ILIAS  release_5-0 Revision 5.0.0-1144-gc4397b1f870
class.ilAuthShibbolethSettingsGUI.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
13class ilAuthShibbolethSettingsGUI {
14
18 private $ctrl;
22 private $ilias;
26 private $tabs_gui;
30 private $lng;
34 private $tpl;
38 private $ref_id;
39
40
47 public function __construct($a_auth_ref_id) {
48 global $lng, $ilCtrl, $tpl, $ilTabs, $ilias;
49 $this->ctrl = $ilCtrl;
50 $this->tabs_gui = $ilTabs;
51 $this->lng = $lng;
52 $this->lng->loadLanguageModule('shib');
53 $this->ilias = $ilias;
54 $this->tpl = $tpl;
55 $this->ref_id = $a_auth_ref_id;
56 $this->obj_id = ilObject::_lookupObjId($this->ref_id);
57 }
58
59
65 public function executeCommand() {
66 global $ilAccess, $ilErr, $ilCtrl;
67 $next_class = $this->ctrl->getNextClass($this);
68 $cmd = $this->ctrl->getCmd();
69 if (! $ilAccess->checkAccess('read', '', $this->ref_id)) {
70 $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
71 }
72 if (! $ilAccess->checkAccess('write', '', $this->ref_id) && $cmd != "settings") {
73 ilUtil::sendFailure($this->lng->txt('msg_no_perm_write'), true);
74 $ilCtrl->redirect($this, "settings");
75 }
76 $this->setSubTabs();
77 switch ($next_class) {
78 default:
79 if (! $cmd) {
80 $cmd = "settings";
81 }
82 $this->$cmd();
83 break;
84 }
85
86 return true;
87 }
88
89
90 public function settings() {
91 global $rbacreview;
92 $this->tabs_gui->setSubTabActive('shib_settings');
93 // set already saved data or default value for port
94 $settings = $this->ilias->getAllSettings();
95 // Compose role list
96 $role_list = $rbacreview->getRolesByFilter(2);
97 $role = array();
98 if (! isset($settings["shib_user_default_role"])) {
99 $settings["shib_user_default_role"] = 4;
100 }
101 if (! isset($settings["shib_idp_list"]) || $settings["shib_idp_list"] == '') {
102 $settings["shib_idp_list"] = "urn:mace:organization1:providerID, Example Organization 1\nurn:mace:organization2:providerID, Example Organization 2, /Shibboleth.sso/WAYF/SWITCHaai";
103 }
104 if (! isset($settings["shib_login_button"]) || $settings["shib_login_button"] == '') {
105 $settings["shib_login_button"] = "templates/default/images/shib_login_button.png";
106 }
107 if (! isset($settings["shib_hos_type"]) || $settings["shib_hos_type"] == '') {
108 $settings["shib_hos_type"] = 'internal_wayf';
109 }
110 foreach ($role_list as $data) {
111 $role[$data["obj_id"]] = $data["title"];
112 }
113 // Set text field content
114 $shib_settings = array(
115 'shib_login',
116 'shib_title',
117 'shib_firstname',
118 'shib_lastname',
119 'shib_email',
120 'shib_gender',
121 'shib_institution',
122 'shib_department',
123 'shib_zipcode',
124 'shib_city',
125 'shib_country',
126 'shib_street',
127 'shib_phone_office',
128 'shib_phone_home',
129 'shib_phone_mobile',
130 'shib_language',
131 'shib_matriculation',
132 );
133 //set PropertyFormGUI
134 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
135 $propertys = new ilPropertyFormGUI();
136 $propertys->setTitle($this->lng->txt("shib"));
137 $propertys->setFormAction($this->ctrl->getFormAction($this, "save"));
138 $propertys->addCommandButton("save", $this->lng->txt("save"));
139 $propertys->addCommandButton("settings", $this->lng->txt("cancel"));
140 //set enable shibboleth support
141 $enable = new ilCheckboxInputGUI();
142 $enable->setTitle($this->lng->txt("shib_active"));
143 $read_me_link = "./Services/AuthShibboleth/README.SHIBBOLETH.txt";
144 $info = "<a href='" . $read_me_link . "' target='_blank'>" . $this->lng->txt("auth_shib_instructions") . "</a>";
145 $enable->setInfo($info);
146 $enable->setPostVar("shib[active]");
147 $enable->setChecked($settings["shib_active"]);
148 //set allow local authentication
149 $local = new ilCheckboxInputGUI();
150 $local->setTitle($this->lng->txt("auth_allow_local"));
151 $local->setPostVar("shib[auth_allow_local]");
152 $local->setChecked($settings['shib_auth_allow_local']);
153 //set user default role
154 $defaultrole = new ilSelectInputGUI();
155 $defaultrole->setTitle($this->lng->txt("shib_user_default_role"));
156 $defaultrole->setPostVar("shib[user_default_role]");
157 $defaultrole->setOptions($role);
158 $defaultrole->setRequired(true);
159 $defaultrole->setValue($settings["shib_user_default_role"]);
160 //set name of federation
161 $name = new ilTextInputGUI();
162 $name->setTitle($this->lng->txt("shib_federation_name"));
163 $name->setPostVar("shib[federation_name]");
164 $name->setSize(40);
165 $name->setMaxLength(50);
166 $name->setRequired(true);
167 $name->setValue(stripslashes($settings["shib_federation_name"]));
168 //set Organize selection group
169 include_once("./Services/Form/classes/class.ilRadioGroupInputGUI.php");
170 include_once("./Services/Form/classes/class.ilRadioOption.php");
171 $organize = new ilRadioGroupInputGUI();
172 $organize->setTitle($this->lng->txt("shib_login_type"));
173 $organize->setPostVar("shib[hos_type]");
174 $organize->setRequired(true);
175 $organize->setValue($settings["shib_hos_type"]);
176 //set 1. option internalwayf
177 $internalwayf = new ilRadioOption();
178 $internalwayf->setTitle($this->lng->txt("shib_login_internal_wayf"));
179 $internalwayf->setValue("internal_wayf");
180 //set 1. option internalwayf textbox idplist
181 $idplist = new ilTextAreaInputGUI();
182 $idplist->setInfo($this->lng->txt("shib_idp_list"));
183 $idplist->setPostVar("shib[idp_list]");
184 $idplist->setRows(3);
185 $idplist->setCols(50);
186 $idplist->setValue($settings["shib_idp_list"]);
187 //set 2. Option externalwayf
188 $externalwayf = new ilRadioOption();
189 $externalwayf->setTitle($this->lng->txt("shib_login_external_wayf"));
190 $externalwayf->setValue("external_wayf");
191 //set 2. Option externalwayf textfield path to login button image
192 $loginbutton = new ilTextInputGUI();
193 $loginbutton->setInfo($this->lng->txt("shib_login_button"));
194 $loginbutton->setPostVar("shib[login_button]");
195 $loginbutton->setSize(50);
196 $loginbutton->setMaxLength(255);
197 $loginbutton->setValue($settings["shib_login_button"]);
198 //set 3. Option embeddedwayf
199 $embeddedwayf = new ilRadioOption();
200 $embeddedwayf->setTitle($this->lng->txt("shib_login_embedded_wayf"));
201 $embeddedwayf->setInfo($this->lng->txt("shib_login_embedded_wayf_description"));
202 $embeddedwayf->setValue("embedded_wayf");
203 //set login instructions
204 $logininstruction = new ilTextAreaInputGUI();
205 $logininstruction->setTitle($this->lng->txt("auth_login_instructions"));
206 $logininstruction->setPostVar("shib[login_instructions]");
207 $logininstruction->setRows(3);
208 $logininstruction->setCols(50);
209 $logininstruction->setValue(stripslashes($settings["shib_login_instructions"]));
210 //set path to data manipulation API
211 $dataconv = new ilTextInputGUI();
212 $dataconv->setTitle($this->lng->txt("shib_data_conv"));
213 $dataconv->setPostVar("shib[data_conv]");
214 $dataconv->setSize(80);
215 $dataconv->setMaxLength(512);
216 $dataconv->setValue($settings["shib_data_conv"]);
217 //field mappings
218 $fields = array();
219 foreach ($shib_settings as $setting) {
220 $field = ereg_replace('shib_', '', $setting);
221 $textinput = new ilTextInputGUI();
222 $textinput->setTitle($this->lng->txt($setting));
223 $textinput->setPostVar("shib[" . $field . "]");
224 $textinput->setValue($settings[$setting]);
225 $textinput->setSize(40);
226 $textinput->setMaxLength(50);
227 $checkinput = new ilCheckboxInputGUI("");
228 $checkinput->setOptionTitle($this->lng->txt("shib_update"));
229 $checkinput->setPostVar("shib[update_" . $field . "]");
230 $checkinput->setChecked($settings["shib_update_" . $field]);
231 if ($setting == 'shib_login' || $setting == 'shib_firstname'
232 || $setting == 'shib_lastname'
233 || $setting == 'shib_email'
234 ) {
235 $textinput->setRequired(true);
236 }
237 $fields[$setting] = array( "text" => $textinput, "check" => $checkinput );
238 }
239 $propertys->addItem($enable);
240 $propertys->addItem($local);
241 $propertys->addItem($defaultrole);
242 $propertys->addItem($name);
243 $internalwayf->addSubItem($idplist);
244 $organize->addOption($internalwayf);
245 $externalwayf->addSubItem($loginbutton);
246 $organize->addOption($externalwayf);
247 $organize->addOption($embeddedwayf);
248 $propertys->addItem($organize);
249 $propertys->addItem($logininstruction);
250 $propertys->addItem($dataconv);
251 foreach ($shib_settings as $setting) {
252 $propertys->addItem($fields[$setting]["text"]);
253 if ($setting != "shib_login") {
254 $propertys->addItem($fields[$setting]["check"]);
255 }
256 }
257 $this->tpl->setContent($propertys->getHTML());
258 }
259
260
261 public function save() {
262 global $ilUser;
263 // validate required data
264 if (! $_POST["shib"]["login"]
265 or ! $_POST["shib"]["hos_type"]
266 or ! $_POST["shib"]["firstname"]
267 or ! $_POST["shib"]["lastname"]
268 or ! $_POST["shib"]["email"]
269 or ! $_POST["shib"]["user_default_role"]
270 or ! $_POST["shib"]["federation_name"]
271 ) {
272 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
273 }
274 // validate api
275 if ($_POST["shib"]["data_conv"]
276 and $_POST["shib"]["data_conv"] != ''
277 and ! is_readable($_POST["shib"]["data_conv"])
278 ) {
279 $this->ilias->raiseError($this->lng->txt("shib_data_conv_warning"), $this->ilias->error_obj->MESSAGE);
280 }
281 // all ok. save settings
282 $shib_settings = array(
283 'shib_login',
284 'shib_title',
285 'shib_firstname',
286 'shib_lastname',
287 'shib_email',
288 'shib_gender',
289 'shib_institution',
290 'shib_department',
291 'shib_zipcode',
292 'shib_city',
293 'shib_country',
294 'shib_street',
295 'shib_phone_office',
296 'shib_phone_home',
297 'shib_phone_mobile',
298 'shib_language',
299 'shib_matriculation'
300 );
301 foreach ($shib_settings as $setting) {
302 $field = ereg_replace('shib_', '', $setting);
303 if ($_POST["shib"]["update_" . $field] != "1") {
304 $_POST["shib"]["update_" . $field] = "0";
305 }
306 $this->ilias->setSetting($setting, trim($_POST["shib"][$field]));
307 $this->ilias->setSetting("shib_update_" . $field, $_POST["shib"]["update_" . $field]);
308 }
309 if ($_POST["shib"]["active"] != "1") {
310 $this->ilias->setSetting("shib_active", "0");
311 } else {
312 $this->ilias->setSetting("shib_active", "1");
313 }
314 $this->ilias->setSetting("shib_user_default_role", $_POST["shib"]["user_default_role"]);
315 $this->ilias->setSetting("shib_hos_type", $_POST["shib"]["hos_type"]);
316 $this->ilias->setSetting("shib_federation_name", $_POST["shib"]["federation_name"]);
317 $this->ilias->setSetting("shib_idp_list", $_POST["shib"]["idp_list"]);
318 $this->ilias->setSetting("shib_login_instructions", $_POST["shib"]["login_instructions"]);
319 $this->ilias->setSetting("shib_login_button", $_POST["shib"]["login_button"]);
320 $this->ilias->setSetting("shib_data_conv", $_POST["shib"]["data_conv"]);
321 $this->ilias->setSetting("shib_auth_allow_local", ($_POST['shib']['auth_allow_local'] == '1') ? '1' : '0');
322 ilUtil::sendSuccess($this->lng->txt("shib_settings_saved"), true);
323 $this->ctrl->redirect($this, 'settings');
324 }
325
326
327 protected function roleAssignment() {
328 $this->tabs_gui->setSubTabActive('shib_role_assignment');
329 $this->initFormRoleAssignment('default');
330 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
331 $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
332 if (strlen($html = $this->parseRulesTable())) {
333 $this->tpl->setVariable('RULE_TABLE', $html);
334 }
335
336 return true;
337 }
338
339
340 protected function parseRulesTable() {
341 include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php');
342 if (ilShibbolethRoleAssignmentRules::getCountRules() == 0) {
343 return '';
344 }
345 include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentTableGUI.php');
346 $rules_table = new ilShibbolethRoleAssignmentTableGUI($this, 'roleAssignment');
347 $rules_table->setTitle($this->lng->txt('shib_rules_tables'));
348 $rules_table->parse(ilShibbolethRoleAssignmentRules::getAllRules());
349 $rules_table->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
350 $rules_table->setSelectAllCheckbox("rule_id");
351
352 return $rules_table->getHTML();
353 }
354
355
364 protected function confirmDeleteRules() {
365 if (! is_array($_POST['rule_ids'])) {
366 ilUtil::sendFailure($this->lng->txt('select_one'));
367 $this->roleAssignment();
368
369 return false;
370 }
371 $this->tabs_gui->setSubTabActive('shib_role_assignment');
372 include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
373 $c_gui = new ilConfirmationGUI();
374 // set confirm/cancel commands
375 $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules"));
376 $c_gui->setHeaderText($this->lng->txt("shib_confirm_del_role_ass"));
377 $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignment");
378 $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules");
379 // add items to delete
380 include_once('Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
381 foreach ($_POST["rule_ids"] as $rule_id) {
382 $rule = new ilShibbolethRoleAssignmentRule($rule_id);
383 $info = ilObject::_lookupTitle($rule->getRoleId());
384 $info .= " (";
385 $info .= $rule->conditionToString();
386 $info .= ')';
387 $c_gui->addItem('rule_ids[]', $rule_id, $info);
388 }
389 $this->tpl->setContent($c_gui->getHTML());
390 }
391
392
399 protected function deleteRules() {
400 if (! is_array($_POST['rule_ids'])) {
401 ilUtil::sendFailure($this->lng->txt('select_once'));
402 $this->roleAssignment();
403
404 return false;
405 }
406 include_once('Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
407 foreach ($_POST["rule_ids"] as $rule_id) {
408 $rule = new ilShibbolethRoleAssignmentRule($rule_id);
409 $rule->delete();
410 }
411 ilUtil::sendSuccess($this->lng->txt('shib_deleted_rule'));
412 $this->roleAssignment();
413
414 return true;
415 }
416
417
418 protected function initFormRoleAssignment($a_mode = 'default') {
419 include_once('./Services/Form/classes/class.ilPropertyFormGUI.php');
420 $this->form = new ilPropertyFormGUI();
421 $this->form->setFormAction($this->ctrl->getFormAction($this, 'cancel'));
422 $this->form->setTitle($this->lng->txt('shib_role_ass_table'));
423 if ($a_mode == 'default') {
424 $this->form->setTitle($this->lng->txt('shib_role_ass_table'));
425 $this->form->addCommandButton('addRoleAssignmentRule', $this->lng->txt('shib_new_rule'));
426 $this->form->addCommandButton('settings', $this->lng->txt('cancel'));
427 } else {
428 $this->form->setTitle($this->lng->txt('shib_update_role_ass_table'));
429 $this->form->addCommandButton('updateRoleAssignmentRule', $this->lng->txt('save'));
430 $this->form->addCommandButton('roleAssignment', $this->lng->txt('cancel'));
431 }
432 // Role selection
433 $role = new ilRadioGroupInputGUI($this->lng->txt('shib_role_name'), 'role_name');
434 $role->setRequired(true);
435 $global = new ilRadioOption($this->lng->txt('shib_global_role'), 0);
436 $role->addOption($global);
437 $role_select = new ilSelectInputGUI('', 'role_id');
438 $role_select->setOptions($this->prepareRoleSelect());
439 $global->addSubItem($role_select);
440 $local = new ilRadioOption($this->lng->txt('shib_local_role'), 1);
441 $role->addOption($local);
442 include_once './Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php';
443 $role_search = new ilRoleAutoCompleteInputGUI('', 'role_search', $this, 'addRoleAutoCompleteObject');
444 $role_search->setSize(40);
445 $local->addSubItem($role_search);
446 include_once './Services/AccessControl/classes/class.ilRoleAutoComplete.php';
447 $role->setInfo($this->lng->txt('shib_role_name_info'));
448 $this->form->addItem($role);
449 // Update options
450 $update = new ilNonEditableValueGUI($this->lng->txt('shib_update_roles'), 'update_roles');
451 $update->setValue($this->lng->txt('shib_check_role_assignment'));
452 $add = new ilCheckboxInputGUI('', 'add_missing');
453 $add->setOptionTitle($this->lng->txt('shib_add_missing'));
454 $add->setValue(1);
455 $update->addSubItem($add);
456 $remove = new ilCheckboxInputGUI('', 'remove_deprecated');
457 $remove->setOptionTitle($this->lng->txt('shib_remove_deprecated'));
458 $remove->setValue(1);
459 $update->addSubItem($remove);
460 $this->form->addItem($update);
461 // Assignment type
462 $kind = new ilRadioGroupInputGUI($this->lng->txt('shib_assignment_type'), 'kind');
463 $kind->setValue(1);
464 $kind->setRequired(true);
465 $attr = new ilRadioOption($this->lng->txt('shib_attribute'), 1);
466 $attr->setInfo($this->lng->txt('shib_attr_info'));
467 $name = new ilTextInputGUI($this->lng->txt('shib_attribute_name'), 'attr_name');
468 $name->setSize(32);
469 $attr->addSubItem($name);
470 $value = new ilTextInputGUI($this->lng->txt('shib_attribute_value'), 'attr_value');
471 $value->setSize(32);
472 $attr->addSubItem($value);
473 $kind->addOption($attr);
474 $pl_active = (bool)$this->hasActiveRoleAssignmentPlugins();
475 $pl = new ilRadioOption($this->lng->txt('shib_plugin'), 2);
476 $pl->setInfo($this->lng->txt('shib_plugin_info'));
477 $pl->setDisabled(! $pl_active);
478 $id = new ilNumberInputGUI($this->lng->txt('shib_plugin_id'), 'plugin_id');
479 $id->setDisabled(! $pl_active);
480 $id->setSize(3);
481 $id->setMaxLength(3);
482 $id->setMaxValue(999);
483 $id->setMinValue(1);
484 $pl->addSubItem($id);
485 $kind->addOption($pl);
486 $this->form->addItem($kind);
487 }
488
489
493 function addRoleAutoCompleteObject() {
494 include_once("./Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php");
495 ilRoleAutoCompleteInputGUI::echoAutoCompleteList();
496 }
497
498
499 protected function addRoleAssignmentRule() {
500 global $ilAccess, $ilErr;
501 if (! $ilAccess->checkAccess('write', '', $this->ref_id)) {
502 ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
503 $this->roleAssignment();
504
505 return false;
506 }
507 $this->initFormRoleAssignment();
508 if (! $this->form->checkInput() or ($err = $this->checkInput())) {
509 if ($err) {
510 ilUtil::sendFailure($this->lng->txt($err));
511 }
512 $this->tabs_gui->setSubTabActive('shib_role_assignment');
513 $this->form->setValuesByPost();
514 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
515 $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
516 if (strlen($html = $this->parseRulesTable())) {
517 $this->tpl->setVariable('RULE_TABLE', $html);
518 }
519
520 return true;
521 }
522 // Redirects if required
523 $this->showLocalRoleSelection();
524 $this->rule->add();
525 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
526 $this->roleAssignment();
527
528 return true;
529 }
530
531
537 protected function editRoleAssignment() {
538 $this->ctrl->setParameter($this, 'rule_id', (int)$_GET['rule_id']);
539 $this->tabs_gui->setSubTabActive('shib_role_assignment');
540 $this->initFormRoleAssignment('update');
541 $this->getRuleValues();
542 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
543 $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
544
545 return true;
546 }
547
548
549 protected function updateRoleAssignmentRule() {
550 global $ilAccess, $ilErr;
551 if (! $ilAccess->checkAccess('write', '', $this->ref_id)) {
552 ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
553 $this->roleAssignment();
554
555 return false;
556 }
557 $this->initFormRoleAssignment();
558 if (! $this->form->checkInput() or ($err = $this->checkInput((int)$_REQUEST['rule_id']))) {
559 if ($err) {
560 ilUtil::sendFailure($this->lng->txt($err));
561 }
562 $this->tabs_gui->setSubTabActive('shib_role_assignment');
563 $this->form->setValuesByPost();
564 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
565 $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
566
567 return true;
568 }
569 $this->showLocalRoleSelection('update');
570 $this->rule->update();
571 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
572 $this->roleAssignment();
573
574 return true;
575 }
576
577
578 private function loadRule($a_rule_id = 0) {
579 include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
580 $this->rule = new ilShibbolethRoleAssignmentRule($a_rule_id);
581 if ($this->form->getInput('role_name') == 0) {
582 $this->rule->setRoleId($this->form->getInput('role_id'));
583 } elseif ($this->form->getInput('role_search')) {
584 // Search role
585 include_once './Services/Search/classes/class.ilQueryParser.php';
586 $parser = new ilQueryParser($this->form->getInput('role_search'));
587 // TODO: Handle minWordLength
588 $parser->setMinWordLength(1, true);
589 $parser->setCombination(QP_COMBINATION_AND);
590 $parser->parse();
591 include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
592 $object_search = new ilLikeObjectSearch($parser);
593 $object_search->setFilter(array( 'role' ));
594 $res = $object_search->performSearch();
595 $entries = $res->getEntries();
596 if (count($entries) == 1) {
597 $role = current($entries);
598 $this->rule->setRoleId($role['obj_id']);
599 } elseif (count($entries) > 1) {
600 $this->rule->setRoleId(- 1);
601 }
602 }
603 $this->rule->setName($this->form->getInput('attr_name'));
604 $this->rule->setValue($this->form->getInput('attr_value'));
605 $this->rule->enableAddOnUpdate($this->form->getInput('add_missing'));
606 $this->rule->enableRemoveOnUpdate($this->form->getInput('remove_deprecated'));
607 $this->rule->enablePlugin($this->form->getInput('kind') == 2);
608 $this->rule->setPluginId($this->form->getInput('plugin_id'));
609
610 return $this->rule;
611 }
612
613
614 private function getRuleValues() {
615 global $rbacreview;
616 include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php';
617 $rule = new ilShibbolethRoleAssignmentRule((int)$_GET['rule_id']);
618 $role = $rule->getRoleId();
619 if ($rbacreview->isGlobalRole($role)) {
620 $values['role_name'] = 0;
621 $values['role_id'] = $role;
622 } else {
623 $values['role_name'] = 1;
624 $values['role_search'] = ilObject::_lookupTitle($role);
625 }
626 $values['add_missing'] = (int)$rule->isAddOnUpdateEnabled();
627 $values['remove_deprecated'] = (int)$rule->isRemoveOnUpdateEnabled();
628 $values['attr_name'] = $rule->getName();
629 $values['attr_value'] = $rule->getValue();
630 if (! $rule->isPluginActive()) {
631 $values['kind'] = 1;
632 } else {
633 $values['kind'] = 2;
634 $values['plugin_id'] = $rule->getPluginId();
635 }
636 $this->form->setValuesByArray($values);
637 }
638
639
640 private function checkInput($a_rule_id = 0) {
641 $this->loadRule($a_rule_id);
642
643 return $this->rule->validate();
644 }
645
646
647 private function showLocalRoleSelection() {
648 if ($this->rule->getRoleId() > 0) {
649 return false;
650 }
651 $_SESSION['shib_role_ass']['rule_id'] = $_REQUEST['rule_id'] ? $_REQUEST['rule_id'] : 0;
652 $_SESSION['shib_role_ass']['search'] = $this->form->getInput('role_search');
653 $_SESSION['shib_role_ass']['add_on_update'] = $this->rule->isAddOnUpdateEnabled();
654 $_SESSION['shib_role_ass']['remove_on_update'] = $this->rule->isRemoveOnUpdateEnabled();
655 $_SESSION['shib_role_ass']['name'] = $this->rule->getName();
656 $_SESSION['shib_role_ass']['value'] = $this->rule->getValue();
657 $_SESSION['shib_role_ass']['plugin'] = $this->rule->isPluginActive();
658 $_SESSION['shib_role_ass']['plugin_id'] = $this->rule->getPluginId();
659 $this->ctrl->redirect($this, 'chooseRole');
660 }
661
662
663 protected function chooseRole() {
664 $this->tabs_gui->setSubTabActive('shib_role_assignment');
665 include_once './Services/Search/classes/class.ilQueryParser.php';
666 $parser = new ilQueryParser($_SESSION['shib_role_ass']['search']);
667 $parser->setMinWordLength(1, true);
668 $parser->setCombination(QP_COMBINATION_AND);
669 $parser->parse();
670 include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
671 $object_search = new ilLikeObjectSearch($parser);
672 $object_search->setFilter(array( 'role' ));
673 $res = $object_search->performSearch();
674 $entries = $res->getEntries();
675 include_once './Services/AccessControl/classes/class.ilRoleSelectionTableGUI.php';
676 $table = new ilRoleSelectionTableGUI($this, 'chooseRole');
677 $table->setTitle($this->lng->txt('shib_role_selection'));
678 $table->addMultiCommand('saveRoleSelection', $this->lng->txt('shib_choose_role'));
679 $table->addCommandButton('roleAssignment', $this->lng->txt('cancel'));
680 $table->parse($entries);
681 $this->tpl->setContent($table->getHTML());
682
683 return true;
684 }
685
686
687 protected function saveRoleSelection() {
688 $rule = new ilShibbolethRoleAssignmentRule($_SESSION['shib_role_ass']['rule_id']);
689 $rule->setRoleId((int)$_POST['role_id']);
690 $rule->setName($_SESSION['shib_role_ass']['name']);
691 $rule->setValue($_SESSION['shib_role_ass']['value']);
692 $rule->enablePlugin($_SESSION['shib_role_ass']['plugin']);
693 $rule->setPluginId($_SESSION['shib_role_ass']['plugin_id']);
694 $rule->enableAddOnUpdate($_SESSION['shib_role_ass']['add_on_update']);
695 $rule->enableRemoveOnUpdate($_SESSION['shib_role_ass']['remove_on_update']);
696 if ($rule->getRuleId()) {
697 $rule->update();
698 } else {
699 $rule->add();
700 }
701 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
702 unset($_SESSION['shib_role_ass']);
703 $this->roleAssignment();
704 }
705
706
712 private function hasActiveRoleAssignmentPlugins() {
713 global $ilPluginAdmin;
714
715 return count($ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, 'AuthShibboleth', 'shibhk'));
716 }
717
718
719 private function prepareRoleSelect($a_as_select = true) {
720 global $rbacreview, $ilObjDataCache;
721 $global_roles = ilUtil::_sortIds($rbacreview->getGlobalRoles(), 'object_data', 'title', 'obj_id');
722 $select[0] = $this->lng->txt('links_select_one');
723 foreach ($global_roles as $role_id) {
724 $select[$role_id] = ilObject::_lookupTitle($role_id);
725 }
726
727 return $select;
728 }
729
730
731 protected function setSubTabs() {
732 global $ilSetting;
733 include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php';
734 if ($ilSetting->get('shib_active') == 0 and ilShibbolethRoleAssignmentRules::getCountRules() == 0) {
735 return false;
736 }
737 // DONE: show sub tabs if there is any role assignment rule
738 $this->tabs_gui->addSubTabTarget('shib_settings', $this->ctrl->getLinkTarget($this, 'settings'));
739 $this->tabs_gui->addSubTabTarget('shib_role_assignment', $this->ctrl->getLinkTarget($this, 'roleAssignment'));
740
741 return true;
742 }
743}
744
745?>
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
IL_COMP_SERVICE
const IL_COMP_SERVICE
Definition: class.ilComponent.php:6
QP_COMBINATION_AND
const QP_COMBINATION_AND
Definition: class.ilQueryParser.php:35
ilAuthShibbolethSettingsGUI
Class ilAuthShibbolethSettingsGUI.
Definition: class.ilAuthShibbolethSettingsGUI.php:13
ilAuthShibbolethSettingsGUI\addRoleAutoCompleteObject
addRoleAutoCompleteObject()
Add Member for autoComplete.
Definition: class.ilAuthShibbolethSettingsGUI.php:493
ilAuthShibbolethSettingsGUI\hasActiveRoleAssignmentPlugins
hasActiveRoleAssignmentPlugins()
Check if plugin is active.
Definition: class.ilAuthShibbolethSettingsGUI.php:712
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:34
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:16
ilNonEditableValueGUI
This class represents a non editable value in a property form.
Definition: class.ilNonEditableValueGUI.php:14
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:15
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1028
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:931
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:48
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:34
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:32
ilRoleAutoCompleteInputGUI
This class represents a role + autocomplete feature form input.
Definition: class.ilRoleAutoCompleteInputGUI.php:14
ilRoleAutoCompleteInputGUI\echoAutoCompleteList
static echoAutoCompleteList()
Static asynchronous default auto complete function.
Definition: class.ilRoleAutoCompleteInputGUI.php:41
ilSelectInputGUI
This class represents a selection list property in a property form.
Definition: class.ilSelectInputGUI.php:18
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:35
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:17
ilUtil\_sortIds
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,...
Definition: class.ilUtil.php:4811
ilUtil\sendSuccess
static sendSuccess($a_info="", $a_keep=false)
Send Success Message to Screen.
Definition: class.ilUtil.php:4925
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4899
$_POST
$_POST['username']
Definition: cron.php:12
$_SESSION
< a tabindex="-1" style="border-style: none;" href="#" title="Refresh Image" onclick="document.getElementById('siimage').src = './securimage_show.php?sid=' + Math.random(); this.blur(); return false">< img src="./images/refresh.png" alt="Reload Image" height="32" width="32" onclick="this.blur()" align="bottom" border="0"/></a >< br/>< strong > Enter Code *if($_SERVER['REQUEST_METHOD']=='POST' &&@ $_POST['do']=='contact') $_SESSION['ctform']['success']
Definition: example_form.php:192
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
$ilErr
$ilErr
Definition: inc.setup_header.php:81
ilias
redirection script todo: (a better solution should control the processing via a xml file)
$ilSetting
global $ilSetting
Definition: privfeed.php:40
$cmd
$cmd
Definition: sahs_server.php:35
$_REQUEST
if($_REQUEST['ilias_path']) define('ILIAS_HTTP_PATH' $_REQUEST['ilias_path']
Definition: index.php:7
$ilUser
global $ilUser
Definition: imgupload.php:15