ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilAuthShibbolethSettingsGUI.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
14
18 private $ctrl;
22 private $ilias;
26 private $tabs_gui;
30 private $lng;
34 private $tpl;
38 private $ref_id;
39
40
47 public function __construct($a_auth_ref_id) {
48 global $lng, $ilCtrl, $tpl, $ilTabs, $ilias;
49 $this->ctrl = $ilCtrl;
50 $this->tabs_gui = $ilTabs;
51 $this->lng = $lng;
52 $this->lng->loadLanguageModule('shib');
53 $this->ilias = $ilias;
54 $this->tpl = $tpl;
55 $this->ref_id = $a_auth_ref_id;
56 $this->obj_id = ilObject::_lookupObjId($this->ref_id);
57 }
58
59
65 public function executeCommand() {
66 global $ilAccess, $ilErr, $ilCtrl;
67 $next_class = $this->ctrl->getNextClass($this);
68 $cmd = $this->ctrl->getCmd();
69 if (! $ilAccess->checkAccess('read', '', $this->ref_id)) {
70 $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
71 }
72 if (! $ilAccess->checkAccess('write', '', $this->ref_id) && $cmd != "settings") {
73 ilUtil::sendFailure($this->lng->txt('msg_no_perm_write'), true);
74 $ilCtrl->redirect($this, "settings");
75 }
76 $this->setSubTabs();
77 switch ($next_class) {
78 default:
79 if (! $cmd) {
80 $cmd = "settings";
81 }
82 $this->$cmd();
83 break;
84 }
85
86 return true;
87 }
88
89
90 public function settings() {
91 global $rbacreview;
92 $this->tabs_gui->setSubTabActive('shib_settings');
93 // set already saved data or default value for port
94 $settings = $this->ilias->getAllSettings();
95 // Compose role list
96 $role_list = $rbacreview->getRolesByFilter(2);
97 $role = array();
98 if (! isset($settings["shib_user_default_role"])) {
99 $settings["shib_user_default_role"] = 4;
100 }
101 if (! isset($settings["shib_idp_list"]) || $settings["shib_idp_list"] == '') {
102 $settings["shib_idp_list"] = "urn:mace:organization1:providerID, Example Organization 1\nurn:mace:organization2:providerID, Example Organization 2, /Shibboleth.sso/WAYF/SWITCHaai";
103 }
104 if (! isset($settings["shib_login_button"]) || $settings["shib_login_button"] == '') {
105 $settings["shib_login_button"] = "templates/default/images/shib_login_button.png";
106 }
107 if (! isset($settings["shib_hos_type"]) || $settings["shib_hos_type"] == '') {
108 $settings["shib_hos_type"] = 'internal_wayf';
109 }
110 foreach ($role_list as $data) {
111 $role[$data["obj_id"]] = $data["title"];
112 }
113 // Set text field content
114 $shib_settings = array(
115 'shib_login',
116 'shib_title',
117 'shib_firstname',
118 'shib_lastname',
119 'shib_email',
120 'shib_gender',
121 'shib_institution',
122 'shib_department',
123 'shib_zipcode',
124 'shib_city',
125 'shib_country',
126 'shib_street',
127 'shib_phone_office',
128 'shib_phone_home',
129 'shib_phone_mobile',
130 'shib_language',
131 'shib_matriculation',
132 );
133 //set PropertyFormGUI
134 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
135 $propertys = new ilPropertyFormGUI();
136 $propertys->setTitle($this->lng->txt("shib"));
137 $propertys->setFormAction($this->ctrl->getFormAction($this, "save"));
138 $propertys->addCommandButton("save", $this->lng->txt("save"));
139 $propertys->addCommandButton("settings", $this->lng->txt("cancel"));
140 //set enable shibboleth support
141 $enable = new ilCheckboxInputGUI();
142 $enable->setTitle($this->lng->txt("shib_active"));
143 $read_me_link = "./Services/AuthShibboleth/README.SHIBBOLETH.txt";
144 $info = "<a href='" . $read_me_link . "' target='_blank'>" . $this->lng->txt("auth_shib_instructions") . "</a>";
145 $enable->setInfo($info);
146 $enable->setPostVar("shib[active]");
147 $enable->setChecked($settings["shib_active"]);
148 //set allow local authentication
149 $local = new ilCheckboxInputGUI();
150 $local->setTitle($this->lng->txt("auth_allow_local"));
151 $local->setPostVar("shib[auth_allow_local]");
152 $local->setChecked($settings['shib_auth_allow_local']);
153 //set user default role
154 $defaultrole = new ilSelectInputGUI();
155 $defaultrole->setTitle($this->lng->txt("shib_user_default_role"));
156 $defaultrole->setPostVar("shib[user_default_role]");
157 $defaultrole->setOptions($role);
158 $defaultrole->setRequired(true);
159 $defaultrole->setValue($settings["shib_user_default_role"]);
160 //set name of federation
161 $name = new ilTextInputGUI();
162 $name->setTitle($this->lng->txt("shib_federation_name"));
163 $name->setPostVar("shib[federation_name]");
164 $name->setSize(40);
165 $name->setMaxLength(50);
166 $name->setRequired(true);
167 $name->setValue(stripslashes($settings["shib_federation_name"]));
168 //set Organize selection group
169 include_once("./Services/Form/classes/class.ilRadioGroupInputGUI.php");
170 include_once("./Services/Form/classes/class.ilRadioOption.php");
171 $organize = new ilRadioGroupInputGUI();
172 $organize->setTitle($this->lng->txt("shib_login_type"));
173 $organize->setPostVar("shib[hos_type]");
174 $organize->setRequired(true);
175 $organize->setValue($settings["shib_hos_type"]);
176 //set 1. option internalwayf
177 $internalwayf = new ilRadioOption();
178 $internalwayf->setTitle($this->lng->txt("shib_login_internal_wayf"));
179 $internalwayf->setValue("internal_wayf");
180 //set 1. option internalwayf textbox idplist
181 $idplist = new ilTextAreaInputGUI();
182 $idplist->setInfo($this->lng->txt("shib_idp_list"));
183 $idplist->setPostVar("shib[idp_list]");
184 $idplist->setRows(3);
185 $idplist->setCols(50);
186 $idplist->setValue($settings["shib_idp_list"]);
187 //set 2. Option externalwayf
188 $externalwayf = new ilRadioOption();
189 $externalwayf->setTitle($this->lng->txt("shib_login_external_wayf"));
190 $externalwayf->setValue("external_wayf");
191 //set 2. Option externalwayf textfield path to login button image
192 $loginbutton = new ilTextInputGUI();
193 $loginbutton->setInfo($this->lng->txt("shib_login_button"));
194 $loginbutton->setPostVar("shib[login_button]");
195 $loginbutton->setSize(50);
196 $loginbutton->setMaxLength(255);
197 $loginbutton->setValue($settings["shib_login_button"]);
198 //set 3. Option embeddedwayf
199 $embeddedwayf = new ilRadioOption();
200 $embeddedwayf->setTitle($this->lng->txt("shib_login_embedded_wayf"));
201 $embeddedwayf->setInfo($this->lng->txt("shib_login_embedded_wayf_description"));
202 $embeddedwayf->setValue("embedded_wayf");
203 //set login instructions
204 $logininstruction = new ilTextAreaInputGUI();
205 $logininstruction->setTitle($this->lng->txt("auth_login_instructions"));
206 $logininstruction->setPostVar("shib[login_instructions]");
207 $logininstruction->setRows(3);
208 $logininstruction->setCols(50);
209 $logininstruction->setValue(stripslashes($settings["shib_login_instructions"]));
210 //set path to data manipulation API
211 $dataconv = new ilTextInputGUI();
212 $dataconv->setTitle($this->lng->txt("shib_data_conv"));
213 $dataconv->setPostVar("shib[data_conv]");
214 $dataconv->setSize(80);
215 $dataconv->setMaxLength(512);
216 $dataconv->setValue($settings["shib_data_conv"]);
217 //field mappings
218 $fields = array();
219 foreach ($shib_settings as $setting) {
220 $field = ereg_replace('shib_', '', $setting);
221 $textinput = new ilTextInputGUI();
222 $textinput->setTitle($this->lng->txt($setting));
223 $textinput->setPostVar("shib[" . $field . "]");
224 $textinput->setValue($settings[$setting]);
225 $textinput->setSize(40);
226 $textinput->setMaxLength(50);
227 $checkinput = new ilCheckboxInputGUI("");
228 $checkinput->setOptionTitle($this->lng->txt("shib_update"));
229 $checkinput->setPostVar("shib[update_" . $field . "]");
230 $checkinput->setChecked($settings["shib_update_" . $field]);
231 if ($setting == 'shib_login' || $setting == 'shib_firstname'
232 || $setting == 'shib_lastname'
233 || $setting == 'shib_email'
234 ) {
235 $textinput->setRequired(true);
236 }
237 $fields[$setting] = array( "text" => $textinput, "check" => $checkinput );
238 }
239 $propertys->addItem($enable);
240 $propertys->addItem($local);
241 $propertys->addItem($defaultrole);
242 $propertys->addItem($name);
243 $internalwayf->addSubItem($idplist);
244 $organize->addOption($internalwayf);
245 $externalwayf->addSubItem($loginbutton);
246 $organize->addOption($externalwayf);
247 $organize->addOption($embeddedwayf);
248 $propertys->addItem($organize);
249 $propertys->addItem($logininstruction);
250 $propertys->addItem($dataconv);
251 foreach ($shib_settings as $setting) {
252 $propertys->addItem($fields[$setting]["text"]);
253 if ($setting != "shib_login") {
254 $propertys->addItem($fields[$setting]["check"]);
255 }
256 }
257 $this->tpl->setContent($propertys->getHTML());
258 }
259
260
261 public function save() {
262 global $ilUser;
263 // validate required data
264 if (! $_POST["shib"]["login"]
265 or ! $_POST["shib"]["hos_type"]
266 or ! $_POST["shib"]["firstname"]
267 or ! $_POST["shib"]["lastname"]
268 or ! $_POST["shib"]["email"]
269 or ! $_POST["shib"]["user_default_role"]
270 or ! $_POST["shib"]["federation_name"]
271 ) {
272 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
273 }
274 // validate api
275 if ($_POST["shib"]["data_conv"]
276 and $_POST["shib"]["data_conv"] != ''
277 and ! is_readable($_POST["shib"]["data_conv"])
278 ) {
279 $this->ilias->raiseError($this->lng->txt("shib_data_conv_warning"), $this->ilias->error_obj->MESSAGE);
280 }
281 // all ok. save settings
282 $shib_settings = array(
283 'shib_login',
284 'shib_title',
285 'shib_firstname',
286 'shib_lastname',
287 'shib_email',
288 'shib_gender',
289 'shib_institution',
290 'shib_department',
291 'shib_zipcode',
292 'shib_city',
293 'shib_country',
294 'shib_street',
295 'shib_phone_office',
296 'shib_phone_home',
297 'shib_phone_mobile',
298 'shib_language',
299 'shib_matriculation'
300 );
301 foreach ($shib_settings as $setting) {
302 $field = ereg_replace('shib_', '', $setting);
303 if ($_POST["shib"]["update_" . $field] != "1") {
304 $_POST["shib"]["update_" . $field] = "0";
305 }
306 $this->ilias->setSetting($setting, trim($_POST["shib"][$field]));
307 $this->ilias->setSetting("shib_update_" . $field, $_POST["shib"]["update_" . $field]);
308 }
309 if ($_POST["shib"]["active"] != "1") {
310 $this->ilias->setSetting("shib_active", "0");
311 $this->ilias->setSetting("shibboleth_active", "0");
312 } else {
313 $this->ilias->setSetting("shib_active", "1");
314 $this->ilias->setSetting("shibboleth_active", "1");
315 }
316 $this->ilias->setSetting("shib_user_default_role", $_POST["shib"]["user_default_role"]);
317 $this->ilias->setSetting("shib_hos_type", $_POST["shib"]["hos_type"]);
318 $this->ilias->setSetting("shib_federation_name", $_POST["shib"]["federation_name"]);
319 $this->ilias->setSetting("shib_idp_list", $_POST["shib"]["idp_list"]);
320 $this->ilias->setSetting("shib_login_instructions", $_POST["shib"]["login_instructions"]);
321 $this->ilias->setSetting("shib_login_button", $_POST["shib"]["login_button"]);
322 $this->ilias->setSetting("shib_data_conv", $_POST["shib"]["data_conv"]);
323 $this->ilias->setSetting("shib_auth_allow_local", ($_POST['shib']['auth_allow_local'] == '1') ? '1' : '0');
324 ilUtil::sendSuccess($this->lng->txt("shib_settings_saved"), true);
325 $this->ctrl->redirect($this, 'settings');
326 }
327
328
329 protected function roleAssignment() {
330 $this->tabs_gui->setSubTabActive('shib_role_assignment');
331 $this->initFormRoleAssignment('default');
332 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
333 $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
334 if (strlen($html = $this->parseRulesTable())) {
335 $this->tpl->setVariable('RULE_TABLE', $html);
336 }
337
338 return true;
339 }
340
341
342 protected function parseRulesTable() {
343 include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php');
345 return '';
346 }
347 include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentTableGUI.php');
348 $rules_table = new ilShibbolethRoleAssignmentTableGUI($this, 'roleAssignment');
349 $rules_table->setTitle($this->lng->txt('shib_rules_tables'));
350 $rules_table->parse(ilShibbolethRoleAssignmentRules::getAllRules());
351 $rules_table->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
352 $rules_table->setSelectAllCheckbox("rule_id");
353
354 return $rules_table->getHTML();
355 }
356
357
366 protected function confirmDeleteRules() {
367 if (! is_array($_POST['rule_ids'])) {
368 ilUtil::sendFailure($this->lng->txt('select_one'));
369 $this->roleAssignment();
370
371 return false;
372 }
373 $this->tabs_gui->setSubTabActive('shib_role_assignment');
374 include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
375 $c_gui = new ilConfirmationGUI();
376 // set confirm/cancel commands
377 $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules"));
378 $c_gui->setHeaderText($this->lng->txt("shib_confirm_del_role_ass"));
379 $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignment");
380 $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules");
381 // add items to delete
382 include_once('Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
383 foreach ($_POST["rule_ids"] as $rule_id) {
384 $rule = new ilShibbolethRoleAssignmentRule($rule_id);
385 $info = ilObject::_lookupTitle($rule->getRoleId());
386 $info .= " (";
387 $info .= $rule->conditionToString();
388 $info .= ')';
389 $c_gui->addItem('rule_ids[]', $rule_id, $info);
390 }
391 $this->tpl->setContent($c_gui->getHTML());
392 }
393
394
401 protected function deleteRules() {
402 if (! is_array($_POST['rule_ids'])) {
403 ilUtil::sendFailure($this->lng->txt('select_once'));
404 $this->roleAssignment();
405
406 return false;
407 }
408 include_once('Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
409 foreach ($_POST["rule_ids"] as $rule_id) {
410 $rule = new ilShibbolethRoleAssignmentRule($rule_id);
411 $rule->delete();
412 }
413 ilUtil::sendSuccess($this->lng->txt('shib_deleted_rule'));
414 $this->roleAssignment();
415
416 return true;
417 }
418
419
420 protected function initFormRoleAssignment($a_mode = 'default') {
421 include_once('./Services/Form/classes/class.ilPropertyFormGUI.php');
422 $this->form = new ilPropertyFormGUI();
423 $this->form->setFormAction($this->ctrl->getFormAction($this, 'cancel'));
424 $this->form->setTitle($this->lng->txt('shib_role_ass_table'));
425 if ($a_mode == 'default') {
426 $this->form->setTitle($this->lng->txt('shib_role_ass_table'));
427 $this->form->addCommandButton('addRoleAssignmentRule', $this->lng->txt('shib_new_rule'));
428 $this->form->addCommandButton('settings', $this->lng->txt('cancel'));
429 } else {
430 $this->form->setTitle($this->lng->txt('shib_update_role_ass_table'));
431 $this->form->addCommandButton('updateRoleAssignmentRule', $this->lng->txt('save'));
432 $this->form->addCommandButton('roleAssignment', $this->lng->txt('cancel'));
433 }
434 // Role selection
435 $role = new ilRadioGroupInputGUI($this->lng->txt('shib_role_name'), 'role_name');
436 $role->setRequired(true);
437 $global = new ilRadioOption($this->lng->txt('shib_global_role'), 0);
438 $role->addOption($global);
439 $role_select = new ilSelectInputGUI('', 'role_id');
440 $role_select->setOptions($this->prepareRoleSelect());
441 $global->addSubItem($role_select);
442 $local = new ilRadioOption($this->lng->txt('shib_local_role'), 1);
443 $role->addOption($local);
444 include_once './Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php';
445 $role_search = new ilRoleAutoCompleteInputGUI('', 'role_search', $this, 'addRoleAutoCompleteObject');
446 $role_search->setSize(40);
447 $local->addSubItem($role_search);
448 include_once './Services/AccessControl/classes/class.ilRoleAutoComplete.php';
449 $role->setInfo($this->lng->txt('shib_role_name_info'));
450 $this->form->addItem($role);
451 // Update options
452 $update = new ilNonEditableValueGUI($this->lng->txt('shib_update_roles'), 'update_roles');
453 $update->setValue($this->lng->txt('shib_check_role_assignment'));
454 $add = new ilCheckboxInputGUI('', 'add_missing');
455 $add->setOptionTitle($this->lng->txt('shib_add_missing'));
456 $add->setValue(1);
457 $update->addSubItem($add);
458 $remove = new ilCheckboxInputGUI('', 'remove_deprecated');
459 $remove->setOptionTitle($this->lng->txt('shib_remove_deprecated'));
460 $remove->setValue(1);
461 $update->addSubItem($remove);
462 $this->form->addItem($update);
463 // Assignment type
464 $kind = new ilRadioGroupInputGUI($this->lng->txt('shib_assignment_type'), 'kind');
465 $kind->setValue(1);
466 $kind->setRequired(true);
467 $attr = new ilRadioOption($this->lng->txt('shib_attribute'), 1);
468 $attr->setInfo($this->lng->txt('shib_attr_info'));
469 $name = new ilTextInputGUI($this->lng->txt('shib_attribute_name'), 'attr_name');
470 $name->setSize(32);
471 $attr->addSubItem($name);
472 $value = new ilTextInputGUI($this->lng->txt('shib_attribute_value'), 'attr_value');
473 $value->setSize(32);
474 $attr->addSubItem($value);
475 $kind->addOption($attr);
476 $pl_active = (bool)$this->hasActiveRoleAssignmentPlugins();
477 $pl = new ilRadioOption($this->lng->txt('shib_plugin'), 2);
478 $pl->setInfo($this->lng->txt('shib_plugin_info'));
479 $pl->setDisabled(! $pl_active);
480 $id = new ilNumberInputGUI($this->lng->txt('shib_plugin_id'), 'plugin_id');
481 $id->setDisabled(! $pl_active);
482 $id->setSize(3);
483 $id->setMaxLength(3);
484 $id->setMaxValue(999);
485 $id->setMinValue(1);
486 $pl->addSubItem($id);
487 $kind->addOption($pl);
488 $this->form->addItem($kind);
489 }
490
491
496 include_once("./Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php");
498 }
499
500
501 protected function addRoleAssignmentRule() {
502 global $ilAccess, $ilErr;
503 if (! $ilAccess->checkAccess('write', '', $this->ref_id)) {
504 ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
505 $this->roleAssignment();
506
507 return false;
508 }
509 $this->initFormRoleAssignment();
510 if (! $this->form->checkInput() or ($err = $this->checkInput())) {
511 if ($err) {
512 ilUtil::sendFailure($this->lng->txt($err));
513 }
514 $this->tabs_gui->setSubTabActive('shib_role_assignment');
515 $this->form->setValuesByPost();
516 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
517 $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
518 if (strlen($html = $this->parseRulesTable())) {
519 $this->tpl->setVariable('RULE_TABLE', $html);
520 }
521
522 return true;
523 }
524 // Redirects if required
525 $this->showLocalRoleSelection();
526 $this->rule->add();
527 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
528 $this->roleAssignment();
529
530 return true;
531 }
532
533
539 protected function editRoleAssignment() {
540 $this->ctrl->setParameter($this, 'rule_id', (int)$_GET['rule_id']);
541 $this->tabs_gui->setSubTabActive('shib_role_assignment');
542 $this->initFormRoleAssignment('update');
543 $this->getRuleValues();
544 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
545 $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
546
547 return true;
548 }
549
550
551 protected function updateRoleAssignmentRule() {
552 global $ilAccess, $ilErr;
553 if (! $ilAccess->checkAccess('write', '', $this->ref_id)) {
554 ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
555 $this->roleAssignment();
556
557 return false;
558 }
559 $this->initFormRoleAssignment();
560 if (! $this->form->checkInput() or ($err = $this->checkInput((int)$_REQUEST['rule_id']))) {
561 if ($err) {
562 ilUtil::sendFailure($this->lng->txt($err));
563 }
564 $this->tabs_gui->setSubTabActive('shib_role_assignment');
565 $this->form->setValuesByPost();
566 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
567 $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
568
569 return true;
570 }
571 $this->showLocalRoleSelection('update');
572 $this->rule->update();
573 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
574 $this->roleAssignment();
575
576 return true;
577 }
578
579
580 private function loadRule($a_rule_id = 0) {
581 include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
582 $this->rule = new ilShibbolethRoleAssignmentRule($a_rule_id);
583 if ($this->form->getInput('role_name') == 0) {
584 $this->rule->setRoleId($this->form->getInput('role_id'));
585 } elseif ($this->form->getInput('role_search')) {
586 // Search role
587 include_once './Services/Search/classes/class.ilQueryParser.php';
588 $parser = new ilQueryParser($this->form->getInput('role_search'));
589 // TODO: Handle minWordLength
590 $parser->setMinWordLength(1, true);
591 $parser->setCombination(QP_COMBINATION_AND);
592 $parser->parse();
593 include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
594 $object_search = new ilLikeObjectSearch($parser);
595 $object_search->setFilter(array( 'role' ));
596 $res = $object_search->performSearch();
597 $entries = $res->getEntries();
598 if (count($entries) == 1) {
599 $role = current($entries);
600 $this->rule->setRoleId($role['obj_id']);
601 } elseif (count($entries) > 1) {
602 $this->rule->setRoleId(- 1);
603 }
604 }
605 $this->rule->setName($this->form->getInput('attr_name'));
606 $this->rule->setValue($this->form->getInput('attr_value'));
607 $this->rule->enableAddOnUpdate($this->form->getInput('add_missing'));
608 $this->rule->enableRemoveOnUpdate($this->form->getInput('remove_deprecated'));
609 $this->rule->enablePlugin($this->form->getInput('kind') == 2);
610 $this->rule->setPluginId($this->form->getInput('plugin_id'));
611
612 return $this->rule;
613 }
614
615
616 private function getRuleValues() {
617 global $rbacreview;
618 include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php';
619 $rule = new ilShibbolethRoleAssignmentRule((int)$_GET['rule_id']);
620 $role = $rule->getRoleId();
621 if ($rbacreview->isGlobalRole($role)) {
622 $values['role_name'] = 0;
623 $values['role_id'] = $role;
624 } else {
625 $values['role_name'] = 1;
626 $values['role_search'] = ilObject::_lookupTitle($role);
627 }
628 $values['add_missing'] = (int)$rule->isAddOnUpdateEnabled();
629 $values['remove_deprecated'] = (int)$rule->isRemoveOnUpdateEnabled();
630 $values['attr_name'] = $rule->getName();
631 $values['attr_value'] = $rule->getValue();
632 if (! $rule->isPluginActive()) {
633 $values['kind'] = 1;
634 } else {
635 $values['kind'] = 2;
636 $values['plugin_id'] = $rule->getPluginId();
637 }
638 $this->form->setValuesByArray($values);
639 }
640
641
642 private function checkInput($a_rule_id = 0) {
643 $this->loadRule($a_rule_id);
644
645 return $this->rule->validate();
646 }
647
648
649 private function showLocalRoleSelection() {
650 if ($this->rule->getRoleId() > 0) {
651 return false;
652 }
653 $_SESSION['shib_role_ass']['rule_id'] = $_REQUEST['rule_id'] ? $_REQUEST['rule_id'] : 0;
654 $_SESSION['shib_role_ass']['search'] = $this->form->getInput('role_search');
655 $_SESSION['shib_role_ass']['add_on_update'] = $this->rule->isAddOnUpdateEnabled();
656 $_SESSION['shib_role_ass']['remove_on_update'] = $this->rule->isRemoveOnUpdateEnabled();
657 $_SESSION['shib_role_ass']['name'] = $this->rule->getName();
658 $_SESSION['shib_role_ass']['value'] = $this->rule->getValue();
659 $_SESSION['shib_role_ass']['plugin'] = $this->rule->isPluginActive();
660 $_SESSION['shib_role_ass']['plugin_id'] = $this->rule->getPluginId();
661 $this->ctrl->redirect($this, 'chooseRole');
662 }
663
664
665 protected function chooseRole() {
666 $this->tabs_gui->setSubTabActive('shib_role_assignment');
667 include_once './Services/Search/classes/class.ilQueryParser.php';
668 $parser = new ilQueryParser($_SESSION['shib_role_ass']['search']);
669 $parser->setMinWordLength(1, true);
670 $parser->setCombination(QP_COMBINATION_AND);
671 $parser->parse();
672 include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
673 $object_search = new ilLikeObjectSearch($parser);
674 $object_search->setFilter(array( 'role' ));
675 $res = $object_search->performSearch();
676 $entries = $res->getEntries();
677 include_once './Services/AccessControl/classes/class.ilRoleSelectionTableGUI.php';
678 $table = new ilRoleSelectionTableGUI($this, 'chooseRole');
679 $table->setTitle($this->lng->txt('shib_role_selection'));
680 $table->addMultiCommand('saveRoleSelection', $this->lng->txt('shib_choose_role'));
681 $table->addCommandButton('roleAssignment', $this->lng->txt('cancel'));
682 $table->parse($entries);
683 $this->tpl->setContent($table->getHTML());
684
685 return true;
686 }
687
688
689 protected function saveRoleSelection() {
690 $rule = new ilShibbolethRoleAssignmentRule($_SESSION['shib_role_ass']['rule_id']);
691 $rule->setRoleId((int)$_POST['role_id']);
692 $rule->setName($_SESSION['shib_role_ass']['name']);
693 $rule->setValue($_SESSION['shib_role_ass']['value']);
694 $rule->enablePlugin($_SESSION['shib_role_ass']['plugin']);
695 $rule->setPluginId($_SESSION['shib_role_ass']['plugin_id']);
696 $rule->enableAddOnUpdate($_SESSION['shib_role_ass']['add_on_update']);
697 $rule->enableRemoveOnUpdate($_SESSION['shib_role_ass']['remove_on_update']);
698 if ($rule->getRuleId()) {
699 $rule->update();
700 } else {
701 $rule->add();
702 }
703 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
704 unset($_SESSION['shib_role_ass']);
705 $this->roleAssignment();
706 }
707
708
715 global $ilPluginAdmin;
716
717 return count($ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, 'AuthShibboleth', 'shibhk'));
718 }
719
720
721 private function prepareRoleSelect($a_as_select = true) {
722 global $rbacreview, $ilObjDataCache;
723 $global_roles = ilUtil::_sortIds($rbacreview->getGlobalRoles(), 'object_data', 'title', 'obj_id');
724 $select[0] = $this->lng->txt('links_select_one');
725 foreach ($global_roles as $role_id) {
726 $select[$role_id] = ilObject::_lookupTitle($role_id);
727 }
728
729 return $select;
730 }
731
732
733 protected function setSubTabs() {
734 global $ilSetting;
735 include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php';
736 if ($ilSetting->get('shib_active') == 0 and ilShibbolethRoleAssignmentRules::getCountRules() == 0) {
737 return false;
738 }
739 // DONE: show sub tabs if there is any role assignment rule
740 $this->tabs_gui->addSubTabTarget('shib_settings', $this->ctrl->getLinkTarget($this, 'settings'));
741 $this->tabs_gui->addSubTabTarget('shib_role_assignment', $this->ctrl->getLinkTarget($this, 'roleAssignment'));
742
743 return true;
744 }
745}
746
747?>
$_GET["client_id"]
$_SESSION["AccountId"]
const IL_COMP_SERVICE
const QP_COMBINATION_AND
Class ilAuthShibbolethSettingsGUI.
addRoleAutoCompleteObject()
Add Member for autoComplete.
hasActiveRoleAssignmentPlugins()
Check if plugin is active.
This class represents a checkbox property in a property form.
Confirmation screen class.
This class represents a non editable value in a property form.
This class represents a number property in a property form.
static _lookupObjId($a_id)
static _lookupTitle($a_id)
lookup object title
This class represents a property form user interface.
This class represents a property in a property form.
This class represents an option in a radio group.
This class represents a role + autocomplete feature form input.
static echoAutoCompleteList()
Static asynchronous default auto complete function.
This class represents a selection list property in a property form.
This class represents a text area property in a property form.
This class represents a text property in a property form.
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,...
static sendSuccess($a_info="", $a_keep=false)
Send Success Message to Screen.
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
$_POST['username']
Definition: cron.php:12
$html
Definition: example_001.php:87
$data
$info
Definition: example_052.php:80
global $ilCtrl
Definition: ilias.php:18
redirection script todo: (a better solution should control the processing via a xml file)
global $ilSetting
Definition: privfeed.php:40
$cmd
Definition: sahs_server.php:35
if($_REQUEST['ilias_path']) define('ILIAS_HTTP_PATH' $_REQUEST['ilias_path']
Definition: index.php:7
global $ilUser
Definition: imgupload.php:15