ILIAS  Release_5_0_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
Static Public Member Functions | Static Protected Attributes
ilShibbolethRoleAssignmentRules Class Reference

Shibboleth role assignment rules. More...

+ Collaboration diagram for ilShibbolethRoleAssignmentRules:

Static Public Member Functions

static getCountRules ()
static updateAssignments ($a_usr_id, $a_data)
static doAssignments ($a_usr_id, $a_data)
static callPlugin ($a_plugin_id, $a_user_data)

Static Protected Attributes

static $active_plugins = NULL

Detailed Description

Shibboleth role assignment rules.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Fabian Schmid fabia.nosp@m.n.sc.nosp@m.hmid@.nosp@m.ilub.nosp@m..unib.nosp@m.e.ch
Version
$Id$

Definition at line 36 of file class.ilShibbolethRoleAssignmentRules.php.

Member Function Documentation

static ilShibbolethRoleAssignmentRules::callPlugin (   $a_plugin_id,
  $a_user_data 
)
static
Parameters
$a_plugin_id
$a_user_data
Returns
bool

Definition at line 143 of file class.ilShibbolethRoleAssignmentRules.php.

References $ok, and IL_COMP_SERVICE.

Referenced by ilShibbolethRoleAssignmentRule\doesMatch(), and ilShibbolethRoleAssignmentRule\matches().

{
global $ilPluginAdmin;
if (self::$active_plugins == NULL) {
self::$active_plugins = $ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, 'AuthShibboleth', 'shibhk');
}
$assigned = false;
foreach (self::$active_plugins as $plugin_name) {
$ok = false;
$plugin_obj = $ilPluginAdmin->getPluginObject(IL_COMP_SERVICE, 'AuthShibboleth', 'shibhk', $plugin_name);
if ($plugin_obj instanceof ilShibbolethRoleAssignmentPlugin) {
$ok = $plugin_obj->checkRoleAssignment($a_plugin_id, $a_user_data);
}
if ($ok) {
$assigned = true;
}
}
return $assigned;
}

+ Here is the caller graph for this function:

static ilShibbolethRoleAssignmentRules::doAssignments (   $a_usr_id,
  $a_data 
)
static
Parameters
$a_usr_id
$a_data
Returns
bool

Definition at line 113 of file class.ilShibbolethRoleAssignmentRules.php.

References $ilDB, $ilLog, $query, $res, $row, ilObject\_lookupTitle(), DB_FETCHMODE_OBJECT, and shibConfig\getInstance().

Referenced by ShibAuth\login().

{
global $ilDB, $rbacadmin, $ilLog;
$query = "SELECT rule_id FROM shib_role_assignment ";
$num_matches = 0;
$res = $ilDB->query($query);
while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT)) {
$rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
if ($rule->doesMatch($a_data)) {
$num_matches ++;
$ilLog->write(__METHOD__ . ': Assigned to role ' . ilObject::_lookupTitle($rule->getRoleId()));
$rbacadmin->assignUser($rule->getRoleId(), $a_usr_id);
}
}
// Assign to default if no matching found
if (! $num_matches) {
$default_role = shibConfig::getInstance()->getUserDefaultRole();
$ilLog->write(__METHOD__ . ': Assigned to default role ' . ilObject::_lookupTitle($default_role));
$rbacadmin->assignUser($default_role, $a_usr_id);
}
return true;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static ilShibbolethRoleAssignmentRules::getCountRules ( )
static

Definition at line 60 of file class.ilShibbolethRoleAssignmentRules.php.

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

Referenced by ilAuthShibbolethSettingsGUI\parseRulesTable(), and ilAuthShibbolethSettingsGUI\setSubTabs().

{
global $ilDB;
$query = "SELECT COUNT(*) num FROM shib_role_assignment ";
$res = $ilDB->query($query);
while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT)) {
return $row->num;
}
return 0;
}

+ Here is the caller graph for this function:

static ilShibbolethRoleAssignmentRules::updateAssignments (   $a_usr_id,
  $a_data 
)
static
Parameters
$a_usr_id
$a_data
Returns
bool

Definition at line 78 of file class.ilShibbolethRoleAssignmentRules.php.

References $ilDB, $ilLog, $query, $res, $row, ilObject\_lookupTitle(), DB_FETCHMODE_OBJECT, and shibConfig\getInstance().

Referenced by ShibAuth\login().

{
require_once('./Services/AuthShibboleth/classes/Config/class.shibConfig.php');
global $ilDB, $rbacadmin, $rbacreview, $ilLog;
$query = "SELECT rule_id,add_on_update,remove_on_update FROM shib_role_assignment " . "WHERE add_on_update = 1 OR remove_on_update = 1";
$res = $ilDB->query($query);
while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT)) {
$rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
// $matches = $rule->matches($a_data);
if ($rule->doesMatch($a_data) and $row->add_on_update) {
$ilLog->write(__METHOD__ . ': Assigned to role ' . ilObject::_lookupTitle($rule->getRoleId()));
$rbacadmin->assignUser($rule->getRoleId(), $a_usr_id);
}
if (! $rule->doesMatch($a_data) and $row->remove_on_update) {
$ilLog->write(__METHOD__ . ': Deassigned from role ' . ilObject::_lookupTitle($rule->getRoleId()));
$rbacadmin->deassignUser($rule->getRoleId(), $a_usr_id);
}
}
// check if is assigned to minimum one global role
if (! array_intersect($rbacreview->assignedRoles($a_usr_id), $rbacreview->getGlobalRoles())) {
$default_role = shibConfig::getInstance()->getUserDefaultRole();
$ilLog->write(__METHOD__ . ': Assigned to default role ' . ilObject::_lookupTitle($default_role));
$rbacadmin->assignUser($default_role, $a_usr_id);
}
return true;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

Field Documentation

ilShibbolethRoleAssignmentRules::$active_plugins = NULL
staticprotected

Definition at line 38 of file class.ilShibbolethRoleAssignmentRules.php.

The documentation for this class was generated from the following file: