ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
class.ilAuthShibbolethSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
13 class ilAuthShibbolethSettingsGUI
14 {
15 
19  private $dic;
23  private $ctrl;
27  private $ilias;
31  private $tabs_gui;
35  private $lng;
39  private $tpl;
43  private $ref_id;
44 
45 
52  public function __construct($a_auth_ref_id)
53  {
54  global $DIC;
55  $this->dic = $DIC;
56  $lng = $this->dic['lng'];
57  $ilCtrl = $this->dic['ilCtrl'];
58  $tpl = $this->dic['tpl'];
59  $ilTabs = $this->dic['ilTabs'];
60  $ilias = $this->dic['ilias'];
61  $this->ctrl = $ilCtrl;
62  $this->tabs_gui = $ilTabs;
63  $this->lng = $lng;
64  $this->lng->loadLanguageModule('shib');
65  $this->ilias = $ilias;
66  $this->tpl = $tpl;
67  $this->ref_id = $a_auth_ref_id;
68  $this->obj_id = ilObject::_lookupObjId($this->ref_id);
69  }
70 
71 
77  public function executeCommand()
78  {
79  global $DIC;
80  $rbacsystem = $DIC->rbac();
81  $ilErr = $DIC['ilErr'];
82  $ilCtrl = $DIC['ilCtrl'];
83  $next_class = $this->ctrl->getNextClass($this);
84  $cmd = $this->ctrl->getCmd();
85  if (!$rbacsystem->system()->checkAccess("visible,read", $this->ref_id)) {
86  $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
87  $ilCtrl->redirect($this, "settings");
88  }
89 
90  $this->setSubTabs();
91  switch ($next_class) {
92  default:
93  if (!$cmd) {
94  $cmd = "settings";
95  }
96  $this->$cmd();
97  break;
98  }
99 
100  return true;
101  }
102 
103 
104  public function settings()
105  {
106  global $DIC;
107  $rbacreview = $DIC['rbacreview'];
108  $this->tabs_gui->setSubTabActive('shib_settings');
109  // set already saved data or default value for port
110  $settings = $this->ilias->getAllSettings();
111  // Compose role list
112  $role_list = $rbacreview->getRolesByFilter(2);
113  $role = array();
114  if (!isset($settings["shib_user_default_role"])) {
115  $settings["shib_user_default_role"] = 4;
116  }
117  if (!isset($settings["shib_idp_list"]) || $settings["shib_idp_list"] == '') {
118  $settings["shib_idp_list"] = "urn:mace:organization1:providerID, Example Organization 1\nurn:mace:organization2:providerID, Example Organization 2, /Shibboleth.sso/WAYF/SWITCHaai";
119  }
120  if (!isset($settings["shib_login_button"]) || $settings["shib_login_button"] == '') {
121  $settings["shib_login_button"] = "templates/default/images/shib_login_button.png";
122  }
123  if (!isset($settings["shib_hos_type"]) || $settings["shib_hos_type"] == '') {
124  $settings["shib_hos_type"] = 'internal_wayf';
125  }
126  foreach ($role_list as $data) {
127  $role[$data["obj_id"]] = $data["title"];
128  }
129  // Set text field content
130  $shib_settings = array(
131  'shib_login',
132  'shib_title',
133  'shib_firstname',
134  'shib_lastname',
135  'shib_email',
136  'shib_gender',
137  'shib_institution',
138  'shib_department',
139  'shib_zipcode',
140  'shib_city',
141  'shib_country',
142  'shib_street',
143  'shib_phone_office',
144  'shib_phone_home',
145  'shib_phone_mobile',
146  'shib_language',
147  'shib_matriculation',
148  );
149  //set PropertyFormGUI
150  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
151  $propertys = new ilPropertyFormGUI();
152  $propertys->setTitle($this->lng->txt("shib"));
153  $propertys->setFormAction($this->ctrl->getFormAction($this, "save"));
154  if ($this->dic->rbac()->system()->checkAccess('write', $this->ref_id)) {
155  $propertys->addCommandButton("save", $this->lng->txt("save"));
156  $propertys->addCommandButton("settings", $this->lng->txt("cancel"));
157  }
158  //set enable shibboleth support
159  $enable = new ilCheckboxInputGUI();
160  $enable->setTitle($this->lng->txt("shib_active"));
161  $read_me_link = "./Services/AuthShibboleth/README.SHIBBOLETH.txt";
162  $info = "<a href='" . $read_me_link . "' target='_blank'>" . $this->lng->txt("auth_shib_instructions") . "</a>";
163  $enable->setInfo($info);
164  $enable->setPostVar("shib[active]");
165  $enable->setChecked($settings["shib_active"]);
166  //set allow local authentication
167  $local = new ilCheckboxInputGUI();
168  $local->setTitle($this->lng->txt("auth_allow_local"));
169  $local->setPostVar("shib[auth_allow_local]");
170  $local->setChecked($settings['shib_auth_allow_local']);
171  //set user default role
172  $defaultrole = new ilSelectInputGUI();
173  $defaultrole->setTitle($this->lng->txt("shib_user_default_role"));
174  $defaultrole->setPostVar("shib[user_default_role]");
175  $defaultrole->setOptions($role);
176  $defaultrole->setRequired(true);
177  $defaultrole->setValue($settings["shib_user_default_role"]);
178  // Administrator must activate new user accounts
179  $activate_new = new ilCheckboxInputGUI($this->lng->txt("shib_activate_new"), "shib[activate_new]");
180  $activate_new->setInfo($this->lng->txt("shib_activate_new_info"));
181  $activate_new->setChecked($settings["shib_activate_new"]);
182  //set name of federation
183  $name = new ilTextInputGUI();
184  $name->setTitle($this->lng->txt("shib_federation_name"));
185  $name->setPostVar("shib[federation_name]");
186  $name->setSize(40);
187  $name->setMaxLength(50);
188  $name->setRequired(true);
189  $name->setValue(stripslashes($settings["shib_federation_name"]));
190  //set Organize selection group
191  include_once("./Services/Form/classes/class.ilRadioGroupInputGUI.php");
192  include_once("./Services/Form/classes/class.ilRadioOption.php");
193  $organize = new ilRadioGroupInputGUI();
194  $organize->setTitle($this->lng->txt("shib_login_type"));
195  $organize->setPostVar("shib[hos_type]");
196  $organize->setRequired(true);
197  $organize->setValue($settings["shib_hos_type"]);
198  //set 1. option internalwayf
199  $internalwayf = new ilRadioOption();
200  $internalwayf->setTitle($this->lng->txt("shib_login_internal_wayf"));
201  $internalwayf->setValue("internal_wayf");
202  //set 1. option internalwayf textbox idplist
203  $idplist = new ilTextAreaInputGUI();
204  $idplist->setInfo($this->lng->txt("shib_idp_list"));
205  $idplist->setPostVar("shib[idp_list]");
206  $idplist->setRows(3);
207  $idplist->setCols(50);
208  $idplist->setValue($settings["shib_idp_list"]);
209  //set 2. Option externalwayf
210  $externalwayf = new ilRadioOption();
211  $externalwayf->setTitle($this->lng->txt("shib_login_external_wayf"));
212  $externalwayf->setValue("external_wayf");
213  //set 2. Option externalwayf textfield path to login button image
214  $loginbutton = new ilTextInputGUI();
215  $loginbutton->setInfo($this->lng->txt("shib_login_button"));
216  $loginbutton->setPostVar("shib[login_button]");
217  $loginbutton->setSize(50);
218  $loginbutton->setMaxLength(255);
219  $loginbutton->setValue($settings["shib_login_button"]);
220  //set 3. Option embeddedwayf
221  $embeddedwayf = new ilRadioOption();
222  $embeddedwayf->setTitle($this->lng->txt("shib_login_embedded_wayf"));
223  $embeddedwayf->setInfo($this->lng->txt("shib_login_embedded_wayf_description"));
224  $embeddedwayf->setValue("embedded_wayf");
225  //set login instructions
226  $logininstruction = new ilTextAreaInputGUI();
227  $logininstruction->setTitle($this->lng->txt("auth_login_instructions"));
228  $logininstruction->setPostVar("shib[login_instructions]");
229  $logininstruction->setRows(3);
230  $logininstruction->setCols(50);
231  $logininstruction->setValue(stripslashes($settings["shib_login_instructions"]));
232  //set path to data manipulation API
233  $dataconv = new ilTextInputGUI();
234  $dataconv->setTitle($this->lng->txt("shib_data_conv"));
235  $dataconv->setPostVar("shib[data_conv]");
236  $dataconv->setSize(80);
237  $dataconv->setMaxLength(512);
238  $dataconv->setValue($settings["shib_data_conv"]);
239  //field mappings
240  $fields = array();
241  foreach ($shib_settings as $setting) {
242  $field = str_replace('shib_', '', $setting);
243  $textinput = new ilTextInputGUI();
244  $textinput->setTitle($this->lng->txt($setting));
245  $textinput->setPostVar("shib[" . $field . "]");
246  $textinput->setValue($settings[$setting]);
247  $textinput->setSize(40);
248  $textinput->setMaxLength(50);
249  $checkinput = new ilCheckboxInputGUI("");
250  $checkinput->setOptionTitle($this->lng->txt("shib_update"));
251  $checkinput->setPostVar("shib[update_" . $field . "]");
252  $checkinput->setChecked($settings["shib_update_" . $field]);
253  if ($setting == 'shib_login' || $setting == 'shib_firstname'
254  || $setting == 'shib_lastname'
255  || $setting == 'shib_email'
256  ) {
257  $textinput->setRequired(true);
258  }
259  $fields[$setting] = array( "text" => $textinput, "check" => $checkinput );
260  }
261  $propertys->addItem($enable);
262  $propertys->addItem($local);
263  $propertys->addItem($activate_new);
264  $propertys->addItem($defaultrole);
265  $propertys->addItem($name);
266  $internalwayf->addSubItem($idplist);
267  $organize->addOption($internalwayf);
268  $externalwayf->addSubItem($loginbutton);
269  $organize->addOption($externalwayf);
270  $organize->addOption($embeddedwayf);
271  $propertys->addItem($organize);
272  $propertys->addItem($logininstruction);
273  $propertys->addItem($dataconv);
274  foreach ($shib_settings as $setting) {
275  $propertys->addItem($fields[$setting]["text"]);
276  if ($setting != "shib_login") {
277  $propertys->addItem($fields[$setting]["check"]);
278  }
279  }
280  $this->tpl->setContent($propertys->getHTML());
281  }
282 
283 
284  public function save()
285  {
286  $required = array("login", "hos_type", "firstname", "lastname", "email", "user_default_role", "federation_name");
287  array_walk($required, function (&$item) {
288  if (!$_POST["shib"][$item]) {
289  ilUtil::sendFailure($this->lng->txt("fill_out_all_required_fields"), true);
290  $this->ctrl->redirect($this, 'settings');
291  }
292  });
293 
294  // validate api
295  if ($_POST["shib"]["data_conv"] && $_POST["shib"]["data_conv"] != '' && !is_readable($_POST["shib"]["data_conv"])) {
296  ilUtil::sendFailure($this->lng->txt("shib_data_conv_warning"), true);
297  $this->ctrl->redirect($this, 'settings');
298  }
299  // all ok. save settings
300  $shib_settings = array(
301  'shib_login',
302  'shib_title',
303  'shib_firstname',
304  'shib_lastname',
305  'shib_email',
306  'shib_gender',
307  'shib_institution',
308  'shib_department',
309  'shib_zipcode',
310  'shib_city',
311  'shib_country',
312  'shib_street',
313  'shib_phone_office',
314  'shib_phone_home',
315  'shib_phone_mobile',
316  'shib_language',
317  'shib_matriculation'
318  );
319  foreach ($shib_settings as $setting) {
320  $field = str_replace('shib_', '', $setting);
321  if ($_POST["shib"]["update_" . $field] != "1") {
322  $_POST["shib"]["update_" . $field] = "0";
323  }
324  $this->ilias->setSetting($setting, trim($_POST["shib"][$field]));
325  $this->ilias->setSetting("shib_update_" . $field, $_POST["shib"]["update_" . $field]);
326  }
327  if ($_POST["shib"]["active"] != "1") {
328  $this->ilias->setSetting("shib_active", "0");
329  $this->ilias->setSetting("shibboleth_active", "0");
330  } else {
331  $this->ilias->setSetting("shib_active", "1");
332  $this->ilias->setSetting("shibboleth_active", "1");
333  }
334  $this->ilias->setSetting("shib_user_default_role", $_POST["shib"]["user_default_role"]);
335  $this->ilias->setSetting("shib_hos_type", $_POST["shib"]["hos_type"]);
336  $this->ilias->setSetting("shib_federation_name", $_POST["shib"]["federation_name"]);
337  $this->ilias->setSetting("shib_idp_list", $_POST["shib"]["idp_list"]);
338  $this->ilias->setSetting("shib_login_instructions", $_POST["shib"]["login_instructions"]);
339  $this->ilias->setSetting("shib_login_button", $_POST["shib"]["login_button"]);
340  $this->ilias->setSetting("shib_data_conv", $_POST["shib"]["data_conv"]);
341  $this->ilias->setSetting("shib_auth_allow_local", ($_POST['shib']['auth_allow_local'] == '1') ? '1' : '0');
342  $this->ilias->setSetting("shib_activate_new", ($_POST['shib']['activate_new'] == '1') ? '1' : '0');
343 
344  ilUtil::sendSuccess($this->lng->txt("shib_settings_saved"), true);
345  $this->ctrl->redirect($this, 'settings');
346  }
347 
348 
349  protected function roleAssignment()
350  {
351  $this->tabs_gui->setSubTabActive('shib_role_assignment');
352  $this->initFormRoleAssignment('default');
353  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
354  $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
355  if (strlen($html = $this->parseRulesTable())) {
356  $this->tpl->setVariable('RULE_TABLE', $html);
357  }
358 
359  return true;
360  }
361 
362 
363  protected function parseRulesTable()
364  {
365  include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php');
366  if (ilShibbolethRoleAssignmentRules::getCountRules() == 0) {
367  return '';
368  }
369  include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentTableGUI.php');
370  $rules_table = new ilShibbolethRoleAssignmentTableGUI($this, 'roleAssignment');
371  $rules_table->setTitle($this->lng->txt('shib_rules_tables'));
372  $rules_table->parse(ilShibbolethRoleAssignmentRules::getAllRules());
373  $rules_table->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
374  $rules_table->setSelectAllCheckbox("rule_id");
375 
376  return $rules_table->getHTML();
377  }
378 
379 
388  protected function confirmDeleteRules()
389  {
390  if (!is_array($_POST['rule_ids'])) {
391  ilUtil::sendFailure($this->lng->txt('select_one'));
392  $this->roleAssignment();
393 
394  return false;
395  }
396  $this->tabs_gui->setSubTabActive('shib_role_assignment');
397  include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
398  $c_gui = new ilConfirmationGUI();
399  // set confirm/cancel commands
400  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules"));
401  $c_gui->setHeaderText($this->lng->txt("shib_confirm_del_role_ass"));
402  $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignment");
403  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules");
404  // add items to delete
405  include_once('Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
406  foreach ($_POST["rule_ids"] as $rule_id) {
407  $rule = new ilShibbolethRoleAssignmentRule($rule_id);
408  $info = ilObject::_lookupTitle($rule->getRoleId());
409  $info .= " (";
410  $info .= $rule->conditionToString();
411  $info .= ')';
412  $c_gui->addItem('rule_ids[]', $rule_id, $info);
413  }
414  $this->tpl->setContent($c_gui->getHTML());
415  }
416 
417 
424  protected function deleteRules()
425  {
426  if (!is_array($_POST['rule_ids'])) {
427  ilUtil::sendFailure($this->lng->txt('select_once'));
428  $this->roleAssignment();
429 
430  return false;
431  }
432  include_once('Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
433  foreach ($_POST["rule_ids"] as $rule_id) {
434  $rule = new ilShibbolethRoleAssignmentRule($rule_id);
435  $rule->delete();
436  }
437  ilUtil::sendSuccess($this->lng->txt('shib_deleted_rule'));
438  $this->roleAssignment();
439 
440  return true;
441  }
442 
443 
444  protected function initFormRoleAssignment($a_mode = 'default')
445  {
446  include_once('./Services/Form/classes/class.ilPropertyFormGUI.php');
447  $this->form = new ilPropertyFormGUI();
448  $this->form->setFormAction($this->ctrl->getFormAction($this, 'cancel'));
449  $this->form->setTitle($this->lng->txt('shib_role_ass_table'));
450  if ($a_mode == 'default') {
451  $this->form->setTitle($this->lng->txt('shib_role_ass_table'));
452  $this->form->addCommandButton('addRoleAssignmentRule', $this->lng->txt('shib_new_rule'));
453  $this->form->addCommandButton('settings', $this->lng->txt('cancel'));
454  } else {
455  $this->form->setTitle($this->lng->txt('shib_update_role_ass_table'));
456  $this->form->addCommandButton('updateRoleAssignmentRule', $this->lng->txt('save'));
457  $this->form->addCommandButton('roleAssignment', $this->lng->txt('cancel'));
458  }
459  // Role selection
460  $role = new ilRadioGroupInputGUI($this->lng->txt('shib_role_name'), 'role_name');
461  $role->setRequired(true);
462  $global = new ilRadioOption($this->lng->txt('shib_global_role'), 0);
463  $role->addOption($global);
464  $role_select = new ilSelectInputGUI('', 'role_id');
465  $role_select->setOptions($this->prepareRoleSelect());
466  $global->addSubItem($role_select);
467  $local = new ilRadioOption($this->lng->txt('shib_local_role'), 1);
468  $role->addOption($local);
469  include_once './Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php';
470  $role_search = new ilRoleAutoCompleteInputGUI('', 'role_search', $this, 'addRoleAutoCompleteObject');
471  $role_search->setSize(40);
472  $local->addSubItem($role_search);
473  include_once './Services/AccessControl/classes/class.ilRoleAutoComplete.php';
474  $role->setInfo($this->lng->txt('shib_role_name_info'));
475  $this->form->addItem($role);
476  // Update options
477  $update = new ilNonEditableValueGUI($this->lng->txt('shib_update_roles'), 'update_roles');
478  $update->setValue($this->lng->txt('shib_check_role_assignment'));
479  $add = new ilCheckboxInputGUI('', 'add_missing');
480  $add->setOptionTitle($this->lng->txt('shib_add_missing'));
481  $add->setValue(1);
482  $update->addSubItem($add);
483  $remove = new ilCheckboxInputGUI('', 'remove_deprecated');
484  $remove->setOptionTitle($this->lng->txt('shib_remove_deprecated'));
485  $remove->setValue(1);
486  $update->addSubItem($remove);
487  $this->form->addItem($update);
488  // Assignment type
489  $kind = new ilRadioGroupInputGUI($this->lng->txt('shib_assignment_type'), 'kind');
490  $kind->setValue(1);
491  $kind->setRequired(true);
492  $attr = new ilRadioOption($this->lng->txt('shib_attribute'), 1);
493  $attr->setInfo($this->lng->txt('shib_attr_info'));
494  $name = new ilTextInputGUI($this->lng->txt('shib_attribute_name'), 'attr_name');
495  $name->setSize(32);
496  $attr->addSubItem($name);
497  $value = new ilTextInputGUI($this->lng->txt('shib_attribute_value'), 'attr_value');
498  $value->setSize(32);
499  $attr->addSubItem($value);
500  $kind->addOption($attr);
501  $pl_active = (bool) $this->hasActiveRoleAssignmentPlugins();
502  $pl = new ilRadioOption($this->lng->txt('shib_plugin'), 2);
503  $pl->setInfo($this->lng->txt('shib_plugin_info'));
504  $pl->setDisabled(!$pl_active);
505  $id = new ilNumberInputGUI($this->lng->txt('shib_plugin_id'), 'plugin_id');
506  $id->setDisabled(!$pl_active);
507  $id->setSize(3);
508  $id->setMaxLength(3);
509  $id->setMaxValue(999);
510  $id->setMinValue(1);
511  $pl->addSubItem($id);
512  $kind->addOption($pl);
513  $this->form->addItem($kind);
514  }
515 
516 
520  public function addRoleAutoCompleteObject()
521  {
522  include_once("./Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php");
523  ilRoleAutoCompleteInputGUI::echoAutoCompleteList();
524  }
525 
526 
527  protected function addRoleAssignmentRule()
528  {
529  global $DIC;
530  $ilAccess = $DIC['ilAccess'];
531  $ilErr = $DIC['ilErr'];
532  if (!$ilAccess->checkAccess('write', '', $this->ref_id)) {
533  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
534  $this->roleAssignment();
535 
536  return false;
537  }
538  $this->initFormRoleAssignment();
539  if (!$this->form->checkInput() or ($err = $this->checkInput())) {
540  if ($err) {
541  ilUtil::sendFailure($this->lng->txt($err));
542  }
543  $this->tabs_gui->setSubTabActive('shib_role_assignment');
544  $this->form->setValuesByPost();
545  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
546  $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
547  if (strlen($html = $this->parseRulesTable())) {
548  $this->tpl->setVariable('RULE_TABLE', $html);
549  }
550 
551  return true;
552  }
553  // Redirects if required
554  $this->showLocalRoleSelection();
555  $this->rule->add();
556  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
557  $this->roleAssignment();
558 
559  return true;
560  }
561 
562 
568  protected function editRoleAssignment()
569  {
570  $this->ctrl->setParameter($this, 'rule_id', (int) $_GET['rule_id']);
571  $this->tabs_gui->setSubTabActive('shib_role_assignment');
572  $this->initFormRoleAssignment('update');
573  $this->getRuleValues();
574  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
575  $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
576 
577  return true;
578  }
579 
580 
581  protected function updateRoleAssignmentRule()
582  {
583  global $DIC;
584  $ilAccess = $DIC['ilAccess'];
585  $ilErr = $DIC['ilErr'];
586  if (!$ilAccess->checkAccess('write', '', $this->ref_id)) {
587  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
588  $this->roleAssignment();
589 
590  return false;
591  }
592  $this->initFormRoleAssignment();
593  if (!$this->form->checkInput() or ($err = $this->checkInput((int) $_REQUEST['rule_id']))) {
594  if ($err) {
595  ilUtil::sendFailure($this->lng->txt($err));
596  }
597  $this->tabs_gui->setSubTabActive('shib_role_assignment');
598  $this->form->setValuesByPost();
599  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
600  $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
601 
602  return true;
603  }
604  $this->showLocalRoleSelection('update');
605  $this->rule->update();
606  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
607  $this->roleAssignment();
608 
609  return true;
610  }
611 
612 
613  private function loadRule($a_rule_id = 0)
614  {
615  include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
616  $this->rule = new ilShibbolethRoleAssignmentRule($a_rule_id);
617  if ($this->form->getInput('role_name') == 0) {
618  $this->rule->setRoleId($this->form->getInput('role_id'));
619  } elseif ($this->form->getInput('role_search')) {
620  // Search role
621  include_once './Services/Search/classes/class.ilQueryParser.php';
622  $parser = new ilQueryParser($this->form->getInput('role_search'));
623  // TODO: Handle minWordLength
624  $parser->setMinWordLength(1, true);
625  $parser->setCombination(QP_COMBINATION_AND);
626  $parser->parse();
627  include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
628  $object_search = new ilLikeObjectSearch($parser);
629  $object_search->setFilter(array( 'role' ));
630  $res = $object_search->performSearch();
631  $entries = $res->getEntries();
632  if (count($entries) == 1) {
633  $role = current($entries);
634  $this->rule->setRoleId($role['obj_id']);
635  } elseif (count($entries) > 1) {
636  $this->rule->setRoleId(-1);
637  }
638  }
639  $this->rule->setName($this->form->getInput('attr_name'));
640  $this->rule->setValue($this->form->getInput('attr_value'));
641  $this->rule->enableAddOnUpdate($this->form->getInput('add_missing'));
642  $this->rule->enableRemoveOnUpdate($this->form->getInput('remove_deprecated'));
643  $this->rule->enablePlugin($this->form->getInput('kind') == 2);
644  $this->rule->setPluginId($this->form->getInput('plugin_id'));
645 
646  return $this->rule;
647  }
648 
649 
650  private function getRuleValues()
651  {
652  global $DIC;
653  $rbacreview = $DIC['rbacreview'];
654  include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php';
655  $rule = new ilShibbolethRoleAssignmentRule((int) $_GET['rule_id']);
656  $role = $rule->getRoleId();
657  if ($rbacreview->isGlobalRole($role)) {
658  $values['role_name'] = 0;
659  $values['role_id'] = $role;
660  } else {
661  $values['role_name'] = 1;
662  $values['role_search'] = ilObject::_lookupTitle($role);
663  }
664  $values['add_missing'] = (int) $rule->isAddOnUpdateEnabled();
665  $values['remove_deprecated'] = (int) $rule->isRemoveOnUpdateEnabled();
666  $values['attr_name'] = $rule->getName();
667  $values['attr_value'] = $rule->getValue();
668  if (!$rule->isPluginActive()) {
669  $values['kind'] = 1;
670  } else {
671  $values['kind'] = 2;
672  $values['plugin_id'] = $rule->getPluginId();
673  }
674  $this->form->setValuesByArray($values);
675  }
676 
677 
678  private function checkInput($a_rule_id = 0)
679  {
680  $this->loadRule($a_rule_id);
681 
682  return $this->rule->validate();
683  }
684 
685 
686  private function showLocalRoleSelection()
687  {
688  if ($this->rule->getRoleId() > 0) {
689  return false;
690  }
691  $_SESSION['shib_role_ass']['rule_id'] = $_REQUEST['rule_id'] ? $_REQUEST['rule_id'] : 0;
692  $_SESSION['shib_role_ass']['search'] = $this->form->getInput('role_search');
693  $_SESSION['shib_role_ass']['add_on_update'] = $this->rule->isAddOnUpdateEnabled();
694  $_SESSION['shib_role_ass']['remove_on_update'] = $this->rule->isRemoveOnUpdateEnabled();
695  $_SESSION['shib_role_ass']['name'] = $this->rule->getName();
696  $_SESSION['shib_role_ass']['value'] = $this->rule->getValue();
697  $_SESSION['shib_role_ass']['plugin'] = $this->rule->isPluginActive();
698  $_SESSION['shib_role_ass']['plugin_id'] = $this->rule->getPluginId();
699  $this->ctrl->redirect($this, 'chooseRole');
700  }
701 
702 
703  protected function chooseRole()
704  {
705  $this->tabs_gui->setSubTabActive('shib_role_assignment');
706  include_once './Services/Search/classes/class.ilQueryParser.php';
707  $parser = new ilQueryParser($_SESSION['shib_role_ass']['search']);
708  $parser->setMinWordLength(1, true);
709  $parser->setCombination(QP_COMBINATION_AND);
710  $parser->parse();
711  include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
712  $object_search = new ilLikeObjectSearch($parser);
713  $object_search->setFilter(array( 'role' ));
714  $res = $object_search->performSearch();
715  $entries = $res->getEntries();
716  include_once './Services/AccessControl/classes/class.ilRoleSelectionTableGUI.php';
717  $table = new ilRoleSelectionTableGUI($this, 'chooseRole');
718  $table->setTitle($this->lng->txt('shib_role_selection'));
719  $table->addMultiCommand('saveRoleSelection', $this->lng->txt('shib_choose_role'));
720  $table->addCommandButton('roleAssignment', $this->lng->txt('cancel'));
721  $table->parse($entries);
722  $this->tpl->setContent($table->getHTML());
723 
724  return true;
725  }
726 
727 
728  protected function saveRoleSelection()
729  {
730  $rule = new ilShibbolethRoleAssignmentRule($_SESSION['shib_role_ass']['rule_id']);
731  $rule->setRoleId((int) $_POST['role_id']);
732  $rule->setName($_SESSION['shib_role_ass']['name']);
733  $rule->setValue($_SESSION['shib_role_ass']['value']);
734  $rule->enablePlugin($_SESSION['shib_role_ass']['plugin']);
735  $rule->setPluginId($_SESSION['shib_role_ass']['plugin_id']);
736  $rule->enableAddOnUpdate($_SESSION['shib_role_ass']['add_on_update']);
737  $rule->enableRemoveOnUpdate($_SESSION['shib_role_ass']['remove_on_update']);
738  if ($rule->getRuleId()) {
739  $rule->update();
740  } else {
741  $rule->add();
742  }
743  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
744  unset($_SESSION['shib_role_ass']);
745  $this->roleAssignment();
746  }
747 
748 
754  private function hasActiveRoleAssignmentPlugins()
755  {
756  global $DIC;
757  $ilPluginAdmin = $DIC['ilPluginAdmin'];
758 
759  return count($ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, 'AuthShibboleth', 'shibhk'));
760  }
761 
762 
763  private function prepareRoleSelect($a_as_select = true)
764  {
765  global $DIC;
766  $rbacreview = $DIC['rbacreview'];
767  $ilObjDataCache = $DIC['ilObjDataCache'];
768  $global_roles = ilUtil::_sortIds($rbacreview->getGlobalRoles(), 'object_data', 'title', 'obj_id');
769  $select[0] = $this->lng->txt('links_select_one');
770  foreach ($global_roles as $role_id) {
771  $select[$role_id] = ilObject::_lookupTitle($role_id);
772  }
773 
774  return $select;
775  }
776 
777 
778  protected function setSubTabs()
779  {
780  global $DIC;
781  $ilSetting = $DIC['ilSetting'];
782  include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php';
783  if ($ilSetting->get('shib_active') == 0 and ilShibbolethRoleAssignmentRules::getCountRules() == 0) {
784  return false;
785  }
786  // DONE: show sub tabs if there is any role assignment rule
787  $this->tabs_gui->addSubTabTarget('shib_settings', $this->ctrl->getLinkTarget($this, 'settings'));
788  $this->tabs_gui->addSubTabTarget('shib_role_assignment', $this->ctrl->getLinkTarget($this, 'roleAssignment'));
789 
790  return true;
791  }
792 }
ilUtil\sendSuccess
static sendSuccess($a_info="", $a_keep=false)
Send Success Message to Screen.
Definition: class.ilUtil.php:4562
$ilErr
global $ilErr
Definition: raiseError.php:16
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
ilAuthShibbolethSettingsGUI
Class ilAuthShibbolethSettingsGUI.
Definition: class.ilAuthShibbolethSettingsGUI.php:13
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
ilSelectInputGUI
This class represents a selection list property in a property form.
Definition: class.ilSelectInputGUI.php:17
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
$DIC
global $DIC
Definition: saml.php:7
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:33
ilAuthShibbolethSettingsGUI\hasActiveRoleAssignmentPlugins
hasActiveRoleAssignmentPlugins()
Check if plugin is active.
Definition: class.ilAuthShibbolethSettingsGUI.php:754
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:933
ilRadioOption\setInfo
setInfo($a_info)
Set Info.
Definition: class.ilRadioOption.php:71
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
ilFormPropertyGUI\setInfo
setInfo($a_info)
Set Information Text.
Definition: class.ilFormPropertyGUI.php:145
$name
if($format !==null) $name
Definition: metadata.php:146
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
ilRoleAutoCompleteInputGUI\echoAutoCompleteList
static echoAutoCompleteList()
Static asynchronous default auto complete function.
Definition: class.ilRoleAutoCompleteInputGUI.php:43
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$rule
$rule
Definition: showstats.php:43
ilUtil\_sortIds
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,7),&#39;usr_data&#39;,&#39;lastname&#39;,&#39;usr_id&#39;) => sorts by lastname.
Definition: class.ilUtil.php:4438
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:14
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1036
ilTextInputGUI\setSize
setSize($a_size)
Set Size.
Definition: class.ilTextInputGUI.php:139
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4530
ilRoleAutoCompleteInputGUI
This class represents a role + autocomplete feature form input.
Definition: class.ilRoleAutoCompleteInputGUI.php:13
$parser
$parser
Definition: BPMN2Parser.php:23
ilNonEditableValueGUI
This class represents a non editable value in a property form.
Definition: class.ilNonEditableValueGUI.php:13
$ilSetting
global $ilSetting
Definition: privfeed.php:17
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:34
QP_COMBINATION_AND
const QP_COMBINATION_AND
Definition: class.ilQueryParser.php:35
$table
if(empty($password)) $table
Definition: pwgen.php:24
$info
$info
Definition: index.php:5
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
$html
$html
Definition: example_001.php:87
ilFormPropertyGUI\setRequired
setRequired($a_required)
Set Required.
Definition: class.ilFormPropertyGUI.php:185
IL_COMP_SERVICE
const IL_COMP_SERVICE
Definition: class.ilComponent.php:6
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:15
ilAuthShibbolethSettingsGUI\addRoleAutoCompleteObject
addRoleAutoCompleteObject()
Add Member for autoComplete.
Definition: class.ilAuthShibbolethSettingsGUI.php:520