this->mappings as $role_id =>
$data)
211 $this->
deassign($role_id,$a_usr_id);
228 if(!count($server_ids))
234 include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php');
236 $this->active_servers =
true;
237 $this->mappings = array();
238 foreach($server_ids as $server_id)
240 $this->servers[$server_id] =
new ilLDAPServer($server_id);
243 $this->mapping_info = array();
244 $this->mapping_info_strict = array();
245 foreach($this->mappings as $mapping)
247 foreach($mapping as $key =>
$data)
249 if(strlen(
$data[
'info']) and
$data[
'object_id'])
251 $this->mapping_info[$data[
'object_id']][] = $data[
'info'];
255 $this->mapping_info_strict[$data[
'object_id']][] = $data[
'info'];
274 return array_key_exists($a_role_id,$this->mappings);
284 return array_key_exists($a_usr_id,$this->users);
297 foreach($this->mappings[$a_role_id] as
$data)
303 $external_account = $this->
readDN($a_usr_id,$data[
'server_id']);
307 $external_account = $this->users[$a_usr_id];
311 #if($this->isMember($external_account,$data))
313 # $this->log->write("LDAP assign: User already assigned to group '".$data['dn']."'");
319 $query_obj->modAdd($data[
'dn'],array($data[
'member'] => $external_account));
320 $this->log->write(
'LDAP assign: Assigned '.$external_account.
' to group '.$data[
'dn']);
325 $this->log->write($exc->getMessage());
342 foreach($this->mappings[$a_role_id] as
$data)
348 $external_account = $this->
readDN($a_usr_id,$data[
'server_id']);
352 $external_account = $this->users[$a_usr_id];
358 $this->log->write(
'LDAP deassign: User is still assigned to role "'.$role_id.
'".');
370 $query_obj->modDelete($data[
'dn'],array($data[
'member'] => $external_account));
371 $this->log->write(
'LDAP deassign: Deassigned '.$external_account.
' from group '.$data[
'dn']);
374 if(is_array($this->mapping_members[$data[
'mapping_id']]))
376 $key = array_search($external_account,$this->mapping_members[$data[
'mapping_id']]);
377 if($key or $key === 0)
379 unset($this->mapping_members[$data[
'mapping_id']]);
386 $this->log->write($exc->getMessage());
401 if(!isset($this->mapping_members[
"$data[mapping_id]"]))
406 $server = $this->servers[
"$data[server_id]"];
413 array(
$data[
'member']));
423 #var_dump("<pre>",$a_uid,$this->mapping_members,"</pre>");
426 if(in_array($a_uid,$this->mapping_members[
"$data[mapping_id]"]))
442 global $rbacreview,$ilObjDataCache;
444 foreach($this->mappings as $role_id => $tmp_data)
446 foreach($tmp_data as
$data)
448 if($role_id == $a_role_id)
452 if($data[
'server_id'] != $a_data[
'server_id'])
456 if($data[
'dn'] != $a_data[
'dn'])
460 if($rbacreview->isAssigned($a_usr_id,$role_id))
462 return $ilObjDataCache->lookupTitle($role_id);
478 $this->mapping_members[$a_mapping_id] = array();
479 foreach($a_data as $field => $value)
481 if(strtolower($field) ==
'dn')
486 if(!is_array($value))
488 $this->mapping_members[$a_mapping_id][] = $value;
491 foreach($value as $external_account)
493 $this->mapping_members[$a_mapping_id][] = $external_account;
507 private function readDN($a_usr_id,$a_server_id)
509 if(isset($this->user_dns[$a_usr_id]))
511 return $this->user_dns[$a_usr_id];
514 $external_account = $this->users[$a_usr_id];
518 $server = $this->servers[$a_server_id];
521 if($search_base =
$server->getSearchBase())
525 $search_base .=
$server->getBaseDN();
528 if(
$server->isMembershipOptional() and
$server->getGroupUserFilter())
530 $userFilter =
$server->getGroupUserFilter();
534 $userFilter =
$server->getFilter();
537 $filter = sprintf(
'(&(%s=%s)%s)',
542 $res = $query_obj->query($search_base,$filter,
$server->getUserScope(),array(
'dn'));
546 include_once(
'Services/LDAP/classes/class.ilLDAPQueryException.php');
549 if($res->numRows() > 1)
551 include_once(
'Services/LDAP/classes/class.ilLDAPQueryException.php');
552 throw new ilLDAPQueryException(__METHOD__.
' found multiple distinguished name for: '.$external_account);
556 return $this->user_dns[$a_usr_id] =
$data[
'dn'];
573 include_once
'Services/LDAP/classes/class.ilLDAPQuery.php';
575 if(array_key_exists($a_server_id,$this->query) and
576 array_key_exists($a_url,$this->query[$a_server_id]) and
577 is_object($this->query[$a_server_id][$a_url]))
579 return $this->query[$a_server_id][$a_url];
583 $tmp_query =
new ilLDAPQuery($this->servers[$a_server_id],$a_url);
590 return $this->query[$a_server_id][$a_url] = $tmp_query;