ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
Public Member Functions | Data Fields | Protected Member Functions | Private Member Functions | Private Attributes
ilLDAPAttributeToUser Class Reference
Services/LDAP

Update/create ILIAS user account by given LDAP attributes according to user attribute mapping settings. More...

+ Collaboration diagram for ilLDAPAttributeToUser:

Public Member Functions

 __construct (ilLDAPServer $a_server)
 Construct of ilLDAPAttribute2XML Defines between LDAP and ILIAS user attributes. More...
 
 getServer ()
 Get server settings. More...
 
 setUserData ($a_data)
 Set user data received from pear auth or by ldap_search. More...
 
 setNewUserAuthMode ($a_authmode)
 Set auth mode for new users. More...
 
 getNewUserAuthMode ()
 Get auth mode for new users. More...
 
 addMode ($a_mode)
 Add import mode. More...
 
 isModeActive ($a_mode)
 Check if mode is active. More...
 
 refresh ()
 Create/Update non existing users. More...
 

Data Fields

const MODE_INITIALIZE_ROLES = 1
 

Protected Member Functions

 parseRoleAssignmentsForUpdate ($a_usr_id, $a_external_account, $user)
 Parse role assignments for update of user account. More...
 
 parseRoleAssignmentsForCreation ($a_external_account, $a_user)
 Parse role assignments for update of user account. More...
 

Private Member Functions

 usersToXML ()
 Create xml string of user according to mapping rules. More...
 
 convertInput ($a_value)
 A value can be an array or a string This function converts arrays to strings. More...
 
 doMapping ($user, $rule)
 doMapping More...
 
 initLDAPAttributeMapping ()
 
 initUserDefinedFields ()
 

Private Attributes

 $modes = []
 
 $server_settings = null
 
 $role_assignment = null
 
 $db = null
 
 $user_data = array()
 
 $setting = null
 
 $mapping = null
 
 $new_user_auth_mode = 'ldap'
 

Detailed Description

Update/create ILIAS user account by given LDAP attributes according to user attribute mapping settings.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
$Id$

Definition at line 34 of file class.ilLDAPAttributeToUser.php.

Constructor & Destructor Documentation

◆ __construct()

ilLDAPAttributeToUser::__construct ( ilLDAPServer  $a_server)

Construct of ilLDAPAttribute2XML Defines between LDAP and ILIAS user attributes.

Parameters
objectil

Definition at line 57 of file class.ilLDAPAttributeToUser.php.

58 {
59 global $ilDB,$ilSetting,$lng,$ilLog;
60
61 // Initialise language object
62 if(!is_object($lng))
63 {
64 include_once './Services/Language/classes/class.ilLanguage.php';
65 $lng = new ilLanguage('en');
66 }
67
68 $this->log = $ilLog;
69
70 $this->server_settings = $a_server;
71 $this->setting = $ilSetting;
72
73 $this->initLDAPAttributeMapping();
74 }
ilLanguage
language handling
Definition: class.ilLanguage.php:27
$ilLog
$ilLog
Definition: inc.setup_header.php:130
$lng
global $lng
Definition: privfeed.php:17
$ilSetting
global $ilSetting
Definition: privfeed.php:17
$ilDB
global $ilDB
Definition: storeScorm2004.php:19

References $ilDB, $ilLog, $ilSetting, $lng, and initLDAPAttributeMapping().

+ Here is the call graph for this function:

Member Function Documentation

◆ addMode()

ilLDAPAttributeToUser::addMode (   $a_mode)

Add import mode.

Parameters
$a_mode

Definition at line 121 of file class.ilLDAPAttributeToUser.php.

122 {
123 if(is_array($this->modes) && !in_array($a_mode, $this->modes))
124 {
125 $this->modes[] = $a_mode;
126 }
127 }

◆ convertInput()

ilLDAPAttributeToUser::convertInput (   $a_value)
private

A value can be an array or a string This function converts arrays to strings.

@access private

Parameters
arrayor string value
Returns
string

Definition at line 421 of file class.ilLDAPAttributeToUser.php.

422 {
423 if(is_array($a_value))
424 {
425 return $a_value[0];
426 }
427 else
428 {
429 return $a_value;
430 }
431 }

Referenced by doMapping().

+ Here is the caller graph for this function:

◆ doMapping()

ilLDAPAttributeToUser::doMapping (   $user,
  $rule 
)
private

doMapping

@access private

Definition at line 439 of file class.ilLDAPAttributeToUser.php.

440 {
441 $mapping = trim(strtolower($rule['value']));
442
443 if(strpos($mapping,',') === false)
444 {
445 return $this->convertInput($user[$mapping]);
446 }
447 // Is multiple mapping
448
449 $fields = explode(',',$mapping);
450 $value = '';
451 foreach($fields as $field)
452 {
453 if(strlen($value))
454 {
455 $value .= ' ';
456 }
457 $value .= ($this->convertInput($user[trim($field)]));
458 }
459 return $value ? $value : '';
460 }
ilLDAPAttributeToUser\convertInput
convertInput($a_value)
A value can be an array or a string This function converts arrays to strings.
Definition: class.ilLDAPAttributeToUser.php:421

References $mapping, and convertInput().

Referenced by usersToXML().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getNewUserAuthMode()

ilLDAPAttributeToUser::getNewUserAuthMode ( )

Get auth mode for new users.

Definition at line 112 of file class.ilLDAPAttributeToUser.php.

113 {
114 return $this->new_user_auth_mode;
115 }

References $new_user_auth_mode.

Referenced by usersToXML().

+ Here is the caller graph for this function:

◆ getServer()

ilLDAPAttributeToUser::getServer ( )

Get server settings.

Returns
ilLDAPServer

Definition at line 81 of file class.ilLDAPAttributeToUser.php.

82 {
83 return $this->server_settings;
84 }

References $server_settings.

Referenced by parseRoleAssignmentsForCreation(), parseRoleAssignmentsForUpdate(), and refresh().

+ Here is the caller graph for this function:

◆ initLDAPAttributeMapping()

ilLDAPAttributeToUser::initLDAPAttributeMapping ( )
private

Definition at line 464 of file class.ilLDAPAttributeToUser.php.

465 {
466 include_once('Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
467 $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->server_settings->getServerId());
468 }
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId($a_server_id)
Get instance of class.
Definition: class.ilLDAPAttributeMapping.php:65

References ilLDAPAttributeMapping\_getInstanceByServerId().

Referenced by __construct().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ initUserDefinedFields()

ilLDAPAttributeToUser::initUserDefinedFields ( )
private

Definition at line 470 of file class.ilLDAPAttributeToUser.php.

471 {
472 include_once('Services/User/classes/class.ilUserDefinedFields.php');
473 $this->udf = ilUserDefinedFields::_getInstance();
474 }
ilUserDefinedFields\_getInstance
static _getInstance()
Get instance.
Definition: class.ilUserDefinedFields.php:46

References ilUserDefinedFields\_getInstance().

Referenced by usersToXML().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isModeActive()

ilLDAPAttributeToUser::isModeActive (   $a_mode)

Check if mode is active.

Parameters
int$a_mode
Returns
bool

Definition at line 134 of file class.ilLDAPAttributeToUser.php.

135 {
136 return is_array($this->modes) && in_array($a_mode, $this->modes);
137 }

Referenced by usersToXML().

+ Here is the caller graph for this function:

◆ parseRoleAssignmentsForCreation()

ilLDAPAttributeToUser::parseRoleAssignmentsForCreation (   $a_external_account,
  $a_user 
)
protected

Parse role assignments for update of user account.

Parameters
string$a_external_account
array$a_user

Definition at line 196 of file class.ilLDAPAttributeToUser.php.

197 {
198 include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
199 foreach(ilLDAPRoleAssignmentRules::getAssignmentsForCreation(
200 $this->getServer()->getServerId(),
201 $a_external_account,
202 $a_user) as $role_data)
203 {
204 $this->writer->xmlElement('Role',
205 array('Id' => $role_data['id'],
206 'Type' => $role_data['type'],
207 'Action' => $role_data['action']),'');
208 }
209
210 }
ilLDAPRoleAssignmentRules\getAssignmentsForCreation
static getAssignmentsForCreation($a_server_id, $a_usr_name, $a_usr_data)
Definition: class.ilLDAPRoleAssignmentRules.php:181

References ilLDAPRoleAssignmentRules\getAssignmentsForCreation(), and getServer().

Referenced by usersToXML().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ parseRoleAssignmentsForUpdate()

ilLDAPAttributeToUser::parseRoleAssignmentsForUpdate (   $a_usr_id,
  $a_external_account,
  $user 
)
protected

Parse role assignments for update of user account.

Parameters
int$a_usr_id
string$a_external_account
array$user

Definition at line 173 of file class.ilLDAPAttributeToUser.php.

174 {
175 $rules = $this->mapping->getRulesForUpdate();
176
177 include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
178 foreach(ilLDAPRoleAssignmentRules::getAssignmentsForUpdate(
179 $this->getServer()->getServerId(),
180 $a_usr_id,
181 $a_external_account,
182 $user) as $role_data)
183 {
184 $this->writer->xmlElement('Role',
185 array('Id' => $role_data['id'],
186 'Type' => $role_data['type'],
187 'Action' => $role_data['action']),'');
188 }
189 }
ilLDAPRoleAssignmentRules\getAssignmentsForUpdate
static getAssignmentsForUpdate($a_server_id, $a_usr_id, $a_usr_name, $a_usr_data)
@global type $ilDB @global type $rbacadmin @global type $rbacreview @global type $ilSetting @global t...
Definition: class.ilLDAPRoleAssignmentRules.php:118

References ilLDAPRoleAssignmentRules\getAssignmentsForUpdate(), and getServer().

Referenced by usersToXML().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ refresh()

ilLDAPAttributeToUser::refresh ( )

Create/Update non existing users.

@access public

Definition at line 146 of file class.ilLDAPAttributeToUser.php.

147 {
148 global $rbacadmin;
149
150 $this->usersToXML();
151
152 include_once './Services/User/classes/class.ilUserImportParser.php';
153 include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
154
155 $importParser = new ilUserImportParser();
156 $importParser->setXMLContent($this->writer->xmlDumpMem(false));
157 $importParser->setRoleAssignment(ilLDAPRoleAssignmentRules::getAllPossibleRoles($this->getServer()->getServerId()));
158 $importParser->setFolderId(7);
159 $importParser->startParsing();
160 $debug = $importParser->getProtocol();
161 #var_dump("<pre>",$this->writer->xmlDumpMem(),"</pre>");
162 #print_r($this->writer->xmlDumpMem($format));
163
164 return true;
165 }
ilLDAPAttributeToUser\usersToXML
usersToXML()
Create xml string of user according to mapping rules.
Definition: class.ilLDAPAttributeToUser.php:218
ilLDAPRoleAssignmentRules\getAllPossibleRoles
static getAllPossibleRoles($a_server_id)
Get all assignable roles (used for import parser)
Definition: class.ilLDAPRoleAssignmentRules.php:61

References ilLDAPRoleAssignmentRules\getAllPossibleRoles(), getServer(), and usersToXML().

+ Here is the call graph for this function:

◆ setNewUserAuthMode()

ilLDAPAttributeToUser::setNewUserAuthMode (   $a_authmode)

Set auth mode for new users.

E.g. radius for radius authenticated user with ldap data source

Parameters
string$a_authmode

Definition at line 104 of file class.ilLDAPAttributeToUser.php.

105 {
106 $this->new_user_auth_mode = $a_authmode;
107 }

◆ setUserData()

ilLDAPAttributeToUser::setUserData (   $a_data)

Set user data received from pear auth or by ldap_search.

@access public

Parameters
arrayarray of auth data. array('ilias_account1' => array(firstname => 'Stefan',...),...)

Definition at line 94 of file class.ilLDAPAttributeToUser.php.

95 {
96 $this->user_data = $a_data;
97 }

◆ usersToXML()

ilLDAPAttributeToUser::usersToXML ( )
private

Create xml string of user according to mapping rules.

@access private

Definition at line 218 of file class.ilLDAPAttributeToUser.php.

219 {
220 include_once('./Services/Xml/classes/class.ilXmlWriter.php');
221 $this->writer = new ilXmlWriter();
222 $this->writer->xmlStartTag('Users');
223
224 $cnt_update = 0;
225 $cnt_create = 0;
226
227 // Single users
228 foreach($this->user_data as $external_account => $user)
229 {
230 $user['ilExternalAccount'] = $external_account;
231
232 // Required fields
233 if($user['ilInternalAccount'])
234 {
235 $usr_id = ilObjUser::_lookupId($user['ilInternalAccount']);
236
237 ++$cnt_update;
238 // User exists
239 $this->writer->xmlStartTag('User',array('Id' => $usr_id,'Action' => 'Update'));
240 $this->writer->xmlElement('Login',array(),$user['ilInternalAccount']);
241 $this->writer->xmlElement('ExternalAccount',array(),$external_account);
242 $this->writer->xmlElement('AuthMode',array(type => $this->getNewUserAuthMode()),null);
243
244 if($this->isModeActive(self::MODE_INITIALIZE_ROLES))
245 {
246 $this->parseRoleAssignmentsForCreation($external_account, $user);
247 }
248 else
249 {
250 $this->parseRoleAssignmentsForUpdate($usr_id, $external_account, $user);
251 }
252 $rules = $this->mapping->getRulesForUpdate();
253 }
254 else
255 {
256 ++$cnt_create;
257 // Create user
258 $this->writer->xmlStartTag('User',array('Action' => 'Insert'));
259 $this->writer->xmlElement('Login',array(),ilAuthUtils::_generateLogin($external_account));
260
261 $this->parseRoleAssignmentsForCreation($external_account, $user);
262 $rules = $this->mapping->getRules();
263 }
264
265 $this->writer->xmlElement('Active',array(),"true");
266 $this->writer->xmlElement('TimeLimitOwner',array(),7);
267 $this->writer->xmlElement('TimeLimitUnlimited',array(),1);
268 $this->writer->xmlElement('TimeLimitFrom',array(),time());
269 $this->writer->xmlElement('TimeLimitUntil',array(),time());
270
271 // only for new users.
272 // If auth_mode is 'default' (ldap) this status should remain.
273 if(!$user['ilInternalAccount'])
274 {
275 $this->writer->xmlElement('AuthMode',
276 array('type' => $this->getNewUserAuthMode()),
277 $this->getNewUserAuthMode()
278 );
279 $this->writer->xmlElement('ExternalAccount',array(),$external_account);
280 }
281 foreach($rules as $field => $data)
282 {
283 // Do Mapping: it is possible to assign multiple ldap attribute to one user data field
284 if(!($value = $this->doMapping($user,$data)))
285 {
286 continue;
287 }
288
289 switch($field)
290 {
291 case 'gender':
292 switch(strtolower($value))
293 {
294 case 'm':
295 case 'male':
296 $this->writer->xmlElement('Gender',array(),'m');
297 break;
298
299 case 'f':
300 case 'female':
301 default:
302 $this->writer->xmlElement('Gender',array(),'f');
303 break;
304
305 }
306 break;
307
308 case 'firstname':
309 $this->writer->xmlElement('Firstname',array(),$value);
310 break;
311
312 case 'lastname':
313 $this->writer->xmlElement('Lastname',array(),$value);
314 break;
315
316 case 'hobby':
317 $this->writer->xmlElement('Hobby',array(),$value);
318 break;
319
320 case 'title':
321 $this->writer->xmlElement('Title',array(),$value);
322 break;
323
324 case 'institution':
325 $this->writer->xmlElement('Institution',array(),$value);
326 break;
327
328 case 'department':
329 $this->writer->xmlElement('Department',array(),$value);
330 break;
331
332 case 'street':
333 $this->writer->xmlElement('Street',array(),$value);
334 break;
335
336 case 'city':
337 $this->writer->xmlElement('City',array(),$value);
338 break;
339
340 case 'zipcode':
341 $this->writer->xmlElement('PostalCode',array(),$value);
342 break;
343
344 case 'country':
345 $this->writer->xmlElement('Country',array(),$value);
346 break;
347
348 case 'phone_office':
349 $this->writer->xmlElement('PhoneOffice',array(),$value);
350 break;
351
352 case 'phone_home':
353 $this->writer->xmlElement('PhoneHome',array(),$value);
354 break;
355
356 case 'phone_mobile':
357 $this->writer->xmlElement('PhoneMobile',array(),$value);
358 break;
359
360 case 'fax':
361 $this->writer->xmlElement('Fax',array(),$value);
362 break;
363
364 case 'email':
365 $this->writer->xmlElement('Email',array(),$value);
366 break;
367
368 case 'matriculation':
369 $this->writer->xmlElement('Matriculation',array(),$value);
370 break;
371
372 /*
373 case 'photo':
374 $this->writer->xmlElement('PersonalPicture',array('encoding' => 'Base64','imagetype' => 'image/jpeg'),
375 base64_encode($this->convertInput($user[$value])));
376 break;
377 */
378 default:
379 // Handle user defined fields
380 if(substr($field,0,4) != 'udf_')
381 {
382 continue;
383 }
384 $id_data = explode('_',$field);
385 if(!isset($id_data[1]))
386 {
387 continue;
388 }
389 $this->initUserDefinedFields();
390 $definition = $this->udf->getDefinition($id_data[1]);
391 $this->writer->xmlElement('UserDefinedField',array('Id' => $definition['il_id'],
392 'Name' => $definition['field_name']),
393 $value);
394 break;
395
396
397 }
398 }
399 $this->writer->xmlEndTag('User');
400 }
401
402 if($cnt_create)
403 {
404 $this->log->write('LDAP: Started creation of '.$cnt_create.' users.');
405 }
406 if($cnt_update)
407 {
408 $this->log->write('LDAP: Started update of '.$cnt_update.' users.');
409 }
410 $this->writer->xmlEndTag('Users');
411 }
ilAuthUtils\_generateLogin
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:611
ilLDAPAttributeToUser\isModeActive
isModeActive($a_mode)
Check if mode is active.
Definition: class.ilLDAPAttributeToUser.php:134
ilLDAPAttributeToUser\parseRoleAssignmentsForCreation
parseRoleAssignmentsForCreation($a_external_account, $a_user)
Parse role assignments for update of user account.
Definition: class.ilLDAPAttributeToUser.php:196
ilLDAPAttributeToUser\getNewUserAuthMode
getNewUserAuthMode()
Get auth mode for new users.
Definition: class.ilLDAPAttributeToUser.php:112
ilLDAPAttributeToUser\parseRoleAssignmentsForUpdate
parseRoleAssignmentsForUpdate($a_usr_id, $a_external_account, $user)
Parse role assignments for update of user account.
Definition: class.ilLDAPAttributeToUser.php:173
ilLDAPAttributeToUser\doMapping
doMapping($user, $rule)
doMapping
Definition: class.ilLDAPAttributeToUser.php:439
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:787
ilXmlWriter
XML writer class.
Definition: class.ilXmlWriter.php:18

References $data, ilAuthUtils\_generateLogin(), ilObjUser\_lookupId(), doMapping(), getNewUserAuthMode(), initUserDefinedFields(), isModeActive(), parseRoleAssignmentsForCreation(), and parseRoleAssignmentsForUpdate().

Referenced by refresh().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

Field Documentation

◆ $db

ilLDAPAttributeToUser::$db = null
private

Definition at line 43 of file class.ilLDAPAttributeToUser.php.

◆ $mapping

ilLDAPAttributeToUser::$mapping = null
private

Definition at line 47 of file class.ilLDAPAttributeToUser.php.

Referenced by doMapping().

◆ $modes

ilLDAPAttributeToUser::$modes = []
private

Definition at line 38 of file class.ilLDAPAttributeToUser.php.

◆ $new_user_auth_mode

ilLDAPAttributeToUser::$new_user_auth_mode = 'ldap'
private

Definition at line 49 of file class.ilLDAPAttributeToUser.php.

Referenced by getNewUserAuthMode().

◆ $role_assignment

ilLDAPAttributeToUser::$role_assignment = null
private

Definition at line 42 of file class.ilLDAPAttributeToUser.php.

◆ $server_settings

ilLDAPAttributeToUser::$server_settings = null
private

Definition at line 41 of file class.ilLDAPAttributeToUser.php.

Referenced by getServer().

◆ $setting

ilLDAPAttributeToUser::$setting = null
private

Definition at line 46 of file class.ilLDAPAttributeToUser.php.

◆ $user_data

ilLDAPAttributeToUser::$user_data = array()
private

Definition at line 45 of file class.ilLDAPAttributeToUser.php.

◆ MODE_INITIALIZE_ROLES

const ilLDAPAttributeToUser::MODE_INITIALIZE_ROLES = 1

Definition at line 36 of file class.ilLDAPAttributeToUser.php.

Referenced by ilLDAPUserSynchronisation\performUpdate().

The documentation for this class was generated from the following file: