d4/d11/class_8ilShibbolethRoleAssignmentRules_8php_source.html

 <?php
 /*
         +-----------------------------------------------------------------------------+
         | ILIAS open source                                                           |
         +-----------------------------------------------------------------------------+
         | Copyright (c) 1998-2006 ILIAS open source, University of Cologne            |
         |                                                                             |
         | This program is free software; you can redistribute it and/or               |
         | modify it under the terms of the GNU General Public License                 |
         | as published by the Free Software Foundation; either version 2              |
         | of the License, or (at your option) any later version.                      |
         |                                                                             |
         | This program is distributed in the hope that it will be useful,             |
         | but WITHOUT ANY WARRANTY; without even the implied warranty of              |
         | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               |
         | GNU General Public License for more details.                                |
         |                                                                             |
         | You should have received a copy of the GNU General Public License           |
         | along with this program; if not, write to the Free Software                 |
         | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA. |
         +-----------------------------------------------------------------------------+
 */

 include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php';

 class ilShibbolethRoleAssignmentRules {

         protected static $active_plugins = NULL;


         public static function getAllRules() {
                 global $DIC;
                 $ilDB = $DIC['ilDB'];
                 $rules = array();
                 $query = "SELECT rule_id FROM shib_role_assignment ORDER BY rule_id";
                 $res = $ilDB->query($query);
                 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
                         $rules[$row->rule_id] = new ilShibbolethRoleAssignmentRule($row->rule_id);
                 }

                 return $rules;
         }


         public static function getCountRules() {
                 global $DIC;
                 $ilDB = $DIC['ilDB'];
                 $query = "SELECT COUNT(*) num FROM shib_role_assignment ";
                 $res = $ilDB->query($query);
                 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
                         return $row->num;
                 }

                 return 0;
         }


         public static function updateAssignments($a_usr_id, $a_data) {
                 require_once('./Services/AuthShibboleth/classes/Config/class.shibConfig.php');

                 global $DIC;
                 $ilDB = $DIC['ilDB'];
                 $rbacadmin = $DIC['rbacadmin'];
                 $rbacreview = $DIC['rbacreview'];
                 $ilLog = $DIC['ilLog'];
                 $query = "SELECT rule_id,add_on_update,remove_on_update FROM shib_role_assignment " . "WHERE add_on_update = 1 OR remove_on_update = 1";
                 $res = $ilDB->query($query);
                 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
                         $rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
                         //                      $matches = $rule->matches($a_data);
                         if ($rule->doesMatch($a_data) and $row->add_on_update) {
                                 $ilLog->write(__METHOD__ . ': Assigned to role ' . ilObject::_lookupTitle($rule->getRoleId()));
                                 $rbacadmin->assignUser($rule->getRoleId(), $a_usr_id);
                         }
                         if (! $rule->doesMatch($a_data) and $row->remove_on_update) {
                                 $ilLog->write(__METHOD__ . ': Deassigned from role ' . ilObject::_lookupTitle($rule->getRoleId()));
                                 $rbacadmin->deassignUser($rule->getRoleId(), $a_usr_id);
                         }
                 }
                 // check if is assigned to minimum one global role
                 if (! array_intersect($rbacreview->assignedRoles($a_usr_id), $rbacreview->getGlobalRoles())) {
                         $default_role = shibConfig::getInstance()->getUserDefaultRole();
                         $ilLog->write(__METHOD__ . ': Assigned to default role ' . ilObject::_lookupTitle($default_role));
                         $rbacadmin->assignUser($default_role, $a_usr_id);
                 }

                 return true;
         }


         public static function doAssignments($a_usr_id, $a_data) {
                 global $DIC;
                 $ilDB = $DIC['ilDB'];
                 $rbacadmin = $DIC['rbacadmin'];
                 $ilLog = $DIC['ilLog'];
                 $query = "SELECT rule_id,add_on_update FROM shib_role_assignment WHERE add_on_update = 1";
                 $num_matches = 0;
                 $res = $ilDB->query($query);
                 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
                         $rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
                         if ($rule->doesMatch($a_data)) {
                                 $num_matches ++;
                                 $ilLog->write(__METHOD__ . ': Assigned to role ' . ilObject::_lookupTitle($rule->getRoleId()));
                                 $rbacadmin->assignUser($rule->getRoleId(), $a_usr_id);
                         }
                 }
                 // Assign to default if no matching found
                 if (! $num_matches) {
                         $default_role = shibConfig::getInstance()->getUserDefaultRole();
                         $ilLog->write(__METHOD__ . ': Assigned to default role ' . ilObject::_lookupTitle($default_role));
                         $rbacadmin->assignUser($default_role, $a_usr_id);
                 }

                 return true;
         }


         public static function callPlugin($a_plugin_id, $a_user_data) {
                 global $DIC;
                 $ilPluginAdmin = $DIC['ilPluginAdmin'];
                 if (self::$active_plugins == NULL) {
                         self::$active_plugins = $ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, 'AuthShibboleth', 'shibhk');
                 }
                 $assigned = false;
                 foreach (self::$active_plugins as $plugin_name) {
                         $ok = false;
                         $plugin_obj = $ilPluginAdmin->getPluginObject(IL_COMP_SERVICE, 'AuthShibboleth', 'shibhk', $plugin_name);
                         if ($plugin_obj instanceof ilShibbolethRoleAssignmentPlugin) {
                                 $ok = $plugin_obj->checkRoleAssignment($a_plugin_id, $a_user_data);
                         }
                         if ($ok) {
                                 $assigned = true;
                         }
                 }

                 return $assigned;
         }
 }

 ?>
ilShibbolethRoleAssignmentRules\getCountRules
static getCountRules()
Definition: class.ilShibbolethRoleAssignmentRules.php:61

$res
$res
Definition: examplelayouts.sql.php:25

ilShibbolethRoleAssignmentRules\callPlugin
static callPlugin($a_plugin_id, $a_user_data)
Definition: class.ilShibbolethRoleAssignmentRules.php:152

$query
$query
Definition: examplelayouts.sql.php:24

ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:924

ilShibbolethRoleAssignmentRules
Shibboleth role assignment rules.
Definition: class.ilShibbolethRoleAssignmentRules.php:36

shibConfig\getInstance
static getInstance()
Definition: class.shibConfig.php:202

ilShibbolethRoleAssignmentPlugin
Interface for shibboleth role assignment plugins.
Definition: interface.ilShibbolethRoleAssignmentPlugin.php:33

ilShibbolethRoleAssignmentRules\doAssignments
static doAssignments($a_usr_id, $a_data)
Definition: class.ilShibbolethRoleAssignmentRules.php:119

$ok
$ok
Definition: UtfNormalTest.php:78

$ilLog
$ilLog
Definition: inc.setup_header.php:130

array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19

$ilDB
global $ilDB
Definition: storeScorm2004.php:16

ilShibbolethRoleAssignmentRules\$active_plugins
static $active_plugins
Definition: class.ilShibbolethRoleAssignmentRules.php:38

php

$DIC
global $DIC
Definition: imagemanager.php:32

and

ilDBConstants\FETCHMODE_OBJECT
const FETCHMODE_OBJECT
Definition: class.ilDBConstants.php:13

$row
$row
Definition: 10autofilter-selection-1.php:74

ilShibbolethRoleAssignmentRules\updateAssignments
static updateAssignments($a_usr_id, $a_data)
Definition: class.ilShibbolethRoleAssignmentRules.php:80

ilShibbolethRoleAssignmentRule
Shibboleth role assignment rule.
Definition: class.ilShibbolethRoleAssignmentRule.php:35

IL_COMP_SERVICE
const IL_COMP_SERVICE
Definition: class.ilComponent.php:6