ILIAS  release_10 Revision v10.1-43-ga1241a92c2f
class.ilCASSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
24 class ilCASSettingsGUI
25 {
26  public const SYNC_DISABLED = 0;
27  public const SYNC_CAS = 1;
28  public const SYNC_LDAP = 2;
29 
30  private ilCASSettings $settings;
31 
32  private int $ref_id;
33 
34  private \ilGlobalTemplateInterface $tpl;
35  private ilCtrl $ctrl;
36  private ilLanguage $lng;
37  private ilRbacSystem $rbacSystem;
38  private ilRbacReview $rbacReview;
39  private ilErrorHandling $ilErr;
40  private \ILIAS\UI\Renderer $renderer;
41  private \ILIAS\UI\Factory $factory;
42 
43  public function __construct(int $a_auth_ref_id)
44  {
45  global $DIC;
46  $this->tpl = $DIC->ui()->mainTemplate();
47 
48  $this->ctrl = $DIC->ctrl();
49  $this->rbacSystem = $DIC->rbac()->system();
50  $this->rbacReview = $DIC->rbac()->review();
51  $this->ilErr = $DIC['ilErr'];
52  $this->lng = $DIC->language();
53  $this->lng->loadLanguageModule('registration');
54  $this->lng->loadLanguageModule('auth');
55 
56  $this->renderer = $DIC->ui()->renderer();
57  $this->factory = $DIC->ui()->factory();
58 
59  $this->ref_id = $a_auth_ref_id;
60 
61  $this->settings = ilCASSettings::getInstance();
62  }
63 
64  protected function getSettings(): ilCASSettings
65  {
66  return $this->settings;
67  }
68 
69  public function executeCommand(): bool
70  {
71  $next_class = $this->ctrl->getNextClass($this);
72  $cmd = $this->ctrl->getCmd("settings");
73 
74  if (!$this->rbacSystem->checkAccess("visible,read", $this->ref_id)) {
75  $this->ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $this->ilErr->WARNING);
76  }
77 
78  switch ($next_class) {
79  default:
80  if (!$cmd) {
81  $cmd = "settings";
82  }
83  $this->$cmd();
84  break;
85  }
86  return true;
87  }
88 
89  protected function initFormSettings(): ilPropertyFormGUI
90  {
91  $this->lng->loadLanguageModule('auth');
92 
93  $form = new ilPropertyFormGUI();
94  $form->setFormAction($this->ctrl->getFormAction($this));
95 
96  $form->setTitle($this->lng->txt('auth_cas_auth'));
97 
98  $has_write_permissions = $this->rbacSystem->checkAccess('write', $this->ref_id);
99 
100  $drop_in_replacements_url = 'https://github.com/ILIAS-eLearning/ILIAS/tree/trunk/components/ILIAS/HTTP#dropinreplacements';
101  $drop_in_replacements_link = $this->factory->link()->standard(
102  $this->lng->txt("auth_cas_auth_desc"),
103  $drop_in_replacements_url
104  );
105  $form->setDescription($this->renderer->render(
106  $drop_in_replacements_link
107  ));
108 
109  // Form checkbox
110  $check = new ilCheckboxInputGUI($this->lng->txt("active"), 'active');
111  $check->setDisabled(!$has_write_permissions);
112  $check->setChecked($this->getSettings()->isActive());
113  $check->setValue("1");
114  $form->addItem($check);
115 
116  $text = new ilTextInputGUI($this->lng->txt('server'), 'server');
117  $text->setDisabled(!$has_write_permissions);
118  $text->setValue($this->getSettings()->getServer());
119  $text->setRequired(true);
120  $text->setInfo($this->lng->txt('auth_cas_server_desc'));
121  $text->setSize(64);
122  $text->setMaxLength(255);
123  $form->addItem($text);
124 
125  $port = new ilNumberInputGUI($this->lng->txt("port"), 'port');
126  $port->setDisabled(!$has_write_permissions);
127  $port->setValue((string) $this->getSettings()->getPort());
128  $port->setRequired(true);
129  $port->setMinValue(0);
130  $port->setMaxValue(65535);
131  $port->setSize(5);
132  $port->setMaxLength(5);
133  $port->setInfo($this->lng->txt('auth_cas_port_desc'));
134  $form->addItem($port);
135 
136  $text = new ilTextInputGUI($this->lng->txt('uri'), 'uri');
137  $text->setDisabled(!$has_write_permissions);
138  $text->setValue($this->getSettings()->getUri());
139  $text->setRequired(true);
140  $text->setInfo($this->lng->txt('auth_cas_uri_desc'));
141  $text->setSize(64);
142  $text->setMaxLength(255);
143  $form->addItem($text);
144 
145  // User synchronization
146  // 0: Disabled
147  // 1: CAS
148  // 2: LDAP
149  $sync = new ilRadioGroupInputGUI($this->lng->txt('auth_sync'), 'sync');
150  $sync->setDisabled(!$has_write_permissions);
151  $sync->setRequired(true);
152  $form->addItem($sync);
153 
154  // Disabled
155  $dis = new ilRadioOption(
156  $this->lng->txt('disabled'),
157  (string) self::SYNC_DISABLED,
158  ''
159  );
160  $dis->setDisabled(!$has_write_permissions);
161  $sync->addOption($dis);
162 
163  // CAS
164  $rad = new ilRadioOption(
165  $this->lng->txt('auth_sync_cas'),
166  (string) self::SYNC_CAS,
167  ''
168  );
169  $rad->setDisabled(!$has_write_permissions);
170  $rad->setInfo($this->lng->txt('auth_sync_cas_info'));
171  $sync->addOption($rad);
172 
173  $select = new ilSelectInputGUI($this->lng->txt('auth_user_default_role'), 'role');
174  $select->setOptions($this->prepareRoleSelection());
175  $select->setValue($this->getSettings()->getDefaultRole());
176  $select->setDisabled(!$has_write_permissions);
177  $rad->addSubItem($select);
178 
179 
180  // LDAP
181  $server_ids = ilLDAPServer::getAvailableDataSources(ilAuthUtils::AUTH_CAS);
182 
183  if (count($server_ids)) {
184  $ldap = new ilRadioOption(
185  $this->lng->txt('auth_css_ldap'),
186  (string) ilCASSettings::SYNC_LDAP,
187  ''
188  );
189  $ldap->setDisabled(!$has_write_permissions);
190  $ldap->setInfo($this->lng->txt('auth_cas_ldap_info'));
191  $sync->addOption($ldap);
192 
193  $ldap_server_select = new ilSelectInputGUI($this->lng->txt('auth_ldap_server_ds'), 'ldap_sid');
194  $ldap_server_select->setDisabled(!$has_write_permissions);
195  $options[0] = $this->lng->txt('select_one');
196  foreach ($server_ids as $ldap_sid) {
197  $ldap_server = new ilLDAPServer($ldap_sid);
198  $options[$ldap_sid] = $ldap_server->getName();
199  }
200  $ldap_server_select->setOptions($options);
201  $ldap_server_select->setRequired(true);
202  $ds = ilLDAPServer::getDataSource(ilAuthUtils::AUTH_CAS);
203  $ldap_server_select->setValue($ds);
204 
205  $ldap->addSubItem($ldap_server_select);
206  }
207 
208  if (ilLDAPServer::isDataSourceActive(ilAuthUtils::AUTH_CAS)) {
209  $sync->setValue((string) ilCASSettings::SYNC_LDAP);
210  } else {
211  $sync->setValue(
212  $this->getSettings()->isUserCreationEnabled() ?
213  (string) ilCASSettings::SYNC_CAS :
214  (string) ilCASSettings::SYNC_DISABLED
215  );
216  }
217 
218  $instruction = new ilTextAreaInputGUI($this->lng->txt('auth_login_instructions'), 'instruction');
219  $instruction->setCols(80);
220  $instruction->setRows(6);
221  $instruction->setDisabled(!$has_write_permissions);
222  $instruction->setValue($this->getSettings()->getLoginInstruction());
223  $form->addItem($instruction);
224 
225  $create = new ilCheckboxInputGUI($this->lng->txt('auth_allow_local'), 'local');
226  $create->setInfo($this->lng->txt('auth_cas_allow_local_desc'));
227  $create->setChecked($this->getSettings()->isLocalAuthenticationEnabled());
228  $create->setValue("1");
229  $create->setDisabled(!$has_write_permissions);
230  $form->addItem($create);
231 
232  if ($this->rbacSystem->checkAccess('write', $this->ref_id)) {
233  $form->addCommandButton('save', $this->lng->txt('save'));
234  }
235 
236  return $form;
237  }
238 
239  public function settings(): void
240  {
241  $form = $this->initFormSettings();
242  $this->tpl->setContent($form->getHTML());
243  }
244 
245  public function save(): void
246  {
247  if (!$this->rbacSystem->checkAccess('write', $this->ref_id)) {
248  $this->ilErr->raiseError($this->lng->txt('permission_denied'), $this->ilErr->WARNING);
249  }
250 
251  $form = $this->initFormSettings();
252  if ($form->checkInput()) {
253  $this->getSettings()->setActive((bool) $form->getInput('active'));
254  $this->getSettings()->setServer($form->getInput('server'));
255  $this->getSettings()->setPort((int) $form->getInput('port'));
256  $this->getSettings()->setUri($form->getInput('uri'));
257  $this->getSettings()->setDefaultRole((int) $form->getInput('role'));
258  $this->getSettings()->enableLocalAuthentication((bool) $form->getInput('local'));
259  $this->getSettings()->setLoginInstruction($form->getInput('instruction'));
260  $this->getSettings()->enableUserCreation((int) $form->getInput('sync') === ilCASSettings::SYNC_CAS);
261  $this->getSettings()->save();
262 
263  switch ((int) $form->getInput('sync')) {
264  case ilCASSettings::SYNC_CAS:
265  case ilCASSettings::SYNC_DISABLED:
266  ilLDAPServer::disableDataSourceForAuthMode(ilAuthUtils::AUTH_CAS);
267  break;
268 
269  case ilCASSettings::SYNC_LDAP:
270  if (!(int) $form->getInput('ldap_sid')) {
271  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('err_check_input'));
272  $this->settings();
273  //TODO do we need return false?
274  return;
275  }
276 
277  ilLDAPServer::toggleDataSource((int) $form->getInput('ldap_sid'), ilAuthUtils::AUTH_CAS, 1);
278  break;
279  }
280 
281  $this->tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'), true);
282  $this->ctrl->redirect($this, 'settings');
283  }
284 
285  $form->setValuesByPost();
286  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('err_ceck_input'));
287  $this->tpl->setContent($form->getHTML());
288  }
289 
290  private function prepareRoleSelection(): array
291  {
292  $global_roles = ilUtil::_sortIds(
293  $this->rbacReview->getGlobalRoles(),
294  'object_data',
295  'title',
296  'obj_id'
297  );
298 
299  $select[0] = $this->lng->txt('links_select_one');
300  foreach ($global_roles as $role_id) {
301  $select[$role_id] = ilObject::_lookupTitle((int) $role_id);
302  }
303 
304  return $select;
305  }
306 }
ilRadioOption
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilRadioOption.php:26
ilLDAPServer\disableDataSourceForAuthMode
static disableDataSourceForAuthMode(int $a_authmode)
Disable data source.
Definition: class.ilLDAPServer.php:344
ilLDAPServer\getDataSource
static getDataSource(int $a_auth_mode)
Definition: class.ilLDAPServer.php:326
ilCASSettingsGUI\__construct
__construct(int $a_auth_ref_id)
Definition: class.ilCASSettingsGUI.php:43
ilLDAPServer\getAvailableDataSources
static getAvailableDataSources(int $a_auth_mode)
Definition: class.ilLDAPServer.php:287
ilSelectInputGUI
This class represents a selection list property in a property form.
Definition: class.ilSelectInputGUI.php:26
ilSelectInputGUI\setOptions
setOptions(array $a_options)
Definition: class.ilSelectInputGUI.php:48
ilLDAPServer\toggleDataSource
static toggleDataSource(int $a_ldap_server_id, int $a_auth_mode, int $a_status)
Toggle Data Source.
Definition: class.ilLDAPServer.php:363
ilCASSettingsGUI\$tpl
ilGlobalTemplateInterface $tpl
Definition: class.ilCASSettingsGUI.php:34
ilLDAPServer\isDataSourceActive
static isDataSourceActive(int $a_auth_mode)
Check if a data source is active for a specific auth mode.
Definition: class.ilLDAPServer.php:310
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:26
ilObject\_lookupTitle
static _lookupTitle(int $obj_id)
Definition: class.ilObject.php:831
$text
$text
Definition: xapiexit.php:21
$DIC
global $DIC
Definition: shib_login.php:25
ilUtil\_sortIds
static _sortIds(array $a_ids, string $a_table, string $a_field, string $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,7),&#39;usr_data&#39;,&#39;lastname&#39;,&#39;usr_id&#39;) => sorts by lastname.
Definition: class.ilUtil.php:1213
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:26
$check
$check
Definition: buildRTE.php:81
ilCASSettingsGUI\$factory
ILIAS UI Factory $factory
Definition: class.ilCASSettingsGUI.php:41
ilFormPropertyGUI\setDisabled
setDisabled(bool $a_disabled)
Definition: class.ilFormPropertyGUI.php:165
ilCASSettings\getInstance
static getInstance()
Get singleton instance.
Definition: class.ilCASSettings.php:55
ilCASSettingsGUI\$renderer
ILIAS UI Renderer $renderer
Definition: class.ilCASSettingsGUI.php:40