ILIAS  release_10 Revision v10.1-43-ga1241a92c2f
class.ilLDAPCronSynchronization.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
21 use ILIAS\Cron\Schedule\CronJobScheduleType;
22 
27 class ilLDAPCronSynchronization extends ilCronJob
28 {
29  private ilLanguage $lng;
30  private ilLogger $logger;
31  private ilCronManager $cronManager;
32 
33  private int $counter = 0;
34 
35  public function __construct()
36  {
37  global $DIC;
38 
39  $this->logger = $DIC->logger()->auth();
40  $this->cronManager = $DIC->cron()->manager();
41  $this->lng = $DIC->language();
42  $this->lng->loadLanguageModule('ldap');
43  }
44 
45  public function getId(): string
46  {
47  return "ldap_sync";
48  }
49 
50  public function getTitle(): string
51  {
52  return $this->lng->txt('ldap_user_sync_cron');
53  }
54 
55  public function getDescription(): string
56  {
57  return $this->lng->txt("ldap_user_sync_cron_info");
58  }
59 
60  public function getDefaultScheduleType(): CronJobScheduleType
61  {
62  return CronJobScheduleType::SCHEDULE_TYPE_DAILY;
63  }
64 
65  public function getDefaultScheduleValue(): ?int
66  {
67  return null;
68  }
69 
70  public function hasAutoActivation(): bool
71  {
72  return false;
73  }
74 
75  public function hasFlexibleSchedule(): bool
76  {
77  return false;
78  }
79 
80  public function run(): ilCronJobResult
81  {
82  $status = ilCronJobResult::STATUS_NO_ACTION;
83 
84  $messages = array();
85  foreach (ilLDAPServer::_getCronServerIds() as $server_id) {
86  try {
87  $current_server = new ilLDAPServer($server_id);
88  $current_server->doConnectionCheck();
89  $this->logger->info("LDAP: starting user synchronization for " . $current_server->getName());
90 
91  $ldap_query = new ilLDAPQuery($current_server);
92  $ldap_query->bind();
93 
94  if (is_array($users = $ldap_query->fetchUsers())) {
95  // Deactivate ldap users that are not in the list
96  $this->deactivateUsers($current_server, $users);
97  }
98 
99  if (count($users)) {
100  ilUserCreationContext::getInstance()->addContext(ilUserCreationContext::CONTEXT_LDAP);
101 
102  $offset = 0;
103  $limit = 500;
104  while ($user_sliced = array_slice($users, $offset, $limit, true)) {
105  $this->logger->info("LDAP: Starting update/creation of users ...");
106  $this->logger->info("LDAP: Offset: " . $offset);
107  $ldap_to_ilias = new ilLDAPAttributeToUser($current_server);
108  $ldap_to_ilias->setNewUserAuthMode($current_server->getAuthenticationMappingKey());
109  $ldap_to_ilias->setUserData($user_sliced);
110  $ldap_to_ilias->refresh();
111  $this->logger->info("LDAP: Finished update/creation");
112 
113  $offset += $limit;
114 
115  $this->cronManager->ping($this->getId());
116  }
117  $this->counter++;
118  } else {
119  $this->logger->info("LDAP: No users for update/create. Aborting.");
120  }
121  } catch (ilLDAPQueryException $exc) {
122  $mess = $exc->getMessage();
123  $this->logger->info($mess);
124 
125  $messages[] = $mess;
126  }
127  }
128 
129  if ($this->counter) {
130  $status = ilCronJobResult::STATUS_OK;
131  }
132  $result = new ilCronJobResult();
133  if (count($messages)) {
134  $result->setMessage(implode("\n", $messages));
135  }
136  $result->setStatus($status);
137  return $result;
138  }
139 
143  private function deactivateUsers(ilLDAPServer $server, array $a_ldap_users): void
144  {
145  $inactive = [];
146 
147  foreach (ilObjUser::_getExternalAccountsByAuthMode($server->getAuthenticationMappingKey(), true) as $usr_id => $external_account) {
148  if (!array_key_exists($external_account, $a_ldap_users)) {
149  $inactive[] = $usr_id;
150  }
151  }
152  if (count($inactive)) {
153  ilObjUser::_toggleActiveStatusOfUsers($inactive, false);
154  $this->logger->info('LDAP: Found ' . count($inactive) . ' inactive users.');
155 
156  $this->counter++;
157  } else {
158  $this->logger->info('LDAP: No inactive users found');
159  }
160  }
161 
162  public function addToExternalSettingsForm(int $a_form_id, array &$a_fields, bool $a_is_active): void
163  {
164  if ($a_form_id === ilAdministrationSettingsFormHandler::FORM_LDAP) {
165  $a_fields["ldap_user_sync_cron"] = [$a_is_active ?
166  $this->lng->txt("enabled") :
167  $this->lng->txt("disabled"),
168  ilAdministrationSettingsFormHandler::VALUE_BOOL];
169  }
170  }
171 }
CronJobScheduleType
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
ilObjUser\_getExternalAccountsByAuthMode
static _getExternalAccountsByAuthMode(string $a_auth_mode, bool $a_read_auth_default=false)
Get list of external account by authentication method Note: If login == ext_account for two user with...
Definition: class.ilObjUser.php:2677
ilCronJobResult\STATUS_NO_ACTION
final const STATUS_NO_ACTION
Definition: class.ilCronJobResult.php:24
ilObjUser\_toggleActiveStatusOfUsers
static _toggleActiveStatusOfUsers(array $a_usr_ids, bool $a_status)
Definition: class.ilObjUser.php:2708
$DIC
global $DIC
Definition: shib_login.php:25
ilLDAPServer\_getCronServerIds
static _getCronServerIds()
Get list of acticve servers with option &#39;SyncCron&#39;.
Definition: class.ilLDAPServer.php:163
ilLDAPCronSynchronization\addToExternalSettingsForm
addToExternalSettingsForm(int $a_form_id, array &$a_fields, bool $a_is_active)
Definition: class.ilLDAPCronSynchronization.php:162
ilLDAPServer\getAuthenticationMappingKey
getAuthenticationMappingKey()
Get authentication mapping key Default is ldap.
Definition: class.ilLDAPServer.php:479
ilLDAPAttributeToUser
Update/create ILIAS user account by given LDAP attributes according to user attribute mapping setting...
Definition: class.ilLDAPAttributeToUser.php:27
$server
$server
Definition: shib_login.php:27
ilLDAPCronSynchronization\deactivateUsers
deactivateUsers(ilLDAPServer $server, array $a_ldap_users)
Deactivate users that are disabled in LDAP.
Definition: class.ilLDAPCronSynchronization.php:143