ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilAuthShibbolethSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
13 class ilAuthShibbolethSettingsGUI {
14 
18  private $ctrl;
22  private $ilias;
26  private $tabs_gui;
30  private $lng;
34  private $tpl;
38  private $ref_id;
39 
40 
47  public function __construct($a_auth_ref_id) {
48  global $lng, $ilCtrl, $tpl, $ilTabs, $ilias;
49  $this->ctrl = $ilCtrl;
50  $this->tabs_gui = $ilTabs;
51  $this->lng = $lng;
52  $this->lng->loadLanguageModule('shib');
53  $this->ilias = $ilias;
54  $this->tpl = $tpl;
55  $this->ref_id = $a_auth_ref_id;
56  $this->obj_id = ilObject::_lookupObjId($this->ref_id);
57  }
58 
59 
65  public function executeCommand() {
66  global $ilAccess, $ilErr, $ilCtrl;
67  $next_class = $this->ctrl->getNextClass($this);
68  $cmd = $this->ctrl->getCmd();
69  if (! $ilAccess->checkAccess('read', '', $this->ref_id)) {
70  $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
71  }
72  if (! $ilAccess->checkAccess('write', '', $this->ref_id) && $cmd != "settings") {
73  ilUtil::sendFailure($this->lng->txt('msg_no_perm_write'), true);
74  $ilCtrl->redirect($this, "settings");
75  }
76  $this->setSubTabs();
77  switch ($next_class) {
78  default:
79  if (! $cmd) {
80  $cmd = "settings";
81  }
82  $this->$cmd();
83  break;
84  }
85 
86  return true;
87  }
88 
89 
90  public function settings() {
91  global $rbacreview;
92  $this->tabs_gui->setSubTabActive('shib_settings');
93  // set already saved data or default value for port
94  $settings = $this->ilias->getAllSettings();
95  // Compose role list
96  $role_list = $rbacreview->getRolesByFilter(2);
97  $role = array();
98  if (! isset($settings["shib_user_default_role"])) {
99  $settings["shib_user_default_role"] = 4;
100  }
101  if (! isset($settings["shib_idp_list"]) || $settings["shib_idp_list"] == '') {
102  $settings["shib_idp_list"] = "urn:mace:organization1:providerID, Example Organization 1\nurn:mace:organization2:providerID, Example Organization 2, /Shibboleth.sso/WAYF/SWITCHaai";
103  }
104  if (! isset($settings["shib_login_button"]) || $settings["shib_login_button"] == '') {
105  $settings["shib_login_button"] = "templates/default/images/shib_login_button.png";
106  }
107  if (! isset($settings["shib_hos_type"]) || $settings["shib_hos_type"] == '') {
108  $settings["shib_hos_type"] = 'internal_wayf';
109  }
110  foreach ($role_list as $data) {
111  $role[$data["obj_id"]] = $data["title"];
112  }
113  // Set text field content
114  $shib_settings = array(
115  'shib_login',
116  'shib_title',
117  'shib_firstname',
118  'shib_lastname',
119  'shib_email',
120  'shib_gender',
121  'shib_institution',
122  'shib_department',
123  'shib_zipcode',
124  'shib_city',
125  'shib_country',
126  'shib_street',
127  'shib_phone_office',
128  'shib_phone_home',
129  'shib_phone_mobile',
130  'shib_language',
131  'shib_matriculation',
132  );
133  //set PropertyFormGUI
134  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
135  $propertys = new ilPropertyFormGUI();
136  $propertys->setTitle($this->lng->txt("shib"));
137  $propertys->setFormAction($this->ctrl->getFormAction($this, "save"));
138  $propertys->addCommandButton("save", $this->lng->txt("save"));
139  $propertys->addCommandButton("settings", $this->lng->txt("cancel"));
140  //set enable shibboleth support
141  $enable = new ilCheckboxInputGUI();
142  $enable->setTitle($this->lng->txt("shib_active"));
143  $read_me_link = "./Services/AuthShibboleth/README.SHIBBOLETH.txt";
144  $info = "<a href='" . $read_me_link . "' target='_blank'>" . $this->lng->txt("auth_shib_instructions") . "</a>";
145  $enable->setInfo($info);
146  $enable->setPostVar("shib[active]");
147  $enable->setChecked($settings["shib_active"]);
148  //set allow local authentication
149  $local = new ilCheckboxInputGUI();
150  $local->setTitle($this->lng->txt("auth_allow_local"));
151  $local->setPostVar("shib[auth_allow_local]");
152  $local->setChecked($settings['shib_auth_allow_local']);
153  //set user default role
154  $defaultrole = new ilSelectInputGUI();
155  $defaultrole->setTitle($this->lng->txt("shib_user_default_role"));
156  $defaultrole->setPostVar("shib[user_default_role]");
157  $defaultrole->setOptions($role);
158  $defaultrole->setRequired(true);
159  $defaultrole->setValue($settings["shib_user_default_role"]);
160  //set name of federation
161  $name = new ilTextInputGUI();
162  $name->setTitle($this->lng->txt("shib_federation_name"));
163  $name->setPostVar("shib[federation_name]");
164  $name->setSize(40);
165  $name->setMaxLength(50);
166  $name->setRequired(true);
167  $name->setValue(stripslashes($settings["shib_federation_name"]));
168  //set Organize selection group
169  include_once("./Services/Form/classes/class.ilRadioGroupInputGUI.php");
170  include_once("./Services/Form/classes/class.ilRadioOption.php");
171  $organize = new ilRadioGroupInputGUI();
172  $organize->setTitle($this->lng->txt("shib_login_type"));
173  $organize->setPostVar("shib[hos_type]");
174  $organize->setRequired(true);
175  $organize->setValue($settings["shib_hos_type"]);
176  //set 1. option internalwayf
177  $internalwayf = new ilRadioOption();
178  $internalwayf->setTitle($this->lng->txt("shib_login_internal_wayf"));
179  $internalwayf->setValue("internal_wayf");
180  //set 1. option internalwayf textbox idplist
181  $idplist = new ilTextAreaInputGUI();
182  $idplist->setInfo($this->lng->txt("shib_idp_list"));
183  $idplist->setPostVar("shib[idp_list]");
184  $idplist->setRows(3);
185  $idplist->setCols(50);
186  $idplist->setValue($settings["shib_idp_list"]);
187  //set 2. Option externalwayf
188  $externalwayf = new ilRadioOption();
189  $externalwayf->setTitle($this->lng->txt("shib_login_external_wayf"));
190  $externalwayf->setValue("external_wayf");
191  //set 2. Option externalwayf textfield path to login button image
192  $loginbutton = new ilTextInputGUI();
193  $loginbutton->setInfo($this->lng->txt("shib_login_button"));
194  $loginbutton->setPostVar("shib[login_button]");
195  $loginbutton->setSize(50);
196  $loginbutton->setMaxLength(255);
197  $loginbutton->setValue($settings["shib_login_button"]);
198  //set 3. Option embeddedwayf
199  $embeddedwayf = new ilRadioOption();
200  $embeddedwayf->setTitle($this->lng->txt("shib_login_embedded_wayf"));
201  $embeddedwayf->setInfo($this->lng->txt("shib_login_embedded_wayf_description"));
202  $embeddedwayf->setValue("embedded_wayf");
203  //set login instructions
204  $logininstruction = new ilTextAreaInputGUI();
205  $logininstruction->setTitle($this->lng->txt("auth_login_instructions"));
206  $logininstruction->setPostVar("shib[login_instructions]");
207  $logininstruction->setRows(3);
208  $logininstruction->setCols(50);
209  $logininstruction->setValue(stripslashes($settings["shib_login_instructions"]));
210  //set path to data manipulation API
211  $dataconv = new ilTextInputGUI();
212  $dataconv->setTitle($this->lng->txt("shib_data_conv"));
213  $dataconv->setPostVar("shib[data_conv]");
214  $dataconv->setSize(80);
215  $dataconv->setMaxLength(512);
216  $dataconv->setValue($settings["shib_data_conv"]);
217  //field mappings
218  $fields = array();
219  foreach ($shib_settings as $setting) {
220  $field = ereg_replace('shib_', '', $setting);
221  $textinput = new ilTextInputGUI();
222  $textinput->setTitle($this->lng->txt($setting));
223  $textinput->setPostVar("shib[" . $field . "]");
224  $textinput->setValue($settings[$setting]);
225  $textinput->setSize(40);
226  $textinput->setMaxLength(50);
227  $checkinput = new ilCheckboxInputGUI("");
228  $checkinput->setOptionTitle($this->lng->txt("shib_update"));
229  $checkinput->setPostVar("shib[update_" . $field . "]");
230  $checkinput->setChecked($settings["shib_update_" . $field]);
231  if ($setting == 'shib_login' || $setting == 'shib_firstname'
232  || $setting == 'shib_lastname'
233  || $setting == 'shib_email'
234  ) {
235  $textinput->setRequired(true);
236  }
237  $fields[$setting] = array( "text" => $textinput, "check" => $checkinput );
238  }
239  $propertys->addItem($enable);
240  $propertys->addItem($local);
241  $propertys->addItem($defaultrole);
242  $propertys->addItem($name);
243  $internalwayf->addSubItem($idplist);
244  $organize->addOption($internalwayf);
245  $externalwayf->addSubItem($loginbutton);
246  $organize->addOption($externalwayf);
247  $organize->addOption($embeddedwayf);
248  $propertys->addItem($organize);
249  $propertys->addItem($logininstruction);
250  $propertys->addItem($dataconv);
251  foreach ($shib_settings as $setting) {
252  $propertys->addItem($fields[$setting]["text"]);
253  if ($setting != "shib_login") {
254  $propertys->addItem($fields[$setting]["check"]);
255  }
256  }
257  $this->tpl->setContent($propertys->getHTML());
258  }
259 
260 
261  public function save() {
262  global $ilUser;
263  // validate required data
264  if (! $_POST["shib"]["login"]
265  or ! $_POST["shib"]["hos_type"]
266  or ! $_POST["shib"]["firstname"]
267  or ! $_POST["shib"]["lastname"]
268  or ! $_POST["shib"]["email"]
269  or ! $_POST["shib"]["user_default_role"]
270  or ! $_POST["shib"]["federation_name"]
271  ) {
272  $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
273  }
274  // validate api
275  if ($_POST["shib"]["data_conv"]
276  and $_POST["shib"]["data_conv"] != ''
277  and ! is_readable($_POST["shib"]["data_conv"])
278  ) {
279  $this->ilias->raiseError($this->lng->txt("shib_data_conv_warning"), $this->ilias->error_obj->MESSAGE);
280  }
281  // all ok. save settings
282  $shib_settings = array(
283  'shib_login',
284  'shib_title',
285  'shib_firstname',
286  'shib_lastname',
287  'shib_email',
288  'shib_gender',
289  'shib_institution',
290  'shib_department',
291  'shib_zipcode',
292  'shib_city',
293  'shib_country',
294  'shib_street',
295  'shib_phone_office',
296  'shib_phone_home',
297  'shib_phone_mobile',
298  'shib_language',
299  'shib_matriculation'
300  );
301  foreach ($shib_settings as $setting) {
302  $field = ereg_replace('shib_', '', $setting);
303  if ($_POST["shib"]["update_" . $field] != "1") {
304  $_POST["shib"]["update_" . $field] = "0";
305  }
306  $this->ilias->setSetting($setting, trim($_POST["shib"][$field]));
307  $this->ilias->setSetting("shib_update_" . $field, $_POST["shib"]["update_" . $field]);
308  }
309  if ($_POST["shib"]["active"] != "1") {
310  $this->ilias->setSetting("shib_active", "0");
311  $this->ilias->setSetting("shibboleth_active", "0");
312  } else {
313  $this->ilias->setSetting("shib_active", "1");
314  $this->ilias->setSetting("shibboleth_active", "1");
315  }
316  $this->ilias->setSetting("shib_user_default_role", $_POST["shib"]["user_default_role"]);
317  $this->ilias->setSetting("shib_hos_type", $_POST["shib"]["hos_type"]);
318  $this->ilias->setSetting("shib_federation_name", $_POST["shib"]["federation_name"]);
319  $this->ilias->setSetting("shib_idp_list", $_POST["shib"]["idp_list"]);
320  $this->ilias->setSetting("shib_login_instructions", $_POST["shib"]["login_instructions"]);
321  $this->ilias->setSetting("shib_login_button", $_POST["shib"]["login_button"]);
322  $this->ilias->setSetting("shib_data_conv", $_POST["shib"]["data_conv"]);
323  $this->ilias->setSetting("shib_auth_allow_local", ($_POST['shib']['auth_allow_local'] == '1') ? '1' : '0');
324  ilUtil::sendSuccess($this->lng->txt("shib_settings_saved"), true);
325  $this->ctrl->redirect($this, 'settings');
326  }
327 
328 
329  protected function roleAssignment() {
330  $this->tabs_gui->setSubTabActive('shib_role_assignment');
331  $this->initFormRoleAssignment('default');
332  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
333  $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
334  if (strlen($html = $this->parseRulesTable())) {
335  $this->tpl->setVariable('RULE_TABLE', $html);
336  }
337 
338  return true;
339  }
340 
341 
342  protected function parseRulesTable() {
343  include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php');
344  if (ilShibbolethRoleAssignmentRules::getCountRules() == 0) {
345  return '';
346  }
347  include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentTableGUI.php');
348  $rules_table = new ilShibbolethRoleAssignmentTableGUI($this, 'roleAssignment');
349  $rules_table->setTitle($this->lng->txt('shib_rules_tables'));
350  $rules_table->parse(ilShibbolethRoleAssignmentRules::getAllRules());
351  $rules_table->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
352  $rules_table->setSelectAllCheckbox("rule_id");
353 
354  return $rules_table->getHTML();
355  }
356 
357 
366  protected function confirmDeleteRules() {
367  if (! is_array($_POST['rule_ids'])) {
368  ilUtil::sendFailure($this->lng->txt('select_one'));
369  $this->roleAssignment();
370 
371  return false;
372  }
373  $this->tabs_gui->setSubTabActive('shib_role_assignment');
374  include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
375  $c_gui = new ilConfirmationGUI();
376  // set confirm/cancel commands
377  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules"));
378  $c_gui->setHeaderText($this->lng->txt("shib_confirm_del_role_ass"));
379  $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignment");
380  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules");
381  // add items to delete
382  include_once('Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
383  foreach ($_POST["rule_ids"] as $rule_id) {
384  $rule = new ilShibbolethRoleAssignmentRule($rule_id);
385  $info = ilObject::_lookupTitle($rule->getRoleId());
386  $info .= " (";
387  $info .= $rule->conditionToString();
388  $info .= ')';
389  $c_gui->addItem('rule_ids[]', $rule_id, $info);
390  }
391  $this->tpl->setContent($c_gui->getHTML());
392  }
393 
394 
401  protected function deleteRules() {
402  if (! is_array($_POST['rule_ids'])) {
403  ilUtil::sendFailure($this->lng->txt('select_once'));
404  $this->roleAssignment();
405 
406  return false;
407  }
408  include_once('Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
409  foreach ($_POST["rule_ids"] as $rule_id) {
410  $rule = new ilShibbolethRoleAssignmentRule($rule_id);
411  $rule->delete();
412  }
413  ilUtil::sendSuccess($this->lng->txt('shib_deleted_rule'));
414  $this->roleAssignment();
415 
416  return true;
417  }
418 
419 
420  protected function initFormRoleAssignment($a_mode = 'default') {
421  include_once('./Services/Form/classes/class.ilPropertyFormGUI.php');
422  $this->form = new ilPropertyFormGUI();
423  $this->form->setFormAction($this->ctrl->getFormAction($this, 'cancel'));
424  $this->form->setTitle($this->lng->txt('shib_role_ass_table'));
425  if ($a_mode == 'default') {
426  $this->form->setTitle($this->lng->txt('shib_role_ass_table'));
427  $this->form->addCommandButton('addRoleAssignmentRule', $this->lng->txt('shib_new_rule'));
428  $this->form->addCommandButton('settings', $this->lng->txt('cancel'));
429  } else {
430  $this->form->setTitle($this->lng->txt('shib_update_role_ass_table'));
431  $this->form->addCommandButton('updateRoleAssignmentRule', $this->lng->txt('save'));
432  $this->form->addCommandButton('roleAssignment', $this->lng->txt('cancel'));
433  }
434  // Role selection
435  $role = new ilRadioGroupInputGUI($this->lng->txt('shib_role_name'), 'role_name');
436  $role->setRequired(true);
437  $global = new ilRadioOption($this->lng->txt('shib_global_role'), 0);
438  $role->addOption($global);
439  $role_select = new ilSelectInputGUI('', 'role_id');
440  $role_select->setOptions($this->prepareRoleSelect());
441  $global->addSubItem($role_select);
442  $local = new ilRadioOption($this->lng->txt('shib_local_role'), 1);
443  $role->addOption($local);
444  include_once './Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php';
445  $role_search = new ilRoleAutoCompleteInputGUI('', 'role_search', $this, 'addRoleAutoCompleteObject');
446  $role_search->setSize(40);
447  $local->addSubItem($role_search);
448  include_once './Services/AccessControl/classes/class.ilRoleAutoComplete.php';
449  $role->setInfo($this->lng->txt('shib_role_name_info'));
450  $this->form->addItem($role);
451  // Update options
452  $update = new ilNonEditableValueGUI($this->lng->txt('shib_update_roles'), 'update_roles');
453  $update->setValue($this->lng->txt('shib_check_role_assignment'));
454  $add = new ilCheckboxInputGUI('', 'add_missing');
455  $add->setOptionTitle($this->lng->txt('shib_add_missing'));
456  $add->setValue(1);
457  $update->addSubItem($add);
458  $remove = new ilCheckboxInputGUI('', 'remove_deprecated');
459  $remove->setOptionTitle($this->lng->txt('shib_remove_deprecated'));
460  $remove->setValue(1);
461  $update->addSubItem($remove);
462  $this->form->addItem($update);
463  // Assignment type
464  $kind = new ilRadioGroupInputGUI($this->lng->txt('shib_assignment_type'), 'kind');
465  $kind->setValue(1);
466  $kind->setRequired(true);
467  $attr = new ilRadioOption($this->lng->txt('shib_attribute'), 1);
468  $attr->setInfo($this->lng->txt('shib_attr_info'));
469  $name = new ilTextInputGUI($this->lng->txt('shib_attribute_name'), 'attr_name');
470  $name->setSize(32);
471  $attr->addSubItem($name);
472  $value = new ilTextInputGUI($this->lng->txt('shib_attribute_value'), 'attr_value');
473  $value->setSize(32);
474  $attr->addSubItem($value);
475  $kind->addOption($attr);
476  $pl_active = (bool)$this->hasActiveRoleAssignmentPlugins();
477  $pl = new ilRadioOption($this->lng->txt('shib_plugin'), 2);
478  $pl->setInfo($this->lng->txt('shib_plugin_info'));
479  $pl->setDisabled(! $pl_active);
480  $id = new ilNumberInputGUI($this->lng->txt('shib_plugin_id'), 'plugin_id');
481  $id->setDisabled(! $pl_active);
482  $id->setSize(3);
483  $id->setMaxLength(3);
484  $id->setMaxValue(999);
485  $id->setMinValue(1);
486  $pl->addSubItem($id);
487  $kind->addOption($pl);
488  $this->form->addItem($kind);
489  }
490 
491 
495  function addRoleAutoCompleteObject() {
496  include_once("./Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php");
497  ilRoleAutoCompleteInputGUI::echoAutoCompleteList();
498  }
499 
500 
501  protected function addRoleAssignmentRule() {
502  global $ilAccess, $ilErr;
503  if (! $ilAccess->checkAccess('write', '', $this->ref_id)) {
504  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
505  $this->roleAssignment();
506 
507  return false;
508  }
509  $this->initFormRoleAssignment();
510  if (! $this->form->checkInput() or ($err = $this->checkInput())) {
511  if ($err) {
512  ilUtil::sendFailure($this->lng->txt($err));
513  }
514  $this->tabs_gui->setSubTabActive('shib_role_assignment');
515  $this->form->setValuesByPost();
516  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
517  $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
518  if (strlen($html = $this->parseRulesTable())) {
519  $this->tpl->setVariable('RULE_TABLE', $html);
520  }
521 
522  return true;
523  }
524  // Redirects if required
525  $this->showLocalRoleSelection();
526  $this->rule->add();
527  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
528  $this->roleAssignment();
529 
530  return true;
531  }
532 
533 
539  protected function editRoleAssignment() {
540  $this->ctrl->setParameter($this, 'rule_id', (int)$_GET['rule_id']);
541  $this->tabs_gui->setSubTabActive('shib_role_assignment');
542  $this->initFormRoleAssignment('update');
543  $this->getRuleValues();
544  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
545  $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
546 
547  return true;
548  }
549 
550 
551  protected function updateRoleAssignmentRule() {
552  global $ilAccess, $ilErr;
553  if (! $ilAccess->checkAccess('write', '', $this->ref_id)) {
554  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
555  $this->roleAssignment();
556 
557  return false;
558  }
559  $this->initFormRoleAssignment();
560  if (! $this->form->checkInput() or ($err = $this->checkInput((int)$_REQUEST['rule_id']))) {
561  if ($err) {
562  ilUtil::sendFailure($this->lng->txt($err));
563  }
564  $this->tabs_gui->setSubTabActive('shib_role_assignment');
565  $this->form->setValuesByPost();
566  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
567  $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
568 
569  return true;
570  }
571  $this->showLocalRoleSelection('update');
572  $this->rule->update();
573  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
574  $this->roleAssignment();
575 
576  return true;
577  }
578 
579 
580  private function loadRule($a_rule_id = 0) {
581  include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
582  $this->rule = new ilShibbolethRoleAssignmentRule($a_rule_id);
583  if ($this->form->getInput('role_name') == 0) {
584  $this->rule->setRoleId($this->form->getInput('role_id'));
585  } elseif ($this->form->getInput('role_search')) {
586  // Search role
587  include_once './Services/Search/classes/class.ilQueryParser.php';
588  $parser = new ilQueryParser($this->form->getInput('role_search'));
589  // TODO: Handle minWordLength
590  $parser->setMinWordLength(1, true);
591  $parser->setCombination(QP_COMBINATION_AND);
592  $parser->parse();
593  include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
594  $object_search = new ilLikeObjectSearch($parser);
595  $object_search->setFilter(array( 'role' ));
596  $res = $object_search->performSearch();
597  $entries = $res->getEntries();
598  if (count($entries) == 1) {
599  $role = current($entries);
600  $this->rule->setRoleId($role['obj_id']);
601  } elseif (count($entries) > 1) {
602  $this->rule->setRoleId(- 1);
603  }
604  }
605  $this->rule->setName($this->form->getInput('attr_name'));
606  $this->rule->setValue($this->form->getInput('attr_value'));
607  $this->rule->enableAddOnUpdate($this->form->getInput('add_missing'));
608  $this->rule->enableRemoveOnUpdate($this->form->getInput('remove_deprecated'));
609  $this->rule->enablePlugin($this->form->getInput('kind') == 2);
610  $this->rule->setPluginId($this->form->getInput('plugin_id'));
611 
612  return $this->rule;
613  }
614 
615 
616  private function getRuleValues() {
617  global $rbacreview;
618  include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php';
619  $rule = new ilShibbolethRoleAssignmentRule((int)$_GET['rule_id']);
620  $role = $rule->getRoleId();
621  if ($rbacreview->isGlobalRole($role)) {
622  $values['role_name'] = 0;
623  $values['role_id'] = $role;
624  } else {
625  $values['role_name'] = 1;
626  $values['role_search'] = ilObject::_lookupTitle($role);
627  }
628  $values['add_missing'] = (int)$rule->isAddOnUpdateEnabled();
629  $values['remove_deprecated'] = (int)$rule->isRemoveOnUpdateEnabled();
630  $values['attr_name'] = $rule->getName();
631  $values['attr_value'] = $rule->getValue();
632  if (! $rule->isPluginActive()) {
633  $values['kind'] = 1;
634  } else {
635  $values['kind'] = 2;
636  $values['plugin_id'] = $rule->getPluginId();
637  }
638  $this->form->setValuesByArray($values);
639  }
640 
641 
642  private function checkInput($a_rule_id = 0) {
643  $this->loadRule($a_rule_id);
644 
645  return $this->rule->validate();
646  }
647 
648 
649  private function showLocalRoleSelection() {
650  if ($this->rule->getRoleId() > 0) {
651  return false;
652  }
653  $_SESSION['shib_role_ass']['rule_id'] = $_REQUEST['rule_id'] ? $_REQUEST['rule_id'] : 0;
654  $_SESSION['shib_role_ass']['search'] = $this->form->getInput('role_search');
655  $_SESSION['shib_role_ass']['add_on_update'] = $this->rule->isAddOnUpdateEnabled();
656  $_SESSION['shib_role_ass']['remove_on_update'] = $this->rule->isRemoveOnUpdateEnabled();
657  $_SESSION['shib_role_ass']['name'] = $this->rule->getName();
658  $_SESSION['shib_role_ass']['value'] = $this->rule->getValue();
659  $_SESSION['shib_role_ass']['plugin'] = $this->rule->isPluginActive();
660  $_SESSION['shib_role_ass']['plugin_id'] = $this->rule->getPluginId();
661  $this->ctrl->redirect($this, 'chooseRole');
662  }
663 
664 
665  protected function chooseRole() {
666  $this->tabs_gui->setSubTabActive('shib_role_assignment');
667  include_once './Services/Search/classes/class.ilQueryParser.php';
668  $parser = new ilQueryParser($_SESSION['shib_role_ass']['search']);
669  $parser->setMinWordLength(1, true);
670  $parser->setCombination(QP_COMBINATION_AND);
671  $parser->parse();
672  include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
673  $object_search = new ilLikeObjectSearch($parser);
674  $object_search->setFilter(array( 'role' ));
675  $res = $object_search->performSearch();
676  $entries = $res->getEntries();
677  include_once './Services/AccessControl/classes/class.ilRoleSelectionTableGUI.php';
678  $table = new ilRoleSelectionTableGUI($this, 'chooseRole');
679  $table->setTitle($this->lng->txt('shib_role_selection'));
680  $table->addMultiCommand('saveRoleSelection', $this->lng->txt('shib_choose_role'));
681  $table->addCommandButton('roleAssignment', $this->lng->txt('cancel'));
682  $table->parse($entries);
683  $this->tpl->setContent($table->getHTML());
684 
685  return true;
686  }
687 
688 
689  protected function saveRoleSelection() {
690  $rule = new ilShibbolethRoleAssignmentRule($_SESSION['shib_role_ass']['rule_id']);
691  $rule->setRoleId((int)$_POST['role_id']);
692  $rule->setName($_SESSION['shib_role_ass']['name']);
693  $rule->setValue($_SESSION['shib_role_ass']['value']);
694  $rule->enablePlugin($_SESSION['shib_role_ass']['plugin']);
695  $rule->setPluginId($_SESSION['shib_role_ass']['plugin_id']);
696  $rule->enableAddOnUpdate($_SESSION['shib_role_ass']['add_on_update']);
697  $rule->enableRemoveOnUpdate($_SESSION['shib_role_ass']['remove_on_update']);
698  if ($rule->getRuleId()) {
699  $rule->update();
700  } else {
701  $rule->add();
702  }
703  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
704  unset($_SESSION['shib_role_ass']);
705  $this->roleAssignment();
706  }
707 
708 
714  private function hasActiveRoleAssignmentPlugins() {
715  global $ilPluginAdmin;
716 
717  return count($ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, 'AuthShibboleth', 'shibhk'));
718  }
719 
720 
721  private function prepareRoleSelect($a_as_select = true) {
722  global $rbacreview, $ilObjDataCache;
723  $global_roles = ilUtil::_sortIds($rbacreview->getGlobalRoles(), 'object_data', 'title', 'obj_id');
724  $select[0] = $this->lng->txt('links_select_one');
725  foreach ($global_roles as $role_id) {
726  $select[$role_id] = ilObject::_lookupTitle($role_id);
727  }
728 
729  return $select;
730  }
731 
732 
733  protected function setSubTabs() {
734  global $ilSetting;
735  include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php';
736  if ($ilSetting->get('shib_active') == 0 and ilShibbolethRoleAssignmentRules::getCountRules() == 0) {
737  return false;
738  }
739  // DONE: show sub tabs if there is any role assignment rule
740  $this->tabs_gui->addSubTabTarget('shib_settings', $this->ctrl->getLinkTarget($this, 'settings'));
741  $this->tabs_gui->addSubTabTarget('shib_role_assignment', $this->ctrl->getLinkTarget($this, 'roleAssignment'));
742 
743  return true;
744  }
745 }
746 
747 ?>
ilUtil\sendSuccess
static sendSuccess($a_info="", $a_keep=false)
Send Success Message to Screen.
Definition: class.ilUtil.php:5008
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
$_POST
$_POST['username']
Definition: cron.php:12
ilAuthShibbolethSettingsGUI
Class ilAuthShibbolethSettingsGUI.
Definition: class.ilAuthShibbolethSettingsGUI.php:13
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
ilSelectInputGUI
This class represents a selection list property in a property form.
Definition: class.ilSelectInputGUI.php:17
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$cmd
$cmd
Definition: sahs_server.php:35
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:33
ilAuthShibbolethSettingsGUI\hasActiveRoleAssignmentPlugins
hasActiveRoleAssignmentPlugins()
Check if plugin is active.
Definition: class.ilAuthShibbolethSettingsGUI.php:714
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:944
ilRadioOption\setInfo
setInfo($a_info)
Set Info.
Definition: class.ilRadioOption.php:71
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
$info
$info
Definition: example_052.php:80
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
$data
$data
Definition: example_011.php:126
ilRoleAutoCompleteInputGUI\echoAutoCompleteList
static echoAutoCompleteList()
Static asynchronous default auto complete function.
Definition: class.ilRoleAutoCompleteInputGUI.php:41
ilUtil\_sortIds
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,7),&#39;usr_data&#39;,&#39;lastname&#39;,&#39;usr_id&#39;) => sorts by lastname.
Definition: class.ilUtil.php:4890
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:14
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1041
ilTextInputGUI\setSize
setSize($a_size)
Set Size.
Definition: class.ilTextInputGUI.php:137
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4978
ilRoleAutoCompleteInputGUI
This class represents a role + autocomplete feature form input.
Definition: class.ilRoleAutoCompleteInputGUI.php:13
ilNonEditableValueGUI
This class represents a non editable value in a property form.
Definition: class.ilNonEditableValueGUI.php:13
$ilUser
global $ilUser
Definition: imgupload.php:15
$ilSetting
global $ilSetting
Definition: privfeed.php:40
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:34
QP_COMBINATION_AND
const QP_COMBINATION_AND
Definition: class.ilQueryParser.php:35
$_REQUEST
if($_REQUEST['ilias_path']) define('ILIAS_HTTP_PATH' $_REQUEST['ilias_path']
Definition: index.php:7
ilQueryParser\setMinWordLength
setMinWordLength($a_length, $a_force=false)
Definition: class.ilQueryParser.php:78
ilFormPropertyGUI\setDisabled
setDisabled($a_disabled)
Set Disabled.
Definition: class.ilFormPropertyGUI.php:191
$html
$html
Definition: example_001.php:87
ilFormPropertyGUI\setRequired
setRequired($a_required)
Set Required.
Definition: class.ilFormPropertyGUI.php:171
IL_COMP_SERVICE
const IL_COMP_SERVICE
Definition: class.ilComponent.php:6
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:15
$ilErr
$ilErr
Definition: inc.setup_header.php:67
ilAuthShibbolethSettingsGUI\addRoleAutoCompleteObject
addRoleAutoCompleteObject()
Add Member for autoComplete.
Definition: class.ilAuthShibbolethSettingsGUI.php:495