ILIAS  Release_4_4_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilShibbolethRoleAssignmentRules.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
24 include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php';
25 
36 class ilShibbolethRoleAssignmentRules {
37 
38  protected static $active_plugins = NULL;
39 
40 
44  public static function getAllRules() {
45  global $ilDB;
46  $rules = array();
50  $query = "SELECT rule_id FROM shib_role_assignment ORDER BY rule_id";
51  $res = $ilDB->query($query);
52  while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT)) {
53  $rules[$row->rule_id] = new ilShibbolethRoleAssignmentRule($row->rule_id);
54  }
55 
56  return $rules;
57  }
58 
59 
60  public static function getCountRules() {
61  global $ilDB;
62  $query = "SELECT COUNT(*) num FROM shib_role_assignment ";
63  $res = $ilDB->query($query);
64  while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT)) {
65  return $row->num;
66  }
67 
68  return 0;
69  }
70 
71 
78  public static function updateAssignments($a_usr_id, $a_data) {
79  global $ilDB, $rbacadmin, $rbacreview, $ilSetting, $ilLog;
80  $query = "SELECT rule_id,add_on_update,remove_on_update FROM shib_role_assignment " . "WHERE add_on_update = 1 OR remove_on_update = 1";
81  $res = $ilDB->query($query);
82  while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT)) {
83  $rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
84  $matches = $rule->matches($a_data);
85  if ($matches and $row->add_on_update) {
86  $ilLog->write(__METHOD__ . ': Assigned to role ' . ilObject::_lookupTitle($rule->getRoleId()));
87  $rbacadmin->assignUser($rule->getRoleId(), $a_usr_id);
88  }
89  if (! $matches and $row->remove_on_update) {
90  $ilLog->write(__METHOD__ . ': Deassigned from role ' . ilObject::_lookupTitle($rule->getRoleId()));
91  $rbacadmin->deassignUser($rule->getRoleId(), $a_usr_id);
92  }
93  }
94  // check if is assigned to minimum one global role
95  if (! array_intersect($rbacreview->assignedRoles($a_usr_id), $rbacreview->getGlobalRoles())) {
96  $ilLog->write(__METHOD__ . ': Assigned to default role '
97  . ilObject::_lookupTitle($ilSetting->get('shib_user_default_role')));
98  $rbacadmin->assignUser($ilSetting->get('shib_user_default_role'), $a_usr_id);
99  }
100 
101  return true;
102  }
103 
104 
111  public static function doAssignments($a_usr_id, $a_data) {
112  global $ilDB, $ilSetting, $rbacadmin, $ilLog;
113  $query = "SELECT rule_id FROM shib_role_assignment ";
114  $num_matches = 0;
115  $res = $ilDB->query($query);
116  while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT)) {
117  $rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
118  if ($rule->matches($a_data)) {
119  $num_matches ++;
120  $ilLog->write(__METHOD__ . ': Assigned to role ' . ilObject::_lookupTitle($rule->getRoleId()));
121  $rbacadmin->assignUser($rule->getRoleId(), $a_usr_id);
122  }
123  }
124  // Assign to default if no matching found
125  if (! $num_matches) {
126  $ilLog->write(__METHOD__ . ': Assigned to default role '
127  . ilObject::_lookupTitle($ilSetting->get('shib_user_default_role')));
128  $rbacadmin->assignUser($ilSetting->get('shib_user_default_role'), $a_usr_id);
129  }
130 
131  return true;
132  }
133 
134 
141  public static function callPlugin($a_plugin_id, $a_user_data) {
142  global $ilPluginAdmin;
143  if (self::$active_plugins == NULL) {
144  self::$active_plugins = $ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, 'AuthShibboleth', 'shibhk');
145  }
146  $assigned = false;
147  foreach (self::$active_plugins as $plugin_name) {
148  $ok = false;
149  $plugin_obj = $ilPluginAdmin->getPluginObject(IL_COMP_SERVICE, 'AuthShibboleth', 'shibhk', $plugin_name);
150  if ($plugin_obj instanceof ilShibbolethRoleAssignmentPlugin) {
151  $ok = $plugin_obj->checkRoleAssignment($a_plugin_id, $a_user_data);
152  }
153  if ($ok) {
154  $assigned = true;
155  }
156  }
157 
158  return $assigned;
159  }
160 }
161 
162 ?>