42 $this->tabs_gui = $ilTabs;
44 $this->lng->loadLanguageModule(
'ldap');
48 $this->ctrl->saveParameter($this,
'ldap_server_id');
49 $this->ref_id = $a_auth_ref_id;
59 $next_class = $this->ctrl->getNextClass($this);
60 $cmd = $this->ctrl->getCmd();
62 if(!$ilAccess->checkAccess(
'write',
'',$this->ref_id) &&
$cmd !=
"serverList")
65 $ilCtrl->redirect($this,
"serverList");
93 $this->tabs_gui->setSubTabActive(
'ldap_role_assignments');
95 $this->tpl->addBlockFile(
'ADM_CONTENT',
'adm_content',
'tpl.ldap_role_assignments.html',
'Services/LDAP');
97 include_once(
'Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
99 $this->tpl->setVariable(
'NEW_ASSIGNMENT_TBL',$this->form->getHTML());
104 include_once(
"./Services/LDAP/classes/class.ilLDAPRoleAssignmentTableGUI.php");
106 $table_gui->setTitle($this->lng->txt(
"ldap_tbl_role_ass"));
107 $table_gui->parse($rules);
108 $table_gui->addMultiCommand(
"confirmDeleteRules", $this->lng->txt(
"delete"));
109 $table_gui->setSelectAllCheckbox(
"rule_id");
110 $this->tpl->setVariable(
'RULES_TBL',$table_gui->getHTML());
123 if(!(
int)
$_GET[
'rule_id'])
130 $this->tabs_gui->setSubTabActive(
'ldap_role_assignments');
132 $this->ctrl->saveParameter($this,
'rule_id',(
int) $_GET[
'rule_id']);
133 include_once(
'Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
137 $this->tpl->setContent($this->form->getHTML());
149 $role_id = $this->role_mapping_rule->getRoleId();
150 if($rbacreview->isGlobalRole($role_id))
152 $val[
'role_name'] = 0;
153 $val[
'role_id'] = $role_id;
157 $val[
'role_name'] = 1;
160 $val[
'add_missing'] = (int) $this->role_mapping_rule->isAddOnUpdateEnabled();
161 $val[
'remove_deprecated'] = (int) $this->role_mapping_rule->isRemoveOnUpdateEnabled();
162 $val[
'type'] = (int) $this->role_mapping_rule->getType();
163 $val[
'dn'] = $this->role_mapping_rule->getDN();
164 $val[
'at'] = $this->role_mapping_rule->getMemberAttribute();
165 $val[
'isdn'] = $this->role_mapping_rule->isMemberAttributeDN();
166 $val[
'name'] = $this->role_mapping_rule->getAttributeName();
167 $val[
'value'] = $this->role_mapping_rule->getAttributeValue();
168 $val[
'plugin_id'] = $this->role_mapping_rule->getPluginId();
170 $this->form->setValuesByArray($val);
183 if(!$ilAccess->checkAccess(
'write',
'',$this->ref_id))
186 $this->roleAssignment();
190 include_once(
'Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
191 include_once(
'Services/LDAP/classes/class.ilLDAPServer.php');
201 $this->tpl->addBlockFile(
'ADM_CONTENT',
'adm_content',
'tpl.ldap_role_assignments.html',
'Services/LDAP');
204 $this->form->setValuesByPost();
205 $this->tpl->setVariable(
'NEW_ASSIGNMENT_TBL',$this->form->getHTML());
206 #$this->tpl->setVariable('RULES_TBL',$this->getRoleAssignmentTable());
207 $this->tabs_gui->setSubTabActive(
'shib_role_assignment');
215 $this->rule->update();
230 if(!is_array(
$_POST[
'rule_ids']))
237 $this->tabs_gui->setSubTabActive(
'ldap_role_assignments');
239 include_once(
"Services/Utilities/classes/class.ilConfirmationGUI.php");
243 $c_gui->setFormAction($this->ctrl->getFormAction($this,
"deleteRules"));
244 $c_gui->setHeaderText($this->lng->txt(
"ldap_confirm_del_role_ass"));
245 $c_gui->setCancel($this->lng->txt(
"cancel"),
"roleAssignments");
246 $c_gui->setConfirm($this->lng->txt(
"confirm"),
"deleteRules");
249 include_once(
'Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
250 foreach(
$_POST[
"rule_ids"] as $rule_id)
253 $c_gui->addItem(
'rule_ids[]',$rule_id,$rule->conditionToString());
255 $this->tpl->setContent($c_gui->getHTML());
266 if(!is_array(
$_POST[
'rule_ids']))
272 include_once(
'Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
273 foreach(
$_POST[
"rule_ids"] as $rule_id)
293 if(!$ilAccess->checkAccess(
'write',
'',$this->ref_id))
296 $this->roleAssignment();
300 include_once(
'Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
301 include_once(
'Services/LDAP/classes/class.ilLDAPServer.php');
311 $this->tpl->addBlockFile(
'ADM_CONTENT',
'adm_content',
'tpl.ldap_role_assignments.html',
'Services/LDAP');
314 $this->form->setValuesByPost();
315 $this->tpl->setVariable(
'NEW_ASSIGNMENT_TBL',$this->form->getHTML());
317 $this->tabs_gui->setSubTabActive(
'shib_role_assignment');
325 $this->rule->create();
338 if($this->rule->getRoleId() > 0)
344 $_SESSION[
'ldap_role_ass'][
'role_search'] = $this->form->getInput(
'role_search');
345 $_SESSION[
'ldap_role_ass'][
'add_on_update'] = $this->form->getInput(
'add_missing');
346 $_SESSION[
'ldap_role_ass'][
'remove_on_update'] = $this->form->getInput(
'remove_deprecated');
347 $_SESSION[
'ldap_role_ass'][
'type'] = $this->form->getInput(
'type');
348 $_SESSION[
'ldap_role_ass'][
'dn'] = $this->form->getInput(
'dn');
349 $_SESSION[
'ldap_role_ass'][
'at'] = $this->form->getInput(
'at');
350 $_SESSION[
'ldap_role_ass'][
'isdn'] = $this->form->getInput(
'isdn');
351 $_SESSION[
'ldap_role_ass'][
'name'] = $this->form->getInput(
'name');
352 $_SESSION[
'ldap_role_ass'][
'value'] = $this->form->getInput(
'value');
353 $_SESSION[
'ldap_role_ass'][
'plugin'] = $this->form->getInput(
'plugin_id');
355 $this->ctrl->saveParameter($this,
'rule_id');
356 $this->ctrl->redirect($this,
'showRoleSelection');
368 $this->tabs_gui->setSubTabActive(
'ldap_role_assignment');
369 $this->ctrl->saveParameter($this,
'rule_id');
371 include_once
'./Services/Search/classes/class.ilQueryParser.php';
373 $parser->setMinWordLength(1,
true);
377 include_once
'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
379 $object_search->setFilter(array(
'role'));
380 $res = $object_search->performSearch();
382 $entries =
$res->getEntries();
384 include_once
'./Services/AccessControl/classes/class.ilRoleSelectionTableGUI.php';
386 $table->setTitle($this->lng->txt(
'ldap_role_selection'));
387 $table->addMultiCommand(
'saveRoleSelection',$this->lng->txt(
'ldap_choose_role'));
388 #$table->addCommandButton('roleAssignment',$this->lng->txt('cancel'));
389 $table->parse($entries);
391 $this->tpl->setContent($table->getHTML());
403 if(!$ilAccess->checkAccess(
'write',
'',$this->ref_id))
406 $this->roleAssignment();
418 $this->rule->setRoleId((
int) $_REQUEST[
'role_id']);
420 if((
int) $_REQUEST[
'rule_id'])
422 $this->rule->update();
426 $this->rule->create();
445 $this->rule->validate();
446 return $ilErr->getMessage();
458 include_once(
"./Services/LDAP/classes/class.ilLDAPRoleAssignmentTableGUI.php");
460 $table_gui->setTitle($this->lng->txt(
"ldap_tbl_role_ass"));
461 $table_gui->parse($rules);
462 $table_gui->addMultiCommand(
"confirmDeleteRules", $this->lng->txt(
"delete"));
463 $table_gui->setSelectAllCheckbox(
"rule_id");
464 return $table_gui->getHTML();
477 if(is_object($this->rule))
482 include_once
'./Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
488 if($this->form->getInput(
'role_name') == 0)
490 $this->rule->setRoleId($this->form->getInput(
'role_id'));
492 elseif($this->form->getInput(
'role_search'))
495 include_once
'./Services/Search/classes/class.ilQueryParser.php';
497 $parser =
new ilQueryParser(
'"'.$this->form->getInput(
'role_search').
'"');
500 $parser->setMinWordLength(1,
true);
504 include_once
'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
506 $object_search->setFilter(array(
'role'));
507 $res = $object_search->performSearch();
509 $entries =
$res->getEntries();
510 if(count($entries) == 1)
512 $role = current($entries);
513 $this->rule->setRoleId($role[
'obj_id']);
515 elseif(count($entries) > 1)
517 $this->rule->setRoleId(-1);
521 $this->rule->setAttributeName($this->form->getInput(
'name'));
522 $this->rule->setAttributeValue($this->form->getInput(
'value'));
523 $this->rule->setDN($this->form->getInput(
'dn'));
524 $this->rule->setMemberAttribute($this->form->getInput(
'at'));
525 $this->rule->setMemberIsDN($this->form->getInput(
'isdn'));
526 $this->rule->enableAddOnUpdate($this->form->getInput(
'add_missing'));
527 $this->rule->enableRemoveOnUpdate($this->form->getInput(
'remove_deprecated'));
528 $this->rule->setPluginId($this->form->getInput(
'plugin_id'));
529 $this->rule->setType($this->form->getInput(
'type'));
535 $this->rule->setServerId(0);
536 $this->rule->enableAddOnUpdate((
int)
$_SESSION[
'ldap_role_ass'][
'add_on_update']);
537 $this->rule->enableRemoveOnUpdate((
int) $_SESSION[
'ldap_role_ass'][
'remove_on_update']);
550 if(!count(
$_POST[
'mappings']))
559 foreach(
$_POST[
'mappings'] as $mapping_id)
561 $this->role_mapping->delete($mapping_id);
570 if(!
$_POST[
'mapping_template'])
577 $this->mapping->clearRules();
579 include_once(
'Services/LDAP/classes/class.ilLDAPAttributeMappingUtils.php');
582 $this->mapping->setRule($key,$value,0);
596 foreach($this->udf->getDefinitions() as $definition)
598 $key =
'udf_'.$definition[
'field_id'];
602 $this->mapping->save();
606 unset(
$_POST[
'mapping_template']);
614 if(!$ilAccess->checkAccess(
'read',
'',$this->ref_id) &&
$cmd !=
"serverList")
616 $ilErr->raiseError($this->lng->txt(
'msg_no_perm_write'),$ilErr->WARNING);
621 ilUtil::sendFailure(
'Missing LDAP libraries. Please ensure that the PHP LDAP module is installed on your server.');
625 $this->tabs_gui->setSubTabActive(
'ldap_settings');
629 return $this->tpl->setContent($this->form_gui->getHtml());
634 $this->form_gui->setValuesByArray(array(
635 'active' => $this->server->isActive(),
636 'ds' => !$this->server->isAuthenticationEnabled(),
637 'server_name' => $this->server->getName(),
638 'server_url' => $this->server->getUrlString(),
639 'version' => $this->server->getVersion(),
640 'base_dn' => $this->server->getBaseDN(),
641 'referrals' => $this->server->isActiveReferrer(),
642 'tls' => $this->server->isActiveTLS(),
643 'binding_type' => $this->server->getBindingType(),
644 'bind_dn' => $this->server->getBindUser(),
645 'bind_pass' => $this->server->getBindPassword(),
646 'bind_pass_retype' => $this->server->getBindPassword(),
647 'search_base' => $this->server->getSearchBase(),
648 'user_scope' => $this->server->getUserScope(),
649 'user_attribute' => $this->server->getUserAttribute(),
650 'filter' => $this->server->getFilter(),
651 'group_dn' => $this->server->getGroupDN(),
652 'group_scope' => $this->server->getGroupScope(),
653 'group_filter' => $this->server->getGroupFilter(),
654 'group_member' => $this->server->getGroupMember(),
655 'memberisdn' => $this->server->enabledGroupMemberIsDN(),
656 'group' => $this->server->getGroupName(),
657 'group_attribute' => $this->server->getGroupAttribute(),
658 'group_optional' => $this->server->isMembershipOptional(),
659 'group_user_filter' => $this->server->getGroupUserFilter(),
660 'sync_on_login' => $this->server->enabledSyncOnLogin(),
661 'sync_per_cron' => $this->server->enabledSyncPerCron(),
663 'migration' => (
int)$this->server->isAccountMigrationEnabled(),
669 include_once
'Services/Form/classes/class.ilPropertyFormGUI.php';
672 $this->form_gui->setFormAction($this->ctrl->getFormAction($this,
'save'));
673 $this->form_gui->setTitle($this->lng->txt(
'ldap_configure'));
677 $this->form_gui->addItem($active);
681 $ds->setInfo($this->lng->txt(
'ldap_as_ds_info'));
682 $this->form_gui->addItem($ds);
684 $servername =
new ilTextInputGUI($this->lng->txt(
'ldap_server_name'),
'server_name');
686 $servername->setInfo($this->lng->txt(
'ldap_server_name_info'));
687 $servername->setSize(32);
688 $servername->setMaxLength(32);
689 $this->form_gui->addItem($servername);
691 $serverurl =
new ilTextInputGUI($this->lng->txt(
'ldap_server'),
'server_url');
693 $serverurl->setInfo($this->lng->txt(
'ldap_server_url_info'));
694 $serverurl->setSize(64);
695 $serverurl->setMaxLength(255);
696 $this->form_gui->addItem($serverurl);
698 $version =
new ilSelectInputGUI($this->lng->txt(
'ldap_version'),
'version');
700 $version->setInfo($this->lng->txt(
'ldap_server_version_info'));
701 $this->form_gui->addItem($version);
703 $basedsn =
new ilTextInputGUI($this->lng->txt(
'basedn'),
'base_dn');
705 $basedsn->setSize(64);
706 $basedsn->setMaxLength(255);
707 $this->form_gui->addItem($basedsn);
711 $referrals->setInfo($this->lng->txt(
'ldap_referrals_info'));
712 $this->form_gui->addItem($referrals);
715 $section_security->setTitle($this->lng->txt(
'ldap_server_security_settings'));
716 $this->form_gui->addItem($section_security);
720 $this->form_gui->addItem($tls);
724 $binding->addOption($anonymous);
726 $dn =
new ilTextInputGUI($this->lng->txt(
'ldap_server_bind_dn'),
'bind_dn');
728 $dn->setMaxLength(255);
731 $pass->setSkipSyntaxCheck(
true);
733 $pass->setMaxLength(36);
734 $user->addSubItem(
$pass);
735 $binding->addOption($user);
736 $this->form_gui->addItem($binding);
739 $section_auth->setTitle($this->lng->txt(
'ldap_authentication_settings'));
740 $this->form_gui->addItem($section_auth);
742 $search_base =
new ilTextInputGUI($this->lng->txt(
'ldap_user_dn'),
'search_base');
743 $search_base->
setInfo($this->lng->txt(
'ldap_search_base_info'));
744 $search_base->setSize(64);
745 $search_base->setMaxLength(255);
746 $this->form_gui->addItem($search_base);
748 $user_scope =
new ilSelectInputGUI($this->lng->txt(
'ldap_user_scope'),
'user_scope');
751 $user_scope->setInfo($this->lng->txt(
'ldap_user_scope_info'));
752 $this->form_gui->addItem($user_scope);
754 $user_attribute =
new ilTextInputGUI($this->lng->txt(
'ldap_user_attribute'),
'user_attribute');
756 $user_attribute->setMaxLength(64);
757 $user_attribute->setRequired(
true);
758 $this->form_gui->addItem($user_attribute);
760 $filter =
new ilTextInputGUI($this->lng->txt(
'ldap_search_filter'),
'filter');
761 $filter->
setInfo($this->lng->txt(
'ldap_filter_info'));
762 $filter->setSize(64);
763 $filter->setMaxLength(512);
764 $this->form_gui->addItem($filter);
767 $section_restrictions->setTitle($this->lng->txt(
'ldap_group_restrictions'));
768 $this->form_gui->addItem($section_restrictions);
770 $group_dn =
new ilTextInputGUI($this->lng->txt(
'ldap_group_search_base'),
'group_dn');
771 $group_dn->
setInfo($this->lng->txt(
'ldap_group_dn_info'));
772 $group_dn->setSize(64);
773 $group_dn->setMaxLength(255);
774 $this->form_gui->addItem($group_dn);
776 $group_scope =
new ilSelectInputGUI($this->lng->txt(
'ldap_group_scope'),
'group_scope');
779 $group_scope->setInfo($this->lng->txt(
'ldap_group_scope_info'));
780 $this->form_gui->addItem($group_scope);
782 $group_filter =
new ilTextInputGUI($this->lng->txt(
'ldap_group_filter'),
'group_filter');
783 $group_filter->
setInfo($this->lng->txt(
'ldap_group_filter_info'));
784 $group_filter->setSize(64);
785 $group_filter->setMaxLength(255);
786 $this->form_gui->addItem($group_filter);
788 $group_member =
new ilTextInputGUI($this->lng->txt(
'ldap_group_member'),
'group_member');
789 $group_member->
setInfo($this->lng->txt(
'ldap_group_member_info'));
790 $group_member->setSize(32);
791 $group_member->setMaxLength(255);
792 $this->form_gui->addItem($group_member);
795 $group_member_isdn =
new ilCheckboxInputGUI($this->lng->txt(
'ldap_memberisdn'),
'memberisdn');
796 #$group_member_isdn->setInfo($this->lng->txt('ldap_group_member_info'));
797 $this->form_gui->addItem($group_member_isdn);
798 #$group_member->addSubItem($group_member_isdn);
800 $group =
new ilTextInputGUI($this->lng->txt(
'ldap_group_name'),
'group');
801 $group->
setInfo($this->lng->txt(
'ldap_group_name_info'));
803 $group->setMaxLength(255);
804 $this->form_gui->addItem($group);
806 $group_atrr =
new ilTextInputGUI($this->lng->txt(
'ldap_group_attribute'),
'group_attribute');
807 $group_atrr->
setInfo($this->lng->txt(
'ldap_group_attribute_info'));
808 $group_atrr->setSize(16);
809 $group_atrr->setMaxLength(64);
810 $this->form_gui->addItem($group_atrr);
812 $group_optional =
new ilCheckboxInputGUI($this->lng->txt(
'ldap_group_membership'),
'group_optional');
813 $group_optional->
setOptionTitle($this->lng->txt(
'ldap_group_member_optional'));
814 $group_optional->setInfo($this->lng->txt(
'ldap_group_optional_info'));
815 $group_optional->setValue(1);
816 $group_user_filter =
new ilTextInputGUI($this->lng->txt(
'ldap_group_user_filter'),
'group_user_filter');
817 $group_user_filter->
setSize(64);
818 $group_user_filter->setMaxLength(255);
819 $group_optional->addSubItem($group_user_filter);
820 $this->form_gui->addItem($group_optional);
823 $section_sync->setTitle($this->lng->txt(
'ldap_user_sync'));
824 $this->form_gui->addItem($section_sync);
827 $sync_on_login =
new ilCheckboxInputGUI($this->lng->txt(
'ldap_sync_login'),
'sync_on_login');
828 $sync_on_login->setValue(1);
830 $sync_per_cron =
new ilCheckboxInputGUI($this->lng->txt(
'ldap_sync_cron'),
'sync_per_cron');
832 $ci_gui->addSubItem($sync_per_cron);
833 $ci_gui->setInfo($this->lng->txt(
'ldap_user_sync_info'));
834 $this->form_gui->addItem($ci_gui);
836 $global_role =
new ilSelectInputGUI($this->lng->txt(
'ldap_global_role_assignment'),
'global_role');
838 $global_role->setInfo($this->lng->txt(
'ldap_global_role_info'));
839 $this->form_gui->addItem($global_role);
842 $migr->
setInfo($this->lng->txt(
'auth_ldap_migration_info'));
844 $this->form_gui->addItem($migr);
847 include_once
"Services/Administration/classes/class.ilAdministrationSettingsFormHandler.php";
855 $this->form_gui->addCommandButton(
'save', $this->lng->txt(
'save'));
866 $this->tabs_gui->setSubTabActive(
'ldap_settings');
869 if($this->form_gui->checkInput())
871 $this->server->toggleActive((
int)$this->form_gui->getInput(
'active'));
872 $this->server->enableAuthentication(!$this->form_gui->getInput(
'ds'));
873 $this->server->setName($this->form_gui->getInput(
'server_name'));
874 $this->server->setUrl($this->form_gui->getInput(
'server_url'));
875 $this->server->setVersion($this->form_gui->getInput(
'version'));
876 $this->server->setBaseDN($this->form_gui->getInput(
'base_dn'));
877 $this->server->toggleReferrer($this->form_gui->getInput(
'referrals'));
878 $this->server->toggleTLS($this->form_gui->getInput(
'tls'));
879 $this->server->setBindingType((
int)$this->form_gui->getInput(
'binding_type'));
880 $this->server->setBindUser($this->form_gui->getInput(
'bind_dn'));
881 $this->server->setBindPassword($this->form_gui->getInput(
'bind_pass'));
882 $this->server->setSearchBase($this->form_gui->getInput(
'search_base'));
883 $this->server->setUserScope($this->form_gui->getInput(
'user_scope'));
884 $this->server->setUserAttribute($this->form_gui->getInput(
'user_attribute'));
885 $this->server->setFilter($this->form_gui->getInput(
'filter'));
886 $this->server->setGroupDN($this->form_gui->getInput(
'group_dn'));
887 $this->server->setGroupScope((
int)$this->form_gui->getInput(
'group_scope'));
888 $this->server->setGroupFilter($this->form_gui->getInput(
'group_filter'));
889 $this->server->setGroupMember($this->form_gui->getInput(
'group_member'));
890 $this->server->enableGroupMemberIsDN((
int)$this->form_gui->getInput(
'memberisdn'));
891 $this->server->setGroupName($this->form_gui->getInput(
'group'));
892 $this->server->setGroupAttribute($this->form_gui->getInput(
'group_attribute'));
893 $this->server->setGroupUserFilter($this->form_gui->getInput(
'group_user_filter'));
894 $this->server->toggleMembershipOptional((
int)$this->form_gui->getInput(
'group_optional'));
895 $this->server->enableSyncOnLogin((
int)$this->form_gui->getInput(
'sync_on_login'));
896 $this->server->enableSyncPerCron((
int)$this->form_gui->getInput(
'sync_per_cron'));
897 $this->server->setGlobalRole((
int)$this->form_gui->getInput(
'global_role'));
898 $this->server->enableAccountMigration((
int)$this->form_gui->getInput(
'migration'));
900 if(!$this->server->validate())
903 $this->form_gui->setValuesByPost();
904 return $this->tpl->setContent($this->form_gui->getHtml());
908 if($this->server->getServerId())
910 $this->server->update();
914 $_GET[
'ldap_server_id'] = $this->server->create();
919 $this->mapping->setRule(
'global_role', (
int)$this->form_gui->getInput(
'global_role'),
false);
920 $this->mapping->save();
923 $this->ctrl->redirect($this,
'serverList');
925 #$this->form_gui->setValuesByPost();
926 #return $this->tpl->setContent($this->form_gui->getHtml());
929 $this->form_gui->setValuesByPost();
930 return $this->tpl->setContent($this->form_gui->getHtml());
942 $this->tabs_gui->addSubTabTarget(
"ldap_settings",
943 $this->ctrl->getLinkTarget($this,
'serverList'),
944 "serverList",get_class($this));
947 include_once(
'Services/LDAP/classes/class.ilLDAPServer.php');
953 $this->tabs_gui->addSubTabTarget(
"ldap_user_mapping",
954 $this->ctrl->getLinkTarget($this,
'userMapping'),
955 "userMapping",get_class($this));
957 $this->tabs_gui->addSubTabTarget(
'ldap_role_assignments',
958 $this->ctrl->getLinkTarget($this,
'roleAssignments'),
959 "roleAssignments",get_class($this));
961 $this->tabs_gui->addSubTabTarget(
"ldap_role_mapping",
962 $this->ctrl->getLinkTarget($this,
'roleMapping'),
963 "roleMapping",get_class($this));
969 include_once
'./Services/LDAP/classes/class.ilLDAPServer.php';
970 if(!
$_GET[
'ldap_server_id'])
979 include_once
'./Services/LDAP/classes/class.ilLDAPAttributeMapping.php';
985 include_once
'./Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
996 global $rbacreview,$ilObjDataCache;
1003 $select[0] = $this->lng->txt(
'links_select_one');
1004 foreach($global_roles as $role_id)
1020 global $rbacreview,$ilObjDataCache;
1022 include_once(
'./Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
1029 $select[0] = $this->lng->txt(
'links_select_one');
1030 foreach($global_roles as $role_id)
1038 'global_role',$select,
false,
true);
1049 return array(
'gender' => $this->lng->txt(
'gender'),
1050 'firstname' => $this->lng->txt(
'firstname'),
1051 'lastname' => $this->lng->txt(
'lastname'),
1052 'title' => $this->lng->txt(
'person_title'),
1053 'institution' => $this->lng->txt(
'institution'),
1054 'department' => $this->lng->txt(
'department'),
1055 'street' => $this->lng->txt(
'street'),
1056 'city' => $this->lng->txt(
'city'),
1057 'zipcode' => $this->lng->txt(
'zipcode'),
1058 'country' => $this->lng->txt(
'country'),
1059 'phone_office' => $this->lng->txt(
'phone_office'),
1060 'phone_home' => $this->lng->txt(
'phone_home'),
1061 'phone_mobile' => $this->lng->txt(
'phone_mobile'),
1062 'fax' => $this->lng->txt(
'fax'),
1063 'email' => $this->lng->txt(
'email'),
1064 'hobby' => $this->lng->txt(
'hobby'),
1065 'matriculation' => $this->lng->txt(
'matriculation'));
1066 #'photo' => $this->lng->txt('photo'));
1071 include_once(
"./Services/User/classes/class.ilUserDefinedFields.php");
1077 return ilUtil::formSelect(
$_POST[
'mapping_template'],
'mapping_template',array(0 => $this->lng->txt(
'ldap_mapping_template'),
1078 "inetOrgPerson" =>
'inetOrgPerson',
1079 "organizationalPerson" =>
'organizationalPerson',
1080 "person" =>
'person',
1081 "ad_2003" =>
'Active Directory (Win 2003)'),
false,
true);
1092 if(!isset(
$_SESSION[
'ldap_mapping_details']))
1094 $_SESSION[
'ldap_mapping_details'] = array();
1096 if(isset(
$_GET[
'details_show']))
1098 $_SESSION[
'ldap_mapping_details'][
$_GET[
'details_show']] = $_GET[
'details_show'];
1100 if(isset(
$_GET[
'details_hide']))
1116 include_once(
'Services/Form/classes/class.ilPropertyFormGUI.php');
1117 include_once(
'Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
1120 $this->form->setFormAction($this->ctrl->getFormAction($this));
1125 $this->form->setTitle($this->lng->txt(
'ldap_edit_role_ass_rule'));
1126 $this->form->addCommandButton(
'updateRoleAssignment',$this->lng->txt(
'save'));
1127 $this->form->addCommandButton(
'roleAssignments',$this->lng->txt(
'cancel'));
1130 $this->form->setTitle($this->lng->txt(
'ldap_add_role_ass_rule'));
1131 $this->form->addCommandButton(
'addRoleAssignment',$this->lng->txt(
'ldap_btn_add_role_ass'));
1132 $this->form->addCommandButton(
'roleAssignments',$this->lng->txt(
'cancel'));
1140 $global =
new ilRadioOption($this->lng->txt(
'ldap_global_role'),0);
1141 $role->addOption($global);
1145 $global->addSubItem($role_select);
1147 $local =
new ilRadioOption($this->lng->txt(
'ldap_local_role'),1);
1148 $role->addOption($local);
1150 include_once
'./Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php';
1152 $role_search->setSize(40);
1153 $local->addSubItem($role_search);
1155 $role->setInfo($this->lng->txt(
'ldap_role_name_info'));
1156 $this->form->addItem($role);
1160 $update->
setValue($this->lng->txt(
'ldap_check_role_assignment'));
1163 $add->setOptionTitle($this->lng->txt(
'ldap_add_missing'));
1164 $update->addSubItem($add);
1167 $remove->setOptionTitle($this->lng->txt(
'ldap_remove_deprecated'));
1168 $update->addSubItem($remove);
1170 $this->form->addItem($update);
1176 #$group->setValue($current_rule->getType());
1183 #$dn->setValue($current_rule->getDN());
1185 $dn->setMaxLength(512);
1186 $dn->
setInfo($this->lng->txt(
'ldap_role_grp_dn_info'));
1187 $radio_group->addSubItem($dn);
1188 $at =
new ilTextInputGUI($this->lng->txt(
'ldap_role_grp_at'),
'at');
1189 #$at->setValue($current_rule->getMemberAttribute());
1191 $at->setMaxLength(128);
1192 $radio_group->addSubItem($at);
1194 #$isdn->setChecked($current_rule->isMemberAttributeDN());
1195 $isdn->
setInfo($this->lng->txt(
'ldap_group_member_info'));
1196 $radio_group->addSubItem($isdn);
1197 $radio_group->setInfo($this->lng->txt(
'ldap_role_grp_info'));
1199 $group->addOption($radio_group);
1203 $name =
new ilTextInputGUI($this->lng->txt(
'ldap_role_at_name'),
'name');
1204 #$name->setValue($current_rule->getAttributeName());
1206 $name->setMaxLength(128);
1207 #$name->setInfo($this->lng->txt('ldap_role_at_name_info'));
1211 $val =
new ilTextInputGUI($this->lng->txt(
'ldap_role_at_value'),
'value');
1212 #$val->setValue($current_rule->getAttributeValue());
1214 $val->setMaxLength(128);
1215 #$val->setInfo($this->lng->txt('ldap_role_at_value_info'));
1216 $radio_attribute->addSubItem($val);
1217 $radio_attribute->setInfo($this->lng->txt(
'ldap_role_at_info'));
1219 $group->addOption($radio_attribute);
1224 $pl->
setInfo($this->lng->txt(
'ldap_plugin_info'));
1225 $pl->setDisabled(!$pl_active);
1230 $id->setMaxLength(3);
1231 $id->setMaxValue(999);
1232 $id->setMinValue(1);
1233 $pl->addSubItem($id);
1235 $group->addOption($pl);
1236 $this->form->addItem($group);
1245 global $ilPluginAdmin;
1247 return count($ilPluginAdmin->getActivePluginsForSlot(
IL_COMP_SERVICE,
'LDAP',
'ldaphk')) ?
true :
false;
1256 include_once(
"./Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php");
1268 $this->tabs_gui->setSubTabActive(
'ldap_user_mapping');
1273 $this->tpl->setContent($propertie_form->getHTML());
1283 include_once(
"./Services/Form/classes/class.ilSelectInputGUI.php");
1286 $select_form->setPostVar(
"mapping_template");
1288 "" => $this->lng->txt(
'ldap_mapping_template'),
1289 "inetOrgPerson" =>
'inetOrgPerson',
1290 "organizationalPerson" =>
'organizationalPerson',
1291 "person" =>
'person',
1292 "ad_2003" =>
'Active Directory (Win 2003)');
1293 $select_form->setOptions(
$options);
1294 $select_form->setValue(
$_POST[
'mapping_template']);
1296 $ilToolbar->addInputItem($select_form);
1297 $ilToolbar->addFormButton($this->lng->txt(
'show'),
"chooseMapping");
1298 $ilToolbar->setFormAction($this->ctrl->getFormAction($this,
"chooseMapping"));
1307 include_once(
"./Services/Form/classes/class.ilPropertyFormGUI.php");
1309 $propertie_form->setTitle($this->lng->txt(
'ldap_mapping_table'));
1310 $propertie_form->setFormAction($this->ctrl->getFormAction($this,
'saveMapping'));
1311 $propertie_form->addCommandButton(
'saveMapping',$this->lng->txt(
'save'));
1316 $text_form->setPostVar($mapping.
"_value");
1317 $text_form->setValue($this->mapping->getValue($mapping));
1318 $text_form->setSize(32);
1319 $text_form->setMaxLength(255);
1320 $propertie_form->addItem($text_form);
1323 $checkbox_form->setPostVar($mapping .
"_update");
1324 $checkbox_form->setChecked($this->mapping->enabledUpdate($mapping));
1325 $checkbox_form->setOptionTitle($this->lng->txt(
'ldap_update_field_info'));
1326 $propertie_form->addItem($checkbox_form);
1330 foreach($this->udf->getDefinitions() as $definition)
1333 $text_form->setPostVar(
'udf_'.$definition[
'field_id'].
'_value');
1334 $text_form->setValue($this->mapping->getValue(
'udf_'.$definition[
'field_id']));
1335 $text_form->setSize(32);
1336 $text_form->setMaxLength(255);
1337 $propertie_form->addItem($text_form);
1340 $checkbox_form->setPostVar(
'udf_'.$definition[
'field_id'].
'_update');
1341 $checkbox_form->setChecked($this->mapping->enabledUpdate(
'udf_'.$definition[
'field_id']));
1342 $checkbox_form->setOptionTitle($this->lng->txt(
'ldap_update_field_info'));
1343 $propertie_form->addItem($checkbox_form);
1346 return $propertie_form;
1357 $this->tabs_gui->setSubTabActive(
'ldap_role_mapping');
1358 $ilToolbar->addButton($this->lng->txt(
"ldap_new_role_assignment") ,
1359 $this->ctrl->getLinkTarget($this,
'addRoleMapping'));
1360 include_once(
"./Services/Form/classes/class.ilPropertyFormGUI.php");
1363 include_once(
"./Services/Form/classes/class.ilCombinationInputGUI.php");
1365 $propertie_form->setTitle($this->lng->txt(
'ldap_role_settings'));
1366 $propertie_form->setFormAction($this->ctrl->getFormAction($this,
"saveSyncronizationSettings"));
1367 $propertie_form->addCommandButton(
"saveSyncronizationSettings" ,$this->lng->txt(
'save'));
1369 $role_active->
setPostVar(
'role_sync_active');
1370 $role_active->setChecked($this->server->enabledRoleSynchronization() ?
true :
false);
1371 $propertie_form->addItem($role_active);
1373 $binding->
setInfo($this->lng->txt(
'ldap_role_bind_user_info'));
1375 $user->setPostVar(
"role_bind_user");
1376 $user->setValue($this->server->getRoleBindDN());
1378 $user->setMaxLength(255);
1379 $binding->addCombinationItem(0, $user, $this->lng->txt(
'ldap_role_bind_user'));
1381 $pass->setPostVar(
"role_bind_pass");
1382 $pass->setValue($this->server->getRoleBindPassword());
1384 $pass->setMaxLength(36);
1385 $pass->setRetype(
false);
1386 $binding->addCombinationItem(1,
$pass, $this->lng->txt(
'ldap_role_bind_pass'));
1387 $propertie_form->addItem($binding);
1389 $this->tpl->addBlockFile(
'ADM_CONTENT',
'adm_content',
'tpl.ldap_role_mappings.html',
'Services/LDAP');
1390 $this->tpl->setVariable(
"NEW_ASSIGNMENT_TBL",$propertie_form->getHTML());
1393 include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php');
1395 $mappings = $mapping_instance->getMappings();
1396 if(count($mappings))
1398 include_once(
"./Services/LDAP/classes/class.ilLDAPRoleMappingTableGUI.php");
1400 $table_gui->
setTitle($this->lng->txt(
'ldap_role_group_assignments'));
1401 $table_gui->setData($mappings);
1402 $this->tpl->setVariable(
"RULES_TBL",$table_gui->getHTML());
1413 include_once(
"./Services/Form/classes/class.ilPropertyFormGUI.php");
1415 $this->tabs_gui->setSubTabActive(
'ldap_role_mapping');
1417 if(isset(
$_GET[
"mapping_id"]))
1419 $this->ctrl->setParameter($this,
'mapping_id',
$_GET[
"mapping_id"]);
1423 $propertie_form->setFormAction($this->ctrl->getFormAction($this, $command));
1424 $propertie_form->addCommandButton($command ,$this->lng->txt(
'save'));
1425 $propertie_form->addCommandButton(
"roleMapping", $this->lng->txt(
'cancel'));
1430 $url->setMaxLength(255);
1431 $url->setRequired(
true);
1433 $group_dn =
new ilTextInputGUI($this->lng->txt(
'ldap_group_dn'));
1435 $group_dn->setSize(50);
1436 $group_dn->setMaxLength(255);
1437 $group_dn->setInfo($this->lng->txt(
'ldap_dn_info'));
1438 $group_dn->setRequired(
true);
1440 $member =
new ilTextInputGUI($this->lng->txt(
'ldap_group_member'));
1442 $member->setSize(32);
1443 $member->setMaxLength(255);
1444 $member->setInfo($this->lng->txt(
'ldap_member_info'));
1445 $member->setRequired(
true);
1448 $member_isdn->setPostVar(
"memberisdn");
1449 $member_isdn->setOptionTitle($this->lng->txt(
'ldap_memberisdn'));
1454 $role->setMaxLength(255);
1455 $role->setInfo($this->lng->txt(
'ldap_role_info'));
1456 $role->setRequired(
true);
1462 $info->setInfo($this->lng->txt(
'ldap_info_text_info'));
1465 $info_type->setPostVar(
"info_type");
1466 $info_type->setOptionTitle($this->lng->txt(
'ldap_mapping_info_type'));
1468 $propertie_form->addItem($url);
1469 $propertie_form->addItem($group_dn);
1470 $propertie_form->addItem($member);
1471 $propertie_form->addItem($member_isdn);
1472 $propertie_form->addItem($role);
1473 $propertie_form->addItem($info);
1474 $propertie_form->addItem($info_type);
1476 return $propertie_form;
1485 $propertie_form->getItemByPostVar(
"url")->setValue($this->server->getUrl());
1486 $propertie_form->setTitle($this->lng->txt(
"ldap_new_role_assignment"));
1488 if(isset(
$_GET[
"mapping_id"]))
1490 include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1494 $propertie_form->getItemByPostVar(
"url")->setValue($mapping->getURL());
1495 $propertie_form->getItemByPostVar(
"dn")->setValue($mapping->getDN());
1496 $propertie_form->getItemByPostVar(
"member")->setValue($mapping->getMemberAttribute());
1497 $propertie_form->getItemByPostVar(
"memberisdn")->setChecked($mapping->getMemberISDN());
1498 $propertie_form->getItemByPostVar(
"role")->setValue($mapping->getRoleName());
1499 $propertie_form->getItemByPostVar(
"info")->setValue($mapping->getMappingInfo());
1500 $propertie_form->getItemByPostVar(
"info_type")->setChecked($mapping->getMappingInfoType());
1503 $this->tpl->setContent($propertie_form->getHTML());
1511 include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1516 $propertie_form->setTitle($this->lng->txt(
'ldap_edit_role_assignment'));
1517 $propertie_form->getItemByPostVar(
"url")->setValue($mapping->getURL());
1518 $propertie_form->getItemByPostVar(
"dn")->setValue($mapping->getDN());
1519 $propertie_form->getItemByPostVar(
"member")->setValue($mapping->getMemberAttribute());
1520 $propertie_form->getItemByPostVar(
"memberisdn")->setChecked($mapping->getMemberISDN());
1521 $propertie_form->getItemByPostVar(
"role")->setValue($mapping->getRoleName());
1522 $propertie_form->getItemByPostVar(
"info")->setValue($mapping->getMappingInfo());
1523 $propertie_form->getItemByPostVar(
"info_type")->setChecked($mapping->getMappingInfoType());
1525 $this->tpl->setContent($propertie_form->getHTML());
1537 if($propertie_form->checkInput() && $rbacreview->roleExists($propertie_form->getInput(
"role")))
1539 include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1541 $mapping->setServerId($this->server->getServerId());
1542 $mapping->setURL($propertie_form->getInput(
"url"));
1543 $mapping->setDN($propertie_form->getInput(
"dn"));
1544 $mapping->setMemberAttribute($propertie_form->getInput(
"member"));
1545 $mapping->setMemberISDN($propertie_form->getInput(
"memberisdn"));
1546 $mapping->setRoleByName($propertie_form->getInput(
"role"));
1547 $mapping->setMappingInfo($propertie_form->getInput(
"info"));
1548 $mapping->setMappingInfoType($propertie_form->getInput(
"info_type"));
1552 $this->ctrl->redirect($this,
"roleMapping");
1556 if(!$rbacreview->roleExists($propertie_form->getInput(
"role")))
1559 $propertie_form->getInput(
"role"));
1561 $propertie_form->setValuesByPost();
1562 $this->tpl->setContent($propertie_form->getHTML());
1575 if($propertie_form->checkInput() && $rbacreview->roleExists($propertie_form->getInput(
"role")))
1577 include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1579 $mapping->setServerId($this->server->getServerId());
1580 $mapping->setURL($propertie_form->getInput(
"url"));
1581 $mapping->setDN($propertie_form->getInput(
"dn"));
1582 $mapping->setMemberAttribute($propertie_form->getInput(
"member"));
1583 $mapping->setMemberISDN($propertie_form->getInput(
"memberisdn"));
1584 $mapping->setRoleByName($propertie_form->getInput(
"role"));
1585 $mapping->setMappingInfo($propertie_form->getInput(
"info"));
1586 $mapping->setMappingInfoType($propertie_form->getInput(
"info_type"));
1590 $this->ctrl->redirect($this,
"roleMapping");
1594 if(!$rbacreview->roleExists($propertie_form->getInput(
"role")))
1597 $propertie_form->getInput(
"role"));
1599 $propertie_form->setValuesByPost();
1600 $this->tpl->setContent($propertie_form->getHTML());
1611 $this->server->enableRoleSynchronization((
int)
$_POST[
'role_sync_active']);
1614 if($this->server->getServerId())
1616 $this->server->update();
1620 $_GET[
'ldap_server_id'] = $this->server->create();
1624 $this->ctrl->redirect($this,
"roleMapping");
1632 if(!is_array(
$_POST[
'mappings']))
1635 $this->ctrl->redirect($this,
"roleMapping");
1639 include_once(
"Services/Utilities/classes/class.ilConfirmationGUI.php");
1643 $c_gui->setFormAction($this->ctrl->getFormAction($this,
"deleteRoleMapping"));
1644 $c_gui->setHeaderText($this->lng->txt(
"ldap_confirm_del_role_ass"));
1645 $c_gui->setCancel($this->lng->txt(
"cancel"),
"roleMapping");
1646 $c_gui->setConfirm($this->lng->txt(
"confirm"),
"deleteRoleMapping");
1648 foreach (
$_POST[
'mappings'] as $id)
1650 include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1653 $txt = $this->lng->txt(
'obj_role') .
": " . $mapping->getRoleName().
", ";
1654 $txt .= $this->lng->txt(
'ldap_group_dn') .
": " . $mapping->getDN() .
", ";
1655 $txt .= $this->lng->txt(
'ldap_server_short') .
" " . $mapping->getURL() .
", ";
1656 $txt .= $this->lng->txt(
'ldap_group_member_short') .
" " . $mapping->getMemberAttribute();
1658 $c_gui->addItem(
"mappings[]", $id,
$txt);
1660 $this->tpl->setContent($c_gui->getHTML());