ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilAuthShibbolethSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
13 class ilAuthShibbolethSettingsGUI {
14 
18  private $ctrl;
22  private $ilias;
26  private $tabs_gui;
30  private $lng;
34  private $tpl;
38  private $ref_id;
39 
40 
47  public function __construct($a_auth_ref_id) {
48  global $DIC;
49  $lng = $DIC['lng'];
50  $ilCtrl = $DIC['ilCtrl'];
51  $tpl = $DIC['tpl'];
52  $ilTabs = $DIC['ilTabs'];
53  $ilias = $DIC['ilias'];
54  $this->ctrl = $ilCtrl;
55  $this->tabs_gui = $ilTabs;
56  $this->lng = $lng;
57  $this->lng->loadLanguageModule('shib');
58  $this->ilias = $ilias;
59  $this->tpl = $tpl;
60  $this->ref_id = $a_auth_ref_id;
61  $this->obj_id = ilObject::_lookupObjId($this->ref_id);
62  }
63 
64 
70  public function executeCommand() {
71  global $DIC;
72  $ilAccess = $DIC['ilAccess'];
73  $ilErr = $DIC['ilErr'];
74  $ilCtrl = $DIC['ilCtrl'];
75  $next_class = $this->ctrl->getNextClass($this);
76  $cmd = $this->ctrl->getCmd();
77  if (! $ilAccess->checkAccess('read', '', $this->ref_id)) {
78  $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
79  }
80  if (! $ilAccess->checkAccess('write', '', $this->ref_id) && $cmd != "settings") {
81  ilUtil::sendFailure($this->lng->txt('msg_no_perm_write'), true);
82  $ilCtrl->redirect($this, "settings");
83  }
84  $this->setSubTabs();
85  switch ($next_class) {
86  default:
87  if (! $cmd) {
88  $cmd = "settings";
89  }
90  $this->$cmd();
91  break;
92  }
93 
94  return true;
95  }
96 
97 
98  public function settings() {
99  global $DIC;
100  $rbacreview = $DIC['rbacreview'];
101  $this->tabs_gui->setSubTabActive('shib_settings');
102  // set already saved data or default value for port
103  $settings = $this->ilias->getAllSettings();
104  // Compose role list
105  $role_list = $rbacreview->getRolesByFilter(2);
106  $role = array();
107  if (! isset($settings["shib_user_default_role"])) {
108  $settings["shib_user_default_role"] = 4;
109  }
110  if (! isset($settings["shib_idp_list"]) || $settings["shib_idp_list"] == '') {
111  $settings["shib_idp_list"] = "urn:mace:organization1:providerID, Example Organization 1\nurn:mace:organization2:providerID, Example Organization 2, /Shibboleth.sso/WAYF/SWITCHaai";
112  }
113  if (! isset($settings["shib_login_button"]) || $settings["shib_login_button"] == '') {
114  $settings["shib_login_button"] = "templates/default/images/shib_login_button.png";
115  }
116  if (! isset($settings["shib_hos_type"]) || $settings["shib_hos_type"] == '') {
117  $settings["shib_hos_type"] = 'internal_wayf';
118  }
119  foreach ($role_list as $data) {
120  $role[$data["obj_id"]] = $data["title"];
121  }
122  // Set text field content
123  $shib_settings = array(
124  'shib_login',
125  'shib_title',
126  'shib_firstname',
127  'shib_lastname',
128  'shib_email',
129  'shib_gender',
130  'shib_institution',
131  'shib_department',
132  'shib_zipcode',
133  'shib_city',
134  'shib_country',
135  'shib_street',
136  'shib_phone_office',
137  'shib_phone_home',
138  'shib_phone_mobile',
139  'shib_language',
140  'shib_matriculation',
141  );
142  //set PropertyFormGUI
143  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
144  $propertys = new ilPropertyFormGUI();
145  $propertys->setTitle($this->lng->txt("shib"));
146  $propertys->setFormAction($this->ctrl->getFormAction($this, "save"));
147  $propertys->addCommandButton("save", $this->lng->txt("save"));
148  $propertys->addCommandButton("settings", $this->lng->txt("cancel"));
149  //set enable shibboleth support
150  $enable = new ilCheckboxInputGUI();
151  $enable->setTitle($this->lng->txt("shib_active"));
152  $read_me_link = "./Services/AuthShibboleth/README.SHIBBOLETH.txt";
153  $info = "<a href='" . $read_me_link . "' target='_blank'>" . $this->lng->txt("auth_shib_instructions") . "</a>";
154  $enable->setInfo($info);
155  $enable->setPostVar("shib[active]");
156  $enable->setChecked($settings["shib_active"]);
157  //set allow local authentication
158  $local = new ilCheckboxInputGUI();
159  $local->setTitle($this->lng->txt("auth_allow_local"));
160  $local->setPostVar("shib[auth_allow_local]");
161  $local->setChecked($settings['shib_auth_allow_local']);
162  //set user default role
163  $defaultrole = new ilSelectInputGUI();
164  $defaultrole->setTitle($this->lng->txt("shib_user_default_role"));
165  $defaultrole->setPostVar("shib[user_default_role]");
166  $defaultrole->setOptions($role);
167  $defaultrole->setRequired(true);
168  $defaultrole->setValue($settings["shib_user_default_role"]);
169  //set name of federation
170  $name = new ilTextInputGUI();
171  $name->setTitle($this->lng->txt("shib_federation_name"));
172  $name->setPostVar("shib[federation_name]");
173  $name->setSize(40);
174  $name->setMaxLength(50);
175  $name->setRequired(true);
176  $name->setValue(stripslashes($settings["shib_federation_name"]));
177  //set Organize selection group
178  include_once("./Services/Form/classes/class.ilRadioGroupInputGUI.php");
179  include_once("./Services/Form/classes/class.ilRadioOption.php");
180  $organize = new ilRadioGroupInputGUI();
181  $organize->setTitle($this->lng->txt("shib_login_type"));
182  $organize->setPostVar("shib[hos_type]");
183  $organize->setRequired(true);
184  $organize->setValue($settings["shib_hos_type"]);
185  //set 1. option internalwayf
186  $internalwayf = new ilRadioOption();
187  $internalwayf->setTitle($this->lng->txt("shib_login_internal_wayf"));
188  $internalwayf->setValue("internal_wayf");
189  //set 1. option internalwayf textbox idplist
190  $idplist = new ilTextAreaInputGUI();
191  $idplist->setInfo($this->lng->txt("shib_idp_list"));
192  $idplist->setPostVar("shib[idp_list]");
193  $idplist->setRows(3);
194  $idplist->setCols(50);
195  $idplist->setValue($settings["shib_idp_list"]);
196  //set 2. Option externalwayf
197  $externalwayf = new ilRadioOption();
198  $externalwayf->setTitle($this->lng->txt("shib_login_external_wayf"));
199  $externalwayf->setValue("external_wayf");
200  //set 2. Option externalwayf textfield path to login button image
201  $loginbutton = new ilTextInputGUI();
202  $loginbutton->setInfo($this->lng->txt("shib_login_button"));
203  $loginbutton->setPostVar("shib[login_button]");
204  $loginbutton->setSize(50);
205  $loginbutton->setMaxLength(255);
206  $loginbutton->setValue($settings["shib_login_button"]);
207  //set 3. Option embeddedwayf
208  $embeddedwayf = new ilRadioOption();
209  $embeddedwayf->setTitle($this->lng->txt("shib_login_embedded_wayf"));
210  $embeddedwayf->setInfo($this->lng->txt("shib_login_embedded_wayf_description"));
211  $embeddedwayf->setValue("embedded_wayf");
212  //set login instructions
213  $logininstruction = new ilTextAreaInputGUI();
214  $logininstruction->setTitle($this->lng->txt("auth_login_instructions"));
215  $logininstruction->setPostVar("shib[login_instructions]");
216  $logininstruction->setRows(3);
217  $logininstruction->setCols(50);
218  $logininstruction->setValue(stripslashes($settings["shib_login_instructions"]));
219  //set path to data manipulation API
220  $dataconv = new ilTextInputGUI();
221  $dataconv->setTitle($this->lng->txt("shib_data_conv"));
222  $dataconv->setPostVar("shib[data_conv]");
223  $dataconv->setSize(80);
224  $dataconv->setMaxLength(512);
225  $dataconv->setValue($settings["shib_data_conv"]);
226  //field mappings
227  $fields = array();
228  foreach ($shib_settings as $setting) {
229  $field = str_replace('shib_', '', $setting);
230  $textinput = new ilTextInputGUI();
231  $textinput->setTitle($this->lng->txt($setting));
232  $textinput->setPostVar("shib[" . $field . "]");
233  $textinput->setValue($settings[$setting]);
234  $textinput->setSize(40);
235  $textinput->setMaxLength(50);
236  $checkinput = new ilCheckboxInputGUI("");
237  $checkinput->setOptionTitle($this->lng->txt("shib_update"));
238  $checkinput->setPostVar("shib[update_" . $field . "]");
239  $checkinput->setChecked($settings["shib_update_" . $field]);
240  if ($setting == 'shib_login' || $setting == 'shib_firstname'
241  || $setting == 'shib_lastname'
242  || $setting == 'shib_email'
243  ) {
244  $textinput->setRequired(true);
245  }
246  $fields[$setting] = array( "text" => $textinput, "check" => $checkinput );
247  }
248  $propertys->addItem($enable);
249  $propertys->addItem($local);
250  $propertys->addItem($defaultrole);
251  $propertys->addItem($name);
252  $internalwayf->addSubItem($idplist);
253  $organize->addOption($internalwayf);
254  $externalwayf->addSubItem($loginbutton);
255  $organize->addOption($externalwayf);
256  $organize->addOption($embeddedwayf);
257  $propertys->addItem($organize);
258  $propertys->addItem($logininstruction);
259  $propertys->addItem($dataconv);
260  foreach ($shib_settings as $setting) {
261  $propertys->addItem($fields[$setting]["text"]);
262  if ($setting != "shib_login") {
263  $propertys->addItem($fields[$setting]["check"]);
264  }
265  }
266  $this->tpl->setContent($propertys->getHTML());
267  }
268 
269 
270  public function save() {
271  global $DIC;
272  $ilUser = $DIC['ilUser'];
273  // validate required data
274  if (! $_POST["shib"]["login"]
275  or ! $_POST["shib"]["hos_type"]
276  or ! $_POST["shib"]["firstname"]
277  or ! $_POST["shib"]["lastname"]
278  or ! $_POST["shib"]["email"]
279  or ! $_POST["shib"]["user_default_role"]
280  or ! $_POST["shib"]["federation_name"]
281  ) {
282  $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
283  }
284  // validate api
285  if ($_POST["shib"]["data_conv"]
286  and $_POST["shib"]["data_conv"] != ''
287  and ! is_readable($_POST["shib"]["data_conv"])
288  ) {
289  $this->ilias->raiseError($this->lng->txt("shib_data_conv_warning"), $this->ilias->error_obj->MESSAGE);
290  }
291  // all ok. save settings
292  $shib_settings = array(
293  'shib_login',
294  'shib_title',
295  'shib_firstname',
296  'shib_lastname',
297  'shib_email',
298  'shib_gender',
299  'shib_institution',
300  'shib_department',
301  'shib_zipcode',
302  'shib_city',
303  'shib_country',
304  'shib_street',
305  'shib_phone_office',
306  'shib_phone_home',
307  'shib_phone_mobile',
308  'shib_language',
309  'shib_matriculation'
310  );
311  foreach ($shib_settings as $setting) {
312  $field = str_replace('shib_', '', $setting);
313  if ($_POST["shib"]["update_" . $field] != "1") {
314  $_POST["shib"]["update_" . $field] = "0";
315  }
316  $this->ilias->setSetting($setting, trim($_POST["shib"][$field]));
317  $this->ilias->setSetting("shib_update_" . $field, $_POST["shib"]["update_" . $field]);
318  }
319  if ($_POST["shib"]["active"] != "1") {
320  $this->ilias->setSetting("shib_active", "0");
321  $this->ilias->setSetting("shibboleth_active", "0");
322  } else {
323  $this->ilias->setSetting("shib_active", "1");
324  $this->ilias->setSetting("shibboleth_active", "1");
325  }
326  $this->ilias->setSetting("shib_user_default_role", $_POST["shib"]["user_default_role"]);
327  $this->ilias->setSetting("shib_hos_type", $_POST["shib"]["hos_type"]);
328  $this->ilias->setSetting("shib_federation_name", $_POST["shib"]["federation_name"]);
329  $this->ilias->setSetting("shib_idp_list", $_POST["shib"]["idp_list"]);
330  $this->ilias->setSetting("shib_login_instructions", $_POST["shib"]["login_instructions"]);
331  $this->ilias->setSetting("shib_login_button", $_POST["shib"]["login_button"]);
332  $this->ilias->setSetting("shib_data_conv", $_POST["shib"]["data_conv"]);
333  $this->ilias->setSetting("shib_auth_allow_local", ($_POST['shib']['auth_allow_local'] == '1') ? '1' : '0');
334  ilUtil::sendSuccess($this->lng->txt("shib_settings_saved"), true);
335  $this->ctrl->redirect($this, 'settings');
336  }
337 
338 
339  protected function roleAssignment() {
340  $this->tabs_gui->setSubTabActive('shib_role_assignment');
341  $this->initFormRoleAssignment('default');
342  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
343  $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
344  if (strlen($html = $this->parseRulesTable())) {
345  $this->tpl->setVariable('RULE_TABLE', $html);
346  }
347 
348  return true;
349  }
350 
351 
352  protected function parseRulesTable() {
353  include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php');
354  if (ilShibbolethRoleAssignmentRules::getCountRules() == 0) {
355  return '';
356  }
357  include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentTableGUI.php');
358  $rules_table = new ilShibbolethRoleAssignmentTableGUI($this, 'roleAssignment');
359  $rules_table->setTitle($this->lng->txt('shib_rules_tables'));
360  $rules_table->parse(ilShibbolethRoleAssignmentRules::getAllRules());
361  $rules_table->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
362  $rules_table->setSelectAllCheckbox("rule_id");
363 
364  return $rules_table->getHTML();
365  }
366 
367 
376  protected function confirmDeleteRules() {
377  if (! is_array($_POST['rule_ids'])) {
378  ilUtil::sendFailure($this->lng->txt('select_one'));
379  $this->roleAssignment();
380 
381  return false;
382  }
383  $this->tabs_gui->setSubTabActive('shib_role_assignment');
384  include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
385  $c_gui = new ilConfirmationGUI();
386  // set confirm/cancel commands
387  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules"));
388  $c_gui->setHeaderText($this->lng->txt("shib_confirm_del_role_ass"));
389  $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignment");
390  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules");
391  // add items to delete
392  include_once('Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
393  foreach ($_POST["rule_ids"] as $rule_id) {
394  $rule = new ilShibbolethRoleAssignmentRule($rule_id);
395  $info = ilObject::_lookupTitle($rule->getRoleId());
396  $info .= " (";
397  $info .= $rule->conditionToString();
398  $info .= ')';
399  $c_gui->addItem('rule_ids[]', $rule_id, $info);
400  }
401  $this->tpl->setContent($c_gui->getHTML());
402  }
403 
404 
411  protected function deleteRules() {
412  if (! is_array($_POST['rule_ids'])) {
413  ilUtil::sendFailure($this->lng->txt('select_once'));
414  $this->roleAssignment();
415 
416  return false;
417  }
418  include_once('Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
419  foreach ($_POST["rule_ids"] as $rule_id) {
420  $rule = new ilShibbolethRoleAssignmentRule($rule_id);
421  $rule->delete();
422  }
423  ilUtil::sendSuccess($this->lng->txt('shib_deleted_rule'));
424  $this->roleAssignment();
425 
426  return true;
427  }
428 
429 
430  protected function initFormRoleAssignment($a_mode = 'default') {
431  include_once('./Services/Form/classes/class.ilPropertyFormGUI.php');
432  $this->form = new ilPropertyFormGUI();
433  $this->form->setFormAction($this->ctrl->getFormAction($this, 'cancel'));
434  $this->form->setTitle($this->lng->txt('shib_role_ass_table'));
435  if ($a_mode == 'default') {
436  $this->form->setTitle($this->lng->txt('shib_role_ass_table'));
437  $this->form->addCommandButton('addRoleAssignmentRule', $this->lng->txt('shib_new_rule'));
438  $this->form->addCommandButton('settings', $this->lng->txt('cancel'));
439  } else {
440  $this->form->setTitle($this->lng->txt('shib_update_role_ass_table'));
441  $this->form->addCommandButton('updateRoleAssignmentRule', $this->lng->txt('save'));
442  $this->form->addCommandButton('roleAssignment', $this->lng->txt('cancel'));
443  }
444  // Role selection
445  $role = new ilRadioGroupInputGUI($this->lng->txt('shib_role_name'), 'role_name');
446  $role->setRequired(true);
447  $global = new ilRadioOption($this->lng->txt('shib_global_role'), 0);
448  $role->addOption($global);
449  $role_select = new ilSelectInputGUI('', 'role_id');
450  $role_select->setOptions($this->prepareRoleSelect());
451  $global->addSubItem($role_select);
452  $local = new ilRadioOption($this->lng->txt('shib_local_role'), 1);
453  $role->addOption($local);
454  include_once './Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php';
455  $role_search = new ilRoleAutoCompleteInputGUI('', 'role_search', $this, 'addRoleAutoCompleteObject');
456  $role_search->setSize(40);
457  $local->addSubItem($role_search);
458  include_once './Services/AccessControl/classes/class.ilRoleAutoComplete.php';
459  $role->setInfo($this->lng->txt('shib_role_name_info'));
460  $this->form->addItem($role);
461  // Update options
462  $update = new ilNonEditableValueGUI($this->lng->txt('shib_update_roles'), 'update_roles');
463  $update->setValue($this->lng->txt('shib_check_role_assignment'));
464  $add = new ilCheckboxInputGUI('', 'add_missing');
465  $add->setOptionTitle($this->lng->txt('shib_add_missing'));
466  $add->setValue(1);
467  $update->addSubItem($add);
468  $remove = new ilCheckboxInputGUI('', 'remove_deprecated');
469  $remove->setOptionTitle($this->lng->txt('shib_remove_deprecated'));
470  $remove->setValue(1);
471  $update->addSubItem($remove);
472  $this->form->addItem($update);
473  // Assignment type
474  $kind = new ilRadioGroupInputGUI($this->lng->txt('shib_assignment_type'), 'kind');
475  $kind->setValue(1);
476  $kind->setRequired(true);
477  $attr = new ilRadioOption($this->lng->txt('shib_attribute'), 1);
478  $attr->setInfo($this->lng->txt('shib_attr_info'));
479  $name = new ilTextInputGUI($this->lng->txt('shib_attribute_name'), 'attr_name');
480  $name->setSize(32);
481  $attr->addSubItem($name);
482  $value = new ilTextInputGUI($this->lng->txt('shib_attribute_value'), 'attr_value');
483  $value->setSize(32);
484  $attr->addSubItem($value);
485  $kind->addOption($attr);
486  $pl_active = (bool)$this->hasActiveRoleAssignmentPlugins();
487  $pl = new ilRadioOption($this->lng->txt('shib_plugin'), 2);
488  $pl->setInfo($this->lng->txt('shib_plugin_info'));
489  $pl->setDisabled(! $pl_active);
490  $id = new ilNumberInputGUI($this->lng->txt('shib_plugin_id'), 'plugin_id');
491  $id->setDisabled(! $pl_active);
492  $id->setSize(3);
493  $id->setMaxLength(3);
494  $id->setMaxValue(999);
495  $id->setMinValue(1);
496  $pl->addSubItem($id);
497  $kind->addOption($pl);
498  $this->form->addItem($kind);
499  }
500 
501 
505  function addRoleAutoCompleteObject() {
506  include_once("./Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php");
507  ilRoleAutoCompleteInputGUI::echoAutoCompleteList();
508  }
509 
510 
511  protected function addRoleAssignmentRule() {
512  global $DIC;
513  $ilAccess = $DIC['ilAccess'];
514  $ilErr = $DIC['ilErr'];
515  if (! $ilAccess->checkAccess('write', '', $this->ref_id)) {
516  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
517  $this->roleAssignment();
518 
519  return false;
520  }
521  $this->initFormRoleAssignment();
522  if (! $this->form->checkInput() or ($err = $this->checkInput())) {
523  if ($err) {
524  ilUtil::sendFailure($this->lng->txt($err));
525  }
526  $this->tabs_gui->setSubTabActive('shib_role_assignment');
527  $this->form->setValuesByPost();
528  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
529  $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
530  if (strlen($html = $this->parseRulesTable())) {
531  $this->tpl->setVariable('RULE_TABLE', $html);
532  }
533 
534  return true;
535  }
536  // Redirects if required
537  $this->showLocalRoleSelection();
538  $this->rule->add();
539  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
540  $this->roleAssignment();
541 
542  return true;
543  }
544 
545 
551  protected function editRoleAssignment() {
552  $this->ctrl->setParameter($this, 'rule_id', (int)$_GET['rule_id']);
553  $this->tabs_gui->setSubTabActive('shib_role_assignment');
554  $this->initFormRoleAssignment('update');
555  $this->getRuleValues();
556  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
557  $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
558 
559  return true;
560  }
561 
562 
563  protected function updateRoleAssignmentRule() {
564  global $DIC;
565  $ilAccess = $DIC['ilAccess'];
566  $ilErr = $DIC['ilErr'];
567  if (! $ilAccess->checkAccess('write', '', $this->ref_id)) {
568  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
569  $this->roleAssignment();
570 
571  return false;
572  }
573  $this->initFormRoleAssignment();
574  if (! $this->form->checkInput() or ($err = $this->checkInput((int)$_REQUEST['rule_id']))) {
575  if ($err) {
576  ilUtil::sendFailure($this->lng->txt($err));
577  }
578  $this->tabs_gui->setSubTabActive('shib_role_assignment');
579  $this->form->setValuesByPost();
580  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
581  $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
582 
583  return true;
584  }
585  $this->showLocalRoleSelection('update');
586  $this->rule->update();
587  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
588  $this->roleAssignment();
589 
590  return true;
591  }
592 
593 
594  private function loadRule($a_rule_id = 0) {
595  include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
596  $this->rule = new ilShibbolethRoleAssignmentRule($a_rule_id);
597  if ($this->form->getInput('role_name') == 0) {
598  $this->rule->setRoleId($this->form->getInput('role_id'));
599  } elseif ($this->form->getInput('role_search')) {
600  // Search role
601  include_once './Services/Search/classes/class.ilQueryParser.php';
602  $parser = new ilQueryParser($this->form->getInput('role_search'));
603  // TODO: Handle minWordLength
604  $parser->setMinWordLength(1, true);
605  $parser->setCombination(QP_COMBINATION_AND);
606  $parser->parse();
607  include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
608  $object_search = new ilLikeObjectSearch($parser);
609  $object_search->setFilter(array( 'role' ));
610  $res = $object_search->performSearch();
611  $entries = $res->getEntries();
612  if (count($entries) == 1) {
613  $role = current($entries);
614  $this->rule->setRoleId($role['obj_id']);
615  } elseif (count($entries) > 1) {
616  $this->rule->setRoleId(- 1);
617  }
618  }
619  $this->rule->setName($this->form->getInput('attr_name'));
620  $this->rule->setValue($this->form->getInput('attr_value'));
621  $this->rule->enableAddOnUpdate($this->form->getInput('add_missing'));
622  $this->rule->enableRemoveOnUpdate($this->form->getInput('remove_deprecated'));
623  $this->rule->enablePlugin($this->form->getInput('kind') == 2);
624  $this->rule->setPluginId($this->form->getInput('plugin_id'));
625 
626  return $this->rule;
627  }
628 
629 
630  private function getRuleValues() {
631  global $DIC;
632  $rbacreview = $DIC['rbacreview'];
633  include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php';
634  $rule = new ilShibbolethRoleAssignmentRule((int)$_GET['rule_id']);
635  $role = $rule->getRoleId();
636  if ($rbacreview->isGlobalRole($role)) {
637  $values['role_name'] = 0;
638  $values['role_id'] = $role;
639  } else {
640  $values['role_name'] = 1;
641  $values['role_search'] = ilObject::_lookupTitle($role);
642  }
643  $values['add_missing'] = (int)$rule->isAddOnUpdateEnabled();
644  $values['remove_deprecated'] = (int)$rule->isRemoveOnUpdateEnabled();
645  $values['attr_name'] = $rule->getName();
646  $values['attr_value'] = $rule->getValue();
647  if (! $rule->isPluginActive()) {
648  $values['kind'] = 1;
649  } else {
650  $values['kind'] = 2;
651  $values['plugin_id'] = $rule->getPluginId();
652  }
653  $this->form->setValuesByArray($values);
654  }
655 
656 
657  private function checkInput($a_rule_id = 0) {
658  $this->loadRule($a_rule_id);
659 
660  return $this->rule->validate();
661  }
662 
663 
664  private function showLocalRoleSelection() {
665  if ($this->rule->getRoleId() > 0) {
666  return false;
667  }
668  $_SESSION['shib_role_ass']['rule_id'] = $_REQUEST['rule_id'] ? $_REQUEST['rule_id'] : 0;
669  $_SESSION['shib_role_ass']['search'] = $this->form->getInput('role_search');
670  $_SESSION['shib_role_ass']['add_on_update'] = $this->rule->isAddOnUpdateEnabled();
671  $_SESSION['shib_role_ass']['remove_on_update'] = $this->rule->isRemoveOnUpdateEnabled();
672  $_SESSION['shib_role_ass']['name'] = $this->rule->getName();
673  $_SESSION['shib_role_ass']['value'] = $this->rule->getValue();
674  $_SESSION['shib_role_ass']['plugin'] = $this->rule->isPluginActive();
675  $_SESSION['shib_role_ass']['plugin_id'] = $this->rule->getPluginId();
676  $this->ctrl->redirect($this, 'chooseRole');
677  }
678 
679 
680  protected function chooseRole() {
681  $this->tabs_gui->setSubTabActive('shib_role_assignment');
682  include_once './Services/Search/classes/class.ilQueryParser.php';
683  $parser = new ilQueryParser($_SESSION['shib_role_ass']['search']);
684  $parser->setMinWordLength(1, true);
685  $parser->setCombination(QP_COMBINATION_AND);
686  $parser->parse();
687  include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
688  $object_search = new ilLikeObjectSearch($parser);
689  $object_search->setFilter(array( 'role' ));
690  $res = $object_search->performSearch();
691  $entries = $res->getEntries();
692  include_once './Services/AccessControl/classes/class.ilRoleSelectionTableGUI.php';
693  $table = new ilRoleSelectionTableGUI($this, 'chooseRole');
694  $table->setTitle($this->lng->txt('shib_role_selection'));
695  $table->addMultiCommand('saveRoleSelection', $this->lng->txt('shib_choose_role'));
696  $table->addCommandButton('roleAssignment', $this->lng->txt('cancel'));
697  $table->parse($entries);
698  $this->tpl->setContent($table->getHTML());
699 
700  return true;
701  }
702 
703 
704  protected function saveRoleSelection() {
705  $rule = new ilShibbolethRoleAssignmentRule($_SESSION['shib_role_ass']['rule_id']);
706  $rule->setRoleId((int)$_POST['role_id']);
707  $rule->setName($_SESSION['shib_role_ass']['name']);
708  $rule->setValue($_SESSION['shib_role_ass']['value']);
709  $rule->enablePlugin($_SESSION['shib_role_ass']['plugin']);
710  $rule->setPluginId($_SESSION['shib_role_ass']['plugin_id']);
711  $rule->enableAddOnUpdate($_SESSION['shib_role_ass']['add_on_update']);
712  $rule->enableRemoveOnUpdate($_SESSION['shib_role_ass']['remove_on_update']);
713  if ($rule->getRuleId()) {
714  $rule->update();
715  } else {
716  $rule->add();
717  }
718  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
719  unset($_SESSION['shib_role_ass']);
720  $this->roleAssignment();
721  }
722 
723 
729  private function hasActiveRoleAssignmentPlugins() {
730  global $DIC;
731  $ilPluginAdmin = $DIC['ilPluginAdmin'];
732 
733  return count($ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, 'AuthShibboleth', 'shibhk'));
734  }
735 
736 
737  private function prepareRoleSelect($a_as_select = true) {
738  global $DIC;
739  $rbacreview = $DIC['rbacreview'];
740  $ilObjDataCache = $DIC['ilObjDataCache'];
741  $global_roles = ilUtil::_sortIds($rbacreview->getGlobalRoles(), 'object_data', 'title', 'obj_id');
742  $select[0] = $this->lng->txt('links_select_one');
743  foreach ($global_roles as $role_id) {
744  $select[$role_id] = ilObject::_lookupTitle($role_id);
745  }
746 
747  return $select;
748  }
749 
750 
751  protected function setSubTabs() {
752  global $DIC;
753  $ilSetting = $DIC['ilSetting'];
754  include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php';
755  if ($ilSetting->get('shib_active') == 0 and ilShibbolethRoleAssignmentRules::getCountRules() == 0) {
756  return false;
757  }
758  // DONE: show sub tabs if there is any role assignment rule
759  $this->tabs_gui->addSubTabTarget('shib_settings', $this->ctrl->getLinkTarget($this, 'settings'));
760  $this->tabs_gui->addSubTabTarget('shib_role_assignment', $this->ctrl->getLinkTarget($this, 'roleAssignment'));
761 
762  return true;
763  }
764 }
765 
766 ?>
ilUtil\sendSuccess
static sendSuccess($a_info="", $a_keep=false)
Send Success Message to Screen.
Definition: class.ilUtil.php:4801
$ilErr
global $ilErr
Definition: raiseError.php:16
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
ilAuthShibbolethSettingsGUI
Class ilAuthShibbolethSettingsGUI.
Definition: class.ilAuthShibbolethSettingsGUI.php:13
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
ilSelectInputGUI
This class represents a selection list property in a property form.
Definition: class.ilSelectInputGUI.php:17
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$cmd
$cmd
Definition: sahs_server.php:35
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:33
ilAuthShibbolethSettingsGUI\hasActiveRoleAssignmentPlugins
hasActiveRoleAssignmentPlugins()
Check if plugin is active.
Definition: class.ilAuthShibbolethSettingsGUI.php:729
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:924
ilRadioOption\setInfo
setInfo($a_info)
Set Info.
Definition: class.ilRadioOption.php:71
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
$info
$info
Definition: example_052.php:80
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
ilRoleAutoCompleteInputGUI\echoAutoCompleteList
static echoAutoCompleteList()
Static asynchronous default auto complete function.
Definition: class.ilRoleAutoCompleteInputGUI.php:41
ilUtil\_sortIds
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,7),&#39;usr_data&#39;,&#39;lastname&#39;,&#39;usr_id&#39;) => sorts by lastname.
Definition: class.ilUtil.php:4683
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:14
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1021
ilTextInputGUI\setSize
setSize($a_size)
Set Size.
Definition: class.ilTextInputGUI.php:137
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
$ilUser
$ilUser
Definition: imgupload.php:18
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4771
ilRoleAutoCompleteInputGUI
This class represents a role + autocomplete feature form input.
Definition: class.ilRoleAutoCompleteInputGUI.php:13
$parser
$parser
Definition: BPMN2Parser.php:24
ilNonEditableValueGUI
This class represents a non editable value in a property form.
Definition: class.ilNonEditableValueGUI.php:13
$ilSetting
global $ilSetting
Definition: privfeed.php:17
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:34
$DIC
global $DIC
Definition: imagemanager.php:32
QP_COMBINATION_AND
const QP_COMBINATION_AND
Definition: class.ilQueryParser.php:35
ilFormPropertyGUI\setDisabled
setDisabled($a_disabled)
Set Disabled.
Definition: class.ilFormPropertyGUI.php:191
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
$html
$html
Definition: example_001.php:87
ilFormPropertyGUI\setRequired
setRequired($a_required)
Set Required.
Definition: class.ilFormPropertyGUI.php:171
IL_COMP_SERVICE
const IL_COMP_SERVICE
Definition: class.ilComponent.php:6
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:15
ilAuthShibbolethSettingsGUI\addRoleAutoCompleteObject
addRoleAutoCompleteObject()
Add Member for autoComplete.
Definition: class.ilAuthShibbolethSettingsGUI.php:505