ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
class.ilLDAPAttributeToUser.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
34 class ilLDAPAttributeToUser
35 {
36  const MODE_INITIALIZE_ROLES = 1;
37 
38  private $modes = [];
39 
40 
41  private $server_settings = null;
42  private $role_assignment = null;
43  private $db = null;
44 
45  private $user_data = array();
46  private $setting = null;
47  private $mapping = null;
48 
49  private $new_user_auth_mode = 'ldap';
50 
57  public function __construct(ilLDAPServer $a_server)
58  {
59  global $ilDB,$ilSetting,$lng,$ilLog;
60 
61  // Initialise language object
62  if (!is_object($lng)) {
63  include_once './Services/Language/classes/class.ilLanguage.php';
64  $lng = new ilLanguage('en');
65  }
66 
67  $this->log = $ilLog;
68 
69  $this->server_settings = $a_server;
70  $this->setting = $ilSetting;
71 
72  $this->initLDAPAttributeMapping();
73  }
74 
75  // begin-patch ldap_multiple
80  public function getServer()
81  {
82  return $this->server_settings;
83  }
84  // end-patch ldap_multiple
85 
93  public function setUserData($a_data)
94  {
95  $this->user_data = $a_data;
96  }
97 
103  public function setNewUserAuthMode($a_authmode)
104  {
105  $this->new_user_auth_mode = $a_authmode;
106  }
107 
111  public function getNewUserAuthMode()
112  {
113  return $this->new_user_auth_mode;
114  }
115 
120  public function addMode($a_mode)
121  {
122  if (is_array($this->modes) && !in_array($a_mode, $this->modes)) {
123  $this->modes[] = $a_mode;
124  }
125  }
126 
132  public function isModeActive($a_mode)
133  {
134  return is_array($this->modes) && in_array($a_mode, $this->modes);
135  }
136 
137 
144  public function refresh()
145  {
146  global $rbacadmin;
147 
148  $this->usersToXML();
149 
150  include_once './Services/User/classes/class.ilUserImportParser.php';
151  include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
152 
153  $importParser = new ilUserImportParser();
154  $importParser->setXMLContent($this->writer->xmlDumpMem(false));
155  $importParser->setRoleAssignment(ilLDAPRoleAssignmentRules::getAllPossibleRoles($this->getServer()->getServerId()));
156  $importParser->setFolderId(7);
157  $importParser->startParsing();
158  $debug = $importParser->getProtocol();
159  #var_dump("<pre>",$this->writer->xmlDumpMem(),"</pre>");
160  #print_r($this->writer->xmlDumpMem($format));
161 
162  return true;
163  }
164 
171  protected function parseRoleAssignmentsForUpdate($a_usr_id, $a_external_account, $user)
172  {
173  $rules = $this->mapping->getRulesForUpdate();
174 
175  include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
176  foreach (ilLDAPRoleAssignmentRules::getAssignmentsForUpdate(
177  $this->getServer()->getServerId(),
178  $a_usr_id,
179  $a_external_account,
180  $user
181  ) as $role_data) {
182  $this->writer->xmlElement(
183  'Role',
184  array('Id' => $role_data['id'],
185  'Type' => $role_data['type'],
186  'Action' => $role_data['action']),
187  ''
188  );
189  }
190  }
191 
197  protected function parseRoleAssignmentsForCreation($a_external_account, $a_user)
198  {
199  include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
200  foreach (ilLDAPRoleAssignmentRules::getAssignmentsForCreation(
201  $this->getServer()->getServerId(),
202  $a_external_account,
203  $a_user
204  ) as $role_data) {
205  $this->writer->xmlElement(
206  'Role',
207  array('Id' => $role_data['id'],
208  'Type' => $role_data['type'],
209  'Action' => $role_data['action']),
210  ''
211  );
212  }
213  }
214 
221  private function usersToXML()
222  {
223  include_once('./Services/Xml/classes/class.ilXmlWriter.php');
224  $this->writer = new ilXmlWriter();
225  $this->writer->xmlStartTag('Users');
226 
227  $cnt_update = 0;
228  $cnt_create = 0;
229 
230  // Single users
231  foreach ($this->user_data as $external_account => $user) {
232  $user['ilExternalAccount'] = $external_account;
233 
234  // Required fields
235  if ($user['ilInternalAccount']) {
236  $usr_id = ilObjUser::_lookupId($user['ilInternalAccount']);
237 
238  ++$cnt_update;
239  // User exists
240  $this->writer->xmlStartTag('User', array('Id' => $usr_id,'Action' => 'Update'));
241  $this->writer->xmlElement('Login', array(), $user['ilInternalAccount']);
242  $this->writer->xmlElement('ExternalAccount', array(), $external_account);
243  $this->writer->xmlElement('AuthMode', array('type' => $this->getNewUserAuthMode()), null);
244 
245  if ($this->isModeActive(self::MODE_INITIALIZE_ROLES)) {
246  $this->parseRoleAssignmentsForCreation($external_account, $user);
247  } else {
248  $this->parseRoleAssignmentsForUpdate($usr_id, $external_account, $user);
249  }
250  $rules = $this->mapping->getRulesForUpdate();
251  } else {
252  ++$cnt_create;
253  // Create user
254  $this->writer->xmlStartTag('User', array('Action' => 'Insert'));
255  $this->writer->xmlElement('Login', array(), ilAuthUtils::_generateLogin($external_account));
256 
257  $this->parseRoleAssignmentsForCreation($external_account, $user);
258  $rules = $this->mapping->getRules();
259  }
260 
261  $this->writer->xmlElement('Active', array(), "true");
262  $this->writer->xmlElement('TimeLimitOwner', array(), 7);
263  $this->writer->xmlElement('TimeLimitUnlimited', array(), 1);
264  $this->writer->xmlElement('TimeLimitFrom', array(), time());
265  $this->writer->xmlElement('TimeLimitUntil', array(), time());
266 
267  // only for new users.
268  // If auth_mode is 'default' (ldap) this status should remain.
269  if (!$user['ilInternalAccount']) {
270  $this->writer->xmlElement(
271  'AuthMode',
272  array('type' => $this->getNewUserAuthMode()),
273  $this->getNewUserAuthMode()
274  );
275  $this->writer->xmlElement('ExternalAccount', array(), $external_account);
276  }
277  foreach ($rules as $field => $data) {
278  // Do Mapping: it is possible to assign multiple ldap attribute to one user data field
279  if (!($value = $this->doMapping($user, $data))) {
280  continue;
281  }
282 
283  switch ($field) {
284  case 'gender':
285  switch (strtolower($value)) {
286  case 'n':
287  case 'neutral':
288  $this->writer->xmlElement('Gender', array(), 'n');
289  break;
290 
291  case 'm':
292  case 'male':
293  $this->writer->xmlElement('Gender', array(), 'm');
294  break;
295 
296  case 'f':
297  case 'female':
298  default:
299  $this->writer->xmlElement('Gender', array(), 'f');
300  break;
301 
302  }
303  break;
304 
305  case 'firstname':
306  $this->writer->xmlElement('Firstname', array(), $value);
307  break;
308 
309  case 'lastname':
310  $this->writer->xmlElement('Lastname', array(), $value);
311  break;
312 
313  case 'hobby':
314  $this->writer->xmlElement('Hobby', array(), $value);
315  break;
316 
317  case 'title':
318  $this->writer->xmlElement('Title', array(), $value);
319  break;
320 
321  case 'institution':
322  $this->writer->xmlElement('Institution', array(), $value);
323  break;
324 
325  case 'department':
326  $this->writer->xmlElement('Department', array(), $value);
327  break;
328 
329  case 'street':
330  $this->writer->xmlElement('Street', array(), $value);
331  break;
332 
333  case 'city':
334  $this->writer->xmlElement('City', array(), $value);
335  break;
336 
337  case 'zipcode':
338  $this->writer->xmlElement('PostalCode', array(), $value);
339  break;
340 
341  case 'country':
342  $this->writer->xmlElement('Country', array(), $value);
343  break;
344 
345  case 'phone_office':
346  $this->writer->xmlElement('PhoneOffice', array(), $value);
347  break;
348 
349  case 'phone_home':
350  $this->writer->xmlElement('PhoneHome', array(), $value);
351  break;
352 
353  case 'phone_mobile':
354  $this->writer->xmlElement('PhoneMobile', array(), $value);
355  break;
356 
357  case 'fax':
358  $this->writer->xmlElement('Fax', array(), $value);
359  break;
360 
361  case 'email':
362  $this->writer->xmlElement('Email', array(), $value);
363  break;
364 
365  case 'matriculation':
366  $this->writer->xmlElement('Matriculation', array(), $value);
367  break;
368 
369  /*
370  case 'photo':
371  $this->writer->xmlElement('PersonalPicture',array('encoding' => 'Base64','imagetype' => 'image/jpeg'),
372  base64_encode($this->convertInput($user[$value])));
373  break;
374  */
375  default:
376  // Handle user defined fields
377  if (substr($field, 0, 4) != 'udf_') {
378  continue;
379  }
380  $id_data = explode('_', $field);
381  if (!isset($id_data[1])) {
382  continue;
383  }
384  $this->initUserDefinedFields();
385  $definition = $this->udf->getDefinition($id_data[1]);
386  $this->writer->xmlElement(
387  'UserDefinedField',
388  array('Id' => $definition['il_id'],
389  'Name' => $definition['field_name']),
390  $value
391  );
392  break;
393 
394 
395  }
396  }
397  $this->writer->xmlEndTag('User');
398  }
399 
400  if ($cnt_create) {
401  $this->log->write('LDAP: Started creation of ' . $cnt_create . ' users.');
402  }
403  if ($cnt_update) {
404  $this->log->write('LDAP: Started update of ' . $cnt_update . ' users.');
405  }
406  $this->writer->xmlEndTag('Users');
407  }
408 
417  private function convertInput($a_value)
418  {
419  if (is_array($a_value)) {
420  return $a_value[0];
421  } else {
422  return $a_value;
423  }
424  }
425 
432  private function doMapping($user, $rule)
433  {
434  $mapping = trim(strtolower($rule['value']));
435 
436  if (strpos($mapping, ',') === false) {
437  return $this->convertInput($user[$mapping]);
438  }
439  // Is multiple mapping
440 
441  $fields = explode(',', $mapping);
442  $value = '';
443  foreach ($fields as $field) {
444  if (strlen($value)) {
445  $value .= ' ';
446  }
447  $value .= ($this->convertInput($user[trim($field)]));
448  }
449  return $value ? $value : '';
450  }
451 
452 
453 
454  private function initLDAPAttributeMapping()
455  {
456  include_once('Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
457  $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->server_settings->getServerId());
458  }
459 
460  private function initUserDefinedFields()
461  {
462  include_once('Services/User/classes/class.ilUserDefinedFields.php');
463  $this->udf = ilUserDefinedFields::_getInstance();
464  }
465 }
ilLDAPRoleAssignmentRules\getAssignmentsForCreation
static getAssignmentsForCreation($a_server_id, $a_usr_name, $a_usr_data)
Definition: class.ilLDAPRoleAssignmentRules.php:169
ilUserDefinedFields\_getInstance
static _getInstance()
Get instance.
Definition: class.ilUserDefinedFields.php:46
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId($a_server_id)
Get instance of class.
Definition: class.ilLDAPAttributeMapping.php:65
ilLDAPAttributeToUser\doMapping
doMapping($user, $rule)
doMapping
Definition: class.ilLDAPAttributeToUser.php:432
ilAuthUtils\_generateLogin
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:415
ilXmlWriter
XML writer class.
Definition: class.ilXmlWriter.php:17
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:784
ilLDAPRoleAssignmentRules\getAssignmentsForUpdate
static getAssignmentsForUpdate($a_server_id, $a_usr_id, $a_usr_name, $a_usr_data)
type $ilDB type $rbacadmin type $rbacreview type $ilSetting type $ilLog
Definition: class.ilLDAPRoleAssignmentRules.php:114
ilLDAPAttributeToUser\setUserData
setUserData($a_data)
Set user data received from pear auth or by ldap_search.
Definition: class.ilLDAPAttributeToUser.php:93
ilLDAPAttributeToUser\isModeActive
isModeActive($a_mode)
Check if mode is active.
Definition: class.ilLDAPAttributeToUser.php:132
ilLDAPAttributeToUser\convertInput
convertInput($a_value)
A value can be an array or a string This function converts arrays to strings.
Definition: class.ilLDAPAttributeToUser.php:417
$rule
$rule
Definition: showstats.php:43
ilLDAPAttributeToUser\__construct
__construct(ilLDAPServer $a_server)
Construct of ilLDAPAttribute2XML Defines between LDAP and ILIAS user attributes.
Definition: class.ilLDAPAttributeToUser.php:57
ilLDAPAttributeToUser\parseRoleAssignmentsForCreation
parseRoleAssignmentsForCreation($a_external_account, $a_user)
Parse role assignments for update of user account.
Definition: class.ilLDAPAttributeToUser.php:197
$ilLog
$ilLog
Definition: inc.setup_header.php:129
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilLDAPAttributeToUser\refresh
refresh()
Create/Update non existing users.
Definition: class.ilLDAPAttributeToUser.php:144
ilLDAPAttributeToUser\parseRoleAssignmentsForUpdate
parseRoleAssignmentsForUpdate($a_usr_id, $a_external_account, $user)
Parse role assignments for update of user account.
Definition: class.ilLDAPAttributeToUser.php:171
$debug
$debug
Definition: loganalyzer.php:16
ilLDAPAttributeToUser\getNewUserAuthMode
getNewUserAuthMode()
Get auth mode for new users.
Definition: class.ilLDAPAttributeToUser.php:111
ilLDAPRoleAssignmentRules\getAllPossibleRoles
static getAllPossibleRoles($a_server_id)
Get all assignable roles (used for import parser)
Definition: class.ilLDAPRoleAssignmentRules.php:60
ilLDAPAttributeToUser\setNewUserAuthMode
setNewUserAuthMode($a_authmode)
Set auth mode for new users.
Definition: class.ilLDAPAttributeToUser.php:103
$ilSetting
global $ilSetting
Definition: privfeed.php:17
$lng
global $lng
Definition: privfeed.php:17
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilLanguage
language handling
Definition: class.ilLanguage.php:26
ilLDAPAttributeToUser
Update/create ILIAS user account by given LDAP attributes according to user attribute mapping setting...
Definition: class.ilLDAPAttributeToUser.php:34
time
Add data(end) time
Method that wraps PHPs time in order to allow simulations with the workflow.
Definition: 40duplicateStyle.php:39
ilLDAPAttributeToUser\getServer
getServer()
Get server settings.
Definition: class.ilLDAPAttributeToUser.php:80
ilLDAPAttributeToUser\addMode
addMode($a_mode)
Add import mode.
Definition: class.ilLDAPAttributeToUser.php:120
ilLDAPAttributeToUser\usersToXML
usersToXML()
Create xml string of user according to mapping rules.
Definition: class.ilLDAPAttributeToUser.php:221