ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilShibbolethRoleAssignmentRules.php
Go to the documentation of this file.
1<?php
2/*
3 +-----------------------------------------------------------------------------+
4 | ILIAS open source |
5 +-----------------------------------------------------------------------------+
6 | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7 | |
8 | This program is free software; you can redistribute it and/or |
9 | modify it under the terms of the GNU General Public License |
10 | as published by the Free Software Foundation; either version 2 |
11 | of the License, or (at your option) any later version. |
12 | |
13 | This program is distributed in the hope that it will be useful, |
14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | GNU General Public License for more details. |
17 | |
18 | You should have received a copy of the GNU General Public License |
19 | along with this program; if not, write to the Free Software |
20 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21 +-----------------------------------------------------------------------------+
22*/
23
24include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php';
25
37
38 protected static $active_plugins = NULL;
39
40
44 public static function getAllRules() {
45 global $ilDB;
46 $rules = array();
50 $query = "SELECT rule_id FROM shib_role_assignment ORDER BY rule_id";
51 $res = $ilDB->query($query);
52 while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT)) {
53 $rules[$row->rule_id] = new ilShibbolethRoleAssignmentRule($row->rule_id);
54 }
55
56 return $rules;
57 }
58
59
60 public static function getCountRules() {
61 global $ilDB;
62 $query = "SELECT COUNT(*) num FROM shib_role_assignment ";
63 $res = $ilDB->query($query);
64 while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT)) {
65 return $row->num;
66 }
67
68 return 0;
69 }
70
71
78 public static function updateAssignments($a_usr_id, $a_data) {
79 require_once('./Services/AuthShibboleth/classes/Config/class.shibConfig.php');
80
81 global $ilDB, $rbacadmin, $rbacreview, $ilLog;
82 $query = "SELECT rule_id,add_on_update,remove_on_update FROM shib_role_assignment " . "WHERE add_on_update = 1 OR remove_on_update = 1";
83 $res = $ilDB->query($query);
84 while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT)) {
85 $rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
86 // $matches = $rule->matches($a_data);
87 if ($rule->doesMatch($a_data) and $row->add_on_update) {
88 $ilLog->write(__METHOD__ . ': Assigned to role ' . ilObject::_lookupTitle($rule->getRoleId()));
89 $rbacadmin->assignUser($rule->getRoleId(), $a_usr_id);
90 }
91 if (! $rule->doesMatch($a_data) and $row->remove_on_update) {
92 $ilLog->write(__METHOD__ . ': Deassigned from role ' . ilObject::_lookupTitle($rule->getRoleId()));
93 $rbacadmin->deassignUser($rule->getRoleId(), $a_usr_id);
94 }
95 }
96 // check if is assigned to minimum one global role
97 if (! array_intersect($rbacreview->assignedRoles($a_usr_id), $rbacreview->getGlobalRoles())) {
98 $default_role = shibConfig::getInstance()->getUserDefaultRole();
99 $ilLog->write(__METHOD__ . ': Assigned to default role ' . ilObject::_lookupTitle($default_role));
100 $rbacadmin->assignUser($default_role, $a_usr_id);
101 }
102
103 return true;
104 }
105
106
113 public static function doAssignments($a_usr_id, $a_data) {
114 global $ilDB, $rbacadmin, $ilLog;
115 $query = "SELECT rule_id FROM shib_role_assignment ";
116 $num_matches = 0;
117 $res = $ilDB->query($query);
118 while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT)) {
119 $rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
120 if ($rule->doesMatch($a_data)) {
121 $num_matches ++;
122 $ilLog->write(__METHOD__ . ': Assigned to role ' . ilObject::_lookupTitle($rule->getRoleId()));
123 $rbacadmin->assignUser($rule->getRoleId(), $a_usr_id);
124 }
125 }
126 // Assign to default if no matching found
127 if (! $num_matches) {
128 $default_role = shibConfig::getInstance()->getUserDefaultRole();
129 $ilLog->write(__METHOD__ . ': Assigned to default role ' . ilObject::_lookupTitle($default_role));
130 $rbacadmin->assignUser($default_role, $a_usr_id);
131 }
132
133 return true;
134 }
135
136
143 public static function callPlugin($a_plugin_id, $a_user_data) {
144 global $ilPluginAdmin;
145 if (self::$active_plugins == NULL) {
146 self::$active_plugins = $ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, 'AuthShibboleth', 'shibhk');
147 }
148 $assigned = false;
149 foreach (self::$active_plugins as $plugin_name) {
150 $ok = false;
151 $plugin_obj = $ilPluginAdmin->getPluginObject(IL_COMP_SERVICE, 'AuthShibboleth', 'shibhk', $plugin_name);
152 if ($plugin_obj instanceof ilShibbolethRoleAssignmentPlugin) {
153 $ok = $plugin_obj->checkRoleAssignment($a_plugin_id, $a_user_data);
154 }
155 if ($ok) {
156 $assigned = true;
157 }
158 }
159
160 return $assigned;
161 }
162}
163
164?>
const IL_COMP_SERVICE
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
static _lookupTitle($a_id)
lookup object title
static getInstance()
Interface for shibboleth role assignment plugins.
global $ilDB