ILIAS  eassessment Revision 61809
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilObjPrivacySecurityGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 include_once("./classes/class.ilObjectGUI.php");
4 include_once('./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
5 include_once('./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
6 
18 class ilObjPrivacySecurityGUI extends ilObjectGUI
19 {
20  private static $ERROR_MESSAGE;
26  public function __construct($a_data, $a_id, $a_call_by_reference = true, $a_prepare_output = true)
27  {
28  $this->type = 'ps';
29  parent::ilObjectGUI($a_data, $a_id, $a_call_by_reference, $a_prepare_output);
30 
31  $this->lng->loadLanguageModule('ps');
32 
33  ilObjPrivacySecurityGUI::$ERROR_MESSAGE = array (
34  ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS => $this->lng->txt("ps_error_message_https_header_missing"),
35  ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE => $this->lng->txt('https_not_possible'),
36  ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE => $this->lng->txt('http_not_possible'),
37  ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH => $this->lng->txt('ps_error_message_invalid_password_min_length'),
38  ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH => $this->lng->txt('ps_error_message_invalid_password_max_length'),
39  ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE => $this->lng->txt('ps_error_message_invalid_password_max_age'),
40  ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS => $this->lng->txt('ps_error_message_invalid_login_max_attempts'),
41  ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2 => $this->lng->txt('ps_error_message_password_min2_because_chars_numbers'),
42  ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3 => $this->lng->txt('ps_error_message_password_min3_because_chars_numbers_sc'),
43  ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH => $this->lng->txt('ps_error_message_password_max_less_min')
44  );
45  }
46 
53  public function executeCommand()
54  {
55  global $rbacsystem,$ilErr,$ilAccess;
56 
57  $next_class = $this->ctrl->getNextClass($this);
58  $cmd = $this->ctrl->getCmd();
59 
60  $this->prepareOutput();
61 
62  if(!$ilAccess->checkAccess('read','',$this->object->getRefId()))
63  {
64  $ilErr->raiseError($this->lng->txt('no_permission'),$ilErr->WARNING);
65  }
66 
67  switch($next_class)
68  {
69  case 'ilpermissiongui':
70  $this->tabs_gui->setTabActive('perm_settings');
71  include_once("Services/AccessControl/classes/class.ilPermissionGUI.php");
72  $perm_gui =& new ilPermissionGUI($this);
73  $ret =& $this->ctrl->forwardCommand($perm_gui);
74  break;
75 
76  default:
77  if(!$cmd || $cmd == 'view')
78  {
79  $cmd = "showPrivacy";
80  }
81 
82  $this->$cmd();
83  break;
84  }
85  return true;
86  }
87 
94  public function getAdminTabs()
95  {
96  global $rbacsystem;
97 
98  if ($rbacsystem->checkAccess("visible,read",$this->object->getRefId()))
99  {
100  $this->tabs_gui->addTarget("show_privacy",
101  $this->ctrl->getLinkTarget($this, "showPrivacy"),
102  'showPrivacy');
103  $this->tabs_gui->addTarget("show_security",
104  $this->ctrl->getLinkTarget($this, "showSecurity"),
105  'showSecurity');
106 
107  }
108 
109  if ($rbacsystem->checkAccess('edit_permission',$this->object->getRefId()))
110  {
111  $this->tabs_gui->addTarget("perm_settings",
112  $this->ctrl->getLinkTargetByClass('ilpermissiongui',"perm"),
113  array(),'ilpermissiongui');
114  }
115  }
116 
122  public function showPrivacy()
123  {
124  $privacy = ilPrivacySettings::_getInstance();
125 
126  $this->tabs_gui->setTabActive('show_privacy');
127 
128  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
129  $form = new ilPropertyFormGUI();
130  $form->setFormAction($this->ctrl->getFormAction($this));
131  $form->setTitle($this->lng->txt('ps_privacy_protection'));
132 
133  include_once('Services/Membership/classes/class.ilMemberAgreement.php');
134  if(ilMemberAgreement::_hasAgreements())
135  {
136  $html = new ilNonEditableValueGUI();
137  $html->setValue($this->lng->txt('ps_warning_modify'));
138  $form->addItem($html);
139  }
140 
141  $value = array();
142  if($privacy->enabledCourseExport())
143  {
144  $value[] = "export_course";
145  }
146  if($privacy->enabledGroupExport())
147  {
148  $value[] = "export_group";
149  }
150  if($privacy->courseConfirmationRequired())
151  {
152  $value[] = "export_confirm_course";
153  }
154  if($privacy->groupConfirmationRequired())
155  {
156  $value[] = "export_confirm_group";
157  }
158  if($privacy->enabledGroupAccessTimes())
159  {
160  $value[] = "grp_access_times";
161  }
162  if($privacy->enabledCourseAccessTimes())
163  {
164  $value[] = "crs_access_times";
165  }
166  $group = new ilCheckboxGroupInputGUI($this->lng->txt('ps_profile_export'),'profile_protection');
167  $group->setValue($value);
168  $check = new ilCheckboxOption();
169  $check->setTitle($this->lng->txt('ps_export_course'));
170  $check->setValue('export_course');
171  $group->addOption($check);
172  $check = new ilCheckboxOption();
173  $check->setTitle($this->lng->txt('ps_export_groups'));
174  $check->setValue('export_group');
175  $group->addOption($check);
176  $check = new ilCheckboxOption();
177  $check->setTitle($this->lng->txt('ps_export_confirm'));
178  $check->setValue('export_confirm_course');
179  $group->addOption($check);
180  $check = new ilCheckboxOption();
181  $check->setTitle($this->lng->txt('ps_export_confirm_group'));
182  $check->setValue('export_confirm_group');
183  $group->addOption($check);
184  $check = new ilCheckboxOption();
185  $check->setTitle($this->lng->txt('ps_show_grp_access'));
186  $check->setValue('grp_access_times');
187  $group->addOption($check);
188  $check = new ilCheckboxOption();
189  $check->setTitle($this->lng->txt('ps_show_crs_access'));
190  $check->setValue('crs_access_times');
191  $group->addOption($check);
192  $form->addItem($group);
193 
194  $check = new ilCheckboxInputGui($this->lng->txt('enable_fora_statistics'), 'fora_statistics');
195  $check->setInfo($this->lng->txt('enable_fora_statistics_desc'));
196  $check->setChecked($privacy->enabledForaStatistics());
197  $form->addItem($check);
198 
199  $check = new ilCheckboxInputGui($this->lng->txt('enable_anonymous_fora'), 'anonymous_fora');
200  $check->setInfo($this->lng->txt('enable_anonymous_fora_desc'));
201  $check->setChecked($privacy->enabledAnonymousFora());
202  $form->addItem($check);
203 
204  $check = new ilCheckboxInputGui($this->lng->txt('rbac_log'), 'rbac_log');
205  $check->setInfo($this->lng->txt('rbac_log_info'));
206  $check->setChecked($privacy->enabledRbacLog());
207  $form->addItem($check);
208 
209  $age = new ilNumberInputGUI($this->lng->txt('rbac_log_age'),'rbac_log_age');
210  $age->setInfo($this->lng->txt('rbac_log_age_info'));
211  $age->setValue($privacy->getRbacLogAge());
212  $age->setMinValue(1);
213  $age->setMaxValue(24);
214  $age->setSize(2);
215  $age->setMaxLength(2);
216  $check->addSubItem($age);
217 
218  $form->addCommandButton('save_privacy',$this->lng->txt('save'));
219  $this->tpl->setContent($form->getHTML());
220  }
221 
227  public function showSecurity()
228  {
229  global $ilSetting;
230 
231  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
232 
233  $security = ilSecuritySettings::_getInstance();
234 
235  $this->tabs_gui->setTabActive('show_security');
236 
237  $form = new ilPropertyFormGUI();
238  $form->setFormAction($this->ctrl->getFormAction($this));
239  $form->setTitle($this->lng->txt('ps_security_protection'));
240 
241  // Form checkbox
242  $check = new ilCheckboxInputGUI($this->lng->txt('ps_auto_https'),'auto_https_detect_enabled');
243  $check->setOptionTitle($this->lng->txt('ps_auto_https_description'));
244  $check->setChecked($security->isAutomaticHTTPSEnabled() ? 1 : 0);
245  $check->setValue(1);
246 
247  $text = new ilTextInputGUI($this->lng->txt('ps_auto_https_header_name'),'auto_https_detect_header_name');
248  $text->setValue($security->getAutomaticHTTPSHeaderName());
249  $text->setSize(24);
250  $text->setMaxLength(64);
251  $check->addSubItem($text);
252 
253  $text = new ilTextInputGUI($this->lng->txt('ps_auto_https_header_value'),'auto_https_detect_header_value');
254  $text->setValue($security->getAutomaticHTTPSHeaderValue());
255  $text->setSize(24);
256  $text->setMaxLength(64);
257  $check->addSubItem($text);
258 
259  $form->addItem($check);
260 
261  $check2 = new ilCheckboxInputGUI($this->lng->txt('activate_https'),'https_enabled');
262  $check2->setChecked($security->isHTTPSEnabled() ? 1 : 0);
263  $check2->setValue(1);
264  $form->addItem($check2);
265 
266  $radio_group = new ilRadioGroupInputGUI($this->lng->txt('ps_account_security_mode'), 'account_security_mode' );
267  $radio_group->setValue($security->getAccountSecurityMode());
268 
269  $radio_opt = new ilRadioOption($this->lng->txt('ps_account_security_mode_default'),ilSecuritySettings::ACCOUNT_SECURITY_MODE_DEFAULT);
270  $radio_group->addOption($radio_opt);
271 
272  $radio_opt = new ilRadioOption($this->lng->txt('ps_account_security_mode_customized'),ilSecuritySettings::ACCOUNT_SECURITY_MODE_CUSTOMIZED);
273 
274  $check = new ilCheckboxInputGUI($this->lng->txt('ps_password_chars_and_numbers_enabled'),'password_chars_and_numbers_enabled');
275  $check->setChecked( $security->isPasswordCharsAndNumbersEnabled() ? 1 : 0 );
276  //$check->setOptionTitle($this->lng->txt('ps_password_chars_and_numbers_enabled'));
277  $check->setInfo($this->lng->txt('ps_password_chars_and_numbers_enabled_info'));
278  $radio_opt->addSubItem($check);
279 
280  $check = new ilCheckboxInputGUI($this->lng->txt('ps_password_special_chars_enabled'),'password_special_chars_enabled');
281  $check->setChecked( $security->isPasswordSpecialCharsEnabled() ? 1 : 0 );
282  //$check->setOptionTitle($this->lng->txt('ps_password_special_chars_enabled'));
283  $check->setInfo($this->lng->txt('ps_password_special_chars_enabled_info'));
284  $radio_opt->addSubItem($check);
285 
286  $text = new ilTextInputGUI($this->lng->txt('ps_password_min_length'),'password_min_length');
287  $text->setInfo($this->lng->txt('ps_password_min_length_info'));
288  $text->setValue( $security->getPasswordMinLength() );
289  $text->setSize(1);
290  $text->setMaxLength(2);
291  $radio_opt->addSubItem($text);
292 
293  $text = new ilTextInputGUI($this->lng->txt('ps_password_max_length'),'password_max_length');
294  $text->setInfo($this->lng->txt('ps_password_max_length_info'));
295  $text->setValue( $security->getPasswordMaxLength() );
296  $text->setSize(2);
297  $text->setMaxLength(3);
298  $radio_opt->addSubItem($text);
299 
300  $text = new ilTextInputGUI($this->lng->txt('ps_password_max_age'),'password_max_age');
301  $text->setInfo($this->lng->txt('ps_password_max_age_info'));
302  $text->setValue( $security->getPasswordMaxAge() );
303  $text->setSize(2);
304  $text->setMaxLength(3);
305  $radio_opt->addSubItem($text);
306 
307  $text = new ilTextInputGUI($this->lng->txt('ps_login_max_attempts'),'login_max_attempts');
308  $text->setInfo($this->lng->txt('ps_login_max_attempts_info'));
309  $text->setValue( $security->getLoginMaxAttempts() );
310  $text->setSize(1);
311  $text->setMaxLength(2);
312  $radio_opt->addSubItem($text);
313 
314  $radio_group->addOption($radio_opt);
315  $form->addItem($radio_group);
316 
317  $check = new ilCheckboxInputGUI($this->lng->txt('ps_password_change_on_first_login_enabled'),'password_change_on_first_login_enabled');
318  $check->setInfo($this->lng->txt('ps_password_change_on_first_login_enabled_info'));
319  $check->setChecked( $security->isPasswordChangeOnFirstLoginEnabled() ? 1 : 0 );
320  $form->addItem($check);
321 
322  // file suffix replacement
323  $ti = new ilTextInputGUI($this->lng->txt("file_suffix_repl"), "suffix_repl_additional");
324  $ti->setMaxLength(200);
325  $ti->setSize(40);
326  $ti->setInfo($this->lng->txt("file_suffix_repl_info")." ".SUFFIX_REPL_DEFAULT);
327  $ti->setValue($ilSetting->get("suffix_repl_additional"));
328  $form->addItem($ti);
329 
330  // prevent login from multiple pcs at the same time
331  $objCb = new ilCheckboxInputGUI($this->lng->txt('ps_prevent_simultaneous_logins'), 'ps_prevent_simultaneous_logins');
332  $objCb->setChecked((int)$security->isPreventionOfSimultaneousLoginsEnabled());
333  $objCb->setValue(1);
334  $objCb->setOptionTitle($this->lng->txt('ps_prevent_simultaneous_logins_info'));
335  $form->addItem($objCb);
336 
337 
338  /*
339  * Every user that has the role "exam_role_id" and has the "exam_user_agent" string in his browser is automatically assigend the skin specified by "ps_exam_skin".
340  * Furthermore, common desktop objects are not shown (see ilIinitialisation, KIOSK).
341  * (DS)
342  */
343  $sh = new ilFormSectionHeaderGUI();
344  $sh->setTitle($this->lng->txt("exam_browser_settings"));
345  $form->addItem($sh);
346 
347  $ti2 = new ilTextInputGUI($this->lng->txt("exam_user_agent"), "exam_user_agent");
348  $ti2->setMaxLength(200);
349  $ti2->setSize(40);
350  $ti2->setInfo($this->lng->txt("exam_user_agent_info"));
351  $ti2->setValue($security->getExamUserAgent());
352  $form->addItem($ti2);
353 
354  $ti3 = new ilTextInputGUI($this->lng->txt("exam_skin"), "exam_skin");
355  $ti3->setMaxLength(200);
356  $ti3->setSize(40);
357  $ti3->setInfo($this->lng->txt("exam_skin_info"));
358  $ti3->setValue($security->getExamSkin());
359  $form->addItem($ti3);
360 
361  $ti4 = new ilTextInputGUI($this->lng->txt("exam_role_id"), "exam_role_id");
362  $ti4->setMaxLength(200);
363  $ti4->setSize(40);
364  $ti4->setInfo($this->lng->txt("exam_role_id_info"));
365  $ti4->setValue($security->getExamRoleId());
366  $form->addItem($ti4);
367 
368  $form->addCommandButton('save_security',$this->lng->txt('save'));
369  $this->tpl->setContent($form->getHTML());
370  }
371 
378  public function save_privacy()
379  {
380  global $ilErr,$ilAccess, $ilSetting;
381 
382  if(!$ilAccess->checkAccess('write','',$this->object->getRefId()))
383  {
384  $ilErr->raiseError($this->lng->txt('no_permission'),$ilErr->WARNING);
385  }
386 
387  if((int) $_POST['rbac_log_age'] > 24)
388  {
389  $_POST['rbac_log_age'] = 24;
390  }
391  else if((int) $_POST['rbac_log_age'] < 1)
392  {
393  $_POST['rbac_log_age'] = 1;
394  }
395 
396  $_POST['profile_protection'] = isset($_POST['profile_protection']) ? $_POST['profile_protection'] : array();
397 
398  $privacy = ilPrivacySettings::_getInstance();
399  $privacy->enableCourseExport((int) in_array('export_course', $_POST['profile_protection']));
400  $privacy->enableGroupExport((int) in_array('export_group', $_POST['profile_protection']));
401  $privacy->setCourseConfirmationRequired((int) in_array('export_confirm_course', $_POST['profile_protection']));
402  $privacy->setGroupConfirmationRequired((int) in_array('export_confirm_group', $_POST['profile_protection']));
403  $privacy->showGroupAccessTimes((int) in_array('grp_access_times', $_POST['profile_protection']));
404  $privacy->showCourseAccessTimes((int) in_array('crs_access_times', $_POST['profile_protection']));
405  $privacy->enableForaStatistics ((int) $_POST['fora_statistics']);
406  $privacy->enableAnonymousFora ((int) $_POST['anonymous_fora']);
407  $privacy->enableRbacLog((int) $_POST['rbac_log']);
408  $privacy->setRbacLogAge((int) $_POST['rbac_log_age']);
409 
410  // validate settings
411  $code = $privacy->validate();
412 
413  // if error code != 0, display error and do not save
414  if ($code != 0)
415  {
416  $msg = $this->getErrorMessage ($code);
417  ilUtil::sendFailure($msg);
418  }
419  else
420  {
421  $privacy->save();
422  include_once('Services/Membership/classes/class.ilMemberAgreement.php');
423  ilMemberAgreement::_reset();
424  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
425  }
426 
427  $this->showPrivacy();
428  }
429 
436  public function save_security()
437  {
438  global $ilErr,$ilAccess, $ilSetting;
439 
440  if(!$ilAccess->checkAccess('write','',$this->object->getRefId()))
441  {
442  $ilErr->raiseError($this->lng->txt('no_permission'),$ilErr->WARNING);
443  }
444 
445 
446  $security = ilSecuritySettings::_getInstance();
447 
448  // auto https detection settings
449  $security->setAutomaticHTTPSEnabled((int) $_POST["auto_https_detect_enabled"]);
450  $security->setAutomaticHTTPSHeaderName(ilUtil::stripSlashes($_POST["auto_https_detect_header_name"]));
451  $security->setAutomaticHTTPSHeaderValue(ilUtil::stripSlashes($_POST["auto_https_detect_header_value"]));
452 
453  // prevention of simultaneous logins with the same account
454  $security->setPreventionOfSimultaneousLogins((bool)$_POST['ps_prevent_simultaneous_logins']);
455 
456  // ilias https handling settings
457  $security->setHTTPSEnabled($_POST["https_enabled"]);
458 
459  // account security settings
460  $security->setAccountSecurityMode((int) $_POST["account_security_mode"]);
461  $security->setPasswordCharsAndNumbersEnabled((bool) $_POST["password_chars_and_numbers_enabled"]);
462  $security->setPasswordSpecialCharsEnabled((bool) $_POST["password_special_chars_enabled"]);
463  $security->setPasswordMinLength((int) $_POST["password_min_length"]);
464  $security->setPasswordMaxLength((int) $_POST["password_max_length"]);
465  $security->setPasswordMaxAge((int) $_POST["password_max_age"]);
466  $security->setLoginMaxAttempts((int) $_POST["login_max_attempts"]);
467 
468  // change password on first login settings
469  $security->setPasswordChangeOnFirstLoginEnabled((bool) $_POST['password_change_on_first_login_enabled']);
470 
471  // file suffic replacements
472  $ilSetting->set("suffix_repl_additional", $_POST["suffix_repl_additional"]);
473 
474  // exam browser
475  $security->setExamUserAgent($_POST["exam_user_agent"]);
476  $security->setExamSkin($_POST["exam_skin"]);
477  $security->setExamRoleId($_POST["exam_role_id"]);
478 
479  // validate settings
480  $code = $security->validate();
481 
482  // if error code != 0, display error and do not save
483  if ($code != 0)
484  {
485  $msg = $this->getErrorMessage ($code);
486  ilUtil::sendFailure($msg);
487  } else
488  {
489  $security->save();
490  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
491  }
492 
493  $this->showSecurity();
494  }
495 
496 
504  private static function getErrorMessage ($code) {
505  return ilObjPrivacySecurityGUI::$ERROR_MESSAGE[$code];
506  }
507 }
508 ?>