ILIAS  Release_4_2_x_branch Revision 61807
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilLDAPSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
33 class ilLDAPSettingsGUI
34 {
35  private $ref_id = null;
36 
37  public function __construct($a_auth_ref_id)
38  {
39  global $lng,$ilCtrl,$tpl,$ilTabs;
40 
41  $this->ctrl = $ilCtrl;
42  $this->tabs_gui = $ilTabs;
43  $this->lng = $lng;
44  $this->lng->loadLanguageModule('ldap');
45 
46  $this->tpl = $tpl;
47 
48  $this->ctrl->saveParameter($this,'ldap_server_id');
49  $this->ref_id = $a_auth_ref_id;
50 
51 
52  $this->initServer();
53  }
54 
55  public function executeCommand()
56  {
57  global $ilAccess,$ilias, $ilErr, $ilCtrl;
58 
59  $next_class = $this->ctrl->getNextClass($this);
60  $cmd = $this->ctrl->getCmd();
61 
62  if(!$ilAccess->checkAccess('write','',$this->ref_id) && $cmd != "serverList")
63  {
64  ilUtil::sendFailure($this->lng->txt('msg_no_perm_write'), true);
65  $ilCtrl->redirect($this, "serverList");
66  }
67 
68 
69  switch($next_class)
70  {
71  default:
72  if(!$cmd)
73  {
74  $cmd = "serverList";
75  }
76  $this->$cmd();
77  break;
78  }
79  return true;
80  }
81 
88  public function roleAssignments()
89  {
90  global $rbacreview;
91 
92  $this->setSubTabs();
93  $this->tabs_gui->setSubTabActive('ldap_role_assignments');
94 
95  $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.ldap_role_assignments.html','Services/LDAP');
96 
97  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
98  $this->initFormRoleAssignments('create',$this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId(0));
99  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL',$this->form->getHTML());
100 
101 
102  if(count($rules = ilLDAPRoleAssignmentRule::_getRules()))
103  {
104  include_once("./Services/LDAP/classes/class.ilLDAPRoleAssignmentTableGUI.php");
105  $table_gui = new ilLDAPRoleAssignmentTableGUI($this,'roleAssignments');
106  $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
107  $table_gui->parse($rules);
108  $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
109  $table_gui->setSelectAllCheckbox("rule_id");
110  $this->tpl->setVariable('RULES_TBL',$table_gui->getHTML());
111  }
112 
113  }
114 
121  public function editRoleAssignment()
122  {
123  if(!(int) $_GET['rule_id'])
124  {
125  ilUtil::sendFailure($this->lng->txt('select_one'));
126  $this->roleAssignments();
127  return false;
128  }
129  $this->setSubTabs();
130  $this->tabs_gui->setSubTabActive('ldap_role_assignments');
131 
132  $this->ctrl->saveParameter($this,'rule_id',(int) $_GET['rule_id']);
133  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
134  $this->initFormRoleAssignments('edit',
135  $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId((int) $_GET['rule_id']));
136  $this->setValuesByArray();
137  $this->tpl->setContent($this->form->getHTML());
138  }
139 
140 
145  protected function setValuesByArray()
146  {
147  global $rbacreview;
148 
149  $role_id = $this->role_mapping_rule->getRoleId();
150  if($rbacreview->isGlobalRole($role_id))
151  {
152  $val['role_name'] = 0;
153  $val['role_id'] = $role_id;
154  }
155  else
156  {
157  $val['role_name'] = 1;
158  $val['role_search'] = ilObject::_lookupTitle($role_id);
159  }
160  $val['add_missing'] = (int) $this->role_mapping_rule->isAddOnUpdateEnabled();
161  $val['remove_deprecated'] = (int) $this->role_mapping_rule->isRemoveOnUpdateEnabled();
162  $val['type'] = (int) $this->role_mapping_rule->getType();
163  $val['dn'] = $this->role_mapping_rule->getDN();
164  $val['at'] = $this->role_mapping_rule->getMemberAttribute();
165  $val['isdn'] = $this->role_mapping_rule->isMemberAttributeDN();
166  $val['name'] = $this->role_mapping_rule->getAttributeName();
167  $val['value'] = $this->role_mapping_rule->getAttributeValue();
168  $val['plugin_id'] = $this->role_mapping_rule->getPluginId();
169 
170  $this->form->setValuesByArray($val);
171  }
172 
179  public function updateRoleAssignment()
180  {
181  global $ilErr,$ilAccess;
182 
183  if(!$ilAccess->checkAccess('write','',$this->ref_id))
184  {
185  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
186  $this->roleAssignment();
187  return false;
188  }
189 
190  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
191  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
192 
193  $this->initFormRoleAssignments('edit');
194  if(!$this->form->checkInput() or ($err = $this->checkRoleAssignmentInput((int) $_REQUEST['rule_id'])))
195  {
196  if($err)
197  {
198  ilUtil::sendFailure($this->lng->txt($err));
199  }
200 
201  $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.ldap_role_assignments.html','Services/LDAP');
202 
203  // DONE: wrap this
204  $this->form->setValuesByPost();
205  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL',$this->form->getHTML());
206  #$this->tpl->setVariable('RULES_TBL',$this->getRoleAssignmentTable());
207  $this->tabs_gui->setSubTabActive('shib_role_assignment');
208  return true;
209 
210  }
211 
212  // Might redirect
213  $this->roleSelection();
214 
215  $this->rule->update();
216  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
217  $this->roleAssignments();
218  return true;
219  }
220 
228  public function confirmDeleteRules()
229  {
230  if(!is_array($_POST['rule_ids']))
231  {
232  ilUtil::sendFailure($this->lng->txt('select_one'));
233  $this->roleAssignments();
234  return false;
235  }
236  $this->setSubTabs();
237  $this->tabs_gui->setSubTabActive('ldap_role_assignments');
238 
239  include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
240  $c_gui = new ilConfirmationGUI();
241 
242  // set confirm/cancel commands
243  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules"));
244  $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass"));
245  $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignments");
246  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules");
247 
248  // add items to delete
249  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
250  foreach($_POST["rule_ids"] as $rule_id)
251  {
252  $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
253  $c_gui->addItem('rule_ids[]',$rule_id,$rule->conditionToString());
254  }
255  $this->tpl->setContent($c_gui->getHTML());
256  }
257 
264  public function deleteRules()
265  {
266  if(!is_array($_POST['rule_ids']))
267  {
268  ilUtil::sendFailure($this->lng->txt('select_once'));
269  $this->roleAssignments();
270  return false;
271  }
272  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
273  foreach($_POST["rule_ids"] as $rule_id)
274  {
275  $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
276  $rule->delete();
277  }
278  ilUtil::sendSuccess($this->lng->txt('ldap_deleted_rule'));
279  $this->roleAssignments();
280  return true;
281  }
282 
289  public function addRoleAssignment()
290  {
291  global $ilErr,$ilAccess;
292 
293  if(!$ilAccess->checkAccess('write','',$this->ref_id))
294  {
295  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
296  $this->roleAssignment();
297  return false;
298  }
299 
300  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
301  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
302 
303  $this->initFormRoleAssignments('create');
304  if(!$this->form->checkInput() or ($err = $this->checkRoleAssignmentInput()))
305  {
306  if($err)
307  {
308  ilUtil::sendFailure($this->lng->txt($err));
309  }
310 
311  $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.ldap_role_assignments.html','Services/LDAP');
312 
313  // DONE: wrap this
314  $this->form->setValuesByPost();
315  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL',$this->form->getHTML());
316  $this->tpl->setVariable('RULES_TBL',$this->getRoleAssignmentTable());
317  $this->tabs_gui->setSubTabActive('shib_role_assignment');
318  return true;
319 
320  }
321 
322  // Might redirect
323  $this->roleSelection();
324 
325  $this->rule->create();
326  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
327  unset($_POST);
328  $this->roleAssignments();
329  return true;
330  }
331 
336  protected function roleSelection()
337  {
338  if($this->rule->getRoleId() > 0)
339  {
340  return false;
341  }
342 
343  $_SESSION['ldap_role_ass']['rule_id'] = $_REQUEST['rule_id'] ? $_REQUEST['rule_id'] : 0;
344  $_SESSION['ldap_role_ass']['role_search'] = $this->form->getInput('role_search');
345  $_SESSION['ldap_role_ass']['add_on_update'] = $this->form->getInput('add_on_update');
346  $_SESSION['ldap_role_ass']['remove_on_update'] = $this->form->getInput('remove_deprecated');
347  $_SESSION['ldap_role_ass']['type'] = $this->form->getInput('type');
348  $_SESSION['ldap_role_ass']['dn'] = $this->form->getInput('dn');
349  $_SESSION['ldap_role_ass']['at'] = $this->form->getInput('at');
350  $_SESSION['ldap_role_ass']['isdn'] = $this->form->getInput('isdn');
351  $_SESSION['ldap_role_ass']['name'] = $this->form->getInput('name');
352  $_SESSION['ldap_role_ass']['value'] = $this->form->getInput('value');
353  $_SESSION['ldap_role_ass']['plugin'] = $this->form->getInput('plugin_id');
354 
355  $this->ctrl->saveParameter($this,'rule_id');
356  $this->ctrl->redirect($this,'showRoleSelection');
357  }
358 
359 
360 
365  protected function showRoleSelection()
366  {
367  $this->setSubTabs();
368  $this->tabs_gui->setSubTabActive('ldap_role_assignment');
369  $this->ctrl->saveParameter($this,'rule_id');
370 
371  include_once './Services/Search/classes/class.ilQueryParser.php';
372  $parser = new ilQueryParser($_SESSION['ldap_role_ass']['role_search']);
373  $parser->setMinWordLength(1,true);
374  $parser->setCombination(QP_COMBINATION_AND);
375  $parser->parse();
376 
377  include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
378  $object_search = new ilLikeObjectSearch($parser);
379  $object_search->setFilter(array('role'));
380  $res = $object_search->performSearch();
381 
382  $entries = $res->getEntries();
383 
384  include_once './Services/AccessControl/classes/class.ilRoleSelectionTableGUI.php';
385  $table = new ilRoleSelectionTableGUI($this,'showRoleSelection');
386  $table->setTitle($this->lng->txt('ldap_role_selection'));
387  $table->addMultiCommand('saveRoleSelection',$this->lng->txt('ldap_choose_role'));
388  $table->addCommandButton('roleAssignment',$this->lng->txt('cancel'));
389  $table->parse($entries);
390 
391  $this->tpl->setContent($table->getHTML());
392  return true;
393  }
394 
399  protected function saveRoleSelection()
400  {
401  global $ilErr,$ilAccess;
402 
403  if(!$ilAccess->checkAccess('write','',$this->ref_id))
404  {
405  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
406  $this->roleAssignment();
407  return false;
408  }
409 
410  if(!(int) $_REQUEST['role_id'])
411  {
412  ilUtil::sendFailure($this->lng->txt('select_one'));
413  $this->showRoleSelection();
414  return false;
415  }
416 
417  $this->loadRoleAssignmentRule((int) $_REQUEST['rule_id'],false);
418  $this->rule->setRoleId((int) $_REQUEST['role_id']);
419 
420  if((int) $_REQUEST['rule_id'])
421  {
422  $this->rule->update();
423  }
424  else
425  {
426  $this->rule->create();
427  }
428 
429  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
430  $this->roleAssignments();
431  return true;
432  }
433 
434 
440  protected function checkRoleAssignmentInput($a_rule_id = 0)
441  {
442  global $ilErr;
443 
444  $this->loadRoleAssignmentRule($a_rule_id);
445  $this->rule->validate();
446  return $ilErr->getMessage();
447  }
448 
449 
454  protected function getRoleAssignmentTable()
455  {
456  if(count($rules = ilLDAPRoleAssignmentRule::_getRules()))
457  {
458  include_once("./Services/LDAP/classes/class.ilLDAPRoleAssignmentTableGUI.php");
459  $table_gui = new ilLDAPRoleAssignmentTableGUI($this,'roleAssignments');
460  $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
461  $table_gui->parse($rules);
462  $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
463  $table_gui->setSelectAllCheckbox("rule_id");
464  return $table_gui->getHTML();
465  }
466  return '';
467  }
468 
469 
475  protected function loadRoleAssignmentRule($a_rule_id,$a_from_form = true)
476  {
477  if(is_object($this->rule))
478  {
479  return true;
480  }
481 
482  include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
483  $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id);
484 
485 
486  if($a_from_form)
487  {
488  if($this->form->getInput('role_name') == 0)
489  {
490  $this->rule->setRoleId($this->form->getInput('role_id'));
491  }
492  elseif($this->form->getInput('role_search'))
493  {
494  // Search role
495  include_once './Services/Search/classes/class.ilQueryParser.php';
496 
497  $parser = new ilQueryParser($this->form->getInput('role_search'));
498 
499  // TODO: Handle minWordLength
500  $parser->setMinWordLength(1,true);
501  $parser->setCombination(QP_COMBINATION_AND);
502  $parser->parse();
503 
504  include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
505  $object_search = new ilLikeObjectSearch($parser);
506  $object_search->setFilter(array('role'));
507  $res = $object_search->performSearch();
508 
509  $entries = $res->getEntries();
510  if(count($entries) == 1)
511  {
512  $role = current($entries);
513  $this->rule->setRoleId($role['obj_id']);
514  }
515  elseif(count($entries) > 1)
516  {
517  $this->rule->setRoleId(-1);
518  }
519  }
520 
521  $this->rule->setAttributeName($this->form->getInput('name'));
522  $this->rule->setAttributeValue($this->form->getInput('value'));
523  $this->rule->setDN($this->form->getInput('dn'));
524  $this->rule->setMemberAttribute($this->form->getInput('at'));
525  $this->rule->setMemberIsDN($this->form->getInput('isdn'));
526  $this->rule->enableAddOnUpdate($this->form->getInput('add_missing'));
527  $this->rule->enableRemoveOnUpdate($this->form->getInput('remove_deprecated'));
528  $this->rule->setPluginId($this->form->getInput('plugin_id'));
529  $this->rule->setType($this->form->getInput('type'));
530  return true;
531  }
532 
533  // LOAD from session
534  $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id);
535  $this->rule->setServerId(0);
536  $this->rule->enableAddOnUpdate((int) $_SESSION['ldap_role_ass']['add_missing']);
537  $this->rule->enableRemoveOnUpdate((int) $_SESSION['ldap_role_ass']['remove_deprecated']);
538  $this->rule->setType(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['type']));
539  $this->rule->setDN(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['dn']));
540  $this->rule->setMemberAttribute( ilUtil::stripSlashes($_SESSION['ldap_role_ass']['at']));
541  $this->rule->setMemberIsDN( ilUtil::stripSlashes($_SESSION['ldap_role_ass']['isdn']));
542  $this->rule->setAttributeName( ilUtil::stripSlashes($_SESSION['ldap_role_ass']['name']));
543  $this->rule->setAttributeValue(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['value']));
544  $this->rule->setPluginId(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['plugin_id']));
545  return true;
546  }
547 
548 
549  public function roleMapping()
550  {
551  $this->initRoleMapping();
552 
553  $this->setSubTabs();
554  $this->tabs_gui->setSubTabActive('ldap_role_mapping');
555 
556  $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.ldap_role_mapping.html','Services/LDAP');
557  $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this,'saveRoleMapping'));
558 
559  // Role Sync
560  $this->tpl->setVariable('TXT_ROLE_SETTINGS',$this->lng->txt('ldap_role_settings'));
561  $this->tpl->setVariable('TXT_ROLE_ACTIVE',$this->lng->txt('ldap_role_active'));
562  $this->tpl->setVariable('TXT_ROLE_BIND_USER',$this->lng->txt('ldap_role_bind_user'));
563  $this->tpl->setVariable('TXT_ROLE_BIND_PASS',$this->lng->txt('ldap_role_bind_pass'));
564  $this->tpl->setVariable('TXT_ROLE_ASSIGNMENTS',$this->lng->txt('ldap_role_assignments'));
565  $this->tpl->setVariable('TXT_BINDING',$this->lng->txt('ldap_server_binding'));
566 
567  $this->tpl->setVariable('TXT_ROLE_BIND_USER_INFO',$this->lng->txt('ldap_role_bind_user_info'));
568  $this->tpl->setVariable('TXT_ROLE_ASSIGNMENTS_INFO',$this->lng->txt('ldap_role_assignments_info'));
569 
570 
571  $mapping_data = $this->role_mapping->getMappings();
572  $mapping_data = $this->loadMappingCopy($mapping_data);
573  $this->loadMappingDetails();
574 
575  // Section new assignment
576  $this->tpl->setVariable('TXT_NEW_ASSIGNMENT',$this->lng->txt('ldap_new_role_assignment'));
577  $this->tpl->setVariable('TXT_URL',$this->lng->txt('ldap_server'));
578  $this->tpl->setVariable('TXT_DN',$this->lng->txt('ldap_group_dn'));
579  $this->tpl->setVariable('TXT_MEMBER',$this->lng->txt('ldap_group_member'));
580  $this->tpl->setVariable('TXT_MEMBER_ISDN',$this->lng->txt('ldap_memberisdn'));
581  $this->tpl->setVariable('TXT_ROLE',$this->lng->txt('ldap_ilias_role'));
582  $this->tpl->setVariable('TXT_ROLE_INFO',$this->lng->txt('ldap_role_info'));
583  $this->tpl->setVariable('TXT_DN_INFO',$this->lng->txt('ldap_dn_info'));
584  $this->tpl->setVariable('TXT_MEMBER_INFO',$this->lng->txt('ldap_member_info'));
585  $this->tpl->setVariable('TXT_MEMBERISDN',$this->lng->txt('ldap_memberisdn'));
586  $this->tpl->setVariable('TXT_INFO',$this->lng->txt('ldap_info_text'));
587  $this->tpl->setVariable('TXT_INFO_INFO',$this->lng->txt('ldap_info_text_info'));
588 
589 
590  $this->tpl->setVariable('ROLE_BIND_USER',$this->server->getRoleBindDN());
591  $this->tpl->setVariable('ROLE_BIND_PASS',$this->server->getRoleBindPassword());
592  $this->tpl->setVariable('CHECK_ROLE_ACTIVE',ilUtil::formCheckbox($this->server->enabledRoleSynchronization() ? true : false,
593  'role_sync_active',
594  1));
595 
596  // Section new assignment
597  $this->tpl->setVariable('URL',$mapping_data[0]['url'] ? $mapping_data[0]['url'] : $this->server->getUrl());
598  $this->tpl->setVariable('DN',$mapping_data[0]['dn']);
599  $this->tpl->setVariable('ROLE',$mapping_data[0]['role_name']);
600  $this->tpl->setVariable('MEMBER',$mapping_data[0]['member_attribute']);
601  $this->tpl->setVariable('CHECK_MEMBERISDN',ilUtil::formCheckbox($mapping_data[0]['memberisdn'],
602  'mapping[0][memberisdn]',
603  1));
604  $this->tpl->setVariable('MAPPING_INFO',$mapping_data[0]['info']);
605 
606  $info_type_checked = isset($mapping_data[0]['info_type']) ? $mapping_data[0]['info_type'] : 1;
607 
608  $this->tpl->setVariable('TXT_MAPPING_INFO_TYPE',$this->lng->txt('ldap_mapping_info_type'));
609  $this->tpl->setVariable('CHECK_MAPPING_INFO_TYPE',ilUtil::formCheckbox($info_type_checked,
610  'mapping[0][info_type]',
611  1));
612 
613  unset($mapping_data[0]);
614 
615  // Section assignments
616  if(count($mapping_data))
617  {
618  $this->tpl->setCurrentBlock('txt_assignments');
619  $this->tpl->setVariable('TXT_ASSIGNMENTS',$this->lng->txt('ldap_role_group_assignments'));
620  $this->tpl->parseCurrentBlock();
621 
622  $this->tpl->setCurrentBlock('delete_btn');
623  $this->tpl->setVariable('SOURCE',ilUtil::getImagePath("arrow_downright.gif"));
624  $this->tpl->setVariable('TXT_DELETE',$this->lng->txt('delete'));
625  $this->tpl->parseCurrentBlock();
626  }
627 
628  $mapping_data = $this->sortMappingData($mapping_data);
629 
630  foreach($mapping_data as $data)
631  {
632  $mapping_id = $data['mapping_id'];
633  if(in_array($mapping_id,$_SESSION['ldap_mapping_details']))
634  {
635  $this->tpl->setCurrentBlock('show_mapping_details');
636  $this->tpl->setVariable('ASS_GROUP_URL',$this->lng->txt('ldap_server_short'));
637  $this->tpl->setVariable('ASS_GROUP_DN',$this->lng->txt('ldap_group_dn_short'));
638  $this->tpl->setVariable('ASS_MEMBER_ATTR',$this->lng->txt('ldap_group_member_short'));
639  $this->tpl->setVariable('ASS_ROLE',$this->lng->txt('ldap_ilias_role_short'));
640  $this->tpl->setVariable('ASS_INFO',$this->lng->txt('ldap_info_text_short'));
641  $this->tpl->setVariable('ROW_ID',$mapping_id);
642  $this->tpl->setVariable('ROW_URL',$data['url']);
643  $this->tpl->setVariable('ROW_ROLE',$data['role_name'] ? $data['role_name'] : $data['role']);
644  $this->tpl->setVariable('ROW_DN',$data['dn']);
645  $this->tpl->setVariable('ROW_MEMBER',$data['member_attribute']);
646  $this->tpl->setVariable('TXT_ROW_MEMBERISDN',$this->lng->txt('ldap_memberisdn'));
647  $this->tpl->setVariable('ROW_CHECK_MEMBERISDN',ilUtil::formCheckbox($data['member_isdn'],
648  'mapping['.$mapping_id.'][memberisdn]',
649  1));
650  $this->tpl->setVariable('ROW_INFO',ilUtil::prepareFormOutput($data['info']));
651  $this->tpl->setVariable('TXT_ROW_INFO_TYPE',$this->lng->txt('ldap_mapping_info_type'));
652  $this->tpl->setVariable('ROW_CHECK_INFO_TYPE',ilUtil::formCheckbox($data['info_type'],
653  'mapping['.$mapping_id.'][info_type]',
654  1));
655  $this->tpl->parseCurrentBlock();
656  }
657 
658  // assignment row
659  $this->tpl->setCurrentBlock('assignments');
660 
661  // Copy link
662  $this->ctrl->setParameter($this,'mapping_id',$mapping_id);
663  $this->tpl->setVariable('COPY_LINK',$this->ctrl->getLinkTarget($this,'roleMapping'));
664  $this->tpl->setVariable('TXT_COPY',$this->lng->txt('copy'));
665  $this->ctrl->clearParameters($this);
666 
667  // Details link
668  if(!in_array($mapping_id,$_SESSION['ldap_mapping_details']))
669  {
670  $this->ctrl->setParameter($this,'details_show',$mapping_id);
671  $this->tpl->setVariable('DETAILS_LINK',$this->ctrl->getLinkTarget($this,'roleMapping'));
672  $this->tpl->setVariable('TXT_DETAILS',$this->lng->txt('show_details'));
673  $this->ctrl->clearParameters($this);
674  }
675  else
676  {
677  $this->ctrl->setParameter($this,'details_hide',$mapping_id);
678  $this->tpl->setVariable('DETAILS_LINK',$this->ctrl->getLinkTarget($this,'roleMapping'));
679  $this->tpl->setVariable('TXT_DETAILS',$this->lng->txt('hide_details'));
680  $this->ctrl->clearParameters($this);
681  }
682  if(!count($_SESSION['ldap_mapping_details']))
683  {
684  $this->tpl->setVariable('WIDTH',"50%");
685  }
686  $this->tpl->setVariable('ROW_CHECK',ilUtil::formCheckbox(0,
687  'mappings[]',$mapping_id));
688  $this->tpl->setVariable('TXT_TITLE_TITLE',$this->lng->txt('title'));
689  $this->tpl->setVariable('TXT_TITLE_ROLE',$this->lng->txt('obj_role'));
690  $this->tpl->setVariable('TXT_TITLE_GROUP',$this->lng->txt('obj_grp'));
691  $this->tpl->setVariable('TITLE_GROUP',$this->role_mapping->getMappingInfoString($mapping_id));
692  $this->tpl->setVariable('TITLE_TITLE',ilUtil::shortenText($data['obj_title'],30,true));
693  $this->tpl->setVariable('TITLE_ROLE',$data['role_name']);
694 
695  $this->tpl->parseCurrentBlock();
696  }
697 
698 
699  $this->tpl->setVariable('TXT_SAVE',$this->lng->txt('save'));
700  $this->tpl->setVariable('TXT_REQUIRED_FLD',$this->lng->txt('required_field'));
701  }
702 
703 
704  public function deleteRoleMapping()
705  {
706  if(!count($_POST['mappings']))
707  {
708  ilUtil::sendFailure($this->lng->txt('select_one'));
709  $this->roleMapping();
710  return false;
711  }
712 
713  $this->initRoleMapping();
714 
715  foreach($_POST['mappings'] as $mapping_id)
716  {
717  $this->role_mapping->delete($mapping_id);
718  }
719  ilUtil::sendSuccess($this->lng->txt('ldap_deleted_role_mapping'));
720  $this->roleMapping();
721  return true;
722  }
723 
724  public function reset()
725  {
726  unset($_POST['mapping_template']);
727  $this->userMapping();
728  }
729 
730  public function saveRoleMapping()
731  {
732  global $ilErr;
733 
734  $this->server->setRoleBindDN(ilUtil::stripSlashes($_POST['role_bind_user']));
735  $this->server->setRoleBindPassword(ilUtil::stripSlashes($_POST['role_bind_pass']));
736  $this->server->enableRoleSynchronization((int) $_POST['role_sync_active']);
737 
738  // Update or create
739  if($this->server->getServerId())
740  {
741  $this->server->update();
742  }
743  else
744  {
745  $_GET['ldap_server_id'] = $this->server->create();
746  }
747 
748  $this->initRoleMapping();
749  $this->role_mapping->loadFromPost($_POST['mapping']);
750  if(!$this->role_mapping->validate())
751  {
752  ilUtil::sendFailure($ilErr->getMessage());
753  $this->roleMapping();
754  return false;
755  }
756  $this->role_mapping->save();
757 
758  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
759  $this->roleMapping();
760  return true;
761  }
762 
763  public function userMapping($a_show_defaults = false)
764  {
765  $this->initAttributeMapping();
766 
767  $this->setSubTabs();
768  $this->tabs_gui->setSubTabActive('ldap_user_mapping');
769 
770  $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.ldap_user_mapping.html','Services/LDAP');
771  $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
772 
773  $this->tpl->setVariable('TXT_LDAP_MAPPING',$this->lng->txt('ldap_mapping_table'));
774  $this->tpl->setVariable('SELECT_MAPPING',$this->prepareMappingSelect());
775 
776  if($_POST['mapping_template'])
777  {
778  $this->tpl->setCurrentBlock('reset');
779  $this->tpl->setVariable('TXT_RESET',$this->lng->txt('reset'));
780  $this->tpl->parseCurrentBlock();
781  }
782 
783  foreach($this->getMappingFields() as $mapping => $translation)
784  {
785  $this->tpl->setCurrentBlock('attribute_row');
786  $this->tpl->setVariable('TXT_NAME',$translation);
787  $this->tpl->setVariable('FIELD_NAME',$mapping.'_value');
788  $this->tpl->setVariable('FIELD_VALUE',$this->mapping->getValue($mapping));
789  $this->tpl->setVariable('CHECK_FIELD',ilUtil::formCheckbox($this->mapping->enabledUpdate($mapping),$mapping.'_update',1));
790  $this->tpl->setVariable('UPDATE_INFO',$this->lng->txt('ldap_update_field_info'));
791  $this->tpl->parseCurrentBlock();
792  }
793 
794  // Show user defined fields
795  $this->initUserDefinedFields();
796  foreach($this->udf->getDefinitions() as $definition)
797  {
798  $this->tpl->setCurrentBlock('attribute_row');
799  $this->tpl->setVariable('TXT_NAME',$definition['field_name']);
800  $this->tpl->setVariable('FIELD_NAME','udf_'.$definition['field_id'].'_value');
801  $this->tpl->setVariable('FIELD_VALUE',$this->mapping->getValue('udf_'.$definition['field_id']));
802  $this->tpl->setVariable('CHECK_FIELD',ilUtil::formCheckbox($this->mapping->enabledUpdate('udf_'.$definition['field_id']),
803  'udf_'.$definition['field_id'].'_update',1));
804  $this->tpl->setVariable('UPDATE_INFO',$this->lng->txt('ldap_update_field_info'));
805  $this->tpl->parseCurrentBlock();
806 
807  }
808 
809  $this->tpl->setVariable('TXT_SAVE',$this->lng->txt('save'));
810  $this->tpl->setVariable('TXT_SHOW',$this->lng->txt('show'));
811  }
812 
813  public function chooseMapping()
814  {
815  if(!$_POST['mapping_template'])
816  {
817  $this->userMapping();
818  return;
819  }
820 
821  $this->initAttributeMapping();
822  $this->mapping->clearRules();
823 
824  include_once('Services/LDAP/classes/class.ilLDAPAttributeMappingUtils.php');
825  foreach(ilLDAPAttributeMappingUtils::_getMappingRulesByClass($_POST['mapping_template']) as $key => $value)
826  {
827  $this->mapping->setRule($key,$value,0);
828  }
829  $this->userMapping();
830  return true;
831  }
832 
833  public function saveMapping()
834  {
835  $this->initAttributeMapping();
836  foreach($this->getMappingFields() as $key => $mapping)
837  {
838  $this->mapping->setRule($key,ilUtil::stripSlashes($_POST[$key.'_value']),(int) $_POST[$key.'_update']);
839  }
840  $this->initUserDefinedFields();
841  foreach($this->udf->getDefinitions() as $definition)
842  {
843  $key = 'udf_'.$definition['field_id'];
844  $this->mapping->setRule($key,ilUtil::stripSlashes($_POST[$key.'_value']),(int) $_POST[$key.'_update']);
845  }
846 
847  $this->mapping->save();
848  $this->userMapping();
849 
850  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
851  unset($_POST['mapping_template']);
852  return;
853  }
854 
855  public function serverList()
856  {
857  global $ilAccess, $ilErr;
858 
859  if(!$ilAccess->checkAccess('read','',$this->ref_id) && $cmd != "serverList")
860  {
861  $ilErr->raiseError($this->lng->txt('msg_no_perm_write'),$ilErr->WARNING);
862  }
863 
864  if(!ilLDAPServer::checkLDAPLib() and $this->server->isActive())
865  {
866  ilUtil::sendFailure('Missing LDAP libraries. Please ensure that the PHP LDAP module is installed on your server.');
867  }
868 
869  $this->setSubTabs();
870  $this->tabs_gui->setSubTabActive('ldap_settings');
871 
872  $this->initForm();
873  $this->setServerFormValues();
874  return $this->tpl->setContent($this->form_gui->getHtml());
875  }
876 
877  public function setServerFormValues()
878  {
879  $this->form_gui->setValuesByArray(array(
880  'active' => $this->server->isActive(),
881  'ds' => !$this->server->isAuthenticationEnabled(),
882  'server_name' => $this->server->getName(),
883  'server_url' => $this->server->getUrlString(),
884  'version' => $this->server->getVersion(),
885  'base_dn' => $this->server->getBaseDN(),
886  'referrals' => $this->server->isActiveReferrer(),
887  'tls' => $this->server->isActiveTLS(),
888  'binding_type' => $this->server->getBindingType(),
889  'bind_dn' => $this->server->getBindUser(),
890  'bind_pass' => $this->server->getBindPassword(),
891  'bind_pass_retype' => $this->server->getBindPassword(),
892  'search_base' => $this->server->getSearchBase(),
893  'user_scope' => $this->server->getUserScope(),
894  'user_attribute' => $this->server->getUserAttribute(),
895  'filter' => $this->server->getFilter(),
896  'group_dn' => $this->server->getGroupDN(),
897  'group_scope' => $this->server->getGroupScope(),
898  'group_filter' => $this->server->getGroupFilter(),
899  'group_member' => $this->server->getGroupMember(),
900  'memberisdn' => $this->server->enabledGroupMemberIsDN(),
901  'group' => $this->server->getGroupName(),
902  'group_attribute' => $this->server->getGroupAttribute(),
903  'group_optional' => $this->server->isMembershipOptional(),
904  'group_user_filter' => $this->server->getGroupUserFilter(),
905  'sync_on_login' => $this->server->enabledSyncOnLogin(),
906  'sync_per_cron' => $this->server->enabledSyncPerCron(),
907  'global_role' => ilLDAPAttributeMapping::_lookupGlobalRole($this->server->getServerId()),
908  'migration' => (int)$this->server->isAccountMigrationEnabled(),
909  ));
910  }
911 
912  private function initForm()
913  {
914  include_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
915 
916  $this->form_gui = new ilPropertyFormGUI();
917  $this->form_gui->setFormAction($this->ctrl->getFormAction($this, 'save'));
918  $this->form_gui->setTitle($this->lng->txt('ldap_configure'));
919 
920  $active = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_enable'), 'active');
921  $active->setValue(1);
922  $this->form_gui->addItem($active);
923 
924  $ds = new ilCheckboxInputGUI($this->lng->txt('ldap_as_ds'), 'ds');
925  $ds->setValue(1);
926  $ds->setInfo($this->lng->txt('ldap_as_ds_info'));
927  $this->form_gui->addItem($ds);
928 
929  $servername = new ilTextInputGUI($this->lng->txt('ldap_server_name'), 'server_name');
930  $servername->setRequired(true);
931  $servername->setInfo($this->lng->txt('ldap_server_name_info'));
932  $servername->setSize(32);
933  $servername->setMaxLength(32);
934  $this->form_gui->addItem($servername);
935 
936  $serverurl = new ilTextInputGUI($this->lng->txt('ldap_server'), 'server_url');
937  $serverurl->setRequired(true);
938  $serverurl->setInfo($this->lng->txt('ldap_server_url_info'));
939  $serverurl->setSize(64);
940  $serverurl->setMaxLength(255);
941  $this->form_gui->addItem($serverurl);
942 
943  $version = new ilSelectInputGUI($this->lng->txt('ldap_version'), 'version');
944  $version->setOptions(array(2 => 2, 3 => 3));
945  $version->setInfo($this->lng->txt('ldap_server_version_info'));
946  $this->form_gui->addItem($version);
947 
948  $basedsn = new ilTextInputGUI($this->lng->txt('basedn'), 'base_dn');
949  $basedsn->setRequired(true);
950  $basedsn->setSize(64);
951  $basedsn->setMaxLength(255);
952  $this->form_gui->addItem($basedsn);
953 
954  $referrals = new ilCheckboxInputGUI($this->lng->txt('ldap_referrals'), 'referrals');
955  $referrals->setValue(1);
956  $referrals->setInfo($this->lng->txt('ldap_referrals_info'));
957  $this->form_gui->addItem($referrals);
958 
959  $section_security = new ilFormSectionHeaderGUI();
960  $section_security->setTitle($this->lng->txt('ldap_server_security_settings'));
961  $this->form_gui->addItem($section_security);
962 
963  $tls = new ilCheckboxInputGUI($this->lng->txt('ldap_tls'), 'tls');
964  $tls->setValue(1);
965  $this->form_gui->addItem($tls);
966 
967  $binding = new ilRadioGroupInputGUI($this->lng->txt('ldap_server_binding'), 'binding_type' );
968  $anonymous = new ilRadioOption($this->lng->txt('ldap_bind_anonymous'), IL_LDAP_BIND_ANONYMOUS);
969  $binding->addOption($anonymous);
970  $user = new ilRadioOption($this->lng->txt('ldap_bind_user'), IL_LDAP_BIND_USER);
971  $dn = new ilTextInputGUI($this->lng->txt('ldap_server_bind_dn'), 'bind_dn');
972  $dn->setSize(64);
973  $dn->setMaxLength(255);
974  $user->addSubItem($dn);
975  $pass = new ilPasswordInputGUI($this->lng->txt('ldap_server_bind_pass'), 'bind_pass');
976  $pass->setSize(12);
977  $pass->setMaxLength(36);
978  $user->addSubItem($pass);
979  $binding->addOption($user);
980  $this->form_gui->addItem($binding);
981 
982  $section_auth = new ilFormSectionHeaderGUI();
983  $section_auth->setTitle($this->lng->txt('ldap_authentication_settings'));
984  $this->form_gui->addItem($section_auth);
985 
986  $search_base = new ilTextInputGUI($this->lng->txt('ldap_user_dn'), 'search_base');
987  $search_base->setInfo($this->lng->txt('ldap_search_base_info'));
988  $search_base->setSize(64);
989  $search_base->setMaxLength(255);
990  $this->form_gui->addItem($search_base);
991 
992  $user_scope = new ilSelectInputGUI($this->lng->txt('ldap_user_scope'), 'user_scope');
993  $user_scope->setOptions(array(IL_LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
994  IL_LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')));
995  $user_scope->setInfo($this->lng->txt('ldap_user_scope_info'));
996  $this->form_gui->addItem($user_scope);
997 
998  $user_attribute = new ilTextInputGUI($this->lng->txt('ldap_user_attribute'), 'user_attribute');
999  $user_attribute->setSize(16);
1000  $user_attribute->setMaxLength(64);
1001  $user_attribute->setRequired(true);
1002  $this->form_gui->addItem($user_attribute);
1003 
1004  $filter = new ilTextInputGUI($this->lng->txt('ldap_search_filter'), 'filter');
1005  $filter->setInfo($this->lng->txt('ldap_filter_info'));
1006  $filter->setSize(64);
1007  $filter->setMaxLength(512);
1008  $this->form_gui->addItem($filter);
1009 
1010  $section_restrictions = new ilFormSectionHeaderGUI();
1011  $section_restrictions->setTitle($this->lng->txt('ldap_group_restrictions'));
1012  $this->form_gui->addItem($section_restrictions);
1013 
1014  $group_dn = new ilTextInputGUI($this->lng->txt('ldap_group_search_base'), 'group_dn');
1015  $group_dn->setInfo($this->lng->txt('ldap_group_dn_info'));
1016  $group_dn->setSize(64);
1017  $group_dn->setMaxLength(255);
1018  $this->form_gui->addItem($group_dn);
1019 
1020  $group_scope = new ilSelectInputGUI($this->lng->txt('ldap_group_scope'), 'group_scope');
1021  $group_scope->setOptions(array(IL_LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
1022  IL_LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')));
1023  $group_scope->setInfo($this->lng->txt('ldap_group_scope_info'));
1024  $this->form_gui->addItem($group_scope);
1025 
1026  $group_filter = new ilTextInputGUI($this->lng->txt('ldap_group_filter'), 'group_filter');
1027  $group_filter->setInfo($this->lng->txt('ldap_group_filter_info'));
1028  $group_filter->setSize(64);
1029  $group_filter->setMaxLength(255);
1030  $this->form_gui->addItem($group_filter);
1031 
1032  $group_member = new ilTextInputGUI($this->lng->txt('ldap_group_member'), 'group_member');
1033  $group_member->setInfo($this->lng->txt('ldap_group_member_info'));
1034  $group_member->setSize(32);
1035  $group_member->setMaxLength(255);
1036  $this->form_gui->addItem($group_member);
1037 
1038 
1039  $group_member_isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_memberisdn'), 'memberisdn');
1040  #$group_member_isdn->setInfo($this->lng->txt('ldap_group_member_info'));
1041  $this->form_gui->addItem($group_member_isdn);
1042  #$group_member->addSubItem($group_member_isdn);
1043 
1044  $group = new ilTextInputGUI($this->lng->txt('ldap_group_name'), 'group');
1045  $group->setInfo($this->lng->txt('ldap_group_name_info'));
1046  $group->setSize(32);
1047  $group->setMaxLength(255);
1048  $this->form_gui->addItem($group);
1049 
1050  $group_atrr = new ilTextInputGUI($this->lng->txt('ldap_group_attribute'), 'group_attribute');
1051  $group_atrr->setInfo($this->lng->txt('ldap_group_attribute_info'));
1052  $group_atrr->setSize(16);
1053  $group_atrr->setMaxLength(64);
1054  $this->form_gui->addItem($group_atrr);
1055 
1056  $group_optional = new ilCheckboxInputGUI($this->lng->txt('ldap_group_membership'), 'group_optional');
1057  $group_optional->setOptionTitle($this->lng->txt('ldap_group_member_optional'));
1058  $group_optional->setInfo($this->lng->txt('ldap_group_optional_info'));
1059  $group_optional->setValue(1);
1060  $group_user_filter = new ilTextInputGUI($this->lng->txt('ldap_group_user_filter'), 'group_user_filter');
1061  $group_user_filter->setSize(64);
1062  $group_user_filter->setMaxLength(255);
1063  $group_optional->addSubItem($group_user_filter);
1064  $this->form_gui->addItem($group_optional);
1065 
1066  $section_sync = new ilFormSectionHeaderGUI();
1067  $section_sync->setTitle($this->lng->txt('ldap_user_sync'));
1068  $this->form_gui->addItem($section_sync);
1069 
1070  $ci_gui = new ilCustomInputGUI($this->lng->txt('ldap_moment_sync'));
1071  $sync_on_login = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_login'), 'sync_on_login');
1072  $sync_on_login->setValue(1);
1073  $ci_gui->addSubItem($sync_on_login);
1074  $sync_per_cron = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_cron'), 'sync_per_cron');
1075  $sync_per_cron->setValue(1);
1076  $ci_gui->addSubItem($sync_per_cron);
1077  $ci_gui->setInfo($this->lng->txt('ldap_user_sync_info'));
1078  $this->form_gui->addItem($ci_gui);
1079 
1080  $global_role = new ilSelectInputGUI($this->lng->txt('ldap_global_role_assignment'), 'global_role');
1081  $global_role->setOptions($this->prepareRoleSelect(false));
1082  $global_role->setInfo($this->lng->txt('ldap_global_role_info'));
1083  $this->form_gui->addItem($global_role);
1084 
1085  $migr = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_migration'), 'migration');
1086  $migr->setInfo($this->lng->txt('auth_ldap_migration_info'));
1087  $migr->setValue(1);
1088  $this->form_gui->addItem($migr);
1089 
1090  $this->form_gui->addCommandButton('save', $this->lng->txt('save'));
1091  }
1092 
1093  /*
1094  * Update Settings
1095  */
1096  function save()
1097  {
1098  global $ilErr;
1099 
1100  $this->setSubTabs();
1101  $this->tabs_gui->setSubTabActive('ldap_settings');
1102 
1103  $this->initForm();
1104  if($this->form_gui->checkInput())
1105  {
1106  $this->server->toggleActive((int)$this->form_gui->getInput('active'));
1107  $this->server->enableAuthentication(!$this->form_gui->getInput('ds'));
1108  $this->server->setName($this->form_gui->getInput('server_name'));
1109  $this->server->setUrl($this->form_gui->getInput('server_url'));
1110  $this->server->setVersion($this->form_gui->getInput('version'));
1111  $this->server->setBaseDN($this->form_gui->getInput('base_dn'));
1112  $this->server->toggleReferrer($this->form_gui->getInput('referrals'));
1113  $this->server->toggleTLS($this->form_gui->getInput('tls'));
1114  $this->server->setBindingType((int)$this->form_gui->getInput('binding_type'));
1115  $this->server->setBindUser($this->form_gui->getInput('bind_dn'));
1116  $this->server->setBindPassword($this->form_gui->getInput('bind_pass'));
1117  $this->server->setSearchBase($this->form_gui->getInput('search_base'));
1118  $this->server->setUserScope($this->form_gui->getInput('user_scope'));
1119  $this->server->setUserAttribute($this->form_gui->getInput('user_attribute'));
1120  $this->server->setFilter($this->form_gui->getInput('filter'));
1121  $this->server->setGroupDN($this->form_gui->getInput('group_dn'));
1122  $this->server->setGroupScope((int)$this->form_gui->getInput('group_scope'));
1123  $this->server->setGroupFilter($this->form_gui->getInput('group_filter'));
1124  $this->server->setGroupMember($this->form_gui->getInput('group_member'));
1125  $this->server->enableGroupMemberIsDN((int)$this->form_gui->getInput('memberisdn'));
1126  $this->server->setGroupName($this->form_gui->getInput('group'));
1127  $this->server->setGroupAttribute($this->form_gui->getInput('group_attribute'));
1128  $this->server->setGroupUserFilter($this->form_gui->getInput('group_user_filter'));
1129  $this->server->toggleMembershipOptional((int)$this->form_gui->getInput('group_optional'));
1130  $this->server->enableSyncOnLogin((int)$this->form_gui->getInput('sync_on_login'));
1131  $this->server->enableSyncPerCron((int)$this->form_gui->getInput('sync_per_cron'));
1132  $this->server->setGlobalRole((int)$this->form_gui->getInput('global_role'));
1133  $this->server->enableAccountMigration((int)$this->form_gui->getInput('migration'));
1134 
1135  if(!$this->server->validate())
1136  {
1137  ilUtil::sendFailure($ilErr->getMessage());
1138  $this->form_gui->setValuesByPost();
1139  return $this->tpl->setContent($this->form_gui->getHtml());
1140  }
1141 
1142  // Update or create
1143  if($this->server->getServerId())
1144  {
1145  $this->server->update();
1146  }
1147  else
1148  {
1149  $_GET['ldap_server_id'] = $this->server->create();
1150  }
1151 
1152  // Now server_id exists => update LDAP attribute mapping
1153  $this->initAttributeMapping();
1154  $this->mapping->setRule('global_role', (int)$this->form_gui->getInput('global_role'), false);
1155  $this->mapping->save();
1156 
1157  ilUtil::sendSuccess($this->lng->txt('settings_saved'),true);
1158  $this->ctrl->redirect($this,'serverList');
1159  return true;
1160  #$this->form_gui->setValuesByPost();
1161  #return $this->tpl->setContent($this->form_gui->getHtml());
1162  }
1163 
1164  $this->form_gui->setValuesByPost();
1165  return $this->tpl->setContent($this->form_gui->getHtml());
1166  }
1167 
1168 
1169 
1175  private function setSubTabs()
1176  {
1177  $this->tabs_gui->addSubTabTarget("ldap_settings",
1178  $this->ctrl->getLinkTarget($this,'serverList'),
1179  "serverList",get_class($this));
1180 
1181  // Disable all other tabs, if server hasn't been configured.
1182  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
1183  if(!count(ilLDAPServer::_getServerList()))
1184  {
1185  return true;
1186  }
1187 
1188  $this->tabs_gui->addSubTabTarget("ldap_user_mapping",
1189  $this->ctrl->getLinkTarget($this,'userMapping'),
1190  "userMapping",get_class($this));
1191 
1192  $this->tabs_gui->addSubTabTarget('ldap_role_assignments',
1193  $this->ctrl->getLinkTarget($this,'roleAssignments'),
1194  "roleAssignments",get_class($this));
1195 
1196  $this->tabs_gui->addSubTabTarget("ldap_role_mapping",
1197  $this->ctrl->getLinkTarget($this,'roleMapping'),
1198  "roleMapping",get_class($this));
1199 
1200  }
1201 
1202 
1203  private function initServer()
1204  {
1205  include_once './Services/LDAP/classes/class.ilLDAPServer.php';
1206  if(!$_GET['ldap_server_id'])
1207  {
1208  $_GET['ldap_server_id'] = ilLDAPServer::_getFirstServer();
1209  }
1210  $this->server = new ilLDAPServer((int) $_GET['ldap_server_id']);
1211  }
1212 
1213  private function initAttributeMapping()
1214  {
1215  include_once './Services/LDAP/classes/class.ilLDAPAttributeMapping.php';
1216  $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId((int) $_GET['ldap_server_id']);
1217  }
1218 
1219  private function initRoleMapping()
1220  {
1221  include_once './Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
1222  $this->role_mapping = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId((int) $_GET['ldap_server_id']);
1223  }
1224 
1230  private function prepareGlobalRoleSelection($a_as_select = true)
1231  {
1232  global $rbacreview,$ilObjDataCache;
1233 
1234  $global_roles = ilUtil::_sortIds($rbacreview->getGlobalRoles(),
1235  'object_data',
1236  'title',
1237  'obj_id');
1238 
1239  $select[0] = $this->lng->txt('links_select_one');
1240  foreach($global_roles as $role_id)
1241  {
1242  $select[$role_id] = ilObject::_lookupTitle($role_id);
1243  }
1244  return $select;
1245  }
1246 
1247 
1254  private function prepareRoleSelect($a_as_select = true)
1255  {
1256  global $rbacreview,$ilObjDataCache;
1257 
1258  include_once('./Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
1259 
1260  $global_roles = ilUtil::_sortIds($rbacreview->getGlobalRoles(),
1261  'object_data',
1262  'title',
1263  'obj_id');
1264 
1265  $select[0] = $this->lng->txt('links_select_one');
1266  foreach($global_roles as $role_id)
1267  {
1268  $select[$role_id] = ilObject::_lookupTitle($role_id);
1269  }
1270 
1271  if($a_as_select)
1272  {
1273  return ilUtil::formSelect(ilLDAPAttributeMapping::_lookupGlobalRole($this->server->getServerId()),
1274  'global_role',$select,false,true);
1275  }
1276  else
1277  {
1278  return $select;
1279  }
1280  }
1281 
1282 
1283  private function getMappingFields()
1284  {
1285  return array('gender' => $this->lng->txt('gender'),
1286  'firstname' => $this->lng->txt('firstname'),
1287  'lastname' => $this->lng->txt('lastname'),
1288  'title' => $this->lng->txt('person_title'),
1289  'institution' => $this->lng->txt('institution'),
1290  'department' => $this->lng->txt('department'),
1291  'street' => $this->lng->txt('street'),
1292  'city' => $this->lng->txt('city'),
1293  'zipcode' => $this->lng->txt('zipcode'),
1294  'country' => $this->lng->txt('country'),
1295  'phone_office' => $this->lng->txt('phone_office'),
1296  'phone_home' => $this->lng->txt('phone_home'),
1297  'phone_mobile' => $this->lng->txt('phone_mobile'),
1298  'fax' => $this->lng->txt('fax'),
1299  'email' => $this->lng->txt('email'),
1300  'hobby' => $this->lng->txt('hobby'),
1301  'matriculation' => $this->lng->txt('matriculation'));
1302  #'photo' => $this->lng->txt('photo'));
1303  }
1304 
1305  private function initUserDefinedFields()
1306  {
1307  include_once("./Services/User/classes/class.ilUserDefinedFields.php");
1308  $this->udf = ilUserDefinedFields::_getInstance();
1309  }
1310 
1311  private function prepareMappingSelect()
1312  {
1313  return ilUtil::formSelect($_POST['mapping_template'],'mapping_template',array(0 => $this->lng->txt('ldap_mapping_template'),
1314  "inetOrgPerson" => 'inetOrgPerson',
1315  "organizationalPerson" => 'organizationalPerson',
1316  "person" => 'person',
1317  "ad_2003" => 'Active Directory (Win 2003)'),false,true);
1318  }
1319 
1328  private function loadMappingCopy($a_mapping_data)
1329  {
1330  if(!isset($_GET['mapping_id']))
1331  {
1332  return $a_mapping_data;
1333  }
1334  $mapping_id = $_GET['mapping_id'];
1335  $a_mapping_data[0] = $a_mapping_data[$mapping_id];
1336 
1337  return $a_mapping_data;
1338  }
1339 
1346  private function loadMappingDetails()
1347  {
1348  if(!isset($_SESSION['ldap_mapping_details']))
1349  {
1350  $_SESSION['ldap_mapping_details'] = array();
1351  }
1352  if(isset($_GET['details_show']))
1353  {
1354  $_SESSION['ldap_mapping_details'][$_GET['details_show']] = $_GET['details_show'];
1355  }
1356  if(isset($_GET['details_hide']))
1357  {
1358  unset($_SESSION['ldap_mapping_details'][$_GET['details_hide']]);
1359  }
1360  }
1361 
1369  private function sortMappingData($a_mapping_data)
1370  {
1371  global $rbacreview,$ilObjDataCache;
1372 
1373  $new_mapping = array();
1374  $new_mapping = array();
1375  foreach($a_mapping_data as $mapping_id => $data)
1376  {
1377  $new_mapping[$mapping_id] = $data;
1378  $new_mapping[$mapping_id]['obj_id'] = $obj_id = $rbacreview->getObjectOfRole($data['role']);
1379  $new_mapping[$mapping_id]['obj_title'] = $ilObjDataCache->lookupTitle($obj_id);
1380  $new_mapping[$mapping_id]['mapping_id'] = $mapping_id;
1381  }
1382  return ilUtil::sortArray($new_mapping,'obj_title','DESC');
1383 
1384  }
1385 
1394  protected function initFormRoleAssignments($a_mode)
1395  {
1396  include_once('Services/Form/classes/class.ilPropertyFormGUI.php');
1397  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
1398 
1399  $this->form = new ilPropertyFormGUI();
1400  $this->form->setFormAction($this->ctrl->getFormAction($this));
1401 
1402  switch($a_mode)
1403  {
1404  case 'edit':
1405  $this->form->setTitle($this->lng->txt('ldap_edit_role_ass_rule'));
1406  $this->form->addCommandButton('updateRoleAssignment',$this->lng->txt('save'));
1407  $this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
1408  break;
1409  case 'create':
1410  $this->form->setTitle($this->lng->txt('ldap_add_role_ass_rule'));
1411  $this->form->addCommandButton('addRoleAssignment',$this->lng->txt('ldap_btn_add_role_ass'));
1412  $this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
1413  break;
1414  }
1415 
1416  // Role Selection
1417  $role = new ilRadioGroupInputGUI($this->lng->txt('ldap_ilias_role'),'role_name');
1418  $role->setRequired(true);
1419 
1420  $global = new ilRadioOption($this->lng->txt('ldap_global_role'),0);
1421  $role->addOption($global);
1422 
1423  $role_select = new ilSelectInputGUI('','role_id');
1424  $role_select->setOptions($this->prepareGlobalRoleSelection());
1425  $global->addSubItem($role_select);
1426 
1427  $local = new ilRadioOption($this->lng->txt('ldap_local_role'),1);
1428  $role->addOption($local);
1429 
1430  include_once './Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php';
1431  $role_search = new ilRoleAutoCompleteInputGUI('','role_search',$this,'addRoleAutoCompleteObject');
1432  $role_search->setSize(40);
1433  $local->addSubItem($role_search);
1434 
1435  $role->setInfo($this->lng->txt('ldap_role_name_info'));
1436  $this->form->addItem($role);
1437 
1438  // Update options
1439  $update = new ilNonEditableValueGUI($this->lng->txt('ldap_update_roles'),'update_roles');
1440  $update->setValue($this->lng->txt('ldap_check_role_assignment'));
1441 
1442  $add = new ilCheckboxInputGUI('','add_missing');
1443  $add->setOptionTitle($this->lng->txt('ldap_add_missing'));
1444  $update->addSubItem($add);
1445 
1446  $remove = new ilCheckboxInputGUI('','remove_deprecated');
1447  $remove->setOptionTitle($this->lng->txt('ldap_remove_deprecated'));
1448  $update->addSubItem($remove);
1449 
1450  $this->form->addItem($update);
1451 
1452 
1453 
1454  // Assignment Type
1455  $group = new ilRadioGroupInputGUI($this->lng->txt('ldap_assignment_type'),'type');
1456  #$group->setValue($current_rule->getType());
1457  $group->setRequired(true);
1458 
1459  // Option by group
1460  $radio_group = new ilRadioOption($this->lng->txt('ldap_role_by_group'),ilLDAPRoleAssignmentRule::TYPE_GROUP);
1461 
1462  $dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn'),'dn');
1463  #$dn->setValue($current_rule->getDN());
1464  $dn->setSize(32);
1465  $dn->setMaxLength(512);
1466  $dn->setInfo($this->lng->txt('ldap_role_grp_dn_info'));
1467  $radio_group->addSubItem($dn);
1468  $at = new ilTextInputGUI($this->lng->txt('ldap_role_grp_at'),'at');
1469  #$at->setValue($current_rule->getMemberAttribute());
1470  $at->setSize(16);
1471  $at->setMaxLength(128);
1472  $radio_group->addSubItem($at);
1473  $isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_role_grp_isdn'),'isdn');
1474  #$isdn->setChecked($current_rule->isMemberAttributeDN());
1475  $isdn->setInfo($this->lng->txt('ldap_group_member_info'));
1476  $radio_group->addSubItem($isdn);
1477  $radio_group->setInfo($this->lng->txt('ldap_role_grp_info'));
1478 
1479  $group->addOption($radio_group);
1480 
1481  // Option by Attribute
1482  $radio_attribute = new ilRadioOption($this->lng->txt('ldap_role_by_attribute'),ilLDAPRoleAssignmentRule::TYPE_ATTRIBUTE);
1483  $name = new ilTextInputGUI($this->lng->txt('ldap_role_at_name'),'name');
1484  #$name->setValue($current_rule->getAttributeName());
1485  $name->setSize(32);
1486  $name->setMaxLength(128);
1487  #$name->setInfo($this->lng->txt('ldap_role_at_name_info'));
1488  $radio_attribute->addSubItem($name);
1489 
1490  // Radio Attribute
1491  $val = new ilTextInputGUI($this->lng->txt('ldap_role_at_value'),'value');
1492  #$val->setValue($current_rule->getAttributeValue());
1493  $val->setSize(32);
1494  $val->setMaxLength(128);
1495  #$val->setInfo($this->lng->txt('ldap_role_at_value_info'));
1496  $radio_attribute->addSubItem($val);
1497  $radio_attribute->setInfo($this->lng->txt('ldap_role_at_info'));
1498 
1499  $group->addOption($radio_attribute);
1500 
1501  // Option by Plugin
1502  $pl_active = (bool) $this->hasActiveRoleAssignmentPlugins();
1503  $pl = new ilRadioOption($this->lng->txt('ldap_plugin'),3);
1504  $pl->setInfo($this->lng->txt('ldap_plugin_info'));
1505  $pl->setDisabled(!$pl_active);
1506 
1507  $id = new ilNumberInputGUI($this->lng->txt('ldap_plugin_id'),'plugin_id');
1508  $id->setDisabled(!$pl_active);
1509  $id->setSize(3);
1510  $id->setMaxLength(3);
1511  $id->setMaxValue(999);
1512  $id->setMinValue(1);
1513  $pl->addSubItem($id);
1514 
1515  $group->addOption($pl);
1516  $this->form->addItem($group);
1517  }
1518 
1523  private function hasActiveRoleAssignmentPlugins()
1524  {
1525  global $ilPluginAdmin;
1526 
1527  return count($ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE,'LDAP','ldaphk')) ? true : false;
1528  }
1529 
1530 
1534  function addRoleAutoCompleteObject()
1535  {
1536  include_once("./Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php");
1537  ilRoleAutoCompleteInputGUI::echoAutoCompleteList();
1538  }
1539 
1540 }
1541 ?>