ILIAS  release_6 Revision v6.24-5-g0c8bfefb3b8
Public Member Functions | Static Public Member Functions | Data Fields | Static Public Attributes | Private Member Functions | Private Attributes | Static Private Attributes
ilSecuritySettings Class Reference

Singleton class that stores all security settings. More...

+ Collaboration diagram for ilSecuritySettings:

Public Member Functions

 getSecuritySettingsRefId ()
 
 setPasswordCharsAndNumbersEnabled ($a_chars_and_numbers_enabled)
 set if the passwords have to contain characters and numbers More...
 
 isPasswordCharsAndNumbersEnabled ()
 get boolean if the passwords have to contain characters and numbers More...
 
 setPasswordSpecialCharsEnabled ($a_password_special_chars_enabled)
 set if the passwords have to contain special characters More...
 
 isPasswordSpecialCharsEnabled ()
 get boolean if the passwords have to contain special characters More...
 
 setPasswordMinLength ($a_password_min_length)
 set the minimum length for passwords More...
 
 getPasswordMinLength ()
 get the minimum length for passwords More...
 
 setPasswordMaxLength ($a_password_max_length)
 set the maximum length for passwords More...
 
 getPasswordMaxLength ()
 get the maximum length for passwords More...
 
 setPasswordMaxAge ($a_password_max_age)
 set the maximum password age More...
 
 getPasswordMaxAge ()
 get the maximum password age More...
 
 setLoginMaxAttempts ($a_login_max_attempts)
 set the maximum count of login attempts More...
 
 getLoginMaxAttempts ()
 get the maximum count of login attempts More...
 
 setHTTPSEnabled ($value)
 Enable https for certain scripts. More...
 
 isHTTPSEnabled ()
 read access to https enabled property More...
 
 setPasswordChangeOnFirstLoginEnabled ($a_password_change_on_first_login_enabled)
 set if the passwords have to be changed by users on first login More...
 
 isPasswordChangeOnFirstLoginEnabled ()
 get boolean if the passwords have to be changed by users on first login More...
 
 isAdminRoleProtected ()
 Check if admin role is protected. More...
 
 protectedAdminRole ($a_stat)
 Set admin role protection status. More...
 
 checkAdminRoleAccessible ($a_usr_id)
 Check if the administrator role is accessible for a specific user. More...
 
 save ()
 Save settings. More...
 
 validate (ilPropertyFormGUI $a_form=null)
 validate settings More...
 
 isPreventionOfSimultaneousLoginsEnabled ()
 Prevention of simultaneous logins with the same account. More...
 
 setPreventionOfSimultaneousLogins ($value)
 Enable/Disable prevention of simultaneous logins with the same account. More...
 
 setPasswordNumberOfUppercaseChars ($password_ucase_chars_num)
 Set number of uppercase characters required. More...
 
 getPasswordNumberOfUppercaseChars ()
 Returns number of uppercase characters required. More...
 
 setPasswordNumberOfLowercaseChars ($password_lcase_chars_num)
 Set number of lowercase characters required. More...
 
 getPasswordNumberOfLowercaseChars ()
 Returns number of lowercase characters required. More...
 
 setPasswordMustNotContainLoginnameStatus ($status)
 Set whether the password must not contain the loginname or not. More...
 
 getPasswordMustNotContainLoginnameStatus ()
 Return whether the password must not contain the loginname or not. More...
 

Static Public Member Functions

static _getInstance ()
 Get instance of ilSecuritySettings. More...
 

Data Fields

const SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH = 4
 
const SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH = 5
 
const SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE = 6
 
const SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS = 7
 
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1 = 11
 
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2 = 8
 
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3 = 9
 
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH = 10
 
const DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED = true
 
const DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED = false
 
const DEFAULT_PASSWORD_MIN_LENGTH = 8
 
const DEFAULT_PASSWORD_MAX_LENGTH = 0
 
const DEFAULT_PASSWORD_MAX_AGE = 90
 
const DEFAULT_LOGIN_MAX_ATTEMPTS = 5
 
const DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED = false
 
const DEFAULT_PREVENT_SIMULTANEOUS_LOGINS = false
 

Static Public Attributes

static $SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS = 1
 
static $SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE = 2
 
static $SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE = 3
 

Private Member Functions

 __construct ()
 Private constructor: use _getInstance() More...
 
 read ()
 read settings More...
 

Private Attributes

 $db
 
 $settings
 
 $https_enable
 
 $password_chars_and_numbers_enabled = self::DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED
 
 $password_special_chars_enabled = self::DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED
 
 $password_min_length = self::DEFAULT_PASSWORD_MIN_LENGTH
 
 $password_max_length = self::DEFAULT_PASSWORD_MAX_LENGTH
 
 $password_max_age = self::DEFAULT_PASSWORD_MAX_AGE
 
 $password_ucase_chars_num = 0
 
 $password_lcase_chars_num = 0
 
 $login_max_attempts = self::DEFAULT_LOGIN_MAX_ATTEMPTS
 
 $password_must_not_contain_loginname = false
 
 $password_change_on_first_login_enabled = self::DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED
 
 $prevent_simultaneous_logins = self::DEFAULT_PREVENT_SIMULTANEOUS_LOGINS
 
 $protect_admin_role = false
 

Static Private Attributes

static $instance = null
 

Detailed Description

Singleton class that stores all security settings.

Author
Roland Küstermann rolan.nosp@m.d@ku.nosp@m.ester.nosp@m.mann.nosp@m..com
Version
$Id$

/

Definition at line 34 of file class.ilSecuritySettings.php.

Constructor & Destructor Documentation

◆ __construct()

ilSecuritySettings::__construct ( )
private

Private constructor: use _getInstance()

@access private

Parameters

Definition at line 87 of file class.ilSecuritySettings.php.

88 {
89 global $DIC;
90
91 $ilSetting = $DIC['ilSetting'];
92 $ilDB = $DIC['ilDB'];
93
94 $this->db = $ilDB;
95 $this->settings = $ilSetting;
96
97 $this->read();
98 }
$ilSetting
global $ilSetting
Definition: privfeed.php:17
settings
settings()
Definition: settings.php:2
$ilDB
global $ilDB
Definition: storeScorm2004.php:19
$DIC
$DIC
Definition: xapitoken.php:46

References $DIC, $ilDB, $ilSetting, read(), and settings().

+ Here is the call graph for this function:

Member Function Documentation

◆ _getInstance()

static ilSecuritySettings::_getInstance ( )
static

Get instance of ilSecuritySettings.

Returns
ilSecuritySettings instance @access public

Definition at line 107 of file class.ilSecuritySettings.php.

108 {
109 if (is_object(self::$instance)) {
110 return self::$instance;
111 }
112 return self::$instance = new ilSecuritySettings();
113 }
ilSecuritySettings
Singleton class that stores all security settings.
Definition: class.ilSecuritySettings.php:35

References $instance.

Referenced by ilObjSystemFolderGUI\addToExternalSettingsForm(), ilObjRoleFolderGUI\addToExternalSettingsForm(), ilObjUserFolderGUI\addToExternalSettingsForm(), ilAuthFrontend\checkExceededLoginAttempts(), ilObjUserFolderGUI\generalSettingsObject(), ilUtil\generatePasswords(), ilUtil\getPasswordRequirementsInfo(), ilAuthFrontend\handleAuthenticationFail(), ilAuthFrontend\handleAuthenticationSuccess(), ilObjSystemFolderGUI\initHTTPSForm(), ilObjRoleFolderGUI\initSettingsForm(), ilUtil\isPassword(), ilObjUser\isPasswordChangeDemanded(), ilObjUser\isPasswordExpired(), ilUtil\isPasswordValidForUserContext(), ilObjUserGUI\roleassignmentObject(), ilObjUserFolderGUI\saveGeneralSettingsObject(), ilObjSystemFolderGUI\saveHTTPSObject(), ilObjRoleFolderGUI\saveSettingsObject(), ilObjPrivacySecurityGUI\showSecurity(), and ilObjRoleGUI\userassignmentObject().

+ Here is the caller graph for this function:

◆ checkAdminRoleAccessible()

ilSecuritySettings::checkAdminRoleAccessible (   $a_usr_id)

Check if the administrator role is accessible for a specific user.

Parameters
int$a_usr_id

Definition at line 314 of file class.ilSecuritySettings.php.

315 {
316 global $DIC;
317
318 $rbacreview = $DIC['rbacreview'];
319
320 if (!$this->isAdminRoleProtected()) {
321 return true;
322 }
323 if ($rbacreview->isAssigned($a_usr_id, SYSTEM_ROLE_ID)) {
324 return true;
325 }
326 return false;
327 }
ilSecuritySettings\isAdminRoleProtected
isAdminRoleProtected()
Check if admin role is protected.
Definition: class.ilSecuritySettings.php:296

References $DIC, and isAdminRoleProtected().

+ Here is the call graph for this function:

◆ getLoginMaxAttempts()

ilSecuritySettings::getLoginMaxAttempts ( )

get the maximum count of login attempts

Returns
integer password max login attempts

Definition at line 243 of file class.ilSecuritySettings.php.

244 {
245 return $this->login_max_attempts;
246 }

References $login_max_attempts.

Referenced by save(), and validate().

+ Here is the caller graph for this function:

◆ getPasswordMaxAge()

ilSecuritySettings::getPasswordMaxAge ( )

get the maximum password age

Returns
integer password max age

Definition at line 223 of file class.ilSecuritySettings.php.

224 {
225 return $this->password_max_age;
226 }

References $password_max_age.

Referenced by save(), and validate().

+ Here is the caller graph for this function:

◆ getPasswordMaxLength()

ilSecuritySettings::getPasswordMaxLength ( )

get the maximum length for passwords

Returns
integer password max length

Definition at line 203 of file class.ilSecuritySettings.php.

204 {
205 return $this->password_max_length;
206 }

References $password_max_length.

Referenced by ilObjUserFolderGUI\getPasswordPolicySettingsMap(), save(), and validate().

+ Here is the caller graph for this function:

◆ getPasswordMinLength()

ilSecuritySettings::getPasswordMinLength ( )

get the minimum length for passwords

Returns
integer password min length

Definition at line 183 of file class.ilSecuritySettings.php.

184 {
185 return $this->password_min_length;
186 }

References $password_min_length.

Referenced by ilObjUserFolderGUI\getPasswordPolicySettingsMap(), save(), and validate().

+ Here is the caller graph for this function:

◆ getPasswordMustNotContainLoginnameStatus()

ilSecuritySettings::getPasswordMustNotContainLoginnameStatus ( )

Return whether the password must not contain the loginname or not.

Parameters
boolean

Definition at line 585 of file class.ilSecuritySettings.php.

586 {
587 return $this->password_must_not_contain_loginname;
588 }

References $password_must_not_contain_loginname.

Referenced by ilObjUserFolderGUI\getPasswordPolicySettingsMap(), and save().

+ Here is the caller graph for this function:

◆ getPasswordNumberOfLowercaseChars()

ilSecuritySettings::getPasswordNumberOfLowercaseChars ( )

Returns number of lowercase characters required.

Returns
integer

Definition at line 567 of file class.ilSecuritySettings.php.

568 {
569 return $this->password_lcase_chars_num;
570 }

References $password_lcase_chars_num.

Referenced by ilObjUserFolderGUI\getPasswordPolicySettingsMap(), save(), and validate().

+ Here is the caller graph for this function:

◆ getPasswordNumberOfUppercaseChars()

ilSecuritySettings::getPasswordNumberOfUppercaseChars ( )

Returns number of uppercase characters required.

Returns
integer

Definition at line 549 of file class.ilSecuritySettings.php.

550 {
551 return $this->password_ucase_chars_num;
552 }

References $password_ucase_chars_num.

Referenced by ilObjUserFolderGUI\getPasswordPolicySettingsMap(), save(), and validate().

+ Here is the caller graph for this function:

◆ getSecuritySettingsRefId()

ilSecuritySettings::getSecuritySettingsRefId ( )

Definition at line 115 of file class.ilSecuritySettings.php.

116 {
117 return $this->ref_id;
118 }

◆ isAdminRoleProtected()

ilSecuritySettings::isAdminRoleProtected ( )

Check if admin role is protected.

Returns
type

Definition at line 296 of file class.ilSecuritySettings.php.

297 {
298 return (bool) $this->protect_admin_role;
299 }

References $protect_admin_role.

Referenced by checkAdminRoleAccessible(), and save().

+ Here is the caller graph for this function:

◆ isHTTPSEnabled()

ilSecuritySettings::isHTTPSEnabled ( )

read access to https enabled property

Returns
boolean true, if enabled, false otherwise

Definition at line 263 of file class.ilSecuritySettings.php.

264 {
265 return $this->https_enable;
266 }

References $https_enable.

Referenced by save(), and validate().

+ Here is the caller graph for this function:

◆ isPasswordChangeOnFirstLoginEnabled()

ilSecuritySettings::isPasswordChangeOnFirstLoginEnabled ( )

get boolean if the passwords have to be changed by users on first login

Returns
boolean password change on first login enabled

Definition at line 287 of file class.ilSecuritySettings.php.

288 {
289 return $this->password_change_on_first_login_enabled;
290 }

References $password_change_on_first_login_enabled.

Referenced by save().

+ Here is the caller graph for this function:

◆ isPasswordCharsAndNumbersEnabled()

ilSecuritySettings::isPasswordCharsAndNumbersEnabled ( )

get boolean if the passwords have to contain characters and numbers

Returns
boolean characters and numbers enabled

Definition at line 139 of file class.ilSecuritySettings.php.

140 {
141 return $this->password_chars_and_numbers_enabled;
142 }

References $password_chars_and_numbers_enabled.

Referenced by ilObjUserFolderGUI\getPasswordPolicySettingsMap(), save(), and validate().

+ Here is the caller graph for this function:

◆ isPasswordSpecialCharsEnabled()

ilSecuritySettings::isPasswordSpecialCharsEnabled ( )

get boolean if the passwords have to contain special characters

Returns
boolean password special chars enabled

Definition at line 163 of file class.ilSecuritySettings.php.

164 {
165 return $this->password_special_chars_enabled;
166 }

References $password_special_chars_enabled.

Referenced by ilObjUserFolderGUI\getPasswordPolicySettingsMap(), save(), and validate().

+ Here is the caller graph for this function:

◆ isPreventionOfSimultaneousLoginsEnabled()

ilSecuritySettings::isPreventionOfSimultaneousLoginsEnabled ( )

Prevention of simultaneous logins with the same account.

Returns
boolean true, if prevention of simultaneous logins with the same account is enabled, false otherwise

Definition at line 521 of file class.ilSecuritySettings.php.

522 {
523 return (bool) $this->prevent_simultaneous_logins;
524 }

References $prevent_simultaneous_logins.

Referenced by save().

+ Here is the caller graph for this function:

◆ protectedAdminRole()

ilSecuritySettings::protectedAdminRole (   $a_stat)

Set admin role protection status.

Parameters
type$a_stat

Definition at line 305 of file class.ilSecuritySettings.php.

306 {
307 $this->protect_admin_role = $a_stat;
308 }

◆ read()

ilSecuritySettings::read ( )
private

read settings

@access private

Parameters

Definition at line 359 of file class.ilSecuritySettings.php.

360 {
361 global $DIC;
362
363 $ilDB = $DIC['ilDB'];
364
365 $query = "SELECT object_reference.ref_id FROM object_reference,tree,object_data " .
366 "WHERE tree.parent = " . $ilDB->quote(SYSTEM_FOLDER_ID, 'integer') . " " .
367 "AND object_data.type = 'ps' " .
368 "AND object_reference.ref_id = tree.child " .
369 "AND object_reference.obj_id = object_data.obj_id";
370 $res = $this->db->query($query);
371 $row = $res->fetchRow(ilDBConstants::FETCHMODE_ASSOC);
372 $this->ref_id = $row["ref_id"];
373
374 $this->https_enable = (boolean) $this->settings->get('https', false);
375
376 $this->password_chars_and_numbers_enabled = (bool) $this->settings->get('ps_password_chars_and_numbers_enabled', self::DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED);
377 $this->password_special_chars_enabled = (bool) $this->settings->get('ps_password_special_chars_enabled', self::DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED);
378 $this->password_min_length = (int) $this->settings->get('ps_password_min_length', self::DEFAULT_PASSWORD_MIN_LENGTH);
379 $this->password_max_length = (int) $this->settings->get('ps_password_max_length', self::DEFAULT_PASSWORD_MAX_LENGTH);
380 $this->password_max_age = (int) $this->settings->get('ps_password_max_age', self::DEFAULT_PASSWORD_MAX_AGE);
381 $this->login_max_attempts = (int) $this->settings->get('ps_login_max_attempts', self::DEFAULT_LOGIN_MAX_ATTEMPTS);
382 $this->password_ucase_chars_num = (int) $this->settings->get('ps_password_uppercase_chars_num', 0);
383 $this->password_lcase_chars_num = (int) $this->settings->get('ps_password_lowercase_chars_num', 0);
384 $this->password_must_not_contain_loginname = $this->settings->get('ps_password_must_not_contain_loginame', 0) == '1' ? true : false;
385
386 $this->password_change_on_first_login_enabled = (bool) $this->settings->get('ps_password_change_on_first_login_enabled', self::DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED);
387 $this->prevent_simultaneous_logins = (bool) $this->settings->get('ps_prevent_simultaneous_logins', self::DEFAULT_PREVENT_SIMULTANEOUS_LOGINS);
388
389 $this->protect_admin_role = (bool) $this->settings->get('ps_protect_admin', $this->protect_admin_role);
390 }
$query
$query
Definition: proxy_ylocal.php:13
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15

References $DIC, $ilDB, $query, $res, ilDBConstants\FETCHMODE_ASSOC, and settings().

Referenced by __construct().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ save()

ilSecuritySettings::save ( )

Save settings.

Definition at line 334 of file class.ilSecuritySettings.php.

335 {
336 $this->settings->set('https', (int) $this->isHTTPSEnabled());
337
338 $this->settings->set('ps_password_chars_and_numbers_enabled', (bool) $this->isPasswordCharsAndNumbersEnabled());
339 $this->settings->set('ps_password_special_chars_enabled', (bool) $this->isPasswordSpecialCharsEnabled());
340 $this->settings->set('ps_password_min_length', (int) $this->getPasswordMinLength());
341 $this->settings->set('ps_password_max_length', (int) $this->getPasswordMaxLength());
342 $this->settings->set('ps_password_max_age', (int) $this->getPasswordMaxAge());
343 $this->settings->set('ps_login_max_attempts', (int) $this->getLoginMaxAttempts());
344 $this->settings->set('ps_password_uppercase_chars_num', (int) $this->getPasswordNumberOfUppercaseChars());
345 $this->settings->set('ps_password_lowercase_chars_num', (int) $this->getPasswordNumberOfLowercaseChars());
346 $this->settings->set('ps_password_must_not_contain_loginame', (int) $this->getPasswordMustNotContainLoginnameStatus());
347
348 $this->settings->set('ps_password_change_on_first_login_enabled', (bool) $this->isPasswordChangeOnFirstLoginEnabled());
349 $this->settings->set('ps_prevent_simultaneous_logins', (int) $this->isPreventionOfSimultaneousLoginsEnabled());
350 $this->settings->set('ps_protect_admin', (int) $this->isAdminRoleProtected());
351 }
ilSecuritySettings\isPasswordSpecialCharsEnabled
isPasswordSpecialCharsEnabled()
get boolean if the passwords have to contain special characters
Definition: class.ilSecuritySettings.php:163
ilSecuritySettings\getLoginMaxAttempts
getLoginMaxAttempts()
get the maximum count of login attempts
Definition: class.ilSecuritySettings.php:243
ilSecuritySettings\getPasswordMustNotContainLoginnameStatus
getPasswordMustNotContainLoginnameStatus()
Return whether the password must not contain the loginname or not.
Definition: class.ilSecuritySettings.php:585
ilSecuritySettings\getPasswordMinLength
getPasswordMinLength()
get the minimum length for passwords
Definition: class.ilSecuritySettings.php:183
ilSecuritySettings\getPasswordMaxLength
getPasswordMaxLength()
get the maximum length for passwords
Definition: class.ilSecuritySettings.php:203
ilSecuritySettings\isPreventionOfSimultaneousLoginsEnabled
isPreventionOfSimultaneousLoginsEnabled()
Prevention of simultaneous logins with the same account.
Definition: class.ilSecuritySettings.php:521
ilSecuritySettings\getPasswordNumberOfUppercaseChars
getPasswordNumberOfUppercaseChars()
Returns number of uppercase characters required.
Definition: class.ilSecuritySettings.php:549
ilSecuritySettings\isHTTPSEnabled
isHTTPSEnabled()
read access to https enabled property
Definition: class.ilSecuritySettings.php:263
ilSecuritySettings\isPasswordCharsAndNumbersEnabled
isPasswordCharsAndNumbersEnabled()
get boolean if the passwords have to contain characters and numbers
Definition: class.ilSecuritySettings.php:139
ilSecuritySettings\isPasswordChangeOnFirstLoginEnabled
isPasswordChangeOnFirstLoginEnabled()
get boolean if the passwords have to be changed by users on first login
Definition: class.ilSecuritySettings.php:287
ilSecuritySettings\getPasswordMaxAge
getPasswordMaxAge()
get the maximum password age
Definition: class.ilSecuritySettings.php:223
ilSecuritySettings\getPasswordNumberOfLowercaseChars
getPasswordNumberOfLowercaseChars()
Returns number of lowercase characters required.
Definition: class.ilSecuritySettings.php:567

References getLoginMaxAttempts(), getPasswordMaxAge(), getPasswordMaxLength(), getPasswordMinLength(), getPasswordMustNotContainLoginnameStatus(), getPasswordNumberOfLowercaseChars(), getPasswordNumberOfUppercaseChars(), isAdminRoleProtected(), isHTTPSEnabled(), isPasswordChangeOnFirstLoginEnabled(), isPasswordCharsAndNumbersEnabled(), isPasswordSpecialCharsEnabled(), isPreventionOfSimultaneousLoginsEnabled(), and settings().

+ Here is the call graph for this function:

◆ setHTTPSEnabled()

ilSecuritySettings::setHTTPSEnabled (   $value)

Enable https for certain scripts.

Parameters
boolean$value

Definition at line 253 of file class.ilSecuritySettings.php.

254 {
255 $this->https_enable = $value;
256 }

◆ setLoginMaxAttempts()

ilSecuritySettings::setLoginMaxAttempts (   $a_login_max_attempts)

set the maximum count of login attempts

Parameters
integer$a_login_max_attempts

Definition at line 233 of file class.ilSecuritySettings.php.

234 {
235 $this->login_max_attempts = $a_login_max_attempts;
236 }

◆ setPasswordChangeOnFirstLoginEnabled()

ilSecuritySettings::setPasswordChangeOnFirstLoginEnabled (   $a_password_change_on_first_login_enabled)

set if the passwords have to be changed by users on first login

Parameters
boolean$a_password_change_on_first_login_enabled

Definition at line 275 of file class.ilSecuritySettings.php.

276 {
277 $this->password_change_on_first_login_enabled = $a_password_change_on_first_login_enabled;
278 }

◆ setPasswordCharsAndNumbersEnabled()

ilSecuritySettings::setPasswordCharsAndNumbersEnabled (   $a_chars_and_numbers_enabled)

set if the passwords have to contain characters and numbers

Parameters
boolean$a_chars_and_numbers_enabled

Definition at line 127 of file class.ilSecuritySettings.php.

128 {
129 $this->password_chars_and_numbers_enabled = $a_chars_and_numbers_enabled;
130 }

◆ setPasswordMaxAge()

ilSecuritySettings::setPasswordMaxAge (   $a_password_max_age)

set the maximum password age

Parameters
integer$a_password_max_age

Definition at line 213 of file class.ilSecuritySettings.php.

214 {
215 $this->password_max_age = $a_password_max_age;
216 }

◆ setPasswordMaxLength()

ilSecuritySettings::setPasswordMaxLength (   $a_password_max_length)

set the maximum length for passwords

Parameters
integer$a_password_max_length

Definition at line 193 of file class.ilSecuritySettings.php.

194 {
195 $this->password_max_length = $a_password_max_length;
196 }

◆ setPasswordMinLength()

ilSecuritySettings::setPasswordMinLength (   $a_password_min_length)

set the minimum length for passwords

Parameters
integer$a_password_min_length

Definition at line 173 of file class.ilSecuritySettings.php.

174 {
175 $this->password_min_length = $a_password_min_length;
176 }

◆ setPasswordMustNotContainLoginnameStatus()

ilSecuritySettings::setPasswordMustNotContainLoginnameStatus (   $status)

Set whether the password must not contain the loginname or not.

Parameters
boolean

Definition at line 576 of file class.ilSecuritySettings.php.

577 {
578 $this->password_must_not_contain_loginname = $status;
579 }

◆ setPasswordNumberOfLowercaseChars()

ilSecuritySettings::setPasswordNumberOfLowercaseChars (   $password_lcase_chars_num)

Set number of lowercase characters required.

Parameters
integer

Definition at line 558 of file class.ilSecuritySettings.php.

559 {
560 $this->password_lcase_chars_num = $password_lcase_chars_num;
561 }

References $password_lcase_chars_num.

◆ setPasswordNumberOfUppercaseChars()

ilSecuritySettings::setPasswordNumberOfUppercaseChars (   $password_ucase_chars_num)

Set number of uppercase characters required.

Parameters
integer

Definition at line 540 of file class.ilSecuritySettings.php.

541 {
542 $this->password_ucase_chars_num = $password_ucase_chars_num;
543 }

References $password_ucase_chars_num.

◆ setPasswordSpecialCharsEnabled()

ilSecuritySettings::setPasswordSpecialCharsEnabled (   $a_password_special_chars_enabled)

set if the passwords have to contain special characters

Parameters
boolean$a_password_special_chars_enabled

Definition at line 151 of file class.ilSecuritySettings.php.

152 {
153 $this->password_special_chars_enabled = $a_password_special_chars_enabled;
154 }

◆ setPreventionOfSimultaneousLogins()

ilSecuritySettings::setPreventionOfSimultaneousLogins (   $value)

Enable/Disable prevention of simultaneous logins with the same account.

Parameters
boolean$value

Definition at line 531 of file class.ilSecuritySettings.php.

532 {
533 $this->prevent_simultaneous_logins = (bool) $value;
534 }

◆ validate()

ilSecuritySettings::validate ( ilPropertyFormGUI  $a_form = null)

validate settings

Returns
0, if everything is ok, an error code otherwise

Definition at line 397 of file class.ilSecuritySettings.php.

398 {
399 $code = null;
400
401 if ($a_form) {
402 include_once "Services/PrivacySecurity/classes/class.ilObjPrivacySecurityGUI.php";
403 }
404
405 include_once './Services/Http/classes/class.ilHTTPS.php';
406
407 if ($this->isHTTPSEnabled()) {
408 if (!ilHTTPS::_checkHTTPS()) {
409 $code = ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE;
410 if (!$a_form) {
411 return $code;
412 } else {
413 $a_form->getItemByPostVar('https_enabled')
414 ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
415 }
416 }
417 }
418
419 if ($this->getPasswordMinLength() < 0) {
420 $code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH;
421 if (!$a_form) {
422 return $code;
423 } else {
424 $a_form->getItemByPostVar('password_min_length')
425 ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
426 }
427 }
428
429 if ($this->getPasswordMaxLength() < 0) {
430 $code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH;
431 if (!$a_form) {
432 return $code;
433 } else {
434 $a_form->getItemByPostVar('password_max_length')
435 ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
436 }
437 }
438
439 $password_min_length = 1;
440
441 if ($this->getPasswordNumberOfUppercaseChars() > 0 || $this->getPasswordNumberOfLowercaseChars() > 0) {
442 $password_min_length = 0;
443 if ($this->getPasswordNumberOfUppercaseChars() > 0) {
444 $password_min_length += $this->getPasswordNumberOfUppercaseChars();
445 }
446 if ($this->getPasswordNumberOfLowercaseChars() > 0) {
447 $password_min_length += $this->getPasswordNumberOfLowercaseChars();
448 }
449 $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1;
450 }
451
452 if ($this->isPasswordCharsAndNumbersEnabled()) {
453 $password_min_length++;
454 $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2;
455
456 if ($this->isPasswordSpecialCharsEnabled()) {
457 $password_min_length++;
458 $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3;
459 }
460 } elseif ($password_min_length > 1 && $this->isPasswordSpecialCharsEnabled()) {
461 $password_min_length++;
462 $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3;
463 }
464
465 if ($this->getPasswordMinLength() > 0 && $this->getPasswordMinLength() < $password_min_length) {
466 $code = $password_min_length_error_code;
467 if (!$a_form) {
468 return $code;
469 } else {
470 $a_form->getItemByPostVar('password_min_length')
471 ->setAlert(sprintf(ilObjPrivacySecurityGUI::getErrorMessage($code), $password_min_length));
472 }
473 }
474 if ($this->getPasswordMaxLength() > 0 && $this->getPasswordMaxLength() < $this->getPasswordMinLength()) {
475 $code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH;
476 if (!$a_form) {
477 return $code;
478 } else {
479 $a_form->getItemByPostVar('password_max_length')
480 ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
481 }
482 }
483
484 if ($this->getPasswordMaxAge() < 0) {
485 $code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE;
486 if (!$a_form) {
487 return $code;
488 } else {
489 $a_form->getItemByPostVar('password_max_age')
490 ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
491 }
492 }
493
494 if ($this->getLoginMaxAttempts() < 0) {
495 $code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS;
496 if (!$a_form) {
497 return $code;
498 } else {
499 $a_form->getItemByPostVar('login_max_attempts')
500 ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
501 }
502 }
503
504 /*
505 * todo: have to check for local auth if first login password change is enabled??
506 * than: add errorcode
507 */
508
509 if (!$a_form) {
510 return 0;
511 } else {
512 return !(bool) $code;
513 }
514 }
ilHTTPS\_checkHTTPS
static _checkHTTPS()
static method to check if https connections are possible for this server @access public
Definition: class.ilHTTPS.php:166
ilObjPrivacySecurityGUI\getErrorMessage
static getErrorMessage($code)
return error message for error code
Definition: class.ilObjPrivacySecurityGUI.php:391
ilPropertyFormGUI\getItemByPostVar
getItemByPostVar($a_post_var)
Get Item by POST variable.
Definition: class.ilPropertyFormGUI.php:356
ilSecuritySettings\SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2
Definition: class.ilSecuritySettings.php:45
ilSecuritySettings\SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS
const SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS
Definition: class.ilSecuritySettings.php:43
ilSecuritySettings\SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH
const SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH
Definition: class.ilSecuritySettings.php:41
ilSecuritySettings\SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3
Definition: class.ilSecuritySettings.php:46
ilSecuritySettings\SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE
const SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE
Definition: class.ilSecuritySettings.php:42
ilSecuritySettings\SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH
Definition: class.ilSecuritySettings.php:47
ilSecuritySettings\SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1
Definition: class.ilSecuritySettings.php:44
ilSecuritySettings\SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH
const SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH
Definition: class.ilSecuritySettings.php:40
ilSecuritySettings\$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE
static $SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE
Definition: class.ilSecuritySettings.php:38

References $password_min_length, $SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE, ilHTTPS\_checkHTTPS(), ilObjPrivacySecurityGUI\getErrorMessage(), getLoginMaxAttempts(), getPasswordMaxAge(), getPasswordMaxLength(), getPasswordMinLength(), getPasswordNumberOfLowercaseChars(), getPasswordNumberOfUppercaseChars(), isHTTPSEnabled(), isPasswordCharsAndNumbersEnabled(), isPasswordSpecialCharsEnabled(), SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS, SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE, SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH, SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH, SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH, SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1, SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2, and SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3.

+ Here is the call graph for this function:

Field Documentation

◆ $db

ilSecuritySettings::$db
private

Definition at line 50 of file class.ilSecuritySettings.php.

◆ $https_enable

ilSecuritySettings::$https_enable
private

Definition at line 53 of file class.ilSecuritySettings.php.

Referenced by isHTTPSEnabled().

◆ $instance

ilSecuritySettings::$instance = null
staticprivate

Definition at line 49 of file class.ilSecuritySettings.php.

Referenced by _getInstance().

◆ $login_max_attempts

ilSecuritySettings::$login_max_attempts = self::DEFAULT_LOGIN_MAX_ATTEMPTS
private

Definition at line 72 of file class.ilSecuritySettings.php.

Referenced by getLoginMaxAttempts().

◆ $password_change_on_first_login_enabled

ilSecuritySettings::$password_change_on_first_login_enabled = self::DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED
private

Definition at line 75 of file class.ilSecuritySettings.php.

Referenced by isPasswordChangeOnFirstLoginEnabled().

◆ $password_chars_and_numbers_enabled

ilSecuritySettings::$password_chars_and_numbers_enabled = self::DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED
private

Definition at line 65 of file class.ilSecuritySettings.php.

Referenced by isPasswordCharsAndNumbersEnabled().

◆ $password_lcase_chars_num

ilSecuritySettings::$password_lcase_chars_num = 0
private

Definition at line 71 of file class.ilSecuritySettings.php.

Referenced by getPasswordNumberOfLowercaseChars(), and setPasswordNumberOfLowercaseChars().

◆ $password_max_age

ilSecuritySettings::$password_max_age = self::DEFAULT_PASSWORD_MAX_AGE
private

Definition at line 69 of file class.ilSecuritySettings.php.

Referenced by getPasswordMaxAge().

◆ $password_max_length

ilSecuritySettings::$password_max_length = self::DEFAULT_PASSWORD_MAX_LENGTH
private

Definition at line 68 of file class.ilSecuritySettings.php.

Referenced by getPasswordMaxLength().

◆ $password_min_length

ilSecuritySettings::$password_min_length = self::DEFAULT_PASSWORD_MIN_LENGTH
private

Definition at line 67 of file class.ilSecuritySettings.php.

Referenced by getPasswordMinLength(), and validate().

◆ $password_must_not_contain_loginname

ilSecuritySettings::$password_must_not_contain_loginname = false
private

Definition at line 73 of file class.ilSecuritySettings.php.

Referenced by getPasswordMustNotContainLoginnameStatus().

◆ $password_special_chars_enabled

ilSecuritySettings::$password_special_chars_enabled = self::DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED
private

Definition at line 66 of file class.ilSecuritySettings.php.

Referenced by isPasswordSpecialCharsEnabled().

◆ $password_ucase_chars_num

ilSecuritySettings::$password_ucase_chars_num = 0
private

Definition at line 70 of file class.ilSecuritySettings.php.

Referenced by getPasswordNumberOfUppercaseChars(), and setPasswordNumberOfUppercaseChars().

◆ $prevent_simultaneous_logins

ilSecuritySettings::$prevent_simultaneous_logins = self::DEFAULT_PREVENT_SIMULTANEOUS_LOGINS
private

Definition at line 76 of file class.ilSecuritySettings.php.

Referenced by isPreventionOfSimultaneousLoginsEnabled().

◆ $protect_admin_role

ilSecuritySettings::$protect_admin_role = false
private

Definition at line 78 of file class.ilSecuritySettings.php.

Referenced by isAdminRoleProtected().

◆ $SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS

ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS = 1
static

Definition at line 36 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages().

◆ $SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE

ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE = 2
static

Definition at line 37 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages().

◆ $SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE

ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE = 3
static

Definition at line 38 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

◆ $settings

ilSecuritySettings::$settings
private

Definition at line 51 of file class.ilSecuritySettings.php.

◆ DEFAULT_LOGIN_MAX_ATTEMPTS

const ilSecuritySettings::DEFAULT_LOGIN_MAX_ATTEMPTS = 5

Definition at line 60 of file class.ilSecuritySettings.php.

◆ DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED

const ilSecuritySettings::DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED = false

Definition at line 62 of file class.ilSecuritySettings.php.

◆ DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED

const ilSecuritySettings::DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED = true

Definition at line 55 of file class.ilSecuritySettings.php.

◆ DEFAULT_PASSWORD_MAX_AGE

const ilSecuritySettings::DEFAULT_PASSWORD_MAX_AGE = 90

Definition at line 59 of file class.ilSecuritySettings.php.

◆ DEFAULT_PASSWORD_MAX_LENGTH

const ilSecuritySettings::DEFAULT_PASSWORD_MAX_LENGTH = 0

Definition at line 58 of file class.ilSecuritySettings.php.

◆ DEFAULT_PASSWORD_MIN_LENGTH

const ilSecuritySettings::DEFAULT_PASSWORD_MIN_LENGTH = 8

Definition at line 57 of file class.ilSecuritySettings.php.

◆ DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED

const ilSecuritySettings::DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED = false

Definition at line 56 of file class.ilSecuritySettings.php.

◆ DEFAULT_PREVENT_SIMULTANEOUS_LOGINS

const ilSecuritySettings::DEFAULT_PREVENT_SIMULTANEOUS_LOGINS = false

Definition at line 63 of file class.ilSecuritySettings.php.

◆ SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS = 7

Definition at line 43 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

◆ SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE = 6

Definition at line 42 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

◆ SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH = 5

Definition at line 41 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

◆ SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH = 4

Definition at line 40 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

◆ SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH = 10

Definition at line 47 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

◆ SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1 = 11

Definition at line 44 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

◆ SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2 = 8

Definition at line 45 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

◆ SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3 = 9

Definition at line 46 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

The documentation for this class was generated from the following file: