ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions | Data Fields | Protected Member Functions | Private Member Functions | Private Attributes
ilLDAPAttributeToUser Class Reference
Services/LDAP

Update/create ILIAS user account by given LDAP attributes according to user attribute mapping settings. More...

+ Collaboration diagram for ilLDAPAttributeToUser:

Public Member Functions

 __construct (ilLDAPServer $a_server)
 Construct of ilLDAPAttribute2XML Defines between LDAP and ILIAS user attributes. More...
 
 getServer ()
 Get server settings. More...
 
 setUserData ($a_data)
 Set user data received from pear auth or by ldap_search. More...
 
 setNewUserAuthMode ($a_authmode)
 Set auth mode for new users. More...
 
 getNewUserAuthMode ()
 Get auth mode for new users. More...
 
 addMode ($a_mode)
 Add import mode. More...
 
 isModeActive ($a_mode)
 Check if mode is active. More...
 
 refresh ()
 Create/Update non existing users. More...
 

Data Fields

const MODE_INITIALIZE_ROLES = 1
 

Protected Member Functions

 parseRoleAssignmentsForUpdate ($a_usr_id, $a_external_account, $user)
 Parse role assignments for update of user account. More...
 
 parseRoleAssignmentsForCreation ($a_external_account, $a_user)
 Parse role assignments for update of user account. More...
 

Private Member Functions

 usersToXML ()
 Create xml string of user according to mapping rules. More...
 
 convertInput ($a_value)
 A value can be an array or a string This function converts arrays to strings. More...
 
 doMapping ($user, $rule)
 doMapping More...
 
 initLDAPAttributeMapping ()
 
 initUserDefinedFields ()
 

Private Attributes

 $modes = []
 
 $server_settings = null
 
 $role_assignment = null
 
 $db = null
 
 $user_data = array()
 
 $setting = null
 
 $mapping = null
 
 $new_user_auth_mode = 'ldap'
 

Detailed Description

Update/create ILIAS user account by given LDAP attributes according to user attribute mapping settings.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
$Id$

Definition at line 34 of file class.ilLDAPAttributeToUser.php.

Constructor & Destructor Documentation

◆ __construct()

ilLDAPAttributeToUser::__construct ( ilLDAPServer  $a_server)

Construct of ilLDAPAttribute2XML Defines between LDAP and ILIAS user attributes.

Parameters
objectil

Definition at line 57 of file class.ilLDAPAttributeToUser.php.

References $DIC, $ilDB, $ilLog, $ilSetting, $lng, and initLDAPAttributeMapping().

58  {
59  global $DIC;
60 
61  $ilDB = $DIC['ilDB'];
62  $ilSetting = $DIC['ilSetting'];
63  $lng = $DIC['lng'];
64  $ilLog = $DIC['ilLog'];
65 
66  // Initialise language object
67  if (!is_object($lng)) {
68  include_once './Services/Language/classes/class.ilLanguage.php';
69  $lng = new ilLanguage('en');
70  }
71 
72  $this->log = $ilLog;
73 
74  $this->server_settings = $a_server;
75  $this->setting = $ilSetting;
76 
77  $this->initLDAPAttributeMapping();
78  }
$DIC
global $DIC
Definition: saml.php:7
$lng
$lng
Definition: save_question_post_data.php:23
$ilLog
$ilLog
Definition: inc.setup_header.php:123
$ilSetting
global $ilSetting
Definition: privfeed.php:17
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilLanguage
language handling
Definition: class.ilLanguage.php:26
+ Here is the call graph for this function:

Member Function Documentation

◆ addMode()

ilLDAPAttributeToUser::addMode (   $a_mode)

Add import mode.

Parameters
$a_mode

Definition at line 125 of file class.ilLDAPAttributeToUser.php.

126  {
127  if (is_array($this->modes) && !in_array($a_mode, $this->modes)) {
128  $this->modes[] = $a_mode;
129  }
130  }

◆ convertInput()

ilLDAPAttributeToUser::convertInput (   $a_value)
private

A value can be an array or a string This function converts arrays to strings.

private

Parameters
arrayor string value
Returns
string

Definition at line 424 of file class.ilLDAPAttributeToUser.php.

Referenced by doMapping().

425  {
426  if (is_array($a_value)) {
427  return $a_value[0];
428  } else {
429  return $a_value;
430  }
431  }
+ Here is the caller graph for this function:

◆ doMapping()

ilLDAPAttributeToUser::doMapping (   $user,
  $rule 
)
private

doMapping

private

Definition at line 439 of file class.ilLDAPAttributeToUser.php.

References $mapping, $rule, $user, and convertInput().

Referenced by usersToXML().

440  {
441  $mapping = trim(strtolower($rule['value']));
442 
443  if (strpos($mapping, ',') === false) {
444  return $this->convertInput($user[$mapping]);
445  }
446  // Is multiple mapping
447 
448  $fields = explode(',', $mapping);
449  $value = '';
450  foreach ($fields as $field) {
451  if (strlen($value)) {
452  $value .= ' ';
453  }
454  $value .= ($this->convertInput($user[trim($field)]));
455  }
456  return $value ? $value : '';
457  }
ilLDAPAttributeToUser\convertInput
convertInput($a_value)
A value can be an array or a string This function converts arrays to strings.
Definition: class.ilLDAPAttributeToUser.php:424
$rule
$rule
Definition: showstats.php:43
$user
$user
Definition: migrateto20.php:57
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getNewUserAuthMode()

ilLDAPAttributeToUser::getNewUserAuthMode ( )

Get auth mode for new users.

Definition at line 116 of file class.ilLDAPAttributeToUser.php.

References $new_user_auth_mode.

Referenced by usersToXML().

117  {
118  return $this->new_user_auth_mode;
119  }
+ Here is the caller graph for this function:

◆ getServer()

ilLDAPAttributeToUser::getServer ( )

Get server settings.

Returns
ilLDAPServer

Definition at line 85 of file class.ilLDAPAttributeToUser.php.

References $server_settings.

Referenced by parseRoleAssignmentsForCreation(), parseRoleAssignmentsForUpdate(), and refresh().

86  {
87  return $this->server_settings;
88  }
+ Here is the caller graph for this function:

◆ initLDAPAttributeMapping()

ilLDAPAttributeToUser::initLDAPAttributeMapping ( )
private

Definition at line 461 of file class.ilLDAPAttributeToUser.php.

References ilLDAPAttributeMapping\_getInstanceByServerId().

Referenced by __construct().

462  {
463  include_once('Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
464  $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->server_settings->getServerId());
465  }
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId($a_server_id)
Get instance of class.
Definition: class.ilLDAPAttributeMapping.php:68
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ initUserDefinedFields()

ilLDAPAttributeToUser::initUserDefinedFields ( )
private

Definition at line 467 of file class.ilLDAPAttributeToUser.php.

References ilUserDefinedFields\_getInstance().

Referenced by usersToXML().

468  {
469  include_once('Services/User/classes/class.ilUserDefinedFields.php');
470  $this->udf = ilUserDefinedFields::_getInstance();
471  }
ilUserDefinedFields\_getInstance
static _getInstance()
Get instance.
Definition: class.ilUserDefinedFields.php:48
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isModeActive()

ilLDAPAttributeToUser::isModeActive (   $a_mode)

Check if mode is active.

Parameters
int$a_mode
Returns
bool

Definition at line 137 of file class.ilLDAPAttributeToUser.php.

Referenced by usersToXML().

138  {
139  return is_array($this->modes) && in_array($a_mode, $this->modes);
140  }
+ Here is the caller graph for this function:

◆ parseRoleAssignmentsForCreation()

ilLDAPAttributeToUser::parseRoleAssignmentsForCreation (   $a_external_account,
  $a_user 
)
protected

Parse role assignments for update of user account.

Parameters
string$a_external_account
array$a_user

Definition at line 204 of file class.ilLDAPAttributeToUser.php.

References ilLDAPRoleAssignmentRules\getAssignmentsForCreation(), and getServer().

Referenced by usersToXML().

205  {
206  include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
207  foreach (ilLDAPRoleAssignmentRules::getAssignmentsForCreation(
208  $this->getServer()->getServerId(),
209  $a_external_account,
210  $a_user
211  ) as $role_data) {
212  $this->writer->xmlElement(
213  'Role',
214  array('Id' => $role_data['id'],
215  'Type' => $role_data['type'],
216  'Action' => $role_data['action']),
217  ''
218  );
219  }
220  }
ilLDAPRoleAssignmentRules\getAssignmentsForCreation
static getAssignmentsForCreation($a_server_id, $a_usr_name, $a_usr_data)
Definition: class.ilLDAPRoleAssignmentRules.php:179
ilLDAPAttributeToUser\getServer
getServer()
Get server settings.
Definition: class.ilLDAPAttributeToUser.php:85
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ parseRoleAssignmentsForUpdate()

ilLDAPAttributeToUser::parseRoleAssignmentsForUpdate (   $a_usr_id,
  $a_external_account,
  $user 
)
protected

Parse role assignments for update of user account.

Parameters
int$a_usr_id
string$a_external_account
array$user

Definition at line 178 of file class.ilLDAPAttributeToUser.php.

References $user, ilLDAPRoleAssignmentRules\getAssignmentsForUpdate(), and getServer().

Referenced by usersToXML().

179  {
180  $rules = $this->mapping->getRulesForUpdate();
181 
182  include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
183  foreach (ilLDAPRoleAssignmentRules::getAssignmentsForUpdate(
184  $this->getServer()->getServerId(),
185  $a_usr_id,
186  $a_external_account,
187  $user
188  ) as $role_data) {
189  $this->writer->xmlElement(
190  'Role',
191  array('Id' => $role_data['id'],
192  'Type' => $role_data['type'],
193  'Action' => $role_data['action']),
194  ''
195  );
196  }
197  }
ilLDAPRoleAssignmentRules\getAssignmentsForUpdate
static getAssignmentsForUpdate($a_server_id, $a_usr_id, $a_usr_name, $a_usr_data)
type $ilDB type $rbacadmin type $rbacreview type $ilSetting type $ilLog
Definition: class.ilLDAPRoleAssignmentRules.php:118
$user
$user
Definition: migrateto20.php:57
ilLDAPAttributeToUser\getServer
getServer()
Get server settings.
Definition: class.ilLDAPAttributeToUser.php:85
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ refresh()

ilLDAPAttributeToUser::refresh ( )

Create/Update non existing users.

public

Definition at line 149 of file class.ilLDAPAttributeToUser.php.

References Sabre\VObject\$debug, $DIC, ilLDAPRoleAssignmentRules\getAllPossibleRoles(), getServer(), and usersToXML().

150  {
151  global $DIC;
152 
153  $rbacadmin = $DIC['rbacadmin'];
154 
155  $this->usersToXML();
156 
157  include_once './Services/User/classes/class.ilUserImportParser.php';
158  include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
159 
160  $importParser = new ilUserImportParser();
161  $importParser->setXMLContent($this->writer->xmlDumpMem(false));
162  $importParser->setRoleAssignment(ilLDAPRoleAssignmentRules::getAllPossibleRoles($this->getServer()->getServerId()));
163  $importParser->setFolderId(7);
164  $importParser->startParsing();
165  $debug = $importParser->getProtocol();
166  #var_dump("<pre>",$this->writer->xmlDumpMem(),"</pre>");
167  #print_r($this->writer->xmlDumpMem($format));
168 
169  return true;
170  }
$DIC
global $DIC
Definition: saml.php:7
ilLDAPRoleAssignmentRules\getAllPossibleRoles
static getAllPossibleRoles($a_server_id)
Get all assignable roles (used for import parser)
Definition: class.ilLDAPRoleAssignmentRules.php:60
ilLDAPAttributeToUser\getServer
getServer()
Get server settings.
Definition: class.ilLDAPAttributeToUser.php:85
ilLDAPAttributeToUser\usersToXML
usersToXML()
Create xml string of user according to mapping rules.
Definition: class.ilLDAPAttributeToUser.php:228
+ Here is the call graph for this function:

◆ setNewUserAuthMode()

ilLDAPAttributeToUser::setNewUserAuthMode (   $a_authmode)

Set auth mode for new users.

E.g. radius for radius authenticated user with ldap data source

Parameters
string$a_authmode

Definition at line 108 of file class.ilLDAPAttributeToUser.php.

109  {
110  $this->new_user_auth_mode = $a_authmode;
111  }

◆ setUserData()

ilLDAPAttributeToUser::setUserData (   $a_data)

Set user data received from pear auth or by ldap_search.

public

Parameters
arrayarray of auth data. array('ilias_account1' => array(firstname => 'Stefan',...),...)

Definition at line 98 of file class.ilLDAPAttributeToUser.php.

99  {
100  $this->user_data = $a_data;
101  }

◆ usersToXML()

ilLDAPAttributeToUser::usersToXML ( )
private

Create xml string of user according to mapping rules.

private

Definition at line 228 of file class.ilLDAPAttributeToUser.php.

References $data, $user, ilAuthUtils\_generateLogin(), ilObjUser\_lookupId(), doMapping(), getNewUserAuthMode(), initUserDefinedFields(), isModeActive(), parseRoleAssignmentsForCreation(), and parseRoleAssignmentsForUpdate().

Referenced by refresh().

229  {
230  include_once('./Services/Xml/classes/class.ilXmlWriter.php');
231  $this->writer = new ilXmlWriter();
232  $this->writer->xmlStartTag('Users');
233 
234  $cnt_update = 0;
235  $cnt_create = 0;
236 
237  // Single users
238  foreach ($this->user_data as $external_account => $user) {
239  $user['ilExternalAccount'] = $external_account;
240 
241  // Required fields
242  if ($user['ilInternalAccount']) {
243  $usr_id = ilObjUser::_lookupId($user['ilInternalAccount']);
244 
245  ++$cnt_update;
246  // User exists
247  $this->writer->xmlStartTag('User', array('Id' => $usr_id,'Action' => 'Update'));
248  $this->writer->xmlElement('Login', array(), $user['ilInternalAccount']);
249  $this->writer->xmlElement('ExternalAccount', array(), $external_account);
250  $this->writer->xmlElement('AuthMode', array('type' => $this->getNewUserAuthMode()), null);
251 
252  if ($this->isModeActive(self::MODE_INITIALIZE_ROLES)) {
253  $this->parseRoleAssignmentsForCreation($external_account, $user);
254  } else {
255  $this->parseRoleAssignmentsForUpdate($usr_id, $external_account, $user);
256  }
257  $rules = $this->mapping->getRulesForUpdate();
258  } else {
259  ++$cnt_create;
260  // Create user
261  $this->writer->xmlStartTag('User', array('Action' => 'Insert'));
262  $this->writer->xmlElement('Login', array(), ilAuthUtils::_generateLogin($external_account));
263 
264  $this->parseRoleAssignmentsForCreation($external_account, $user);
265  $rules = $this->mapping->getRules();
266  }
267 
268  $this->writer->xmlElement('Active', array(), "true");
269  $this->writer->xmlElement('TimeLimitOwner', array(), 7);
270  $this->writer->xmlElement('TimeLimitUnlimited', array(), 1);
271  $this->writer->xmlElement('TimeLimitFrom', array(), time());
272  $this->writer->xmlElement('TimeLimitUntil', array(), time());
273 
274  // only for new users.
275  // If auth_mode is 'default' (ldap) this status should remain.
276  if (!$user['ilInternalAccount']) {
277  $this->writer->xmlElement(
278  'AuthMode',
279  array('type' => $this->getNewUserAuthMode()),
280  $this->getNewUserAuthMode()
281  );
282  $this->writer->xmlElement('ExternalAccount', array(), $external_account);
283  }
284  foreach ($rules as $field => $data) {
285  // Do Mapping: it is possible to assign multiple ldap attribute to one user data field
286  if (!($value = $this->doMapping($user, $data))) {
287  continue;
288  }
289 
290  switch ($field) {
291  case 'gender':
292  switch (strtolower($value)) {
293  case 'n':
294  case 'neutral':
295  $this->writer->xmlElement('Gender', array(), 'n');
296  break;
297 
298  case 'm':
299  case 'male':
300  $this->writer->xmlElement('Gender', array(), 'm');
301  break;
302 
303  case 'f':
304  case 'female':
305  default:
306  $this->writer->xmlElement('Gender', array(), 'f');
307  break;
308 
309  }
310  break;
311 
312  case 'firstname':
313  $this->writer->xmlElement('Firstname', array(), $value);
314  break;
315 
316  case 'lastname':
317  $this->writer->xmlElement('Lastname', array(), $value);
318  break;
319 
320  case 'hobby':
321  $this->writer->xmlElement('Hobby', array(), $value);
322  break;
323 
324  case 'title':
325  $this->writer->xmlElement('Title', array(), $value);
326  break;
327 
328  case 'institution':
329  $this->writer->xmlElement('Institution', array(), $value);
330  break;
331 
332  case 'department':
333  $this->writer->xmlElement('Department', array(), $value);
334  break;
335 
336  case 'street':
337  $this->writer->xmlElement('Street', array(), $value);
338  break;
339 
340  case 'city':
341  $this->writer->xmlElement('City', array(), $value);
342  break;
343 
344  case 'zipcode':
345  $this->writer->xmlElement('PostalCode', array(), $value);
346  break;
347 
348  case 'country':
349  $this->writer->xmlElement('Country', array(), $value);
350  break;
351 
352  case 'phone_office':
353  $this->writer->xmlElement('PhoneOffice', array(), $value);
354  break;
355 
356  case 'phone_home':
357  $this->writer->xmlElement('PhoneHome', array(), $value);
358  break;
359 
360  case 'phone_mobile':
361  $this->writer->xmlElement('PhoneMobile', array(), $value);
362  break;
363 
364  case 'fax':
365  $this->writer->xmlElement('Fax', array(), $value);
366  break;
367 
368  case 'email':
369  $this->writer->xmlElement('Email', array(), $value);
370  break;
371 
372  case 'matriculation':
373  $this->writer->xmlElement('Matriculation', array(), $value);
374  break;
375 
376  /*
377  case 'photo':
378  $this->writer->xmlElement('PersonalPicture',array('encoding' => 'Base64','imagetype' => 'image/jpeg'),
379  base64_encode($this->convertInput($user[$value])));
380  break;
381  */
382  default:
383  // Handle user defined fields
384  if (substr($field, 0, 4) != 'udf_') {
385  continue 2;
386  }
387  $id_data = explode('_', $field);
388  if (!isset($id_data[1])) {
389  continue 2;
390  }
391  $this->initUserDefinedFields();
392  $definition = $this->udf->getDefinition($id_data[1]);
393  $this->writer->xmlElement(
394  'UserDefinedField',
395  array('Id' => $definition['il_id'],
396  'Name' => $definition['field_name']),
397  $value
398  );
399  break;
400 
401 
402  }
403  }
404  $this->writer->xmlEndTag('User');
405  }
406 
407  if ($cnt_create) {
408  $this->log->write('LDAP: Started creation of ' . $cnt_create . ' users.');
409  }
410  if ($cnt_update) {
411  $this->log->write('LDAP: Started update of ' . $cnt_update . ' users.');
412  }
413  $this->writer->xmlEndTag('Users');
414  }
ilLDAPAttributeToUser\doMapping
doMapping($user, $rule)
doMapping
Definition: class.ilLDAPAttributeToUser.php:439
ilAuthUtils\_generateLogin
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:438
ilXmlWriter
XML writer class.
Definition: class.ilXmlWriter.php:17
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:827
ilLDAPAttributeToUser\isModeActive
isModeActive($a_mode)
Check if mode is active.
Definition: class.ilLDAPAttributeToUser.php:137
ilLDAPAttributeToUser\parseRoleAssignmentsForCreation
parseRoleAssignmentsForCreation($a_external_account, $a_user)
Parse role assignments for update of user account.
Definition: class.ilLDAPAttributeToUser.php:204
$user
$user
Definition: migrateto20.php:57
ilLDAPAttributeToUser\parseRoleAssignmentsForUpdate
parseRoleAssignmentsForUpdate($a_usr_id, $a_external_account, $user)
Parse role assignments for update of user account.
Definition: class.ilLDAPAttributeToUser.php:178
ilLDAPAttributeToUser\getNewUserAuthMode
getNewUserAuthMode()
Get auth mode for new users.
Definition: class.ilLDAPAttributeToUser.php:116
$data
$data
Definition: bench.php:6
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

Field Documentation

◆ $db

ilLDAPAttributeToUser::$db = null
private

Definition at line 43 of file class.ilLDAPAttributeToUser.php.

◆ $mapping

ilLDAPAttributeToUser::$mapping = null
private

Definition at line 47 of file class.ilLDAPAttributeToUser.php.

Referenced by doMapping().

◆ $modes

ilLDAPAttributeToUser::$modes = []
private

Definition at line 38 of file class.ilLDAPAttributeToUser.php.

◆ $new_user_auth_mode

ilLDAPAttributeToUser::$new_user_auth_mode = 'ldap'
private

Definition at line 49 of file class.ilLDAPAttributeToUser.php.

Referenced by getNewUserAuthMode().

◆ $role_assignment

ilLDAPAttributeToUser::$role_assignment = null
private

Definition at line 42 of file class.ilLDAPAttributeToUser.php.

◆ $server_settings

ilLDAPAttributeToUser::$server_settings = null
private

Definition at line 41 of file class.ilLDAPAttributeToUser.php.

Referenced by getServer().

◆ $setting

ilLDAPAttributeToUser::$setting = null
private

Definition at line 46 of file class.ilLDAPAttributeToUser.php.

◆ $user_data

ilLDAPAttributeToUser::$user_data = array()
private

Definition at line 45 of file class.ilLDAPAttributeToUser.php.

◆ MODE_INITIALIZE_ROLES

const ilLDAPAttributeToUser::MODE_INITIALIZE_ROLES = 1

Definition at line 36 of file class.ilLDAPAttributeToUser.php.

Referenced by ilLDAPUserSynchronisation\performUpdate().

The documentation for this class was generated from the following file: