ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilAuthShibbolethSettingsGUI.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
14
18 private $ctrl;
22 private $ilias;
26 private $tabs_gui;
30 private $lng;
34 private $tpl;
38 private $ref_id;
39
40
47 public function __construct($a_auth_ref_id) {
48 global $DIC;
49 $lng = $DIC['lng'];
50 $ilCtrl = $DIC['ilCtrl'];
51 $tpl = $DIC['tpl'];
52 $ilTabs = $DIC['ilTabs'];
53 $ilias = $DIC['ilias'];
54 $this->ctrl = $ilCtrl;
55 $this->tabs_gui = $ilTabs;
56 $this->lng = $lng;
57 $this->lng->loadLanguageModule('shib');
58 $this->ilias = $ilias;
59 $this->tpl = $tpl;
60 $this->ref_id = $a_auth_ref_id;
61 $this->obj_id = ilObject::_lookupObjId($this->ref_id);
62 }
63
64
70 public function executeCommand() {
71 global $DIC;
72 $ilAccess = $DIC['ilAccess'];
73 $ilErr = $DIC['ilErr'];
74 $ilCtrl = $DIC['ilCtrl'];
75 $next_class = $this->ctrl->getNextClass($this);
76 $cmd = $this->ctrl->getCmd();
77 if (! $ilAccess->checkAccess('read', '', $this->ref_id)) {
78 $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
79 }
80 if (! $ilAccess->checkAccess('write', '', $this->ref_id) && $cmd != "settings") {
81 ilUtil::sendFailure($this->lng->txt('msg_no_perm_write'), true);
82 $ilCtrl->redirect($this, "settings");
83 }
84 $this->setSubTabs();
85 switch ($next_class) {
86 default:
87 if (! $cmd) {
88 $cmd = "settings";
89 }
90 $this->$cmd();
91 break;
92 }
93
94 return true;
95 }
96
97
98 public function settings() {
99 global $DIC;
100 $rbacreview = $DIC['rbacreview'];
101 $this->tabs_gui->setSubTabActive('shib_settings');
102 // set already saved data or default value for port
103 $settings = $this->ilias->getAllSettings();
104 // Compose role list
105 $role_list = $rbacreview->getRolesByFilter(2);
106 $role = array();
107 if (! isset($settings["shib_user_default_role"])) {
108 $settings["shib_user_default_role"] = 4;
109 }
110 if (! isset($settings["shib_idp_list"]) || $settings["shib_idp_list"] == '') {
111 $settings["shib_idp_list"] = "urn:mace:organization1:providerID, Example Organization 1\nurn:mace:organization2:providerID, Example Organization 2, /Shibboleth.sso/WAYF/SWITCHaai";
112 }
113 if (! isset($settings["shib_login_button"]) || $settings["shib_login_button"] == '') {
114 $settings["shib_login_button"] = "templates/default/images/shib_login_button.png";
115 }
116 if (! isset($settings["shib_hos_type"]) || $settings["shib_hos_type"] == '') {
117 $settings["shib_hos_type"] = 'internal_wayf';
118 }
119 foreach ($role_list as $data) {
120 $role[$data["obj_id"]] = $data["title"];
121 }
122 // Set text field content
123 $shib_settings = array(
124 'shib_login',
125 'shib_title',
126 'shib_firstname',
127 'shib_lastname',
128 'shib_email',
129 'shib_gender',
130 'shib_institution',
131 'shib_department',
132 'shib_zipcode',
133 'shib_city',
134 'shib_country',
135 'shib_street',
136 'shib_phone_office',
137 'shib_phone_home',
138 'shib_phone_mobile',
139 'shib_language',
140 'shib_matriculation',
141 );
142 //set PropertyFormGUI
143 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
144 $propertys = new ilPropertyFormGUI();
145 $propertys->setTitle($this->lng->txt("shib"));
146 $propertys->setFormAction($this->ctrl->getFormAction($this, "save"));
147 $propertys->addCommandButton("save", $this->lng->txt("save"));
148 $propertys->addCommandButton("settings", $this->lng->txt("cancel"));
149 //set enable shibboleth support
150 $enable = new ilCheckboxInputGUI();
151 $enable->setTitle($this->lng->txt("shib_active"));
152 $read_me_link = "./Services/AuthShibboleth/README.SHIBBOLETH.txt";
153 $info = "<a href='" . $read_me_link . "' target='_blank'>" . $this->lng->txt("auth_shib_instructions") . "</a>";
154 $enable->setInfo($info);
155 $enable->setPostVar("shib[active]");
156 $enable->setChecked($settings["shib_active"]);
157 //set allow local authentication
158 $local = new ilCheckboxInputGUI();
159 $local->setTitle($this->lng->txt("auth_allow_local"));
160 $local->setPostVar("shib[auth_allow_local]");
161 $local->setChecked($settings['shib_auth_allow_local']);
162 //set user default role
163 $defaultrole = new ilSelectInputGUI();
164 $defaultrole->setTitle($this->lng->txt("shib_user_default_role"));
165 $defaultrole->setPostVar("shib[user_default_role]");
166 $defaultrole->setOptions($role);
167 $defaultrole->setRequired(true);
168 $defaultrole->setValue($settings["shib_user_default_role"]);
169 //set name of federation
170 $name = new ilTextInputGUI();
171 $name->setTitle($this->lng->txt("shib_federation_name"));
172 $name->setPostVar("shib[federation_name]");
173 $name->setSize(40);
174 $name->setMaxLength(50);
175 $name->setRequired(true);
176 $name->setValue(stripslashes($settings["shib_federation_name"]));
177 //set Organize selection group
178 include_once("./Services/Form/classes/class.ilRadioGroupInputGUI.php");
179 include_once("./Services/Form/classes/class.ilRadioOption.php");
180 $organize = new ilRadioGroupInputGUI();
181 $organize->setTitle($this->lng->txt("shib_login_type"));
182 $organize->setPostVar("shib[hos_type]");
183 $organize->setRequired(true);
184 $organize->setValue($settings["shib_hos_type"]);
185 //set 1. option internalwayf
186 $internalwayf = new ilRadioOption();
187 $internalwayf->setTitle($this->lng->txt("shib_login_internal_wayf"));
188 $internalwayf->setValue("internal_wayf");
189 //set 1. option internalwayf textbox idplist
190 $idplist = new ilTextAreaInputGUI();
191 $idplist->setInfo($this->lng->txt("shib_idp_list"));
192 $idplist->setPostVar("shib[idp_list]");
193 $idplist->setRows(3);
194 $idplist->setCols(50);
195 $idplist->setValue($settings["shib_idp_list"]);
196 //set 2. Option externalwayf
197 $externalwayf = new ilRadioOption();
198 $externalwayf->setTitle($this->lng->txt("shib_login_external_wayf"));
199 $externalwayf->setValue("external_wayf");
200 //set 2. Option externalwayf textfield path to login button image
201 $loginbutton = new ilTextInputGUI();
202 $loginbutton->setInfo($this->lng->txt("shib_login_button"));
203 $loginbutton->setPostVar("shib[login_button]");
204 $loginbutton->setSize(50);
205 $loginbutton->setMaxLength(255);
206 $loginbutton->setValue($settings["shib_login_button"]);
207 //set 3. Option embeddedwayf
208 $embeddedwayf = new ilRadioOption();
209 $embeddedwayf->setTitle($this->lng->txt("shib_login_embedded_wayf"));
210 $embeddedwayf->setInfo($this->lng->txt("shib_login_embedded_wayf_description"));
211 $embeddedwayf->setValue("embedded_wayf");
212 //set login instructions
213 $logininstruction = new ilTextAreaInputGUI();
214 $logininstruction->setTitle($this->lng->txt("auth_login_instructions"));
215 $logininstruction->setPostVar("shib[login_instructions]");
216 $logininstruction->setRows(3);
217 $logininstruction->setCols(50);
218 $logininstruction->setValue(stripslashes($settings["shib_login_instructions"]));
219 //set path to data manipulation API
220 $dataconv = new ilTextInputGUI();
221 $dataconv->setTitle($this->lng->txt("shib_data_conv"));
222 $dataconv->setPostVar("shib[data_conv]");
223 $dataconv->setSize(80);
224 $dataconv->setMaxLength(512);
225 $dataconv->setValue($settings["shib_data_conv"]);
226 //field mappings
227 $fields = array();
228 foreach ($shib_settings as $setting) {
229 $field = str_replace('shib_', '', $setting);
230 $textinput = new ilTextInputGUI();
231 $textinput->setTitle($this->lng->txt($setting));
232 $textinput->setPostVar("shib[" . $field . "]");
233 $textinput->setValue($settings[$setting]);
234 $textinput->setSize(40);
235 $textinput->setMaxLength(50);
236 $checkinput = new ilCheckboxInputGUI("");
237 $checkinput->setOptionTitle($this->lng->txt("shib_update"));
238 $checkinput->setPostVar("shib[update_" . $field . "]");
239 $checkinput->setChecked($settings["shib_update_" . $field]);
240 if ($setting == 'shib_login' || $setting == 'shib_firstname'
241 || $setting == 'shib_lastname'
242 || $setting == 'shib_email'
243 ) {
244 $textinput->setRequired(true);
245 }
246 $fields[$setting] = array( "text" => $textinput, "check" => $checkinput );
247 }
248 $propertys->addItem($enable);
249 $propertys->addItem($local);
250 $propertys->addItem($defaultrole);
251 $propertys->addItem($name);
252 $internalwayf->addSubItem($idplist);
253 $organize->addOption($internalwayf);
254 $externalwayf->addSubItem($loginbutton);
255 $organize->addOption($externalwayf);
256 $organize->addOption($embeddedwayf);
257 $propertys->addItem($organize);
258 $propertys->addItem($logininstruction);
259 $propertys->addItem($dataconv);
260 foreach ($shib_settings as $setting) {
261 $propertys->addItem($fields[$setting]["text"]);
262 if ($setting != "shib_login") {
263 $propertys->addItem($fields[$setting]["check"]);
264 }
265 }
266 $this->tpl->setContent($propertys->getHTML());
267 }
268
269
270 public function save() {
271 global $DIC;
272 $ilUser = $DIC['ilUser'];
273 // validate required data
274 if (! $_POST["shib"]["login"]
275 or ! $_POST["shib"]["hos_type"]
276 or ! $_POST["shib"]["firstname"]
277 or ! $_POST["shib"]["lastname"]
278 or ! $_POST["shib"]["email"]
279 or ! $_POST["shib"]["user_default_role"]
280 or ! $_POST["shib"]["federation_name"]
281 ) {
282 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
283 }
284 // validate api
285 if ($_POST["shib"]["data_conv"]
286 and $_POST["shib"]["data_conv"] != ''
287 and ! is_readable($_POST["shib"]["data_conv"])
288 ) {
289 $this->ilias->raiseError($this->lng->txt("shib_data_conv_warning"), $this->ilias->error_obj->MESSAGE);
290 }
291 // all ok. save settings
292 $shib_settings = array(
293 'shib_login',
294 'shib_title',
295 'shib_firstname',
296 'shib_lastname',
297 'shib_email',
298 'shib_gender',
299 'shib_institution',
300 'shib_department',
301 'shib_zipcode',
302 'shib_city',
303 'shib_country',
304 'shib_street',
305 'shib_phone_office',
306 'shib_phone_home',
307 'shib_phone_mobile',
308 'shib_language',
309 'shib_matriculation'
310 );
311 foreach ($shib_settings as $setting) {
312 $field = str_replace('shib_', '', $setting);
313 if ($_POST["shib"]["update_" . $field] != "1") {
314 $_POST["shib"]["update_" . $field] = "0";
315 }
316 $this->ilias->setSetting($setting, trim($_POST["shib"][$field]));
317 $this->ilias->setSetting("shib_update_" . $field, $_POST["shib"]["update_" . $field]);
318 }
319 if ($_POST["shib"]["active"] != "1") {
320 $this->ilias->setSetting("shib_active", "0");
321 $this->ilias->setSetting("shibboleth_active", "0");
322 } else {
323 $this->ilias->setSetting("shib_active", "1");
324 $this->ilias->setSetting("shibboleth_active", "1");
325 }
326 $this->ilias->setSetting("shib_user_default_role", $_POST["shib"]["user_default_role"]);
327 $this->ilias->setSetting("shib_hos_type", $_POST["shib"]["hos_type"]);
328 $this->ilias->setSetting("shib_federation_name", $_POST["shib"]["federation_name"]);
329 $this->ilias->setSetting("shib_idp_list", $_POST["shib"]["idp_list"]);
330 $this->ilias->setSetting("shib_login_instructions", $_POST["shib"]["login_instructions"]);
331 $this->ilias->setSetting("shib_login_button", $_POST["shib"]["login_button"]);
332 $this->ilias->setSetting("shib_data_conv", $_POST["shib"]["data_conv"]);
333 $this->ilias->setSetting("shib_auth_allow_local", ($_POST['shib']['auth_allow_local'] == '1') ? '1' : '0');
334 ilUtil::sendSuccess($this->lng->txt("shib_settings_saved"), true);
335 $this->ctrl->redirect($this, 'settings');
336 }
337
338
339 protected function roleAssignment() {
340 $this->tabs_gui->setSubTabActive('shib_role_assignment');
341 $this->initFormRoleAssignment('default');
342 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
343 $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
344 if (strlen($html = $this->parseRulesTable())) {
345 $this->tpl->setVariable('RULE_TABLE', $html);
346 }
347
348 return true;
349 }
350
351
352 protected function parseRulesTable() {
353 include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php');
355 return '';
356 }
357 include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentTableGUI.php');
358 $rules_table = new ilShibbolethRoleAssignmentTableGUI($this, 'roleAssignment');
359 $rules_table->setTitle($this->lng->txt('shib_rules_tables'));
360 $rules_table->parse(ilShibbolethRoleAssignmentRules::getAllRules());
361 $rules_table->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
362 $rules_table->setSelectAllCheckbox("rule_id");
363
364 return $rules_table->getHTML();
365 }
366
367
376 protected function confirmDeleteRules() {
377 if (! is_array($_POST['rule_ids'])) {
378 ilUtil::sendFailure($this->lng->txt('select_one'));
379 $this->roleAssignment();
380
381 return false;
382 }
383 $this->tabs_gui->setSubTabActive('shib_role_assignment');
384 include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
385 $c_gui = new ilConfirmationGUI();
386 // set confirm/cancel commands
387 $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules"));
388 $c_gui->setHeaderText($this->lng->txt("shib_confirm_del_role_ass"));
389 $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignment");
390 $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules");
391 // add items to delete
392 include_once('Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
393 foreach ($_POST["rule_ids"] as $rule_id) {
394 $rule = new ilShibbolethRoleAssignmentRule($rule_id);
395 $info = ilObject::_lookupTitle($rule->getRoleId());
396 $info .= " (";
397 $info .= $rule->conditionToString();
398 $info .= ')';
399 $c_gui->addItem('rule_ids[]', $rule_id, $info);
400 }
401 $this->tpl->setContent($c_gui->getHTML());
402 }
403
404
411 protected function deleteRules() {
412 if (! is_array($_POST['rule_ids'])) {
413 ilUtil::sendFailure($this->lng->txt('select_once'));
414 $this->roleAssignment();
415
416 return false;
417 }
418 include_once('Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
419 foreach ($_POST["rule_ids"] as $rule_id) {
420 $rule = new ilShibbolethRoleAssignmentRule($rule_id);
421 $rule->delete();
422 }
423 ilUtil::sendSuccess($this->lng->txt('shib_deleted_rule'));
424 $this->roleAssignment();
425
426 return true;
427 }
428
429
430 protected function initFormRoleAssignment($a_mode = 'default') {
431 include_once('./Services/Form/classes/class.ilPropertyFormGUI.php');
432 $this->form = new ilPropertyFormGUI();
433 $this->form->setFormAction($this->ctrl->getFormAction($this, 'cancel'));
434 $this->form->setTitle($this->lng->txt('shib_role_ass_table'));
435 if ($a_mode == 'default') {
436 $this->form->setTitle($this->lng->txt('shib_role_ass_table'));
437 $this->form->addCommandButton('addRoleAssignmentRule', $this->lng->txt('shib_new_rule'));
438 $this->form->addCommandButton('settings', $this->lng->txt('cancel'));
439 } else {
440 $this->form->setTitle($this->lng->txt('shib_update_role_ass_table'));
441 $this->form->addCommandButton('updateRoleAssignmentRule', $this->lng->txt('save'));
442 $this->form->addCommandButton('roleAssignment', $this->lng->txt('cancel'));
443 }
444 // Role selection
445 $role = new ilRadioGroupInputGUI($this->lng->txt('shib_role_name'), 'role_name');
446 $role->setRequired(true);
447 $global = new ilRadioOption($this->lng->txt('shib_global_role'), 0);
448 $role->addOption($global);
449 $role_select = new ilSelectInputGUI('', 'role_id');
450 $role_select->setOptions($this->prepareRoleSelect());
451 $global->addSubItem($role_select);
452 $local = new ilRadioOption($this->lng->txt('shib_local_role'), 1);
453 $role->addOption($local);
454 include_once './Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php';
455 $role_search = new ilRoleAutoCompleteInputGUI('', 'role_search', $this, 'addRoleAutoCompleteObject');
456 $role_search->setSize(40);
457 $local->addSubItem($role_search);
458 include_once './Services/AccessControl/classes/class.ilRoleAutoComplete.php';
459 $role->setInfo($this->lng->txt('shib_role_name_info'));
460 $this->form->addItem($role);
461 // Update options
462 $update = new ilNonEditableValueGUI($this->lng->txt('shib_update_roles'), 'update_roles');
463 $update->setValue($this->lng->txt('shib_check_role_assignment'));
464 $add = new ilCheckboxInputGUI('', 'add_missing');
465 $add->setOptionTitle($this->lng->txt('shib_add_missing'));
466 $add->setValue(1);
467 $update->addSubItem($add);
468 $remove = new ilCheckboxInputGUI('', 'remove_deprecated');
469 $remove->setOptionTitle($this->lng->txt('shib_remove_deprecated'));
470 $remove->setValue(1);
471 $update->addSubItem($remove);
472 $this->form->addItem($update);
473 // Assignment type
474 $kind = new ilRadioGroupInputGUI($this->lng->txt('shib_assignment_type'), 'kind');
475 $kind->setValue(1);
476 $kind->setRequired(true);
477 $attr = new ilRadioOption($this->lng->txt('shib_attribute'), 1);
478 $attr->setInfo($this->lng->txt('shib_attr_info'));
479 $name = new ilTextInputGUI($this->lng->txt('shib_attribute_name'), 'attr_name');
480 $name->setSize(32);
481 $attr->addSubItem($name);
482 $value = new ilTextInputGUI($this->lng->txt('shib_attribute_value'), 'attr_value');
483 $value->setSize(32);
484 $attr->addSubItem($value);
485 $kind->addOption($attr);
486 $pl_active = (bool)$this->hasActiveRoleAssignmentPlugins();
487 $pl = new ilRadioOption($this->lng->txt('shib_plugin'), 2);
488 $pl->setInfo($this->lng->txt('shib_plugin_info'));
489 $pl->setDisabled(! $pl_active);
490 $id = new ilNumberInputGUI($this->lng->txt('shib_plugin_id'), 'plugin_id');
491 $id->setDisabled(! $pl_active);
492 $id->setSize(3);
493 $id->setMaxLength(3);
494 $id->setMaxValue(999);
495 $id->setMinValue(1);
496 $pl->addSubItem($id);
497 $kind->addOption($pl);
498 $this->form->addItem($kind);
499 }
500
501
506 include_once("./Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php");
508 }
509
510
511 protected function addRoleAssignmentRule() {
512 global $DIC;
513 $ilAccess = $DIC['ilAccess'];
514 $ilErr = $DIC['ilErr'];
515 if (! $ilAccess->checkAccess('write', '', $this->ref_id)) {
516 ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
517 $this->roleAssignment();
518
519 return false;
520 }
521 $this->initFormRoleAssignment();
522 if (! $this->form->checkInput() or ($err = $this->checkInput())) {
523 if ($err) {
524 ilUtil::sendFailure($this->lng->txt($err));
525 }
526 $this->tabs_gui->setSubTabActive('shib_role_assignment');
527 $this->form->setValuesByPost();
528 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
529 $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
530 if (strlen($html = $this->parseRulesTable())) {
531 $this->tpl->setVariable('RULE_TABLE', $html);
532 }
533
534 return true;
535 }
536 // Redirects if required
537 $this->showLocalRoleSelection();
538 $this->rule->add();
539 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
540 $this->roleAssignment();
541
542 return true;
543 }
544
545
551 protected function editRoleAssignment() {
552 $this->ctrl->setParameter($this, 'rule_id', (int)$_GET['rule_id']);
553 $this->tabs_gui->setSubTabActive('shib_role_assignment');
554 $this->initFormRoleAssignment('update');
555 $this->getRuleValues();
556 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
557 $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
558
559 return true;
560 }
561
562
563 protected function updateRoleAssignmentRule() {
564 global $DIC;
565 $ilAccess = $DIC['ilAccess'];
566 $ilErr = $DIC['ilErr'];
567 if (! $ilAccess->checkAccess('write', '', $this->ref_id)) {
568 ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
569 $this->roleAssignment();
570
571 return false;
572 }
573 $this->initFormRoleAssignment();
574 if (! $this->form->checkInput() or ($err = $this->checkInput((int)$_REQUEST['rule_id']))) {
575 if ($err) {
576 ilUtil::sendFailure($this->lng->txt($err));
577 }
578 $this->tabs_gui->setSubTabActive('shib_role_assignment');
579 $this->form->setValuesByPost();
580 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
581 $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
582
583 return true;
584 }
585 $this->showLocalRoleSelection('update');
586 $this->rule->update();
587 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
588 $this->roleAssignment();
589
590 return true;
591 }
592
593
594 private function loadRule($a_rule_id = 0) {
595 include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
596 $this->rule = new ilShibbolethRoleAssignmentRule($a_rule_id);
597 if ($this->form->getInput('role_name') == 0) {
598 $this->rule->setRoleId($this->form->getInput('role_id'));
599 } elseif ($this->form->getInput('role_search')) {
600 // Search role
601 include_once './Services/Search/classes/class.ilQueryParser.php';
602 $parser = new ilQueryParser($this->form->getInput('role_search'));
603 // TODO: Handle minWordLength
604 $parser->setMinWordLength(1, true);
605 $parser->setCombination(QP_COMBINATION_AND);
606 $parser->parse();
607 include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
608 $object_search = new ilLikeObjectSearch($parser);
609 $object_search->setFilter(array( 'role' ));
610 $res = $object_search->performSearch();
611 $entries = $res->getEntries();
612 if (count($entries) == 1) {
613 $role = current($entries);
614 $this->rule->setRoleId($role['obj_id']);
615 } elseif (count($entries) > 1) {
616 $this->rule->setRoleId(- 1);
617 }
618 }
619 $this->rule->setName($this->form->getInput('attr_name'));
620 $this->rule->setValue($this->form->getInput('attr_value'));
621 $this->rule->enableAddOnUpdate($this->form->getInput('add_missing'));
622 $this->rule->enableRemoveOnUpdate($this->form->getInput('remove_deprecated'));
623 $this->rule->enablePlugin($this->form->getInput('kind') == 2);
624 $this->rule->setPluginId($this->form->getInput('plugin_id'));
625
626 return $this->rule;
627 }
628
629
630 private function getRuleValues() {
631 global $DIC;
632 $rbacreview = $DIC['rbacreview'];
633 include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php';
634 $rule = new ilShibbolethRoleAssignmentRule((int)$_GET['rule_id']);
635 $role = $rule->getRoleId();
636 if ($rbacreview->isGlobalRole($role)) {
637 $values['role_name'] = 0;
638 $values['role_id'] = $role;
639 } else {
640 $values['role_name'] = 1;
641 $values['role_search'] = ilObject::_lookupTitle($role);
642 }
643 $values['add_missing'] = (int)$rule->isAddOnUpdateEnabled();
644 $values['remove_deprecated'] = (int)$rule->isRemoveOnUpdateEnabled();
645 $values['attr_name'] = $rule->getName();
646 $values['attr_value'] = $rule->getValue();
647 if (! $rule->isPluginActive()) {
648 $values['kind'] = 1;
649 } else {
650 $values['kind'] = 2;
651 $values['plugin_id'] = $rule->getPluginId();
652 }
653 $this->form->setValuesByArray($values);
654 }
655
656
657 private function checkInput($a_rule_id = 0) {
658 $this->loadRule($a_rule_id);
659
660 return $this->rule->validate();
661 }
662
663
664 private function showLocalRoleSelection() {
665 if ($this->rule->getRoleId() > 0) {
666 return false;
667 }
668 $_SESSION['shib_role_ass']['rule_id'] = $_REQUEST['rule_id'] ? $_REQUEST['rule_id'] : 0;
669 $_SESSION['shib_role_ass']['search'] = $this->form->getInput('role_search');
670 $_SESSION['shib_role_ass']['add_on_update'] = $this->rule->isAddOnUpdateEnabled();
671 $_SESSION['shib_role_ass']['remove_on_update'] = $this->rule->isRemoveOnUpdateEnabled();
672 $_SESSION['shib_role_ass']['name'] = $this->rule->getName();
673 $_SESSION['shib_role_ass']['value'] = $this->rule->getValue();
674 $_SESSION['shib_role_ass']['plugin'] = $this->rule->isPluginActive();
675 $_SESSION['shib_role_ass']['plugin_id'] = $this->rule->getPluginId();
676 $this->ctrl->redirect($this, 'chooseRole');
677 }
678
679
680 protected function chooseRole() {
681 $this->tabs_gui->setSubTabActive('shib_role_assignment');
682 include_once './Services/Search/classes/class.ilQueryParser.php';
683 $parser = new ilQueryParser($_SESSION['shib_role_ass']['search']);
684 $parser->setMinWordLength(1, true);
685 $parser->setCombination(QP_COMBINATION_AND);
686 $parser->parse();
687 include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
688 $object_search = new ilLikeObjectSearch($parser);
689 $object_search->setFilter(array( 'role' ));
690 $res = $object_search->performSearch();
691 $entries = $res->getEntries();
692 include_once './Services/AccessControl/classes/class.ilRoleSelectionTableGUI.php';
693 $table = new ilRoleSelectionTableGUI($this, 'chooseRole');
694 $table->setTitle($this->lng->txt('shib_role_selection'));
695 $table->addMultiCommand('saveRoleSelection', $this->lng->txt('shib_choose_role'));
696 $table->addCommandButton('roleAssignment', $this->lng->txt('cancel'));
697 $table->parse($entries);
698 $this->tpl->setContent($table->getHTML());
699
700 return true;
701 }
702
703
704 protected function saveRoleSelection() {
705 $rule = new ilShibbolethRoleAssignmentRule($_SESSION['shib_role_ass']['rule_id']);
706 $rule->setRoleId((int)$_POST['role_id']);
707 $rule->setName($_SESSION['shib_role_ass']['name']);
708 $rule->setValue($_SESSION['shib_role_ass']['value']);
709 $rule->enablePlugin($_SESSION['shib_role_ass']['plugin']);
710 $rule->setPluginId($_SESSION['shib_role_ass']['plugin_id']);
711 $rule->enableAddOnUpdate($_SESSION['shib_role_ass']['add_on_update']);
712 $rule->enableRemoveOnUpdate($_SESSION['shib_role_ass']['remove_on_update']);
713 if ($rule->getRuleId()) {
714 $rule->update();
715 } else {
716 $rule->add();
717 }
718 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
719 unset($_SESSION['shib_role_ass']);
720 $this->roleAssignment();
721 }
722
723
730 global $DIC;
731 $ilPluginAdmin = $DIC['ilPluginAdmin'];
732
733 return count($ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, 'AuthShibboleth', 'shibhk'));
734 }
735
736
737 private function prepareRoleSelect($a_as_select = true) {
738 global $DIC;
739 $rbacreview = $DIC['rbacreview'];
740 $ilObjDataCache = $DIC['ilObjDataCache'];
741 $global_roles = ilUtil::_sortIds($rbacreview->getGlobalRoles(), 'object_data', 'title', 'obj_id');
742 $select[0] = $this->lng->txt('links_select_one');
743 foreach ($global_roles as $role_id) {
744 $select[$role_id] = ilObject::_lookupTitle($role_id);
745 }
746
747 return $select;
748 }
749
750
751 protected function setSubTabs() {
752 global $DIC;
753 $ilSetting = $DIC['ilSetting'];
754 include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php';
755 if ($ilSetting->get('shib_active') == 0 and ilShibbolethRoleAssignmentRules::getCountRules() == 0) {
756 return false;
757 }
758 // DONE: show sub tabs if there is any role assignment rule
759 $this->tabs_gui->addSubTabTarget('shib_settings', $this->ctrl->getLinkTarget($this, 'settings'));
760 $this->tabs_gui->addSubTabTarget('shib_role_assignment', $this->ctrl->getLinkTarget($this, 'roleAssignment'));
761
762 return true;
763 }
764}
765
766?>
$parser
Definition: BPMN2Parser.php:24
$_GET["client_id"]
$_POST["username"]
$_SESSION["AccountId"]
An exception for terminatinating execution or to throw for unit testing.
const IL_COMP_SERVICE
const QP_COMBINATION_AND
Class ilAuthShibbolethSettingsGUI.
addRoleAutoCompleteObject()
Add Member for autoComplete.
hasActiveRoleAssignmentPlugins()
Check if plugin is active.
This class represents a checkbox property in a property form.
Confirmation screen class.
This class represents a non editable value in a property form.
This class represents a number property in a property form.
static _lookupObjId($a_id)
static _lookupTitle($a_id)
lookup object title
This class represents a property form user interface.
This class represents a property in a property form.
This class represents an option in a radio group.
This class represents a role + autocomplete feature form input.
static echoAutoCompleteList()
Static asynchronous default auto complete function.
This class represents a selection list property in a property form.
This class represents a text area property in a property form.
This class represents a text property in a property form.
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,...
static sendSuccess($a_info="", $a_keep=false)
Send Success Message to Screen.
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
$html
Definition: example_001.php:87
$info
Definition: example_052.php:80
global $ilCtrl
Definition: ilias.php:18
redirection script todo: (a better solution should control the processing via a xml file)
global $ilSetting
Definition: privfeed.php:17
global $ilErr
Definition: raiseError.php:16
$cmd
Definition: sahs_server.php:35
global $DIC
$ilUser
Definition: imgupload.php:18