ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilLDAPSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
33 class ilLDAPSettingsGUI
34 {
35  private $ref_id = null;
36  private $server = null;
37 
38  public function __construct($a_auth_ref_id)
39  {
40  global $DIC;
41 
42  $lng = $DIC['lng'];
43  $ilCtrl = $DIC['ilCtrl'];
44  $tpl = $DIC['tpl'];
45  $ilTabs = $DIC['ilTabs'];
46 
47  $this->ctrl = $ilCtrl;
48  $this->tabs_gui = $ilTabs;
49  $this->lng = $lng;
50  $this->lng->loadLanguageModule('ldap');
51 
52  $this->tpl = $tpl;
53 
54  if ($_GET["cmd"] != "addServerSettings") {
55  $this->ctrl->saveParameter($this, 'ldap_server_id');
56  }
57 
58 
59  $this->ref_id = $a_auth_ref_id;
60 
61 
62  $this->initServer();
63  }
64 
65  public function executeCommand()
66  {
67  global $DIC;
68 
69  $ilAccess = $DIC['ilAccess'];
70  $ilias = $DIC['ilias'];
71  $ilErr = $DIC['ilErr'];
72  $ilCtrl = $DIC['ilCtrl'];
73 
74  $next_class = $this->ctrl->getNextClass($this);
75  $cmd = $this->ctrl->getCmd();
76 
77  if (!$ilAccess->checkAccess('write', '', $this->ref_id) && $cmd != "serverList") {
78  ilUtil::sendFailure($this->lng->txt('msg_no_perm_write'), true);
79  $ilCtrl->redirect($this, "serverList");
80  }
81 
82 
83  switch ($next_class) {
84  default:
85  if (!$cmd) {
86  $cmd = "serverList";
87  }
88  $this->$cmd();
89  break;
90  }
91  return true;
92  }
93 
98  public function getServer()
99  {
100  return $this->server;
101  }
102 
109  public function roleAssignments()
110  {
111  global $DIC;
112 
113  $rbacreview = $DIC['rbacreview'];
114 
115  $this->setSubTabs();
116  $this->tabs_gui->setTabActive('role_assignments');
117 
118  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP');
119 
120  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
121  $this->initFormRoleAssignments('create', $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId(0));
122  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
123 
124 
125  if (count($rules = ilLDAPRoleAssignmentRule::_getRules($this->server->getServerId()))) {
126  include_once("./Services/LDAP/classes/class.ilLDAPRoleAssignmentTableGUI.php");
127  $table_gui = new ilLDAPRoleAssignmentTableGUI($this, 'roleAssignments');
128  $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
129  $table_gui->parse($rules);
130  $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
131  $table_gui->setSelectAllCheckbox("rule_id");
132  $this->tpl->setVariable('RULES_TBL', $table_gui->getHTML());
133  }
134  }
135 
142  public function editRoleAssignment()
143  {
144  if (!(int) $_GET['rule_id']) {
145  ilUtil::sendFailure($this->lng->txt('select_one'));
146  $this->roleAssignments();
147  return false;
148  }
149  $this->setSubTabs();
150  $this->tabs_gui->setTabActive('role_assignments');
151 
152  $this->ctrl->saveParameter($this, 'rule_id', (int) $_GET['rule_id']);
153  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
154  $this->initFormRoleAssignments(
155  'edit',
156  $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId((int) $_GET['rule_id'])
157  );
158  $this->setValuesByArray();
159  $this->tpl->setContent($this->form->getHTML());
160  }
161 
162 
167  protected function setValuesByArray()
168  {
169  global $DIC;
170 
171  $rbacreview = $DIC['rbacreview'];
172 
173  $role_id = $this->role_mapping_rule->getRoleId();
174  if ($rbacreview->isGlobalRole($role_id)) {
175  $val['role_name'] = 0;
176  $val['role_id'] = $role_id;
177  } else {
178  $val['role_name'] = 1;
179  $val['role_search'] = ilObject::_lookupTitle($role_id);
180  }
181  $val['add_missing'] = (int) $this->role_mapping_rule->isAddOnUpdateEnabled();
182  $val['remove_deprecated'] = (int) $this->role_mapping_rule->isRemoveOnUpdateEnabled();
183  $val['type'] = (int) $this->role_mapping_rule->getType();
184  $val['dn'] = $this->role_mapping_rule->getDN();
185  $val['at'] = $this->role_mapping_rule->getMemberAttribute();
186  $val['isdn'] = $this->role_mapping_rule->isMemberAttributeDN();
187  $val['name'] = $this->role_mapping_rule->getAttributeName();
188  $val['value'] = $this->role_mapping_rule->getAttributeValue();
189  $val['plugin_id'] = $this->role_mapping_rule->getPluginId();
190 
191  $this->form->setValuesByArray($val);
192  }
193 
200  public function updateRoleAssignment()
201  {
202  global $DIC;
203 
204  $ilErr = $DIC['ilErr'];
205  $ilAccess = $DIC['ilAccess'];
206 
207  if (!$ilAccess->checkAccess('write', '', $this->ref_id)) {
208  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
209  $this->roleAssignment();
210  return false;
211  }
212 
213  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
214  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
215 
216  $this->initFormRoleAssignments('edit');
217  if (!$this->form->checkInput() or ($err = $this->checkRoleAssignmentInput((int) $_REQUEST['rule_id']))) {
218  if ($err) {
219  ilUtil::sendFailure($this->lng->txt($err));
220  }
221 
222  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP');
223 
224  // DONE: wrap this
225  $this->form->setValuesByPost();
226  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
227  #$this->tpl->setVariable('RULES_TBL',$this->getRoleAssignmentTable());
228  $this->tabs_gui->setSubTabActive('shib_role_assignment');
229  return true;
230  }
231 
232  // Might redirect
233  $this->roleSelection();
234 
235  $this->rule->update();
236  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
237  $this->roleAssignments();
238  return true;
239  }
240 
248  public function confirmDeleteRules()
249  {
250  if (!is_array($_POST['rule_ids'])) {
251  ilUtil::sendFailure($this->lng->txt('select_one'));
252  $this->roleAssignments();
253  return false;
254  }
255  $this->setSubTabs();
256  $this->tabs_gui->setTabActive('role_assignments');
257 
258  include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
259  $c_gui = new ilConfirmationGUI();
260 
261  // set confirm/cancel commands
262  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules"));
263  $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass"));
264  $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignments");
265  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules");
266 
267  // add items to delete
268  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
269  foreach ($_POST["rule_ids"] as $rule_id) {
270  $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
271  $c_gui->addItem('rule_ids[]', $rule_id, $rule->conditionToString());
272  }
273  $this->tpl->setContent($c_gui->getHTML());
274  }
275 
282  public function deleteRules()
283  {
284  if (!is_array($_POST['rule_ids'])) {
285  ilUtil::sendFailure($this->lng->txt('select_once'));
286  $this->roleAssignments();
287  return false;
288  }
289  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
290  foreach ($_POST["rule_ids"] as $rule_id) {
291  $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
292  $rule->delete();
293  }
294  ilUtil::sendSuccess($this->lng->txt('ldap_deleted_rule'));
295  $this->roleAssignments();
296  return true;
297  }
298 
305  public function addRoleAssignment()
306  {
307  global $DIC;
308 
309  $ilErr = $DIC['ilErr'];
310  $ilAccess = $DIC['ilAccess'];
311 
312  if (!$ilAccess->checkAccess('write', '', $this->ref_id)) {
313  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
314  $this->roleAssignment();
315  return false;
316  }
317 
318  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
319  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
320 
321  $this->initFormRoleAssignments('create');
322  if (!$this->form->checkInput() or ($err = $this->checkRoleAssignmentInput())) {
323  if ($err) {
324  ilUtil::sendFailure($this->lng->txt($err));
325  }
326 
327  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP');
328 
329  // DONE: wrap this
330  $this->form->setValuesByPost();
331  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
332  $this->tpl->setVariable('RULES_TBL', $this->getRoleAssignmentTable());
333  $this->tabs_gui->setSubTabActive('shib_role_assignment');
334  return true;
335  }
336 
337  // Might redirect
338  $this->roleSelection();
339 
340  $this->rule->create();
341  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
342  unset($_POST);
343  $this->roleAssignments();
344  return true;
345  }
346 
351  protected function roleSelection()
352  {
353  if ($this->rule->getRoleId() > 0) {
354  return false;
355  }
356  $_SESSION['ldap_role_ass']['server_id'] = $this->getServer()->getServerId();
357  $_SESSION['ldap_role_ass']['rule_id'] = $_REQUEST['rule_id'] ? $_REQUEST['rule_id'] : 0;
358  $_SESSION['ldap_role_ass']['role_search'] = $this->form->getInput('role_search');
359  $_SESSION['ldap_role_ass']['add_on_update'] = $this->form->getInput('add_missing');
360  $_SESSION['ldap_role_ass']['remove_on_update'] = $this->form->getInput('remove_deprecated');
361  $_SESSION['ldap_role_ass']['type'] = $this->form->getInput('type');
362  $_SESSION['ldap_role_ass']['dn'] = $this->form->getInput('dn');
363  $_SESSION['ldap_role_ass']['at'] = $this->form->getInput('at');
364  $_SESSION['ldap_role_ass']['isdn'] = $this->form->getInput('isdn');
365  $_SESSION['ldap_role_ass']['name'] = $this->form->getInput('name');
366  $_SESSION['ldap_role_ass']['value'] = $this->form->getInput('value');
367  $_SESSION['ldap_role_ass']['plugin'] = $this->form->getInput('plugin_id');
368 
369 
370  $this->ctrl->saveParameter($this, 'rule_id');
371  $this->ctrl->redirect($this, 'showRoleSelection');
372  }
373 
374 
375 
380  protected function showRoleSelection()
381  {
382  $this->setSubTabs();
383  $this->tabs_gui->setTabActive('role_assignment');
384  $this->ctrl->saveParameter($this, 'rule_id');
385 
386  include_once './Services/Search/classes/class.ilQueryParser.php';
387  $parser = new ilQueryParser($_SESSION['ldap_role_ass']['role_search']);
388  $parser->setMinWordLength(1, true);
389  $parser->setCombination(QP_COMBINATION_AND);
390  $parser->parse();
391 
392  include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
393  $object_search = new ilLikeObjectSearch($parser);
394  $object_search->setFilter(array('role'));
395  $res = $object_search->performSearch();
396 
397  $entries = $res->getEntries();
398 
399  include_once './Services/AccessControl/classes/class.ilRoleSelectionTableGUI.php';
400  $table = new ilRoleSelectionTableGUI($this, 'showRoleSelection');
401  $table->setTitle($this->lng->txt('ldap_role_selection'));
402  $table->addMultiCommand('saveRoleSelection', $this->lng->txt('ldap_choose_role'));
403  #$table->addCommandButton('roleAssignment',$this->lng->txt('cancel'));
404  $table->parse($entries);
405 
406  $this->tpl->setContent($table->getHTML());
407  return true;
408  }
409 
414  protected function saveRoleSelection()
415  {
416  global $DIC;
417 
418  $ilErr = $DIC['ilErr'];
419  $ilAccess = $DIC['ilAccess'];
420 
421  if (!$ilAccess->checkAccess('write', '', $this->ref_id)) {
422  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
423  $this->roleAssignment();
424  return false;
425  }
426 
427  if (!(int) $_REQUEST['role_id']) {
428  ilUtil::sendFailure($this->lng->txt('select_one'));
429  $this->showRoleSelection();
430  return false;
431  }
432 
433  $this->loadRoleAssignmentRule((int) $_REQUEST['rule_id'], false);
434  $this->rule->setRoleId((int) $_REQUEST['role_id']);
435 
436  if ((int) $_REQUEST['rule_id']) {
437  $this->rule->update();
438  } else {
439  $this->rule->create();
440  }
441 
442  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
443  $this->roleAssignments();
444  return true;
445  }
446 
447 
453  protected function checkRoleAssignmentInput($a_rule_id = 0)
454  {
455  global $DIC;
456 
457  $ilErr = $DIC['ilErr'];
458 
459  $this->loadRoleAssignmentRule($a_rule_id);
460  $this->rule->validate();
461  return $ilErr->getMessage();
462  }
463 
464 
469  protected function getRoleAssignmentTable()
470  {
471  if (count($rules = ilLDAPRoleAssignmentRule::_getRules($this->server->getServerId()))) {
472  include_once("./Services/LDAP/classes/class.ilLDAPRoleAssignmentTableGUI.php");
473  $table_gui = new ilLDAPRoleAssignmentTableGUI($this, 'roleAssignments');
474  $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
475  $table_gui->parse($rules);
476  $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
477  $table_gui->setSelectAllCheckbox("rule_id");
478  return $table_gui->getHTML();
479  }
480  return '';
481  }
482 
483 
489  protected function loadRoleAssignmentRule($a_rule_id, $a_from_form = true)
490  {
491  if (is_object($this->rule)) {
492  return true;
493  }
494 
495  include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
496  $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id);
497 
498 
499  if ($a_from_form) {
500  if ($this->form->getInput('role_name') == 0) {
501  $this->rule->setRoleId($this->form->getInput('role_id'));
502  } elseif ($this->form->getInput('role_search')) {
503  // Search role
504  include_once './Services/Search/classes/class.ilQueryParser.php';
505 
506  $parser = new ilQueryParser('"' . $this->form->getInput('role_search') . '"');
507 
508  // TODO: Handle minWordLength
509  $parser->setMinWordLength(1, true);
510  $parser->setCombination(QP_COMBINATION_AND);
511  $parser->parse();
512 
513  include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
514  $object_search = new ilLikeObjectSearch($parser);
515  $object_search->setFilter(array('role'));
516  $res = $object_search->performSearch();
517 
518  $entries = $res->getEntries();
519  if (count($entries) == 1) {
520  $role = current($entries);
521  $this->rule->setRoleId($role['obj_id']);
522  } elseif (count($entries) > 1) {
523  $this->rule->setRoleId(-1);
524  }
525  }
526 
527  $this->rule->setAttributeName($this->form->getInput('name'));
528  $this->rule->setAttributeValue($this->form->getInput('value'));
529  $this->rule->setDN($this->form->getInput('dn'));
530  $this->rule->setMemberAttribute($this->form->getInput('at'));
531  $this->rule->setMemberIsDN($this->form->getInput('isdn'));
532  $this->rule->enableAddOnUpdate($this->form->getInput('add_missing'));
533  $this->rule->enableRemoveOnUpdate($this->form->getInput('remove_deprecated'));
534  $this->rule->setPluginId($this->form->getInput('plugin_id'));
535  $this->rule->setType($this->form->getInput('type'));
536  $this->rule->setServerId($this->getServer()->getServerId());
537  return true;
538  }
539 
540  // LOAD from session
541  $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id);
542  $this->rule->setServerId($this->getServer()->getServerId());
543  $this->rule->enableAddOnUpdate((int) $_SESSION['ldap_role_ass']['add_on_update']);
544  $this->rule->enableRemoveOnUpdate((int) $_SESSION['ldap_role_ass']['remove_on_update']);
545  $this->rule->setType(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['type']));
546  $this->rule->setDN(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['dn']));
547  $this->rule->setMemberAttribute(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['at']));
548  $this->rule->setMemberIsDN(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['isdn']));
549  $this->rule->setAttributeName(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['name']));
550  $this->rule->setAttributeValue(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['value']));
551  $this->rule->setPluginId(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['plugin']));
552  return true;
553  }
554 
555  public function deleteRoleMapping()
556  {
557  if (!count($_POST['mappings'])) {
558  ilUtil::sendFailure($this->lng->txt('select_one'));
559  $this->roleMapping();
560  return false;
561  }
562 
563  $this->initRoleMapping();
564 
565  foreach ($_POST['mappings'] as $mapping_id) {
566  $this->role_mapping->delete($mapping_id);
567  }
568  ilUtil::sendSuccess($this->lng->txt('ldap_deleted_role_mapping'));
569  $this->roleMapping();
570  return true;
571  }
572 
573  public function chooseMapping()
574  {
575  if (!$_POST['mapping_template']) {
576  $this->userMapping();
577  return;
578  }
579 
580  $this->initAttributeMapping();
581  $this->mapping->clearRules();
582 
583  include_once('Services/LDAP/classes/class.ilLDAPAttributeMappingUtils.php');
584  foreach (ilLDAPAttributeMappingUtils::_getMappingRulesByClass($_POST['mapping_template']) as $key => $value) {
585  $this->mapping->setRule($key, $value, 0);
586  }
587  $this->userMapping();
588  return true;
589  }
590 
591  public function saveMapping()
592  {
593  $this->initAttributeMapping();
594  $this->tabs_gui->setTabActive('role_mapping');
595 
596  foreach ($this->getMappingFields() as $key => $mapping) {
597  $this->mapping->setRule($key, ilUtil::stripSlashes($_POST[$key . '_value']), (int) $_POST[$key . '_update']);
598  }
599  $this->initUserDefinedFields();
600  foreach ($this->udf->getDefinitions() as $definition) {
601  $key = 'udf_' . $definition['field_id'];
602  $this->mapping->setRule($key, ilUtil::stripSlashes($_POST[$key . '_value']), (int) $_POST[$key . '_update']);
603  }
604 
605  $this->mapping->save();
606  $this->userMapping();
607 
608  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
609  unset($_POST['mapping_template']);
610  return;
611  }
612 
613  public function serverList()
614  {
615  global $DIC;
616 
617  $ilAccess = $DIC['ilAccess'];
618  $ilErr = $DIC['ilErr'];
619  $ilToolbar = $DIC['ilToolbar'];
620 
621  if (!$ilAccess->checkAccess('read', '', $this->ref_id) && $cmd != "serverList") {
622  $ilErr->raiseError($this->lng->txt('msg_no_perm_write'), $ilErr->WARNING);
623  }
624 
625  if (!ilLDAPServer::checkLDAPLib() and $this->server->isActive()) {
626  ilUtil::sendFailure('Missing LDAP libraries. Please ensure that the PHP LDAP module is installed on your server.');
627  }
628 
629  $ilToolbar->addButton(
630  $this->lng->txt("add_ldap_server"),
631  $this->ctrl->getLinkTarget($this, "addServerSettings")
632  );
633 
634  include_once './Services/LDAP/classes/class.ilLDAPServerTableGUI.php';
635 
636  $table = new ilLDAPServerTableGUI($this, "serverList");
637 
638 
639  return $this->tpl->setContent($table->getHTML());
640  }
641 
642  public function setServerFormValues()
643  {
644  $this->form_gui->setValuesByArray(array(
645  'active' => $this->server->isActive(),
646  'ds' => !$this->server->isAuthenticationEnabled(),
647  'server_name' => $this->server->getName(),
648  'server_url' => $this->server->getUrlString(),
649  'version' => $this->server->getVersion(),
650  'base_dn' => $this->server->getBaseDN(),
651  'referrals' => $this->server->isActiveReferrer(),
652  'tls' => $this->server->isActiveTLS(),
653  'binding_type' => $this->server->getBindingType(),
654  'bind_dn' => $this->server->getBindUser(),
655  'bind_pass' => $this->server->getBindPassword(),
656  'bind_pass_retype' => $this->server->getBindPassword(),
657  'search_base' => $this->server->getSearchBase(),
658  'user_scope' => $this->server->getUserScope(),
659  'user_attribute' => $this->server->getUserAttribute(),
660  'filter' => $this->server->getFilter(),
661  'group_dn' => $this->server->getGroupDN(),
662  'group_scope' => $this->server->getGroupScope(),
663  'group_filter' => $this->server->getGroupFilter(),
664  'group_member' => $this->server->getGroupMember(),
665  'memberisdn' => $this->server->enabledGroupMemberIsDN(),
666  'group' => $this->server->getGroupName(),
667  'group_attribute' => $this->server->getGroupAttribute(),
668  'group_optional' => $this->server->isMembershipOptional(),
669  'group_user_filter' => $this->server->getGroupUserFilter(),
670  'sync_on_login' => $this->server->enabledSyncOnLogin(),
671  'sync_per_cron' => $this->server->enabledSyncPerCron(),
672  'global_role' => ilLDAPAttributeMapping::_lookupGlobalRole($this->server->getServerId()),
673  'migration' => (int) $this->server->isAccountMigrationEnabled(),
674  "name_filter" => $this->server->getUsernameFilter(),
675  'escape_dn' => $this->server->enabledEscapeDN()
676  ));
677  }
678 
679  private function initForm()
680  {
681  include_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
682 
683  $this->form_gui = new ilPropertyFormGUI();
684  $this->form_gui->setFormAction($this->ctrl->getFormAction($this, 'save'));
685  $this->form_gui->setTitle($this->lng->txt('ldap_configure'));
686 
687  $active = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_enable'), 'active');
688  $active->setValue(1);
689  $this->form_gui->addItem($active);
690 
691  $ds = new ilCheckboxInputGUI($this->lng->txt('ldap_as_ds'), 'ds');
692  $ds->setValue(1);
693  $ds->setInfo($this->lng->txt('ldap_as_ds_info'));
694  $this->form_gui->addItem($ds);
695 
696  $servername = new ilTextInputGUI($this->lng->txt('ldap_server_name'), 'server_name');
697  $servername->setRequired(true);
698  $servername->setInfo($this->lng->txt('ldap_server_name_info'));
699  $servername->setSize(32);
700  $servername->setMaxLength(32);
701  $this->form_gui->addItem($servername);
702 
703  // start Patch Name Filter
704  $namefilter = new ilTextInputGUI($this->lng->txt('ldap_username_filter'), "name_filter");//ADD LANG VAR
705  $namefilter->setInfo($this->lng->txt("ldap_username_filter_info"));
706  $namefilter->setSize(64);
707  $namefilter->setMaxLength(255);
708  $this->form_gui->addItem($namefilter);
709  // end Patch Name Filter
710 
711  $serverurl = new ilTextInputGUI($this->lng->txt('ldap_server'), 'server_url');
712  $serverurl->setRequired(true);
713  $serverurl->setInfo($this->lng->txt('ldap_server_url_info'));
714  $serverurl->setSize(64);
715  $serverurl->setMaxLength(255);
716  $this->form_gui->addItem($serverurl);
717 
718  $version = new ilSelectInputGUI($this->lng->txt('ldap_version'), 'version');
719  $version->setOptions(array(2 => 2, 3 => 3));
720  $version->setInfo($this->lng->txt('ldap_server_version_info'));
721  $this->form_gui->addItem($version);
722 
723  $basedsn = new ilTextInputGUI($this->lng->txt('basedn'), 'base_dn');
724  $basedsn->setRequired(true);
725  $basedsn->setSize(64);
726  $basedsn->setMaxLength(255);
727  $this->form_gui->addItem($basedsn);
728 
729  $referrals = new ilCheckboxInputGUI($this->lng->txt('ldap_referrals'), 'referrals');
730  $referrals->setValue(1);
731  $referrals->setInfo($this->lng->txt('ldap_referrals_info'));
732  $this->form_gui->addItem($referrals);
733 
734  $section_security = new ilFormSectionHeaderGUI();
735  $section_security->setTitle($this->lng->txt('ldap_server_security_settings'));
736  $this->form_gui->addItem($section_security);
737 
738  $tls = new ilCheckboxInputGUI($this->lng->txt('ldap_tls'), 'tls');
739  $tls->setValue(1);
740  $this->form_gui->addItem($tls);
741 
742  $binding = new ilRadioGroupInputGUI($this->lng->txt('ldap_server_binding'), 'binding_type');
743  $anonymous = new ilRadioOption($this->lng->txt('ldap_bind_anonymous'), IL_LDAP_BIND_ANONYMOUS);
744  $binding->addOption($anonymous);
745  $user = new ilRadioOption($this->lng->txt('ldap_bind_user'), IL_LDAP_BIND_USER);
746  $dn = new ilTextInputGUI($this->lng->txt('ldap_server_bind_dn'), 'bind_dn');
747  $dn->setSize(64);
748  $dn->setMaxLength(255);
749  $user->addSubItem($dn);
750  $pass = new ilPasswordInputGUI($this->lng->txt('ldap_server_bind_pass'), 'bind_pass');
751  $pass->setSkipSyntaxCheck(true);
752  $pass->setSize(12);
753  $pass->setMaxLength(36);
754  $user->addSubItem($pass);
755  $binding->addOption($user);
756  $this->form_gui->addItem($binding);
757 
758  $section_auth = new ilFormSectionHeaderGUI();
759  $section_auth->setTitle($this->lng->txt('ldap_authentication_settings'));
760  $this->form_gui->addItem($section_auth);
761 
762  $search_base = new ilTextInputGUI($this->lng->txt('ldap_user_dn'), 'search_base');
763  $search_base->setInfo($this->lng->txt('ldap_search_base_info'));
764  $search_base->setSize(64);
765  $search_base->setMaxLength(255);
766  $this->form_gui->addItem($search_base);
767 
768  $user_scope = new ilSelectInputGUI($this->lng->txt('ldap_user_scope'), 'user_scope');
769  $user_scope->setOptions(array(IL_LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
770  IL_LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')));
771  $user_scope->setInfo($this->lng->txt('ldap_user_scope_info'));
772  $this->form_gui->addItem($user_scope);
773 
774  $user_attribute = new ilTextInputGUI($this->lng->txt('ldap_user_attribute'), 'user_attribute');
775  $user_attribute->setSize(16);
776  $user_attribute->setMaxLength(64);
777  $user_attribute->setRequired(true);
778  $this->form_gui->addItem($user_attribute);
779 
780  $filter = new ilTextInputGUI($this->lng->txt('ldap_search_filter'), 'filter');
781  $filter->setInfo($this->lng->txt('ldap_filter_info'));
782  $filter->setSize(64);
783  $filter->setMaxLength(512);
784  $this->form_gui->addItem($filter);
785 
786  $section_restrictions = new ilFormSectionHeaderGUI();
787  $section_restrictions->setTitle($this->lng->txt('ldap_group_restrictions'));
788  $this->form_gui->addItem($section_restrictions);
789 
790  $group_dn = new ilTextInputGUI($this->lng->txt('ldap_group_search_base'), 'group_dn');
791  $group_dn->setInfo($this->lng->txt('ldap_group_dn_info'));
792  $group_dn->setSize(64);
793  $group_dn->setMaxLength(255);
794  $this->form_gui->addItem($group_dn);
795 
796  $group_scope = new ilSelectInputGUI($this->lng->txt('ldap_group_scope'), 'group_scope');
797  $group_scope->setOptions(array(IL_LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
798  IL_LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')));
799  $group_scope->setInfo($this->lng->txt('ldap_group_scope_info'));
800  $this->form_gui->addItem($group_scope);
801 
802  $group_filter = new ilTextInputGUI($this->lng->txt('ldap_group_filter'), 'group_filter');
803  $group_filter->setInfo($this->lng->txt('ldap_group_filter_info'));
804  $group_filter->setSize(64);
805  $group_filter->setMaxLength(255);
806  $this->form_gui->addItem($group_filter);
807 
808  $group_member = new ilTextInputGUI($this->lng->txt('ldap_group_member'), 'group_member');
809  $group_member->setInfo($this->lng->txt('ldap_group_member_info'));
810  $group_member->setSize(32);
811  $group_member->setMaxLength(255);
812  $this->form_gui->addItem($group_member);
813 
814 
815  $group_member_isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_memberisdn'), 'memberisdn');
816  #$group_member_isdn->setInfo($this->lng->txt('ldap_group_member_info'));
817  $this->form_gui->addItem($group_member_isdn);
818  #$group_member->addSubItem($group_member_isdn);
819 
820  $escapedn = new ilCheckboxInputGUI($this->lng->txt('ldap_escapedn'), 'escape_dn');
821  $escapedn->setValue(1);
822  $escapedn->setInfo($this->lng->txt('ldap_escapedn_info'));
823  $this->form_gui->addItem($escapedn);
824 
825  $group = new ilTextInputGUI($this->lng->txt('ldap_group_name'), 'group');
826  $group->setInfo($this->lng->txt('ldap_group_name_info'));
827  $group->setSize(32);
828  $group->setMaxLength(255);
829  $this->form_gui->addItem($group);
830 
831  $group_atrr = new ilTextInputGUI($this->lng->txt('ldap_group_attribute'), 'group_attribute');
832  $group_atrr->setInfo($this->lng->txt('ldap_group_attribute_info'));
833  $group_atrr->setSize(16);
834  $group_atrr->setMaxLength(64);
835  $this->form_gui->addItem($group_atrr);
836 
837  $group_optional = new ilCheckboxInputGUI($this->lng->txt('ldap_group_membership'), 'group_optional');
838  $group_optional->setOptionTitle($this->lng->txt('ldap_group_member_optional'));
839  $group_optional->setInfo($this->lng->txt('ldap_group_optional_info'));
840  $group_optional->setValue(1);
841  $group_user_filter = new ilTextInputGUI($this->lng->txt('ldap_group_user_filter'), 'group_user_filter');
842  $group_user_filter->setSize(64);
843  $group_user_filter->setMaxLength(255);
844  $group_optional->addSubItem($group_user_filter);
845  $this->form_gui->addItem($group_optional);
846 
847  $section_sync = new ilFormSectionHeaderGUI();
848  $section_sync->setTitle($this->lng->txt('ldap_user_sync'));
849  $this->form_gui->addItem($section_sync);
850 
851  $ci_gui = new ilCustomInputGUI($this->lng->txt('ldap_moment_sync'));
852  $sync_on_login = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_login'), 'sync_on_login');
853  $sync_on_login->setValue(1);
854  $ci_gui->addSubItem($sync_on_login);
855  $sync_per_cron = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_cron'), 'sync_per_cron');
856  $sync_per_cron->setValue(1);
857  $ci_gui->addSubItem($sync_per_cron);
858  $ci_gui->setInfo($this->lng->txt('ldap_user_sync_info'));
859  $this->form_gui->addItem($ci_gui);
860 
861  $global_role = new ilSelectInputGUI($this->lng->txt('ldap_global_role_assignment'), 'global_role');
862  $global_role->setOptions($this->prepareRoleSelect(false));
863  $global_role->setInfo($this->lng->txt('ldap_global_role_info'));
864  $this->form_gui->addItem($global_role);
865 
866  $migr = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_migration'), 'migration');
867  $migr->setInfo($this->lng->txt('auth_ldap_migration_info'));
868  $migr->setValue(1);
869  $this->form_gui->addItem($migr);
870 
871 
872  include_once "Services/Administration/classes/class.ilAdministrationSettingsFormHandler.php";
873  ilAdministrationSettingsFormHandler::addFieldsToForm(
874  ilAdministrationSettingsFormHandler::FORM_LDAP,
875  $this->form_gui,
876  ilAdministrationSettingsFormHandler::getSettingsGUIInstance("auth")
877  );
878 
879 
880  $this->form_gui->addCommandButton('save', $this->lng->txt('save'));
881  if ($_GET["cmd"] == "addServerSettings") {
882  $this->form_gui->addCommandButton('serverList', $this->lng->txt('cancel'));
883  }
884  }
885 
886  /*
887  * Update Settings
888  */
889  public function save()
890  {
891  global $DIC;
892 
893  $ilErr = $DIC['ilErr'];
894 
895  $this->setSubTabs();
896  $this->tabs_gui->setTabActive('settings');
897 
898  $this->initForm();
899  if ($this->form_gui->checkInput()) {
900  $this->server->toggleActive((int) $this->form_gui->getInput('active'));
901  $this->server->enableAuthentication(!$this->form_gui->getInput('ds'));
902  $this->server->setName($this->form_gui->getInput('server_name'));
903  $this->server->setUrl($this->form_gui->getInput('server_url'));
904  $this->server->setVersion($this->form_gui->getInput('version'));
905  $this->server->setBaseDN($this->form_gui->getInput('base_dn'));
906  $this->server->toggleReferrer($this->form_gui->getInput('referrals'));
907  $this->server->toggleTLS($this->form_gui->getInput('tls'));
908  $this->server->setBindingType((int) $this->form_gui->getInput('binding_type'));
909  $this->server->setBindUser($this->form_gui->getInput('bind_dn'));
910  $this->server->setBindPassword($this->form_gui->getInput('bind_pass'));
911  $this->server->setSearchBase($this->form_gui->getInput('search_base'));
912  $this->server->setUserScope($this->form_gui->getInput('user_scope'));
913  $this->server->setUserAttribute($this->form_gui->getInput('user_attribute'));
914  $this->server->setFilter($this->form_gui->getInput('filter'));
915  $this->server->setGroupDN($this->form_gui->getInput('group_dn'));
916  $this->server->setGroupScope((int) $this->form_gui->getInput('group_scope'));
917  $this->server->setGroupFilter($this->form_gui->getInput('group_filter'));
918  $this->server->setGroupMember($this->form_gui->getInput('group_member'));
919  $this->server->enableGroupMemberIsDN((int) $this->form_gui->getInput('memberisdn'));
920  $this->server->setGroupName($this->form_gui->getInput('group'));
921  $this->server->setGroupAttribute($this->form_gui->getInput('group_attribute'));
922  $this->server->setGroupUserFilter($this->form_gui->getInput('group_user_filter'));
923  $this->server->toggleMembershipOptional((int) $this->form_gui->getInput('group_optional'));
924  $this->server->enableSyncOnLogin((int) $this->form_gui->getInput('sync_on_login'));
925  $this->server->enableSyncPerCron((int) $this->form_gui->getInput('sync_per_cron'));
926  $this->server->setGlobalRole((int) $this->form_gui->getInput('global_role'));
927  $this->server->enableAccountMigration((int) $this->form_gui->getInput('migration'));
928  $this->server->setUsernameFilter($this->form_gui->getInput("name_filter"));
929  $this->server->enableEscapeDN((bool) $this->form_gui->getInput('escape_dn'));
930  if (!$this->server->validate()) {
931  ilUtil::sendFailure($ilErr->getMessage());
932  $this->form_gui->setValuesByPost();
933  return $this->tpl->setContent($this->form_gui->getHtml());
934  }
935 
936  // Update or create
937  if ($this->server->getServerId()) {
938  $this->server->update();
939  } else {
940  $this->server->create();
941  }
942 
943  // Now server_id exists => update LDAP attribute mapping
944  $this->initAttributeMapping();
945  $this->mapping->setRule('global_role', (int) $this->form_gui->getInput('global_role'), false);
946  $this->mapping->save();
947 
948  ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
949  $this->ctrl->redirect($this, 'serverList');
950  return true;
951  }
952 
953  $this->form_gui->setValuesByPost();
954  return $this->tpl->setContent($this->form_gui->getHtml());
955  }
956 
957 
958 
964  private function setSubTabs()
965  {
966  $this->tabs_gui->clearTargets();
967 
968  $this->tabs_gui->setBackTarget(
969  $this->lng->txt("back"),
970  $this->ctrl->getLinkTarget($this, 'serverList')
971  );
972 
973  /*$this->tabs_gui->addSubTabTarget("ldap_settings",
974  $this->ctrl->getLinkTarget($this,'serverList'),
975  "serverList",get_class($this));*/
976 
977  $this->tabs_gui->addTab(
978  "settings",
979  $this->lng->txt("ldap_settings"),
980  $this->ctrl->getLinkTarget($this, 'editServerSettings')
981  );
982 
983  // Disable all other tabs, if server hasn't been configured.
984  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
985  if (!count(ilLDAPServer::_getServerList())) {
986  return true;
987  }
988 
989  /*$this->tabs_gui->addSubTabTarget("ldap_user_mapping",
990  $this->ctrl->getLinkTarget($this,'userMapping'),
991  "userMapping",get_class($this));*/
992 
993  $this->tabs_gui->addTab(
994  "user_mapping",
995  $this->lng->txt("ldap_user_mapping"),
996  $this->ctrl->getLinkTarget($this, 'userMapping')
997  );
998 
999  /*$this->tabs_gui->addSubTabTarget('ldap_role_assignments',
1000  $this->ctrl->getLinkTarget($this,'roleAssignments'),
1001  "roleAssignments",get_class($this));*/
1002 
1003  $this->tabs_gui->addTab(
1004  "role_assignments",
1005  $this->lng->txt('ldap_role_assignments'),
1006  $this->ctrl->getLinkTarget($this, 'roleAssignments')
1007  );
1008 
1009  /*$this->tabs_gui->addSubTabTarget("ldap_role_mapping",
1010  $this->ctrl->getLinkTarget($this,'roleMapping'),
1011  "roleMapping",get_class($this));
1012  "roleMapping",get_class($this));*/
1013  $this->tabs_gui->addTab(
1014  "role_mapping",
1015  $this->lng->txt("ldap_role_mapping"),
1016  $this->ctrl->getLinkTarget($this, 'roleMapping')
1017  );
1018  }
1019 
1020 
1021  private function initServer()
1022  {
1023  include_once './Services/LDAP/classes/class.ilLDAPServer.php';
1024  if (!$_REQUEST['ldap_server_id']) {
1025  $_REQUEST['ldap_server_id'] = 0;
1026  }
1027  $this->server = new ilLDAPServer((int) $_REQUEST['ldap_server_id']);
1028  }
1029 
1030  private function initAttributeMapping()
1031  {
1032  include_once './Services/LDAP/classes/class.ilLDAPAttributeMapping.php';
1033  $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->getServer()->getServerId());
1034  }
1035 
1036  private function initRoleMapping()
1037  {
1038  include_once './Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
1039  $this->role_mapping = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId($this->getServer()->getServerId());
1040  }
1041 
1047  private function prepareGlobalRoleSelection($a_as_select = true)
1048  {
1049  global $DIC;
1050 
1051  $rbacreview = $DIC['rbacreview'];
1052  $ilObjDataCache = $DIC['ilObjDataCache'];
1053 
1054  $global_roles = ilUtil::_sortIds(
1055  $rbacreview->getGlobalRoles(),
1056  'object_data',
1057  'title',
1058  'obj_id'
1059  );
1060 
1061  $select[0] = $this->lng->txt('links_select_one');
1062  foreach ($global_roles as $role_id) {
1063  $select[$role_id] = ilObject::_lookupTitle($role_id);
1064  }
1065  return $select;
1066  }
1067 
1068 
1075  private function prepareRoleSelect($a_as_select = true)
1076  {
1077  global $DIC;
1078 
1079  $rbacreview = $DIC['rbacreview'];
1080  $ilObjDataCache = $DIC['ilObjDataCache'];
1081 
1082  include_once('./Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
1083 
1084  $global_roles = ilUtil::_sortIds(
1085  $rbacreview->getGlobalRoles(),
1086  'object_data',
1087  'title',
1088  'obj_id'
1089  );
1090 
1091  $select[0] = $this->lng->txt('links_select_one');
1092  foreach ($global_roles as $role_id) {
1093  $select[$role_id] = ilObject::_lookupTitle($role_id);
1094  }
1095 
1096  if ($a_as_select) {
1097  return ilUtil::formSelect(
1098  ilLDAPAttributeMapping::_lookupGlobalRole($this->server->getServerId()),
1099  'global_role',
1100  $select,
1101  false,
1102  true
1103  );
1104  } else {
1105  return $select;
1106  }
1107  }
1108 
1109 
1110  private function getMappingFields()
1111  {
1112  return array('gender' => $this->lng->txt('gender'),
1113  'firstname' => $this->lng->txt('firstname'),
1114  'lastname' => $this->lng->txt('lastname'),
1115  'title' => $this->lng->txt('person_title'),
1116  'institution' => $this->lng->txt('institution'),
1117  'department' => $this->lng->txt('department'),
1118  'street' => $this->lng->txt('street'),
1119  'city' => $this->lng->txt('city'),
1120  'zipcode' => $this->lng->txt('zipcode'),
1121  'country' => $this->lng->txt('country'),
1122  'phone_office' => $this->lng->txt('phone_office'),
1123  'phone_home' => $this->lng->txt('phone_home'),
1124  'phone_mobile' => $this->lng->txt('phone_mobile'),
1125  'fax' => $this->lng->txt('fax'),
1126  'email' => $this->lng->txt('email'),
1127  'hobby' => $this->lng->txt('hobby'),
1128  'matriculation' => $this->lng->txt('matriculation'));
1129  #'photo' => $this->lng->txt('photo'));
1130  }
1131 
1132  private function initUserDefinedFields()
1133  {
1134  include_once("./Services/User/classes/class.ilUserDefinedFields.php");
1135  $this->udf = ilUserDefinedFields::_getInstance();
1136  }
1137 
1138  private function prepareMappingSelect()
1139  {
1140  return ilUtil::formSelect($_POST['mapping_template'], 'mapping_template', array(0 => $this->lng->txt('ldap_mapping_template'),
1141  "inetOrgPerson" => 'inetOrgPerson',
1142  "organizationalPerson" => 'organizationalPerson',
1143  "person" => 'person',
1144  "ad_2003" => 'Active Directory (Win 2003)'), false, true);
1145  }
1146 
1153  private function loadMappingDetails()
1154  {
1155  if (!isset($_SESSION['ldap_mapping_details'])) {
1156  $_SESSION['ldap_mapping_details'] = array();
1157  }
1158  if (isset($_GET['details_show'])) {
1159  $_SESSION['ldap_mapping_details'][$_GET['details_show']] = $_GET['details_show'];
1160  }
1161  if (isset($_GET['details_hide'])) {
1162  unset($_SESSION['ldap_mapping_details'][$_GET['details_hide']]);
1163  }
1164  }
1165 
1174  protected function initFormRoleAssignments($a_mode)
1175  {
1176  include_once('Services/Form/classes/class.ilPropertyFormGUI.php');
1177  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
1178 
1179  $this->form = new ilPropertyFormGUI();
1180  $this->form->setFormAction($this->ctrl->getFormAction($this));
1181 
1182  switch ($a_mode) {
1183  case 'edit':
1184  $this->form->setTitle($this->lng->txt('ldap_edit_role_ass_rule'));
1185  $this->form->addCommandButton('updateRoleAssignment', $this->lng->txt('save'));
1186  //$this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
1187  break;
1188  case 'create':
1189  $this->form->setTitle($this->lng->txt('ldap_add_role_ass_rule'));
1190  $this->form->addCommandButton('addRoleAssignment', $this->lng->txt('ldap_btn_add_role_ass'));
1191  //$this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
1192  break;
1193  }
1194 
1195  // Role Selection
1196  $role = new ilRadioGroupInputGUI($this->lng->txt('ldap_ilias_role'), 'role_name');
1197  $role->setRequired(true);
1198 
1199  $global = new ilRadioOption($this->lng->txt('ldap_global_role'), 0);
1200  $role->addOption($global);
1201 
1202  $role_select = new ilSelectInputGUI('', 'role_id');
1203  $role_select->setOptions($this->prepareGlobalRoleSelection());
1204  $global->addSubItem($role_select);
1205 
1206  $local = new ilRadioOption($this->lng->txt('ldap_local_role'), 1);
1207  $role->addOption($local);
1208 
1209  include_once './Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php';
1210  $role_search = new ilRoleAutoCompleteInputGUI('', 'role_search', $this, 'addRoleAutoCompleteObject');
1211  $role_search->setSize(40);
1212  $local->addSubItem($role_search);
1213 
1214  $role->setInfo($this->lng->txt('ldap_role_name_info'));
1215  $this->form->addItem($role);
1216 
1217  // Update options
1218  $update = new ilNonEditableValueGUI($this->lng->txt('ldap_update_roles'), 'update_roles');
1219  $update->setValue($this->lng->txt('ldap_check_role_assignment'));
1220 
1221  $add = new ilCheckboxInputGUI('', 'add_missing');
1222  $add->setOptionTitle($this->lng->txt('ldap_add_missing'));
1223  $update->addSubItem($add);
1224 
1225  $remove = new ilCheckboxInputGUI('', 'remove_deprecated');
1226  $remove->setOptionTitle($this->lng->txt('ldap_remove_deprecated'));
1227  $update->addSubItem($remove);
1228 
1229  $this->form->addItem($update);
1230 
1231 
1232 
1233  // Assignment Type
1234  $group = new ilRadioGroupInputGUI($this->lng->txt('ldap_assignment_type'), 'type');
1235  #$group->setValue($current_rule->getType());
1236  $group->setRequired(true);
1237 
1238  // Option by group
1239  $radio_group = new ilRadioOption($this->lng->txt('ldap_role_by_group'), ilLDAPRoleAssignmentRule::TYPE_GROUP);
1240 
1241  $dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn'), 'dn');
1242  #$dn->setValue($current_rule->getDN());
1243  $dn->setSize(32);
1244  $dn->setMaxLength(512);
1245  $dn->setInfo($this->lng->txt('ldap_role_grp_dn_info'));
1246  $radio_group->addSubItem($dn);
1247  $at = new ilTextInputGUI($this->lng->txt('ldap_role_grp_at'), 'at');
1248  #$at->setValue($current_rule->getMemberAttribute());
1249  $at->setSize(16);
1250  $at->setMaxLength(128);
1251  $radio_group->addSubItem($at);
1252  $isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_role_grp_isdn'), 'isdn');
1253  #$isdn->setChecked($current_rule->isMemberAttributeDN());
1254  $isdn->setInfo($this->lng->txt('ldap_group_member_info'));
1255  $radio_group->addSubItem($isdn);
1256  $radio_group->setInfo($this->lng->txt('ldap_role_grp_info'));
1257 
1258  $group->addOption($radio_group);
1259 
1260  // Option by Attribute
1261  $radio_attribute = new ilRadioOption($this->lng->txt('ldap_role_by_attribute'), ilLDAPRoleAssignmentRule::TYPE_ATTRIBUTE);
1262  $name = new ilTextInputGUI($this->lng->txt('ldap_role_at_name'), 'name');
1263  #$name->setValue($current_rule->getAttributeName());
1264  $name->setSize(32);
1265  $name->setMaxLength(128);
1266  #$name->setInfo($this->lng->txt('ldap_role_at_name_info'));
1267  $radio_attribute->addSubItem($name);
1268 
1269  // Radio Attribute
1270  $val = new ilTextInputGUI($this->lng->txt('ldap_role_at_value'), 'value');
1271  #$val->setValue($current_rule->getAttributeValue());
1272  $val->setSize(32);
1273  $val->setMaxLength(128);
1274  #$val->setInfo($this->lng->txt('ldap_role_at_value_info'));
1275  $radio_attribute->addSubItem($val);
1276  $radio_attribute->setInfo($this->lng->txt('ldap_role_at_info'));
1277 
1278  $group->addOption($radio_attribute);
1279 
1280  // Option by Plugin
1281  $pl_active = (bool) $this->hasActiveRoleAssignmentPlugins();
1282  $pl = new ilRadioOption($this->lng->txt('ldap_plugin'), 3);
1283  $pl->setInfo($this->lng->txt('ldap_plugin_info'));
1284  $pl->setDisabled(!$pl_active);
1285 
1286  $id = new ilNumberInputGUI($this->lng->txt('ldap_plugin_id'), 'plugin_id');
1287  $id->setDisabled(!$pl_active);
1288  $id->setSize(3);
1289  $id->setMaxLength(3);
1290  $id->setMaxValue(999);
1291  $id->setMinValue(1);
1292  $pl->addSubItem($id);
1293 
1294  $group->addOption($pl);
1295  $this->form->addItem($group);
1296  }
1297 
1302  private function hasActiveRoleAssignmentPlugins()
1303  {
1304  global $DIC;
1305 
1306  $ilPluginAdmin = $DIC['ilPluginAdmin'];
1307 
1308  return count($ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, 'LDAP', 'ldaphk')) ? true : false;
1309  }
1310 
1311 
1315  public function addRoleAutoCompleteObject()
1316  {
1317  include_once("./Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php");
1318  ilRoleAutoCompleteInputGUI::echoAutoCompleteList();
1319  }
1320 
1321 
1322 
1323 
1328  private function userMappingToolbar()
1329  {
1330  global $DIC;
1331 
1332  $ilToolbar = $DIC['ilToolbar'];
1333  include_once("./Services/Form/classes/class.ilSelectInputGUI.php");
1334 
1335  $select_form = new ilSelectInputGUI("mapping_template");
1336  $select_form->setPostVar("mapping_template");
1337  $options = array(
1338  "" => $this->lng->txt('ldap_mapping_template'),
1339  "inetOrgPerson" => 'inetOrgPerson',
1340  "organizationalPerson" => 'organizationalPerson',
1341  "person" => 'person',
1342  "ad_2003" => 'Active Directory (Win 2003)');
1343  $select_form->setOptions($options);
1344  $select_form->setValue($_POST['mapping_template']);
1345 
1346  $ilToolbar->addInputItem($select_form);
1347  $ilToolbar->addFormButton($this->lng->txt('show'), "chooseMapping");
1348  $ilToolbar->setFormAction($this->ctrl->getFormAction($this, "chooseMapping"));
1349  }
1350 
1355  private function initUserMappingForm()
1356  {
1357  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1358  $propertie_form = new ilPropertyFormGUI();
1359  $propertie_form->setTitle($this->lng->txt('ldap_mapping_table'));
1360  $propertie_form->setFormAction($this->ctrl->getFormAction($this, 'saveMapping'));
1361  $propertie_form->addCommandButton('saveMapping', $this->lng->txt('save'));
1362 
1363  foreach ($this->getMappingFields() as $mapping => $lang) {
1364  $text_form = new ilTextInputGUI($lang);
1365  $text_form->setPostVar($mapping . "_value");
1366  $text_form->setValue($this->mapping->getValue($mapping));
1367  $text_form->setSize(32);
1368  $text_form->setMaxLength(255);
1369  $propertie_form->addItem($text_form);
1370 
1371  $checkbox_form = new ilCheckboxInputGUI("");
1372  $checkbox_form->setPostVar($mapping . "_update");
1373  $checkbox_form->setChecked($this->mapping->enabledUpdate($mapping));
1374  $checkbox_form->setOptionTitle($this->lng->txt('ldap_update_field_info'));
1375  $propertie_form->addItem($checkbox_form);
1376  }
1377 
1378  $this->initUserDefinedFields();
1379  foreach ($this->udf->getDefinitions() as $definition) {
1380  $text_form = new ilTextInputGUI($definition['field_name']);
1381  $text_form->setPostVar('udf_' . $definition['field_id'] . '_value');
1382  $text_form->setValue($this->mapping->getValue('udf_' . $definition['field_id']));
1383  $text_form->setSize(32);
1384  $text_form->setMaxLength(255);
1385  $propertie_form->addItem($text_form);
1386 
1387  $checkbox_form = new ilCheckboxInputGUI("");
1388  $checkbox_form->setPostVar('udf_' . $definition['field_id'] . '_update');
1389  $checkbox_form->setChecked($this->mapping->enabledUpdate('udf_' . $definition['field_id']));
1390  $checkbox_form->setOptionTitle($this->lng->txt('ldap_update_field_info'));
1391  $propertie_form->addItem($checkbox_form);
1392  }
1393 
1394  return $propertie_form;
1395  }
1396 
1401  public function roleMapping()
1402  {
1403  global $DIC;
1404 
1405  $ilToolbar = $DIC['ilToolbar'];
1406  $this->setSubTabs();
1407  $this->tabs_gui->setTabActive('role_mapping');
1408  $ilToolbar->addButton(
1409  $this->lng->txt("ldap_new_role_assignment"),
1410  $this->ctrl->getLinkTarget($this, 'addRoleMapping')
1411  );
1412  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1413 
1414  //Set propertyform for synchronization settings
1415  include_once("./Services/Form/classes/class.ilCombinationInputGUI.php");
1416  $propertie_form = new ilPropertyFormGUI();
1417  $propertie_form->setTitle($this->lng->txt('ldap_role_settings'));
1418  $propertie_form->setFormAction($this->ctrl->getFormAction($this, "saveSyncronizationSettings"));
1419  $propertie_form->addCommandButton("saveSyncronizationSettings", $this->lng->txt('save'));
1420  $role_active = new ilCheckboxInputGUI($this->lng->txt('ldap_role_active'));
1421  $role_active->setPostVar('role_sync_active');
1422  $role_active->setChecked($this->server->enabledRoleSynchronization() ? true : false);
1423  $propertie_form->addItem($role_active);
1424  $binding = new ilCombinationInputGUI($this->lng->txt('ldap_server_binding'));
1425  $binding->setInfo($this->lng->txt('ldap_role_bind_user_info'));
1426  $user = new ilTextInputGUI("");
1427  $user->setPostVar("role_bind_user");
1428  $user->setValue($this->server->getRoleBindDN());
1429  $user->setSize(50);
1430  $user->setMaxLength(255);
1431  $binding->addCombinationItem(0, $user, $this->lng->txt('ldap_role_bind_user'));
1432  $pass = new ilPasswordInputGUI("");
1433  $pass->setPostVar("role_bind_pass");
1434  $pass->setValue($this->server->getRoleBindPassword());
1435  $pass->setSize(12);
1436  $pass->setMaxLength(36);
1437  $pass->setRetype(false);
1438  $binding->addCombinationItem(1, $pass, $this->lng->txt('ldap_role_bind_pass'));
1439  $propertie_form->addItem($binding);
1440 
1441  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_mappings.html', 'Services/LDAP');
1442  $this->tpl->setVariable("NEW_ASSIGNMENT_TBL", $propertie_form->getHTML());
1443 
1444  //Set Group Assignments Table if mappings exist
1445  include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php');
1446  $mapping_instance = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId($this->server->getServerId());
1447  $mappings = $mapping_instance->getMappings();
1448  if (count($mappings)) {
1449  include_once("./Services/LDAP/classes/class.ilLDAPRoleMappingTableGUI.php");
1450  $table_gui = new ilLDAPRoleMappingTableGUI($this, $this->server->getServerId());
1451  $table_gui->setTitle($this->lng->txt('ldap_role_group_assignments'));
1452  $table_gui->setData($mappings);
1453  $this->tpl->setVariable("RULES_TBL", $table_gui->getHTML());
1454  }
1455  }
1456 
1460  public function editRoleMapping()
1461  {
1462  include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1463  $mapping = new ilLDAPRoleGroupMappingSetting($_GET["mapping_id"]);
1464  $mapping->read();
1465 
1466  $propertie_form = $this->initRoleMappingForm("updateRoleMapping");
1467  $propertie_form->setTitle($this->lng->txt('ldap_edit_role_assignment'));
1468  $propertie_form->getItemByPostVar("url")->setValue($mapping->getURL());
1469  $propertie_form->getItemByPostVar("dn")->setValue($mapping->getDN());
1470  $propertie_form->getItemByPostVar("member")->setValue($mapping->getMemberAttribute());
1471  $propertie_form->getItemByPostVar("memberisdn")->setChecked($mapping->getMemberISDN());
1472  $propertie_form->getItemByPostVar("role")->setValue($mapping->getRoleName());
1473  $propertie_form->getItemByPostVar("info")->setValue($mapping->getMappingInfo());
1474  $propertie_form->getItemByPostVar("info_type")->setChecked($mapping->getMappingInfoType());
1475 
1476  $this->tpl->setContent($propertie_form->getHTML());
1477  }
1478 
1479 
1480 
1485  public function createRoleMapping()
1486  {
1487  global $DIC;
1488 
1489  $rbacreview = $DIC['rbacreview'];
1490  $propertie_form = $this->initRoleMappingForm("createRoleMapping");
1491 
1492  if ($propertie_form->checkInput() && $rbacreview->roleExists($propertie_form->getInput("role"))) {
1493  include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1494  $mapping = new ilLDAPRoleGroupMappingSetting(0);
1495  $mapping->setServerId($this->server->getServerId());
1496  $mapping->setURL($propertie_form->getInput("url"));
1497  $mapping->setDN($propertie_form->getInput("dn"));
1498  $mapping->setMemberAttribute($propertie_form->getInput("member"));
1499  $mapping->setMemberISDN($propertie_form->getInput("memberisdn"));
1500  $mapping->setRoleByName($propertie_form->getInput("role"));
1501  $mapping->setMappingInfo($propertie_form->getInput("info"));
1502  $mapping->setMappingInfoType($propertie_form->getInput("info_type"));
1503  $mapping->save();
1504 
1505  ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
1506  $this->ctrl->redirect($this, "roleMapping");
1507  } else {
1508  if (!$rbacreview->roleExists($propertie_form->getInput("role"))) {
1509  ilUtil::sendFailure($this->lng->txt("ldap_role_not_exists") . " " .
1510  $propertie_form->getInput("role"));
1511  }
1512  $propertie_form->setValuesByPost();
1513  $this->tpl->setContent($propertie_form->getHTML());
1514  }
1515  }
1516 
1520  public function confirmDeleteRoleMapping()
1521  {
1522  if (!is_array($_POST['mappings'])) {
1523  ilUtil::sendFailure($this->lng->txt('select_one'), true);
1524  $this->ctrl->redirect($this, "roleMapping");
1525  return false;
1526  }
1527 
1528  include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
1529  $c_gui = new ilConfirmationGUI();
1530 
1531  // set confirm/cancel commands
1532  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRoleMapping"));
1533  $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass"));
1534  $c_gui->setCancel($this->lng->txt("cancel"), "roleMapping");
1535  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRoleMapping");
1536 
1537  foreach ($_POST['mappings'] as $id) {
1538  include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1539  $mapping = new ilLDAPRoleGroupMappingSetting($id);
1540  $mapping->read();
1541  $txt = $this->lng->txt('obj_role') . ": " . $mapping->getRoleName() . ", ";
1542  $txt .= $this->lng->txt('ldap_group_dn') . ": " . $mapping->getDN() . ", ";
1543  $txt .= $this->lng->txt('ldap_server_short') . " " . $mapping->getURL() . ", ";
1544  $txt .= $this->lng->txt('ldap_group_member_short') . " " . $mapping->getMemberAttribute();
1545 
1546  $c_gui->addItem("mappings[]", $id, $txt);
1547  }
1548  $this->tpl->setContent($c_gui->getHTML());
1549  }
1550 
1551  public function addServerSettings()
1552  {
1553  $this->ctrl->clearParameters($this);
1554 
1555  $this->initForm();
1556  return $this->tpl->setContent($this->form_gui->getHtml());
1557  }
1558 
1559  public function editServerSettings()
1560  {
1561  $this->setSubTabs();
1562  $this->tabs_gui->setTabActive('settings');
1563 
1564  $this->initForm();
1565  $this->setServerFormValues();
1566  return $this->tpl->setContent($this->form_gui->getHtml());
1567  }
1568 
1569 
1577  public function confirmDeleteServerSettings()
1578  {
1579  if (!isset($_GET["ldap_server_id"])) {
1580  ilUtil::sendFailure($this->lng->txt('select_one'));
1581  $this->serverList();
1582  return false;
1583  }
1584 
1585  include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
1586  $c_gui = new ilConfirmationGUI();
1587 
1588  // set confirm/cancel commands
1589  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteServerSettings"));
1590  $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_server_settings"));
1591  $c_gui->setCancel($this->lng->txt("cancel"), "serverList");
1592  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteServerSettings");
1593 
1594  // add items to delete
1595  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
1596  foreach ((array) $_GET["ldap_server_id"] as $server_id) {
1597  $setting = new ilLDAPServer($server_id);
1598  $c_gui->addItem('server_ids[]', $server_id, $setting->getName());
1599  }
1600  $this->tpl->setContent($c_gui->getHTML());
1601  }
1602 
1606  public function deleteServerSettings()
1607  {
1608  if (!is_array($_POST["server_ids"])) {
1609  ilUtil::sendFailure($this->lng->txt('select_one'));
1610  $this->serverList();
1611  return false;
1612  }
1613 
1614  foreach ((array) $_POST["server_ids"] as $server_id) {
1615  $setting = new ilLDAPServer($server_id);
1616  $setting->delete();
1617  }
1618  ilUtil::sendSuccess($this->lng->txt('deleted'));
1619 
1620  $this->serverList();
1621  }
1622 
1626  public function userMapping()
1627  {
1628  $this->initAttributeMapping();
1629 
1630  $this->setSubTabs();
1631  $this->tabs_gui->setTabActive('user_mapping');
1632  $this->userMappingToolbar();
1633 
1634  $propertie_form = $this->initUserMappingForm();
1635 
1636  $this->tpl->setContent($propertie_form->getHTML());
1637  }
1638 
1639 
1640 
1641  public function activateServer()
1642  {
1643  $this->server->toggleActive(1);
1644  $this->server->update();
1645  $this->serverList();
1646  }
1647 
1648  public function deactivateServer()
1649  {
1650  $this->server->toggleActive(0);
1651  $this->server->update();
1652  $this->serverList();
1653  }
1654 
1655 
1656 
1657 
1663  private function initRoleMappingForm($command)
1664  {
1665  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1666  $this->setSubTabs();
1667  $this->tabs_gui->setTabActive('role_mapping');
1668 
1669  if (isset($_GET["mapping_id"])) {
1670  $this->ctrl->setParameter($this, 'mapping_id', $_GET["mapping_id"]);
1671  }
1672 
1673  $propertie_form = new ilPropertyFormGUI();
1674  $propertie_form->setTitle($this->lng->txt('ldap_mapping_table'));
1675  $propertie_form->setFormAction($this->ctrl->getFormAction($this, $command));
1676  $propertie_form->addCommandButton($command, $this->lng->txt('save'));
1677  $propertie_form->addCommandButton("roleMapping", $this->lng->txt('cancel'));
1678 
1679  $url = new ilTextInputGUI($this->lng->txt('ldap_server'));
1680  $url->setPostVar("url");
1681  $url->setSize(50);
1682  $url->setMaxLength(255);
1683  $url->setRequired(true);
1684 
1685  $group_dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn'));
1686  $group_dn->setPostVar("dn");
1687  $group_dn->setSize(50);
1688  $group_dn->setMaxLength(255);
1689  $group_dn->setInfo($this->lng->txt('ldap_dn_info'));
1690  $group_dn->setRequired(true);
1691 
1692  $member = new ilTextInputGUI($this->lng->txt('ldap_group_member'));
1693  $member->setPostVar("member");
1694  $member->setSize(32);
1695  $member->setMaxLength(255);
1696  $member->setInfo($this->lng->txt('ldap_member_info'));
1697  $member->setRequired(true);
1698 
1699  $member_isdn = new ilCheckboxInputGUI("");
1700  $member_isdn->setPostVar("memberisdn");
1701  $member_isdn->setOptionTitle($this->lng->txt('ldap_memberisdn'));
1702 
1703  $role = new ilTextInputGUI($this->lng->txt('ldap_ilias_role'));
1704  $role->setPostVar("role");
1705  $role->setSize(32);
1706  $role->setMaxLength(255);
1707  $role->setInfo($this->lng->txt('ldap_role_info'));
1708  $role->setRequired(true);
1709 
1710  $info = new ilTextAreaInputGUI($this->lng->txt('ldap_info_text'));
1711  $info->setPostVar("info");
1712  $info->setCols(50);
1713  $info->setRows(3);
1714  $info->setInfo($this->lng->txt('ldap_info_text_info'));
1715 
1716  $info_type = new ilCheckboxInputGUI("");
1717  $info_type->setPostVar("info_type");
1718  $info_type->setOptionTitle($this->lng->txt('ldap_mapping_info_type'));
1719 
1720  $propertie_form->addItem($url);
1721  $propertie_form->addItem($group_dn);
1722  $propertie_form->addItem($member);
1723  $propertie_form->addItem($member_isdn);
1724  $propertie_form->addItem($role);
1725  $propertie_form->addItem($info);
1726  $propertie_form->addItem($info_type);
1727 
1728  return $propertie_form;
1729  }
1730 
1731 
1732 
1736  public function addRoleMapping()
1737  {
1738  $propertie_form = $this->initRoleMappingForm("createRoleMapping");
1739  $propertie_form->getItemByPostVar("url")->setValue($this->server->getUrl());
1740 
1741  if (isset($_GET["mapping_id"])) {
1742  include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1743  $mapping = new ilLDAPRoleGroupMappingSetting($_GET["mapping_id"]);
1744  $mapping->read();
1745 
1746  $propertie_form->getItemByPostVar("url")->setValue($mapping->getURL());
1747  $propertie_form->getItemByPostVar("dn")->setValue($mapping->getDN());
1748  $propertie_form->getItemByPostVar("member")->setValue($mapping->getMemberAttribute());
1749  $propertie_form->getItemByPostVar("memberisdn")->setChecked($mapping->getMemberISDN());
1750  $propertie_form->getItemByPostVar("role")->setValue($mapping->getRoleName());
1751  $propertie_form->getItemByPostVar("info")->setValue($mapping->getMappingInfo());
1752  $propertie_form->getItemByPostVar("info_type")->setChecked($mapping->getMappingInfoType());
1753  }
1754 
1755  $this->tpl->setContent($propertie_form->getHTML());
1756  }
1757 
1758 
1763  public function updateRoleMapping()
1764  {
1765  global $DIC;
1766 
1767  $rbacreview = $DIC['rbacreview'];
1768  $propertie_form = $this->initRoleMappingForm("updateRoleMapping");
1769 
1770  if ($propertie_form->checkInput() && $rbacreview->roleExists($propertie_form->getInput("role"))) {
1771  include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1772  $mapping = new ilLDAPRoleGroupMappingSetting($_GET["mapping_id"]);
1773  $mapping->setServerId($this->server->getServerId());
1774  $mapping->setURL($propertie_form->getInput("url"));
1775  $mapping->setDN($propertie_form->getInput("dn"));
1776  $mapping->setMemberAttribute($propertie_form->getInput("member"));
1777  $mapping->setMemberISDN($propertie_form->getInput("memberisdn"));
1778  $mapping->setRoleByName($propertie_form->getInput("role"));
1779  $mapping->setMappingInfo($propertie_form->getInput("info"));
1780  $mapping->setMappingInfoType($propertie_form->getInput("info_type"));
1781  $mapping->update();
1782 
1783  ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
1784  $this->ctrl->redirect($this, "roleMapping");
1785  } else {
1786  if (!$rbacreview->roleExists($propertie_form->getInput("role"))) {
1787  ilUtil::sendFailure($this->lng->txt("ldap_role_not_exists") . " " .
1788  $propertie_form->getInput("role"));
1789  }
1790  $propertie_form->setValuesByPost();
1791  $this->tpl->setContent($propertie_form->getHTML());
1792  }
1793  }
1794 
1798  public function saveSyncronizationSettings()
1799  {
1800  $this->server->setRoleBindDN(ilUtil::stripSlashes($_POST['role_bind_user']));
1801  $this->server->setRoleBindPassword(ilUtil::stripSlashes($_POST['role_bind_pass']));
1802  $this->server->enableRoleSynchronization((int) $_POST['role_sync_active']);
1803 
1804  // Update or create
1805  if ($this->server->getServerId()) {
1806  $this->server->update();
1807  }
1808  ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
1809  $this->ctrl->redirect($this, "roleMapping");
1810  }
1811 }
ilLDAPServer\checkLDAPLib
static checkLDAPLib()
Check if ldap module is installed.
Definition: class.ilLDAPServer.php:99
ilLDAPSettingsGUI\confirmDeleteRules
confirmDeleteRules()
Confirm delete rules.
Definition: class.ilLDAPSettingsGUI.php:248
ilLDAPSettingsGUI\userMappingToolbar
userMappingToolbar()
Create Toolbar ilToolbarGUI $ilToolbar.
Definition: class.ilLDAPSettingsGUI.php:1328
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
ilLDAPSettingsGUI\hasActiveRoleAssignmentPlugins
hasActiveRoleAssignmentPlugins()
Check if the plugin is active.
Definition: class.ilLDAPSettingsGUI.php:1302
ilLDAPSettingsGUI\createRoleMapping
createRoleMapping()
Check add screen input and save to db ilRbacReview $rbacreview.
Definition: class.ilLDAPSettingsGUI.php:1485
IL_LDAP_BIND_USER
const IL_LDAP_BIND_USER
Definition: class.ilLDAPServer.php:6
ilLDAPSettingsGUI\prepareGlobalRoleSelection
prepareGlobalRoleSelection($a_as_select=true)
New implementation for InputForm.
Definition: class.ilLDAPSettingsGUI.php:1047
ilLDAPSettingsGUI\checkRoleAssignmentInput
checkRoleAssignmentInput($a_rule_id=0)
Check role assignment input.
Definition: class.ilLDAPSettingsGUI.php:453
ilUserDefinedFields\_getInstance
static _getInstance()
Get instance.
Definition: class.ilUserDefinedFields.php:48
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
ilSelectInputGUI
This class represents a selection list property in a property form.
Definition: class.ilSelectInputGUI.php:17
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId($a_server_id)
Get instance of class.
Definition: class.ilLDAPAttributeMapping.php:68
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilLDAPSettingsGUI\saveSyncronizationSettings
saveSyncronizationSettings()
save Syncronization Settings on Role Mapping screen
Definition: class.ilLDAPSettingsGUI.php:1798
ilLDAPServer\_getServerList
static _getServerList()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:206
$DIC
global $DIC
Definition: saml.php:7
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$tpl
$tpl
Definition: ilias.php:10
ilLDAPSettingsGUI\loadMappingDetails
loadMappingDetails()
Load info about hide/show details.
Definition: class.ilLDAPSettingsGUI.php:1153
ilLDAPAttributeMapping\_lookupGlobalRole
static _lookupGlobalRole($a_server_id)
Lookup global role assignment.
Definition: class.ilLDAPAttributeMapping.php:102
ilFormSectionHeaderGUI
This class represents a section header in a property form.
Definition: class.ilFormSectionHeaderGUI.php:31
IL_LDAP_BIND_ANONYMOUS
const IL_LDAP_BIND_ANONYMOUS
Definition: class.ilLDAPServer.php:5
IL_LDAP_SCOPE_SUB
const IL_LDAP_SCOPE_SUB
Definition: class.ilLDAPServer.php:8
ilFormPropertyGUI\setPostVar
setPostVar($a_postvar)
Set Post Variable.
Definition: class.ilFormPropertyGUI.php:112
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
ilLDAPSettingsGUI\getServer
getServer()
Get server settings.
Definition: class.ilLDAPSettingsGUI.php:98
ilLDAPSettingsGUI\updateRoleMapping
updateRoleMapping()
Check edit screen input and save to db ilRbacReview $rbacreview.
Definition: class.ilLDAPSettingsGUI.php:1763
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:33
ilLDAPSettingsGUI\setSubTabs
setSubTabs()
Set sub tabs for ldap section.
Definition: class.ilLDAPSettingsGUI.php:964
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:988
ilLDAPSettingsGUI\editRoleAssignment
editRoleAssignment()
Edit role assignment.
Definition: class.ilLDAPSettingsGUI.php:142
ilLDAPSettingsGUI\prepareRoleSelect
prepareRoleSelect($a_as_select=true)
Used for old style table.
Definition: class.ilLDAPSettingsGUI.php:1075
ilLDAPSettingsGUI\setValuesByArray
setValuesByArray()
set values of form array
Definition: class.ilLDAPSettingsGUI.php:167
ilRadioOption\setInfo
setInfo($a_info)
Set Info.
Definition: class.ilRadioOption.php:71
ilLDAPSettingsGUI\initRoleMappingForm
initRoleMappingForm($command)
init propertyformgui for Assignment of LDAP Attributes to ILIAS User Profile
Definition: class.ilLDAPSettingsGUI.php:1663
ilLDAPSettingsGUI\showRoleSelection
showRoleSelection()
show role selection
Definition: class.ilLDAPSettingsGUI.php:380
ilLDAPSettingsGUI\confirmDeleteRoleMapping
confirmDeleteRoleMapping()
confirm delete role mappings
Definition: class.ilLDAPSettingsGUI.php:1520
ilLDAPRoleAssignmentRule\_getRules
static _getRules($a_server_id)
Get all rules.
Definition: class.ilLDAPRoleAssignmentRule.php:182
$ilErr
$ilErr
Definition: raiseError.php:18
ilAdministrationSettingsFormHandler\addFieldsToForm
static addFieldsToForm($a_form_id, ilPropertyFormGUI $a_form, ilObjectGUI $a_parent_gui)
Definition: class.ilAdministrationSettingsFormHandler.php:99
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
ilTable2GUI\setTitle
setTitle($a_title, $a_icon=0, $a_icon_alt=0)
Set title and title icon.
Definition: class.ilTable2GUI.php:536
ilFormPropertyGUI\setInfo
setInfo($a_info)
Set Information Text.
Definition: class.ilFormPropertyGUI.php:145
$version
$version
Definition: build.php:27
ilLDAPSettingsGUI\addRoleMapping
addRoleMapping()
Add Assigments for role mapping.
Definition: class.ilLDAPSettingsGUI.php:1736
ilLDAPSettingsGUI\confirmDeleteServerSettings
confirmDeleteServerSettings()
Confirm delete rules.
Definition: class.ilLDAPSettingsGUI.php:1577
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
ilRoleAutoCompleteInputGUI\echoAutoCompleteList
static echoAutoCompleteList()
Static asynchronous default auto complete function.
Definition: class.ilRoleAutoCompleteInputGUI.php:43
ilLDAPRoleGroupMappingSettings\_getInstanceByServerId
static _getInstanceByServerId($a_server_id)
Get instance of class.
Definition: class.ilLDAPRoleGroupMappingSettings.php:68
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
ilLDAPSettingsGUI\deleteRules
deleteRules()
delete role assignment rule
Definition: class.ilLDAPSettingsGUI.php:282
$rule
$rule
Definition: showstats.php:43
ilUtil\_sortIds
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,7),&#39;usr_data&#39;,&#39;lastname&#39;,&#39;usr_id&#39;) => sorts by lastname.
Definition: class.ilUtil.php:4405
ilRadioOption\addSubItem
addSubItem($a_item)
Add Subitem.
Definition: class.ilRadioOption.php:121
$lng
$lng
Definition: save_question_post_data.php:23
ilLDAPRoleAssignmentRule\_getInstanceByRuleId
static _getInstanceByRuleId($a_rule_id)
get instance by rule id
Definition: class.ilLDAPRoleAssignmentRule.php:59
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:14
ilLDAPSettingsGUI\addRoleAutoCompleteObject
addRoleAutoCompleteObject()
Add Member for autoComplete.
Definition: class.ilLDAPSettingsGUI.php:1315
ilLDAPSettingsGUI\addRoleAssignment
addRoleAssignment()
add new role assignment
Definition: class.ilLDAPSettingsGUI.php:305
ilCheckboxInputGUI\setValue
setValue($a_value)
Set Value.
Definition: class.ilCheckboxInputGUI.php:65
ilTextInputGUI\setSize
setSize($a_size)
Set Size.
Definition: class.ilTextInputGUI.php:139
IL_LDAP_SCOPE_ONE
const IL_LDAP_SCOPE_ONE
Definition: class.ilLDAPServer.php:9
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilLDAPSettingsGUI\userMapping
userMapping()
Ldap User Mapping.
Definition: class.ilLDAPSettingsGUI.php:1626
ilPasswordInputGUI
This class represents a password property in a property form.
Definition: class.ilPasswordInputGUI.php:11
ilLDAPSettingsGUI\roleAssignments
roleAssignments()
Edit role assignments.
Definition: class.ilLDAPSettingsGUI.php:109
ilLDAPSettingsGUI\roleMapping
roleMapping()
Role Mapping Tab ilToolbarGUI $ilToolbar.
Definition: class.ilLDAPSettingsGUI.php:1401
ilLDAPSettingsGUI\updateRoleAssignment
updateRoleAssignment()
update role assignment
Definition: class.ilLDAPSettingsGUI.php:200
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2406
ilSelectInputGUI\setOptions
setOptions($a_options)
Set Options.
Definition: class.ilSelectInputGUI.php:43
$txt
$txt
Definition: error.php:11
$user
$user
Definition: migrateto20.php:57
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
ilRoleAutoCompleteInputGUI
This class represents a role + autocomplete feature form input.
Definition: class.ilRoleAutoCompleteInputGUI.php:13
ilLDAPSettingsGUI\initUserMappingForm
initUserMappingForm()
Create Property Form GUI for User Mapping.
Definition: class.ilLDAPSettingsGUI.php:1355
ilLDAPSettingsGUI\saveRoleSelection
saveRoleSelection()
Save role selection.
Definition: class.ilLDAPSettingsGUI.php:414
ilCombinationInputGUI
This class represents a number property in a property form.
Definition: class.ilCombinationInputGUI.php:31
ilCustomInputGUI
This class represents a custom property in a property form.
Definition: class.ilCustomInputGUI.php:34
$parser
$parser
Definition: BPMN2Parser.php:23
ilUtil\formSelect
static formSelect( $selected, $varname, $options, $multiple=false, $direct_text=false, $size="0", $style_class="", $attribs="", $disabled=false)
Builds a select form field with options and shows the selected option first.
Definition: class.ilUtil.php:328
ilNonEditableValueGUI
This class represents a non editable value in a property form.
Definition: class.ilNonEditableValueGUI.php:13
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:34
ilLDAPSettingsGUI\initFormRoleAssignments
initFormRoleAssignments($a_mode)
Init form table for new role assignments.
Definition: class.ilLDAPSettingsGUI.php:1174
$lang
for($i=1; $i<=count($kw_cases_sel); $i+=1) $lang
Definition: langwiz.php:349
$name
$name
Definition: client_example.php:35
ilLDAPAttributeMappingUtils\_getMappingRulesByClass
static _getMappingRulesByClass($a_class)
Get mapping rule by objectClass.
Definition: class.ilLDAPAttributeMappingUtils.php:41
$url
$url
Definition: proxy_ylocal.php:28
QP_COMBINATION_AND
const QP_COMBINATION_AND
Definition: class.ilQueryParser.php:35
$table
if(empty($password)) $table
Definition: pwgen.php:24
ilCheckboxInputGUI\setOptionTitle
setOptionTitle($a_optiontitle)
Set Option Title (optional).
Definition: class.ilCheckboxInputGUI.php:105
ilLDAPSettingsGUI\loadRoleAssignmentRule
loadRoleAssignmentRule($a_rule_id, $a_from_form=true)
Load input from form.
Definition: class.ilLDAPSettingsGUI.php:489
$info
$info
Definition: index.php:5
$binding
$binding
Definition: logout-iframe-post.php:55
$key
$key
Definition: croninfo.php:18
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
ilFormPropertyGUI\setRequired
setRequired($a_required)
Set Required.
Definition: class.ilFormPropertyGUI.php:185
IL_COMP_SERVICE
const IL_COMP_SERVICE
Definition: class.ilComponent.php:6
ilLDAPSettingsGUI\getRoleAssignmentTable
getRoleAssignmentTable()
Show active role assignments.
Definition: class.ilLDAPSettingsGUI.php:469
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:15
ilLDAPSettingsGUI\editRoleMapping
editRoleMapping()
Edit Assigments for role mapping.
Definition: class.ilLDAPSettingsGUI.php:1460