ILIAS  release_6 Revision v6.24-5-g0c8bfefb3b8
class.ilLDAPSettingsGUI.php
Go to the documentation of this file.
1<?php
2/*
3 +-----------------------------------------------------------------------------+
4 | ILIAS open source |
5 +-----------------------------------------------------------------------------+
6 | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7 | |
8 | This program is free software; you can redistribute it and/or |
9 | modify it under the terms of the GNU General Public License |
10 | as published by the Free Software Foundation; either version 2 |
11 | of the License, or (at your option) any later version. |
12 | |
13 | This program is distributed in the hope that it will be useful, |
14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | GNU General Public License for more details. |
17 | |
18 | You should have received a copy of the GNU General Public License |
19 | along with this program; if not, write to the Free Software |
20 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21 +-----------------------------------------------------------------------------+
22*/
23
33class ilLDAPSettingsGUI
34{
35 private $ref_id = null;
36 private $server = null;
37 private $dic;
38
39 public function __construct($a_auth_ref_id)
40 {
41 global $DIC;
42
43 $this->dic = $DIC;
44 $this->ctrl = $this->dic->ctrl();
45 $this->tabs_gui = $this->dic->tabs();
46 $this->lng = $this->dic->language();
47 $this->lng->loadLanguageModule('ldap');
48
49 $this->tpl = $this->dic['tpl'];
50
51 if ($_GET["cmd"] != "addServerSettings") {
52 $this->ctrl->saveParameter($this, 'ldap_server_id');
53 }
54
55
56 $this->ref_id = $a_auth_ref_id;
57
58
59 $this->initServer();
60 }
61
62 public function executeCommand()
63 {
64 $next_class = $this->ctrl->getNextClass($this);
65 $cmd = $this->ctrl->getCmd();
66
67 if (!$this->dic->rbac()->system()->checkAccess("visible,read", $this->ref_id) && $cmd != "serverList") {
68 ilUtil::sendFailure($this->lng->txt('msg_no_perm_write'), true);
69 $this->ctrl->redirect($this, "serverList");
70 }
71
72
73 switch ($next_class) {
74 default:
75 if (!$cmd) {
76 $cmd = "serverList";
77 }
78 $this->$cmd();
79 break;
80 }
81 return true;
82 }
83
87 protected function checkAccess($a_permission)
88 {
89 global $DIC;
90
91 $ilErr = $DIC['ilErr'];
92
93 if (!$this->checkAccessBool($a_permission)) {
94 $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
95 }
96 }
97
102 protected function checkAccessBool($a_permission)
103 {
104 global $DIC;
105
106 $access = $DIC->access();
107
108 return $access->checkAccess($a_permission, '', $this->ref_id);
109 }
110
115 public function getServer()
116 {
117 return $this->server;
118 }
119
126 public function roleAssignments()
127 {
128 global $DIC;
129
130 $rbacreview = $DIC['rbacreview'];
131
132 $this->setSubTabs();
133 $this->tabs_gui->setTabActive('role_assignments');
134
135 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP');
136
137 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
138 $this->initFormRoleAssignments('create', $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId(0));
139 $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
140
141
142 if (count($rules = ilLDAPRoleAssignmentRule::_getRules($this->server->getServerId()))) {
143 include_once("./Services/LDAP/classes/class.ilLDAPRoleAssignmentTableGUI.php");
144 $table_gui = new ilLDAPRoleAssignmentTableGUI($this, 'roleAssignments');
145 $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
146 $table_gui->parse($rules);
147 $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
148 $table_gui->setSelectAllCheckbox("rule_id");
149 $this->tpl->setVariable('RULES_TBL', $table_gui->getHTML());
150 }
151 }
152
159 public function editRoleAssignment()
160 {
161 if (!(int) $_GET['rule_id']) {
162 ilUtil::sendFailure($this->lng->txt('select_one'));
163 $this->roleAssignments();
164 return false;
165 }
166 $this->setSubTabs();
167 $this->tabs_gui->setTabActive('role_assignments');
168
169 $this->ctrl->saveParameter($this, 'rule_id', (int) $_GET['rule_id']);
170 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
171 $this->initFormRoleAssignments(
172 'edit',
173 $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId((int) $_GET['rule_id'])
174 );
175 $this->setValuesByArray();
176 $this->tpl->setContent($this->form->getHTML());
177 }
178
179
184 protected function setValuesByArray()
185 {
186 global $DIC;
187
188 $rbacreview = $DIC['rbacreview'];
189
190 $role_id = $this->role_mapping_rule->getRoleId();
191 if ($rbacreview->isGlobalRole($role_id)) {
192 $val['role_name'] = 0;
193 $val['role_id'] = $role_id;
194 } else {
195 $val['role_name'] = 1;
196 $val['role_search'] = ilObject::_lookupTitle($role_id);
197 }
198 $val['add_missing'] = (int) $this->role_mapping_rule->isAddOnUpdateEnabled();
199 $val['remove_deprecated'] = (int) $this->role_mapping_rule->isRemoveOnUpdateEnabled();
200 $val['type'] = (int) $this->role_mapping_rule->getType();
201 $val['dn'] = $this->role_mapping_rule->getDN();
202 $val['at'] = $this->role_mapping_rule->getMemberAttribute();
203 $val['isdn'] = $this->role_mapping_rule->isMemberAttributeDN();
204 $val['name'] = $this->role_mapping_rule->getAttributeName();
205 $val['value'] = $this->role_mapping_rule->getAttributeValue();
206 $val['plugin_id'] = $this->role_mapping_rule->getPluginId();
207
208 $this->form->setValuesByArray($val);
209 }
210
217 public function updateRoleAssignment()
218 {
219 global $DIC;
220
221 $ilErr = $DIC['ilErr'];
222 $ilAccess = $DIC['ilAccess'];
223
224 if (!$ilAccess->checkAccess('write', '', $this->ref_id)) {
225 ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
226 $this->roleAssignment();
227 return false;
228 }
229
230 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
231 include_once('Services/LDAP/classes/class.ilLDAPServer.php');
232
233 $this->initFormRoleAssignments('edit');
234 if (!$this->form->checkInput() or ($err = $this->checkRoleAssignmentInput((int) $_REQUEST['rule_id']))) {
235 if ($err) {
236 ilUtil::sendFailure($this->lng->txt($err));
237 }
238
239 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP');
240
241 // DONE: wrap this
242 $this->form->setValuesByPost();
243 $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
244 #$this->tpl->setVariable('RULES_TBL',$this->getRoleAssignmentTable());
245 $this->tabs_gui->setSubTabActive('shib_role_assignment');
246 return true;
247 }
248
249 // Might redirect
250 $this->roleSelection();
251
252 $this->rule->update();
253 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
254 $this->roleAssignments();
255 return true;
256 }
257
265 public function confirmDeleteRules()
266 {
267 $this->checkAccess("write");
268
269 if (!is_array($_POST['rule_ids'])) {
270 ilUtil::sendFailure($this->lng->txt('select_one'));
271 $this->roleAssignments();
272 return false;
273 }
274 $this->setSubTabs();
275 $this->tabs_gui->setTabActive('role_assignments');
276
277 include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
278 $c_gui = new ilConfirmationGUI();
279
280 // set confirm/cancel commands
281 $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules"));
282 $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass"));
283 $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignments");
284 $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules");
285
286 // add items to delete
287 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
288 foreach ($_POST["rule_ids"] as $rule_id) {
289 $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
290 $c_gui->addItem('rule_ids[]', $rule_id, $rule->conditionToString());
291 }
292 $this->tpl->setContent($c_gui->getHTML());
293 }
294
301 public function deleteRules()
302 {
303 if (!is_array($_POST['rule_ids'])) {
304 ilUtil::sendFailure($this->lng->txt('select_once'));
305 $this->roleAssignments();
306 return false;
307 }
308 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
309 foreach ($_POST["rule_ids"] as $rule_id) {
310 $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
311 $rule->delete();
312 }
313 ilUtil::sendSuccess($this->lng->txt('ldap_deleted_rule'));
314 $this->roleAssignments();
315 return true;
316 }
317
324 public function addRoleAssignment()
325 {
326 global $DIC;
327
328 $ilErr = $DIC['ilErr'];
329 $ilAccess = $DIC['ilAccess'];
330
331 if (!$ilAccess->checkAccess('write', '', $this->ref_id)) {
332 ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
333 $this->roleAssignment();
334 return false;
335 }
336
337 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
338 include_once('Services/LDAP/classes/class.ilLDAPServer.php');
339
340 $this->initFormRoleAssignments('create');
341 if (!$this->form->checkInput() or ($err = $this->checkRoleAssignmentInput())) {
342 if ($err) {
343 ilUtil::sendFailure($this->lng->txt($err));
344 }
345
346 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP');
347
348 // DONE: wrap this
349 $this->form->setValuesByPost();
350 $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
351 $this->tpl->setVariable('RULES_TBL', $this->getRoleAssignmentTable());
352 $this->tabs_gui->setSubTabActive('shib_role_assignment');
353 return true;
354 }
355
356 // Might redirect
357 $this->roleSelection();
358
359 $this->rule->create();
360 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
361 unset($_POST);
362 $this->roleAssignments();
363 return true;
364 }
365
370 protected function roleSelection()
371 {
372 if ($this->rule->getRoleId() > 0) {
373 return false;
374 }
375 $_SESSION['ldap_role_ass']['server_id'] = $this->getServer()->getServerId();
376 $_SESSION['ldap_role_ass']['rule_id'] = $_REQUEST['rule_id'] ? $_REQUEST['rule_id'] : 0;
377 $_SESSION['ldap_role_ass']['role_search'] = $this->form->getInput('role_search');
378 $_SESSION['ldap_role_ass']['add_on_update'] = $this->form->getInput('add_missing');
379 $_SESSION['ldap_role_ass']['remove_on_update'] = $this->form->getInput('remove_deprecated');
380 $_SESSION['ldap_role_ass']['type'] = $this->form->getInput('type');
381 $_SESSION['ldap_role_ass']['dn'] = $this->form->getInput('dn');
382 $_SESSION['ldap_role_ass']['at'] = $this->form->getInput('at');
383 $_SESSION['ldap_role_ass']['isdn'] = $this->form->getInput('isdn');
384 $_SESSION['ldap_role_ass']['name'] = $this->form->getInput('name');
385 $_SESSION['ldap_role_ass']['value'] = $this->form->getInput('value');
386 $_SESSION['ldap_role_ass']['plugin'] = $this->form->getInput('plugin_id');
387
388
389 $this->ctrl->saveParameter($this, 'rule_id');
390 $this->ctrl->redirect($this, 'showRoleSelection');
391 }
392
393
394
399 protected function showRoleSelection()
400 {
401 $this->setSubTabs();
402 $this->tabs_gui->setTabActive('role_assignment');
403 $this->ctrl->saveParameter($this, 'rule_id');
404
405 include_once './Services/Search/classes/class.ilQueryParser.php';
406 $parser = new ilQueryParser($_SESSION['ldap_role_ass']['role_search']);
407 $parser->setMinWordLength(1, true);
408 $parser->setCombination(QP_COMBINATION_AND);
409 $parser->parse();
410
411 include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
412 $object_search = new ilLikeObjectSearch($parser);
413 $object_search->setFilter(array('role'));
414 $res = $object_search->performSearch();
415
416 $entries = $res->getEntries();
417
418 include_once './Services/AccessControl/classes/class.ilRoleSelectionTableGUI.php';
419 $table = new ilRoleSelectionTableGUI($this, 'showRoleSelection');
420 $table->setTitle($this->lng->txt('ldap_role_selection'));
421 $table->addMultiCommand('saveRoleSelection', $this->lng->txt('ldap_choose_role'));
422 #$table->addCommandButton('roleAssignment',$this->lng->txt('cancel'));
423 $table->parse($entries);
424
425 $this->tpl->setContent($table->getHTML());
426 return true;
427 }
428
433 protected function saveRoleSelection()
434 {
435 global $DIC;
436
437 $ilErr = $DIC['ilErr'];
438 $ilAccess = $DIC['ilAccess'];
439
440 if (!$ilAccess->checkAccess('write', '', $this->ref_id)) {
441 ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
442 $this->roleAssignment();
443 return false;
444 }
445
446 if (!(int) $_REQUEST['role_id']) {
447 ilUtil::sendFailure($this->lng->txt('select_one'));
448 $this->showRoleSelection();
449 return false;
450 }
451
452 $this->loadRoleAssignmentRule((int) $_REQUEST['rule_id'], false);
453 $this->rule->setRoleId((int) $_REQUEST['role_id']);
454
455 if ((int) $_REQUEST['rule_id']) {
456 $this->rule->update();
457 } else {
458 $this->rule->create();
459 }
460
461 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
462 $this->roleAssignments();
463 return true;
464 }
465
466
472 protected function checkRoleAssignmentInput($a_rule_id = 0)
473 {
474 global $DIC;
475
476 $ilErr = $DIC['ilErr'];
477
478 $this->loadRoleAssignmentRule($a_rule_id);
479 $this->rule->validate();
480 return $ilErr->getMessage();
481 }
482
483
488 protected function getRoleAssignmentTable()
489 {
490 if (count($rules = ilLDAPRoleAssignmentRule::_getRules($this->server->getServerId()))) {
491 include_once("./Services/LDAP/classes/class.ilLDAPRoleAssignmentTableGUI.php");
492 $table_gui = new ilLDAPRoleAssignmentTableGUI($this, 'roleAssignments');
493 $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
494 $table_gui->parse($rules);
495 $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
496 $table_gui->setSelectAllCheckbox("rule_id");
497 return $table_gui->getHTML();
498 }
499 return '';
500 }
501
502
508 protected function loadRoleAssignmentRule($a_rule_id, $a_from_form = true)
509 {
510 if (is_object($this->rule)) {
511 return true;
512 }
513
514 include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
515 $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id);
516
517
518 if ($a_from_form) {
519 if ($this->form->getInput('role_name') == 0) {
520 $this->rule->setRoleId($this->form->getInput('role_id'));
521 } elseif ($this->form->getInput('role_search')) {
522 // Search role
523 include_once './Services/Search/classes/class.ilQueryParser.php';
524
525 $parser = new ilQueryParser('"' . $this->form->getInput('role_search') . '"');
526
527 // TODO: Handle minWordLength
528 $parser->setMinWordLength(1, true);
529 $parser->setCombination(QP_COMBINATION_AND);
530 $parser->parse();
531
532 include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
533 $object_search = new ilLikeObjectSearch($parser);
534 $object_search->setFilter(array('role'));
535 $res = $object_search->performSearch();
536
537 $entries = $res->getEntries();
538 if (count($entries) == 1) {
539 $role = current($entries);
540 $this->rule->setRoleId($role['obj_id']);
541 } elseif (count($entries) > 1) {
542 $this->rule->setRoleId(-1);
543 }
544 }
545
546 $this->rule->setAttributeName($this->form->getInput('name'));
547 $this->rule->setAttributeValue($this->form->getInput('value'));
548 $this->rule->setDN($this->form->getInput('dn'));
549 $this->rule->setMemberAttribute($this->form->getInput('at'));
550 $this->rule->setMemberIsDN($this->form->getInput('isdn'));
551 $this->rule->enableAddOnUpdate($this->form->getInput('add_missing'));
552 $this->rule->enableRemoveOnUpdate($this->form->getInput('remove_deprecated'));
553 $this->rule->setPluginId($this->form->getInput('plugin_id'));
554 $this->rule->setType($this->form->getInput('type'));
555 $this->rule->setServerId($this->getServer()->getServerId());
556 return true;
557 }
558
559 // LOAD from session
560 $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id);
561 $this->rule->setServerId($this->getServer()->getServerId());
562 $this->rule->enableAddOnUpdate((int) $_SESSION['ldap_role_ass']['add_on_update']);
563 $this->rule->enableRemoveOnUpdate((int) $_SESSION['ldap_role_ass']['remove_on_update']);
564 $this->rule->setType(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['type']));
565 $this->rule->setDN(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['dn']));
566 $this->rule->setMemberAttribute(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['at']));
567 $this->rule->setMemberIsDN(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['isdn']));
568 $this->rule->setAttributeName(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['name']));
569 $this->rule->setAttributeValue(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['value']));
570 $this->rule->setPluginId(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['plugin']));
571 return true;
572 }
573
574 public function deleteRoleMapping()
575 {
576 if (!count($_POST['mappings'])) {
577 ilUtil::sendFailure($this->lng->txt('select_one'));
578 $this->roleMapping();
579 return false;
580 }
581
582 $this->initRoleMapping();
583
584 foreach ($_POST['mappings'] as $mapping_id) {
585 $this->role_mapping->delete($mapping_id);
586 }
587 ilUtil::sendSuccess($this->lng->txt('ldap_deleted_role_mapping'));
588 $this->roleMapping();
589 return true;
590 }
591
592 public function chooseMapping()
593 {
594 if (!$_POST['mapping_template']) {
595 $this->userMapping();
596 return;
597 }
598
599 $this->initAttributeMapping();
600 $this->mapping->clearRules();
601
602 include_once('Services/LDAP/classes/class.ilLDAPAttributeMappingUtils.php');
603 foreach (ilLDAPAttributeMappingUtils::_getMappingRulesByClass($_POST['mapping_template']) as $key => $value) {
604 $this->mapping->setRule($key, $value, 0);
605 }
606 $this->userMapping();
607 return true;
608 }
609
610 public function saveMapping()
611 {
612 $this->initAttributeMapping();
613 $this->tabs_gui->setTabActive('role_mapping');
614
615 foreach ($this->getMappingFields() as $key => $mapping) {
616 $this->mapping->setRule($key, ilUtil::stripSlashes($_POST[$key . '_value']), (int) $_POST[$key . '_update']);
617 }
618 $this->initUserDefinedFields();
619 foreach ($this->udf->getDefinitions() as $definition) {
620 $key = 'udf_' . $definition['field_id'];
621 $this->mapping->setRule($key, ilUtil::stripSlashes($_POST[$key . '_value']), (int) $_POST[$key . '_update']);
622 }
623
624 $this->mapping->save();
625 $this->userMapping();
626
627 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
628 unset($_POST['mapping_template']);
629 return;
630 }
631
632 public function serverList()
633 {
634 global $DIC;
635
636 if (!$this->dic->rbac()->system()->checkAccess("visible,read", $this->ref_id) && $cmd != "serverList") {
637 $DIC['ilErr']->raiseError($this->lng->txt('msg_no_perm_read'), $DIC['ilErr']->WARNING);
638 }
639
640 if (!ilLDAPServer::checkLDAPLib() and $this->server->isActive()) {
641 ilUtil::sendFailure('Missing LDAP libraries. Please ensure that the PHP LDAP module is installed on your server.');
642 }
643
644 if ($this->dic->rbac()->system()->checkAccess("write", $this->ref_id)) {
645 $DIC->toolbar()->addButton(
646 $this->lng->txt("add_ldap_server"),
647 $this->ctrl->getLinkTarget($this, "addServerSettings")
648 );
649 }
650
651 include_once './Services/LDAP/classes/class.ilLDAPServerTableGUI.php';
652
653 $table = new ilLDAPServerTableGUI($this, "serverList");
654
655
656 return $this->tpl->setContent($table->getHTML());
657 }
658
659 public function setServerFormValues()
660 {
661 $this->form_gui->setValuesByArray(array(
662 'active' => $this->server->isActive(),
663 'ds' => !$this->server->isAuthenticationEnabled(),
664 'server_name' => $this->server->getName(),
665 'server_url' => $this->server->getUrlString(),
666 'version' => $this->server->getVersion(),
667 'base_dn' => $this->server->getBaseDN(),
668 'referrals' => $this->server->isActiveReferrer(),
669 'tls' => $this->server->isActiveTLS(),
670 'binding_type' => $this->server->getBindingType(),
671 'bind_dn' => $this->server->getBindUser(),
672 'bind_pass' => $this->server->getBindPassword(),
673 'bind_pass_retype' => $this->server->getBindPassword(),
674 'search_base' => $this->server->getSearchBase(),
675 'user_scope' => $this->server->getUserScope(),
676 'user_attribute' => $this->server->getUserAttribute(),
677 'filter' => $this->server->getFilter(),
678 'group_dn' => $this->server->getGroupDN(),
679 'group_scope' => $this->server->getGroupScope(),
680 'group_filter' => $this->server->getGroupFilter(),
681 'group_member' => $this->server->getGroupMember(),
682 'memberisdn' => $this->server->enabledGroupMemberIsDN(),
683 'group' => $this->server->getGroupName(),
684 'group_attribute' => $this->server->getGroupAttribute(),
685 'group_optional' => $this->server->isMembershipOptional(),
686 'group_user_filter' => $this->server->getGroupUserFilter(),
687 'sync_on_login' => $this->server->enabledSyncOnLogin(),
688 'sync_per_cron' => $this->server->enabledSyncPerCron(),
689 'global_role' => ilLDAPAttributeMapping::_lookupGlobalRole($this->server->getServerId()),
690 'migration' => (int) $this->server->isAccountMigrationEnabled(),
691 "name_filter" => $this->server->getUsernameFilter(),
692 'escape_dn' => $this->server->enabledEscapeDN()
693 ));
694 }
695
696 private function initForm()
697 {
698 include_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
699
700 $this->form_gui = new ilPropertyFormGUI();
701 $this->form_gui->setFormAction($this->ctrl->getFormAction($this, 'save'));
702 $this->form_gui->setTitle($this->lng->txt('ldap_configure'));
703
704 $active = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_enable'), 'active');
705 $active->setValue(1);
706 $this->form_gui->addItem($active);
707
708 $ds = new ilCheckboxInputGUI($this->lng->txt('ldap_as_ds'), 'ds');
709 $ds->setValue(1);
710 $ds->setInfo($this->lng->txt('ldap_as_ds_info'));
711 $this->form_gui->addItem($ds);
712
713 $servername = new ilTextInputGUI($this->lng->txt('ldap_server_name'), 'server_name');
714 $servername->setRequired(true);
715 $servername->setInfo($this->lng->txt('ldap_server_name_info'));
716 $servername->setSize(32);
717 $servername->setMaxLength(32);
718 $this->form_gui->addItem($servername);
719
720 // start Patch Name Filter
721 $namefilter = new ilTextInputGUI($this->lng->txt('ldap_username_filter'), "name_filter");//ADD LANG VAR
722 $namefilter->setInfo($this->lng->txt("ldap_username_filter_info"));
723 $namefilter->setSize(64);
724 $namefilter->setMaxLength(255);
725 $this->form_gui->addItem($namefilter);
726 // end Patch Name Filter
727
728 $serverurl = new ilTextInputGUI($this->lng->txt('ldap_server'), 'server_url');
729 $serverurl->setRequired(true);
730 $serverurl->setInfo($this->lng->txt('ldap_server_url_info'));
731 $serverurl->setSize(64);
732 $serverurl->setMaxLength(255);
733 $this->form_gui->addItem($serverurl);
734
735 $version = new ilSelectInputGUI($this->lng->txt('ldap_version'), 'version');
736 $version->setOptions(array(2 => 2, 3 => 3));
737 $version->setInfo($this->lng->txt('ldap_server_version_info'));
738 $this->form_gui->addItem($version);
739
740 $basedsn = new ilTextInputGUI($this->lng->txt('basedn'), 'base_dn');
741 $basedsn->setRequired(true);
742 $basedsn->setSize(64);
743 $basedsn->setMaxLength(255);
744 $this->form_gui->addItem($basedsn);
745
746 $referrals = new ilCheckboxInputGUI($this->lng->txt('ldap_referrals'), 'referrals');
747 $referrals->setValue(1);
748 $referrals->setInfo($this->lng->txt('ldap_referrals_info'));
749 $this->form_gui->addItem($referrals);
750
751 $section_security = new ilFormSectionHeaderGUI();
752 $section_security->setTitle($this->lng->txt('ldap_server_security_settings'));
753 $this->form_gui->addItem($section_security);
754
755 $tls = new ilCheckboxInputGUI($this->lng->txt('ldap_tls'), 'tls');
756 $tls->setValue(1);
757 $this->form_gui->addItem($tls);
758
759 $binding = new ilRadioGroupInputGUI($this->lng->txt('ldap_server_binding'), 'binding_type');
760 $anonymous = new ilRadioOption($this->lng->txt('ldap_bind_anonymous'), IL_LDAP_BIND_ANONYMOUS);
761 $binding->addOption($anonymous);
762 $user = new ilRadioOption($this->lng->txt('ldap_bind_user'), IL_LDAP_BIND_USER);
763 $dn = new ilTextInputGUI($this->lng->txt('ldap_server_bind_dn'), 'bind_dn');
764 $dn->setSize(64);
765 $dn->setMaxLength(255);
766 $user->addSubItem($dn);
767 $pass = new ilPasswordInputGUI($this->lng->txt('ldap_server_bind_pass'), 'bind_pass');
768 $pass->setSkipSyntaxCheck(true);
769 $pass->setSize(12);
770 $pass->setMaxLength(36);
771 $user->addSubItem($pass);
772 $binding->addOption($user);
773 $this->form_gui->addItem($binding);
774
775 $section_auth = new ilFormSectionHeaderGUI();
776 $section_auth->setTitle($this->lng->txt('ldap_authentication_settings'));
777 $this->form_gui->addItem($section_auth);
778
779 $search_base = new ilTextInputGUI($this->lng->txt('ldap_user_dn'), 'search_base');
780 $search_base->setInfo($this->lng->txt('ldap_search_base_info'));
781 $search_base->setSize(64);
782 $search_base->setMaxLength(255);
783 $this->form_gui->addItem($search_base);
784
785 $user_scope = new ilSelectInputGUI($this->lng->txt('ldap_user_scope'), 'user_scope');
786 $user_scope->setOptions(array(IL_LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
787 IL_LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')));
788 $user_scope->setInfo($this->lng->txt('ldap_user_scope_info'));
789 $this->form_gui->addItem($user_scope);
790
791 $user_attribute = new ilTextInputGUI($this->lng->txt('ldap_user_attribute'), 'user_attribute');
792 $user_attribute->setSize(16);
793 $user_attribute->setMaxLength(64);
794 $user_attribute->setRequired(true);
795 $this->form_gui->addItem($user_attribute);
796
797 $filter = new ilTextInputGUI($this->lng->txt('ldap_search_filter'), 'filter');
798 $filter->setInfo($this->lng->txt('ldap_filter_info'));
799 $filter->setSize(64);
800 $filter->setMaxLength(512);
801 $this->form_gui->addItem($filter);
802
803 $section_restrictions = new ilFormSectionHeaderGUI();
804 $section_restrictions->setTitle($this->lng->txt('ldap_group_restrictions'));
805 $this->form_gui->addItem($section_restrictions);
806
807 $group_dn = new ilTextInputGUI($this->lng->txt('ldap_group_search_base'), 'group_dn');
808 $group_dn->setInfo($this->lng->txt('ldap_group_dn_info'));
809 $group_dn->setSize(64);
810 $group_dn->setMaxLength(255);
811 $this->form_gui->addItem($group_dn);
812
813 $group_scope = new ilSelectInputGUI($this->lng->txt('ldap_group_scope'), 'group_scope');
814 $group_scope->setOptions(array(IL_LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
815 IL_LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')));
816 $group_scope->setInfo($this->lng->txt('ldap_group_scope_info'));
817 $this->form_gui->addItem($group_scope);
818
819 $group_filter = new ilTextInputGUI($this->lng->txt('ldap_group_filter'), 'group_filter');
820 $group_filter->setInfo($this->lng->txt('ldap_group_filter_info'));
821 $group_filter->setSize(64);
822 $group_filter->setMaxLength(255);
823 $this->form_gui->addItem($group_filter);
824
825 $group_member = new ilTextInputGUI($this->lng->txt('ldap_group_member'), 'group_member');
826 $group_member->setInfo($this->lng->txt('ldap_group_member_info'));
827 $group_member->setSize(32);
828 $group_member->setMaxLength(255);
829 $this->form_gui->addItem($group_member);
830
831
832 $group_member_isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_memberisdn'), 'memberisdn');
833 #$group_member_isdn->setInfo($this->lng->txt('ldap_group_member_info'));
834 $this->form_gui->addItem($group_member_isdn);
835 #$group_member->addSubItem($group_member_isdn);
836
837 $escapedn = new ilCheckboxInputGUI($this->lng->txt('ldap_escapedn'), 'escape_dn');
838 $escapedn->setValue(1);
839 $escapedn->setInfo($this->lng->txt('ldap_escapedn_info'));
840 $this->form_gui->addItem($escapedn);
841
842 $group = new ilTextInputGUI($this->lng->txt('ldap_group_name'), 'group');
843 $group->setInfo($this->lng->txt('ldap_group_name_info'));
844 $group->setSize(32);
845 $group->setMaxLength(255);
846 $this->form_gui->addItem($group);
847
848 $group_atrr = new ilTextInputGUI($this->lng->txt('ldap_group_attribute'), 'group_attribute');
849 $group_atrr->setInfo($this->lng->txt('ldap_group_attribute_info'));
850 $group_atrr->setSize(16);
851 $group_atrr->setMaxLength(64);
852 $this->form_gui->addItem($group_atrr);
853
854 $group_optional = new ilCheckboxInputGUI($this->lng->txt('ldap_group_membership'), 'group_optional');
855 $group_optional->setOptionTitle($this->lng->txt('ldap_group_member_optional'));
856 $group_optional->setInfo($this->lng->txt('ldap_group_optional_info'));
857 $group_optional->setValue(1);
858 $group_user_filter = new ilTextInputGUI($this->lng->txt('ldap_group_user_filter'), 'group_user_filter');
859 $group_user_filter->setSize(64);
860 $group_user_filter->setMaxLength(255);
861 $group_optional->addSubItem($group_user_filter);
862 $this->form_gui->addItem($group_optional);
863
864 $section_sync = new ilFormSectionHeaderGUI();
865 $section_sync->setTitle($this->lng->txt('ldap_user_sync'));
866 $this->form_gui->addItem($section_sync);
867
868 $ci_gui = new ilCustomInputGUI($this->lng->txt('ldap_moment_sync'));
869 $sync_on_login = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_login'), 'sync_on_login');
870 $sync_on_login->setValue(1);
871 $ci_gui->addSubItem($sync_on_login);
872 $sync_per_cron = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_cron'), 'sync_per_cron');
873 $sync_per_cron->setValue(1);
874 $ci_gui->addSubItem($sync_per_cron);
875 $ci_gui->setInfo($this->lng->txt('ldap_user_sync_info'));
876 $this->form_gui->addItem($ci_gui);
877
878 $global_role = new ilSelectInputGUI($this->lng->txt('ldap_global_role_assignment'), 'global_role');
879 $global_role->setOptions($this->prepareRoleSelect(false));
880 $global_role->setInfo($this->lng->txt('ldap_global_role_info'));
881 $this->form_gui->addItem($global_role);
882
883 $migr = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_migration'), 'migration');
884 $migr->setInfo($this->lng->txt('auth_ldap_migration_info'));
885 $migr->setValue(1);
886 $this->form_gui->addItem($migr);
887
888
889 include_once "Services/Administration/classes/class.ilAdministrationSettingsFormHandler.php";
890 ilAdministrationSettingsFormHandler::addFieldsToForm(
891 ilAdministrationSettingsFormHandler::FORM_LDAP,
892 $this->form_gui,
893 ilAdministrationSettingsFormHandler::getSettingsGUIInstance("auth")
894 );
895
896
897 $this->form_gui->addCommandButton('save', $this->lng->txt('save'));
898 if ($_GET["cmd"] == "addServerSettings") {
899 $this->form_gui->addCommandButton('serverList', $this->lng->txt('cancel'));
900 }
901 }
902
903 /*
904 * Update Settings
905 */
906 public function save()
907 {
908 global $DIC;
909
910 $ilErr = $DIC['ilErr'];
911
912 $this->setSubTabs();
913 $this->tabs_gui->setTabActive('settings');
914
915 $this->initForm();
916 if ($this->form_gui->checkInput()) {
917 $this->server->toggleActive((int) $this->form_gui->getInput('active'));
918 $this->server->enableAuthentication(!$this->form_gui->getInput('ds'));
919 $this->server->setName($this->form_gui->getInput('server_name'));
920 $this->server->setUrl($this->form_gui->getInput('server_url'));
921 $this->server->setVersion($this->form_gui->getInput('version'));
922 $this->server->setBaseDN($this->form_gui->getInput('base_dn'));
923 $this->server->toggleReferrer($this->form_gui->getInput('referrals'));
924 $this->server->toggleTLS($this->form_gui->getInput('tls'));
925 $this->server->setBindingType((int) $this->form_gui->getInput('binding_type'));
926 $this->server->setBindUser($this->form_gui->getInput('bind_dn'));
927 $this->server->setBindPassword($this->form_gui->getInput('bind_pass'));
928 $this->server->setSearchBase($this->form_gui->getInput('search_base'));
929 $this->server->setUserScope($this->form_gui->getInput('user_scope'));
930 $this->server->setUserAttribute($this->form_gui->getInput('user_attribute'));
931 $this->server->setFilter($this->form_gui->getInput('filter'));
932 $this->server->setGroupDN($this->form_gui->getInput('group_dn'));
933 $this->server->setGroupScope((int) $this->form_gui->getInput('group_scope'));
934 $this->server->setGroupFilter($this->form_gui->getInput('group_filter'));
935 $this->server->setGroupMember($this->form_gui->getInput('group_member'));
936 $this->server->enableGroupMemberIsDN((int) $this->form_gui->getInput('memberisdn'));
937 $this->server->setGroupName($this->form_gui->getInput('group'));
938 $this->server->setGroupAttribute($this->form_gui->getInput('group_attribute'));
939 $this->server->setGroupUserFilter($this->form_gui->getInput('group_user_filter'));
940 $this->server->toggleMembershipOptional((int) $this->form_gui->getInput('group_optional'));
941 $this->server->enableSyncOnLogin((int) $this->form_gui->getInput('sync_on_login'));
942 $this->server->enableSyncPerCron((int) $this->form_gui->getInput('sync_per_cron'));
943 $this->server->setGlobalRole((int) $this->form_gui->getInput('global_role'));
944 $this->server->enableAccountMigration((int) $this->form_gui->getInput('migration'));
945 $this->server->setUsernameFilter($this->form_gui->getInput("name_filter"));
946 $this->server->enableEscapeDN((bool) $this->form_gui->getInput('escape_dn'));
947 if (!$this->server->validate()) {
948 ilUtil::sendFailure($ilErr->getMessage());
949 $this->form_gui->setValuesByPost();
950 return $this->tpl->setContent($this->form_gui->getHtml());
951 }
952
953 // Update or create
954 if ($this->server->getServerId()) {
955 $this->server->update();
956 } else {
957 $this->server->create();
958 }
959
960 // Now server_id exists => update LDAP attribute mapping
961 $this->initAttributeMapping();
962 $this->mapping->setRule('global_role', (int) $this->form_gui->getInput('global_role'), false);
963 $this->mapping->save();
964
965 ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
966 $this->ctrl->redirect($this, 'serverList');
967 return true;
968 }
969
970 $this->form_gui->setValuesByPost();
971 return $this->tpl->setContent($this->form_gui->getHtml());
972 }
973
974
975
981 private function setSubTabs()
982 {
983 $this->tabs_gui->clearTargets();
984
985 $this->tabs_gui->setBackTarget(
986 $this->lng->txt("back"),
987 $this->ctrl->getLinkTarget($this, 'serverList')
988 );
989
990 /*$this->tabs_gui->addSubTabTarget("ldap_settings",
991 $this->ctrl->getLinkTarget($this,'serverList'),
992 "serverList",get_class($this));*/
993
994 $this->tabs_gui->addTab(
995 "settings",
996 $this->lng->txt("ldap_settings"),
997 $this->ctrl->getLinkTarget($this, 'editServerSettings')
998 );
999
1000 // Disable all other tabs, if server hasn't been configured.
1001 include_once('Services/LDAP/classes/class.ilLDAPServer.php');
1002 if (!count(ilLDAPServer::_getServerList())) {
1003 return true;
1004 }
1005
1006 /*$this->tabs_gui->addSubTabTarget("ldap_user_mapping",
1007 $this->ctrl->getLinkTarget($this,'userMapping'),
1008 "userMapping",get_class($this));*/
1009
1010 $this->tabs_gui->addTab(
1011 "user_mapping",
1012 $this->lng->txt("ldap_user_mapping"),
1013 $this->ctrl->getLinkTarget($this, 'userMapping')
1014 );
1015
1016 /*$this->tabs_gui->addSubTabTarget('ldap_role_assignments',
1017 $this->ctrl->getLinkTarget($this,'roleAssignments'),
1018 "roleAssignments",get_class($this));*/
1019
1020 $this->tabs_gui->addTab(
1021 "role_assignments",
1022 $this->lng->txt('ldap_role_assignments'),
1023 $this->ctrl->getLinkTarget($this, 'roleAssignments')
1024 );
1025
1026 /*$this->tabs_gui->addSubTabTarget("ldap_role_mapping",
1027 $this->ctrl->getLinkTarget($this,'roleMapping'),
1028 "roleMapping",get_class($this));
1029 "roleMapping",get_class($this));*/
1030 $this->tabs_gui->addTab(
1031 "role_mapping",
1032 $this->lng->txt("ldap_role_mapping"),
1033 $this->ctrl->getLinkTarget($this, 'roleMapping')
1034 );
1035 }
1036
1037
1038 private function initServer()
1039 {
1040 include_once './Services/LDAP/classes/class.ilLDAPServer.php';
1041 if (!$_REQUEST['ldap_server_id']) {
1042 $_REQUEST['ldap_server_id'] = 0;
1043 }
1044 $this->server = new ilLDAPServer((int) $_REQUEST['ldap_server_id']);
1045 }
1046
1047 private function initAttributeMapping()
1048 {
1049 include_once './Services/LDAP/classes/class.ilLDAPAttributeMapping.php';
1050 $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->getServer()->getServerId());
1051 }
1052
1053 private function initRoleMapping()
1054 {
1055 include_once './Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
1056 $this->role_mapping = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId($this->getServer()->getServerId());
1057 }
1058
1064 private function prepareGlobalRoleSelection($a_as_select = true)
1065 {
1066 global $DIC;
1067
1068 $rbacreview = $DIC['rbacreview'];
1069 $ilObjDataCache = $DIC['ilObjDataCache'];
1070
1071 $global_roles = ilUtil::_sortIds(
1072 $rbacreview->getGlobalRoles(),
1073 'object_data',
1074 'title',
1075 'obj_id'
1076 );
1077
1078 $select[0] = $this->lng->txt('links_select_one');
1079 foreach ($global_roles as $role_id) {
1080 $select[$role_id] = ilObject::_lookupTitle($role_id);
1081 }
1082 return $select;
1083 }
1084
1085
1092 private function prepareRoleSelect($a_as_select = true)
1093 {
1094 global $DIC;
1095
1096 $rbacreview = $DIC['rbacreview'];
1097 $ilObjDataCache = $DIC['ilObjDataCache'];
1098
1099 include_once('./Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
1100
1101 $global_roles = ilUtil::_sortIds(
1102 $rbacreview->getGlobalRoles(),
1103 'object_data',
1104 'title',
1105 'obj_id'
1106 );
1107
1108 $select[0] = $this->lng->txt('links_select_one');
1109 foreach ($global_roles as $role_id) {
1110 $select[$role_id] = ilObject::_lookupTitle($role_id);
1111 }
1112
1113 if ($a_as_select) {
1114 return ilUtil::formSelect(
1115 ilLDAPAttributeMapping::_lookupGlobalRole($this->server->getServerId()),
1116 'global_role',
1117 $select,
1118 false,
1119 true
1120 );
1121 } else {
1122 return $select;
1123 }
1124 }
1125
1126
1127 private function getMappingFields()
1128 {
1129 return array('gender' => $this->lng->txt('gender'),
1130 'firstname' => $this->lng->txt('firstname'),
1131 'lastname' => $this->lng->txt('lastname'),
1132 'title' => $this->lng->txt('person_title'),
1133 'institution' => $this->lng->txt('institution'),
1134 'department' => $this->lng->txt('department'),
1135 'street' => $this->lng->txt('street'),
1136 'city' => $this->lng->txt('city'),
1137 'zipcode' => $this->lng->txt('zipcode'),
1138 'country' => $this->lng->txt('country'),
1139 'phone_office' => $this->lng->txt('phone_office'),
1140 'phone_home' => $this->lng->txt('phone_home'),
1141 'phone_mobile' => $this->lng->txt('phone_mobile'),
1142 'fax' => $this->lng->txt('fax'),
1143 'email' => $this->lng->txt('email'),
1144 'hobby' => $this->lng->txt('hobby'),
1145 'matriculation' => $this->lng->txt('matriculation'));
1146 #'photo' => $this->lng->txt('photo'));
1147 }
1148
1149 private function initUserDefinedFields()
1150 {
1151 include_once("./Services/User/classes/class.ilUserDefinedFields.php");
1152 $this->udf = ilUserDefinedFields::_getInstance();
1153 }
1154
1155 private function prepareMappingSelect()
1156 {
1157 return ilUtil::formSelect($_POST['mapping_template'], 'mapping_template', array(0 => $this->lng->txt('ldap_mapping_template'),
1158 "inetOrgPerson" => 'inetOrgPerson',
1159 "organizationalPerson" => 'organizationalPerson',
1160 "person" => 'person',
1161 "ad_2003" => 'Active Directory (Win 2003)'), false, true);
1162 }
1163
1170 private function loadMappingDetails()
1171 {
1172 if (!isset($_SESSION['ldap_mapping_details'])) {
1173 $_SESSION['ldap_mapping_details'] = array();
1174 }
1175 if (isset($_GET['details_show'])) {
1176 $_SESSION['ldap_mapping_details'][$_GET['details_show']] = $_GET['details_show'];
1177 }
1178 if (isset($_GET['details_hide'])) {
1179 unset($_SESSION['ldap_mapping_details'][$_GET['details_hide']]);
1180 }
1181 }
1182
1191 protected function initFormRoleAssignments($a_mode)
1192 {
1193 include_once('Services/Form/classes/class.ilPropertyFormGUI.php');
1194 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
1195
1196 $this->form = new ilPropertyFormGUI();
1197 $this->form->setFormAction($this->ctrl->getFormAction($this));
1198
1199 switch ($a_mode) {
1200 case 'edit':
1201 $this->form->setTitle($this->lng->txt('ldap_edit_role_ass_rule'));
1202 $this->form->addCommandButton('updateRoleAssignment', $this->lng->txt('save'));
1203 //$this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
1204 break;
1205 case 'create':
1206 $this->form->setTitle($this->lng->txt('ldap_add_role_ass_rule'));
1207 $this->form->addCommandButton('addRoleAssignment', $this->lng->txt('ldap_btn_add_role_ass'));
1208 //$this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
1209 break;
1210 }
1211
1212 // Role Selection
1213 $role = new ilRadioGroupInputGUI($this->lng->txt('ldap_ilias_role'), 'role_name');
1214 $role->setRequired(true);
1215
1216 $global = new ilRadioOption($this->lng->txt('ldap_global_role'), 0);
1217 $role->addOption($global);
1218
1219 $role_select = new ilSelectInputGUI('', 'role_id');
1220 $role_select->setOptions($this->prepareGlobalRoleSelection());
1221 $global->addSubItem($role_select);
1222
1223 $local = new ilRadioOption($this->lng->txt('ldap_local_role'), 1);
1224 $role->addOption($local);
1225
1226 include_once './Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php';
1227 $role_search = new ilRoleAutoCompleteInputGUI('', 'role_search', $this, 'addRoleAutoCompleteObject');
1228 $role_search->setSize(40);
1229 $local->addSubItem($role_search);
1230
1231 $role->setInfo($this->lng->txt('ldap_role_name_info'));
1232 $this->form->addItem($role);
1233
1234 // Update options
1235 $update = new ilNonEditableValueGUI($this->lng->txt('ldap_update_roles'), 'update_roles');
1236 $update->setValue($this->lng->txt('ldap_check_role_assignment'));
1237
1238 $add = new ilCheckboxInputGUI('', 'add_missing');
1239 $add->setOptionTitle($this->lng->txt('ldap_add_missing'));
1240 $update->addSubItem($add);
1241
1242 $remove = new ilCheckboxInputGUI('', 'remove_deprecated');
1243 $remove->setOptionTitle($this->lng->txt('ldap_remove_deprecated'));
1244 $update->addSubItem($remove);
1245
1246 $this->form->addItem($update);
1247
1248
1249
1250 // Assignment Type
1251 $group = new ilRadioGroupInputGUI($this->lng->txt('ldap_assignment_type'), 'type');
1252 #$group->setValue($current_rule->getType());
1253 $group->setRequired(true);
1254
1255 // Option by group
1256 $radio_group = new ilRadioOption($this->lng->txt('ldap_role_by_group'), ilLDAPRoleAssignmentRule::TYPE_GROUP);
1257
1258 $dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn'), 'dn');
1259 #$dn->setValue($current_rule->getDN());
1260 $dn->setSize(32);
1261 $dn->setMaxLength(512);
1262 $dn->setInfo($this->lng->txt('ldap_role_grp_dn_info'));
1263 $radio_group->addSubItem($dn);
1264 $at = new ilTextInputGUI($this->lng->txt('ldap_role_grp_at'), 'at');
1265 #$at->setValue($current_rule->getMemberAttribute());
1266 $at->setSize(16);
1267 $at->setMaxLength(128);
1268 $radio_group->addSubItem($at);
1269 $isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_role_grp_isdn'), 'isdn');
1270 #$isdn->setChecked($current_rule->isMemberAttributeDN());
1271 $isdn->setInfo($this->lng->txt('ldap_group_member_info'));
1272 $radio_group->addSubItem($isdn);
1273 $radio_group->setInfo($this->lng->txt('ldap_role_grp_info'));
1274
1275 $group->addOption($radio_group);
1276
1277 // Option by Attribute
1278 $radio_attribute = new ilRadioOption($this->lng->txt('ldap_role_by_attribute'), ilLDAPRoleAssignmentRule::TYPE_ATTRIBUTE);
1279 $name = new ilTextInputGUI($this->lng->txt('ldap_role_at_name'), 'name');
1280 #$name->setValue($current_rule->getAttributeName());
1281 $name->setSize(32);
1282 $name->setMaxLength(128);
1283 #$name->setInfo($this->lng->txt('ldap_role_at_name_info'));
1284 $radio_attribute->addSubItem($name);
1285
1286 // Radio Attribute
1287 $val = new ilTextInputGUI($this->lng->txt('ldap_role_at_value'), 'value');
1288 #$val->setValue($current_rule->getAttributeValue());
1289 $val->setSize(32);
1290 $val->setMaxLength(128);
1291 #$val->setInfo($this->lng->txt('ldap_role_at_value_info'));
1292 $radio_attribute->addSubItem($val);
1293 $radio_attribute->setInfo($this->lng->txt('ldap_role_at_info'));
1294
1295 $group->addOption($radio_attribute);
1296
1297 // Option by Plugin
1298 $pl_active = (bool) $this->hasActiveRoleAssignmentPlugins();
1299 $pl = new ilRadioOption($this->lng->txt('ldap_plugin'), 3);
1300 $pl->setInfo($this->lng->txt('ldap_plugin_info'));
1301 $pl->setDisabled(!$pl_active);
1302
1303 $id = new ilNumberInputGUI($this->lng->txt('ldap_plugin_id'), 'plugin_id');
1304 $id->setDisabled(!$pl_active);
1305 $id->setSize(3);
1306 $id->setMaxLength(3);
1307 $id->setMaxValue(999);
1308 $id->setMinValue(1);
1309 $pl->addSubItem($id);
1310
1311 $group->addOption($pl);
1312 $this->form->addItem($group);
1313 }
1314
1319 private function hasActiveRoleAssignmentPlugins()
1320 {
1321 global $DIC;
1322
1323 $ilPluginAdmin = $DIC['ilPluginAdmin'];
1324
1325 return count($ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, 'LDAP', 'ldaphk')) ? true : false;
1326 }
1327
1328
1332 public function addRoleAutoCompleteObject()
1333 {
1334 include_once("./Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php");
1335 ilRoleAutoCompleteInputGUI::echoAutoCompleteList();
1336 }
1337
1338
1339
1340
1345 private function userMappingToolbar()
1346 {
1347 global $DIC;
1348
1349 $ilToolbar = $DIC['ilToolbar'];
1350 include_once("./Services/Form/classes/class.ilSelectInputGUI.php");
1351
1352 $select_form = new ilSelectInputGUI("mapping_template");
1353 $select_form->setPostVar("mapping_template");
1354 $options = array(
1355 "" => $this->lng->txt('ldap_mapping_template'),
1356 "inetOrgPerson" => 'inetOrgPerson',
1357 "organizationalPerson" => 'organizationalPerson',
1358 "person" => 'person',
1359 "ad_2003" => 'Active Directory (Win 2003)');
1360 $select_form->setOptions($options);
1361 $select_form->setValue($_POST['mapping_template']);
1362
1363 $ilToolbar->addInputItem($select_form);
1364 $ilToolbar->addFormButton($this->lng->txt('show'), "chooseMapping");
1365 $ilToolbar->setFormAction($this->ctrl->getFormAction($this, "chooseMapping"));
1366 }
1367
1372 private function initUserMappingForm()
1373 {
1374 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1375 $propertie_form = new ilPropertyFormGUI();
1376 $propertie_form->setTitle($this->lng->txt('ldap_mapping_table'));
1377 $propertie_form->setFormAction($this->ctrl->getFormAction($this, 'saveMapping'));
1378 $propertie_form->addCommandButton('saveMapping', $this->lng->txt('save'));
1379
1380 foreach ($this->getMappingFields() as $mapping => $lang) {
1381 $text_form = new ilTextInputGUI($lang);
1382 $text_form->setPostVar($mapping . "_value");
1383 $text_form->setValue($this->mapping->getValue($mapping));
1384 $text_form->setSize(32);
1385 $text_form->setMaxLength(255);
1386 $propertie_form->addItem($text_form);
1387
1388 $checkbox_form = new ilCheckboxInputGUI("");
1389 $checkbox_form->setPostVar($mapping . "_update");
1390 $checkbox_form->setChecked($this->mapping->enabledUpdate($mapping));
1391 $checkbox_form->setOptionTitle($this->lng->txt('ldap_update_field_info'));
1392 $propertie_form->addItem($checkbox_form);
1393 }
1394
1395 $this->initUserDefinedFields();
1396 foreach ($this->udf->getDefinitions() as $definition) {
1397 $text_form = new ilTextInputGUI($definition['field_name']);
1398 $text_form->setPostVar('udf_' . $definition['field_id'] . '_value');
1399 $text_form->setValue($this->mapping->getValue('udf_' . $definition['field_id']));
1400 $text_form->setSize(32);
1401 $text_form->setMaxLength(255);
1402 $propertie_form->addItem($text_form);
1403
1404 $checkbox_form = new ilCheckboxInputGUI("");
1405 $checkbox_form->setPostVar('udf_' . $definition['field_id'] . '_update');
1406 $checkbox_form->setChecked($this->mapping->enabledUpdate('udf_' . $definition['field_id']));
1407 $checkbox_form->setOptionTitle($this->lng->txt('ldap_update_field_info'));
1408 $propertie_form->addItem($checkbox_form);
1409 }
1410
1411 return $propertie_form;
1412 }
1413
1418 public function roleMapping()
1419 {
1420 global $DIC;
1421
1422 $ilToolbar = $DIC['ilToolbar'];
1423 $this->setSubTabs();
1424 $this->tabs_gui->setTabActive('role_mapping');
1425 $ilToolbar->addButton(
1426 $this->lng->txt("ldap_new_role_assignment"),
1427 $this->ctrl->getLinkTarget($this, 'addRoleMapping')
1428 );
1429 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1430
1431 //Set propertyform for synchronization settings
1432 include_once("./Services/Form/classes/class.ilCombinationInputGUI.php");
1433 $propertie_form = new ilPropertyFormGUI();
1434 $propertie_form->setTitle($this->lng->txt('ldap_role_settings'));
1435 $propertie_form->setFormAction($this->ctrl->getFormAction($this, "saveSyncronizationSettings"));
1436 $propertie_form->addCommandButton("saveSyncronizationSettings", $this->lng->txt('save'));
1437 $role_active = new ilCheckboxInputGUI($this->lng->txt('ldap_role_active'));
1438 $role_active->setPostVar('role_sync_active');
1439 $role_active->setChecked($this->server->enabledRoleSynchronization() ? true : false);
1440 $propertie_form->addItem($role_active);
1441 $binding = new ilCombinationInputGUI($this->lng->txt('ldap_server_binding'));
1442 $binding->setInfo($this->lng->txt('ldap_role_bind_user_info'));
1443 $user = new ilTextInputGUI("");
1444 $user->setPostVar("role_bind_user");
1445 $user->setValue($this->server->getRoleBindDN());
1446 $user->setSize(50);
1447 $user->setMaxLength(255);
1448 $binding->addCombinationItem(0, $user, $this->lng->txt('ldap_role_bind_user'));
1449 $pass = new ilPasswordInputGUI("");
1450 $pass->setPostVar("role_bind_pass");
1451 $pass->setValue($this->server->getRoleBindPassword());
1452 $pass->setSize(12);
1453 $pass->setMaxLength(36);
1454 $pass->setRetype(false);
1455 $binding->addCombinationItem(1, $pass, $this->lng->txt('ldap_role_bind_pass'));
1456 $propertie_form->addItem($binding);
1457
1458 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_mappings.html', 'Services/LDAP');
1459 $this->tpl->setVariable("NEW_ASSIGNMENT_TBL", $propertie_form->getHTML());
1460
1461 //Set Group Assignments Table if mappings exist
1462 include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php');
1463 $mapping_instance = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId($this->server->getServerId());
1464 $mappings = $mapping_instance->getMappings();
1465 if (count($mappings)) {
1466 include_once("./Services/LDAP/classes/class.ilLDAPRoleMappingTableGUI.php");
1467 $table_gui = new ilLDAPRoleMappingTableGUI($this, $this->server->getServerId());
1468 $table_gui->setTitle($this->lng->txt('ldap_role_group_assignments'));
1469 $table_gui->setData($mappings);
1470 $this->tpl->setVariable("RULES_TBL", $table_gui->getHTML());
1471 }
1472 }
1473
1477 public function editRoleMapping()
1478 {
1479 include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1480 $mapping = new ilLDAPRoleGroupMappingSetting($_GET["mapping_id"]);
1481 $mapping->read();
1482
1483 $propertie_form = $this->initRoleMappingForm("updateRoleMapping");
1484 $propertie_form->setTitle($this->lng->txt('ldap_edit_role_assignment'));
1485 $propertie_form->getItemByPostVar("url")->setValue($mapping->getURL());
1486 $propertie_form->getItemByPostVar("dn")->setValue($mapping->getDN());
1487 $propertie_form->getItemByPostVar("member")->setValue($mapping->getMemberAttribute());
1488 $propertie_form->getItemByPostVar("memberisdn")->setChecked($mapping->getMemberISDN());
1489 $propertie_form->getItemByPostVar("role")->setValue($mapping->getRoleName());
1490 $propertie_form->getItemByPostVar("info")->setValue($mapping->getMappingInfo());
1491 $propertie_form->getItemByPostVar("info_type")->setChecked($mapping->getMappingInfoType());
1492
1493 $this->tpl->setContent($propertie_form->getHTML());
1494 }
1495
1496
1497
1502 public function createRoleMapping()
1503 {
1504 global $DIC;
1505
1506 $rbacreview = $DIC['rbacreview'];
1507 $propertie_form = $this->initRoleMappingForm("createRoleMapping");
1508
1509 if ($propertie_form->checkInput() && $rbacreview->roleExists($propertie_form->getInput("role"))) {
1510 include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1511 $mapping = new ilLDAPRoleGroupMappingSetting(0);
1512 $mapping->setServerId($this->server->getServerId());
1513 $mapping->setURL($propertie_form->getInput("url"));
1514 $mapping->setDN($propertie_form->getInput("dn"));
1515 $mapping->setMemberAttribute($propertie_form->getInput("member"));
1516 $mapping->setMemberISDN($propertie_form->getInput("memberisdn"));
1517 $mapping->setRoleByName($propertie_form->getInput("role"));
1518 $mapping->setMappingInfo($propertie_form->getInput("info"));
1519 $mapping->setMappingInfoType($propertie_form->getInput("info_type"));
1520 $mapping->save();
1521
1522 ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
1523 $this->ctrl->redirect($this, "roleMapping");
1524 } else {
1525 if (!$rbacreview->roleExists($propertie_form->getInput("role"))) {
1526 ilUtil::sendFailure($this->lng->txt("ldap_role_not_exists") . " " .
1527 $propertie_form->getInput("role"));
1528 }
1529 $propertie_form->setValuesByPost();
1530 $this->tpl->setContent($propertie_form->getHTML());
1531 }
1532 }
1533
1537 public function confirmDeleteRoleMapping()
1538 {
1539 if (!is_array($_POST['mappings'])) {
1540 ilUtil::sendFailure($this->lng->txt('select_one'), true);
1541 $this->ctrl->redirect($this, "roleMapping");
1542 return false;
1543 }
1544
1545 include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
1546 $c_gui = new ilConfirmationGUI();
1547
1548 // set confirm/cancel commands
1549 $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRoleMapping"));
1550 $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass"));
1551 $c_gui->setCancel($this->lng->txt("cancel"), "roleMapping");
1552 $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRoleMapping");
1553
1554 foreach ($_POST['mappings'] as $id) {
1555 include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1556 $mapping = new ilLDAPRoleGroupMappingSetting($id);
1557 $mapping->read();
1558 $txt = $this->lng->txt('obj_role') . ": " . $mapping->getRoleName() . ", ";
1559 $txt .= $this->lng->txt('ldap_group_dn') . ": " . $mapping->getDN() . ", ";
1560 $txt .= $this->lng->txt('ldap_server_short') . " " . $mapping->getURL() . ", ";
1561 $txt .= $this->lng->txt('ldap_group_member_short') . " " . $mapping->getMemberAttribute();
1562
1563 $c_gui->addItem("mappings[]", $id, $txt);
1564 }
1565 $this->tpl->setContent($c_gui->getHTML());
1566 }
1567
1568 public function addServerSettings()
1569 {
1570 $this->checkAccess("write");
1571
1572 $this->ctrl->clearParameters($this);
1573
1574 $this->initForm();
1575 return $this->tpl->setContent($this->form_gui->getHtml());
1576 }
1577
1578 public function editServerSettings()
1579 {
1580 $this->checkAccess("write");
1581
1582 $this->setSubTabs();
1583 $this->tabs_gui->setTabActive('settings');
1584
1585 $this->initForm();
1586 $this->setServerFormValues();
1587 return $this->tpl->setContent($this->form_gui->getHtml());
1588 }
1589
1590
1598 public function confirmDeleteServerSettings()
1599 {
1600 $this->checkAccess("write");
1601
1602 if (!isset($_GET["ldap_server_id"])) {
1603 ilUtil::sendFailure($this->lng->txt('select_one'));
1604 $this->serverList();
1605 return false;
1606 }
1607
1608 include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
1609 $c_gui = new ilConfirmationGUI();
1610
1611 // set confirm/cancel commands
1612 $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteServerSettings"));
1613 $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_server_settings"));
1614 $c_gui->setCancel($this->lng->txt("cancel"), "serverList");
1615 $c_gui->setConfirm($this->lng->txt("confirm"), "deleteServerSettings");
1616
1617 // add items to delete
1618 include_once('Services/LDAP/classes/class.ilLDAPServer.php');
1619 foreach ((array) $_GET["ldap_server_id"] as $server_id) {
1620 $setting = new ilLDAPServer($server_id);
1621 $c_gui->addItem('server_ids[]', $server_id, $setting->getName());
1622 }
1623 $this->tpl->setContent($c_gui->getHTML());
1624 }
1625
1629 public function deleteServerSettings()
1630 {
1631 if (!is_array($_POST["server_ids"])) {
1632 ilUtil::sendFailure($this->lng->txt('select_one'));
1633 $this->serverList();
1634 return false;
1635 }
1636
1637 foreach ((array) $_POST["server_ids"] as $server_id) {
1638 $setting = new ilLDAPServer($server_id);
1639 $setting->delete();
1640 }
1641 ilUtil::sendSuccess($this->lng->txt('deleted'));
1642
1643 $this->serverList();
1644 }
1645
1649 public function userMapping()
1650 {
1651 $this->initAttributeMapping();
1652
1653 $this->setSubTabs();
1654 $this->tabs_gui->setTabActive('user_mapping');
1655 $this->userMappingToolbar();
1656
1657 $propertie_form = $this->initUserMappingForm();
1658
1659 $this->tpl->setContent($propertie_form->getHTML());
1660 }
1661
1662
1663
1664 public function activateServer()
1665 {
1666 $this->checkAccess("write");
1667
1668 $this->server->toggleActive(1);
1669 $this->server->update();
1670 $this->serverList();
1671 }
1672
1673 public function deactivateServer()
1674 {
1675 $this->checkAccess("write");
1676
1677 $this->server->toggleActive(0);
1678 $this->server->update();
1679 $this->serverList();
1680 }
1681
1682
1683
1684
1690 private function initRoleMappingForm($command)
1691 {
1692 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1693 $this->setSubTabs();
1694 $this->tabs_gui->setTabActive('role_mapping');
1695
1696 if (isset($_GET["mapping_id"])) {
1697 $this->ctrl->setParameter($this, 'mapping_id', $_GET["mapping_id"]);
1698 }
1699
1700 $propertie_form = new ilPropertyFormGUI();
1701 $propertie_form->setTitle($this->lng->txt('ldap_mapping_table'));
1702 $propertie_form->setFormAction($this->ctrl->getFormAction($this, $command));
1703 $propertie_form->addCommandButton($command, $this->lng->txt('save'));
1704 $propertie_form->addCommandButton("roleMapping", $this->lng->txt('cancel'));
1705
1706 $url = new ilTextInputGUI($this->lng->txt('ldap_server'));
1707 $url->setPostVar("url");
1708 $url->setSize(50);
1709 $url->setMaxLength(255);
1710 $url->setRequired(true);
1711
1712 $group_dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn'));
1713 $group_dn->setPostVar("dn");
1714 $group_dn->setSize(50);
1715 $group_dn->setMaxLength(255);
1716 $group_dn->setInfo($this->lng->txt('ldap_dn_info'));
1717 $group_dn->setRequired(true);
1718
1719 $member = new ilTextInputGUI($this->lng->txt('ldap_group_member'));
1720 $member->setPostVar("member");
1721 $member->setSize(32);
1722 $member->setMaxLength(255);
1723 $member->setInfo($this->lng->txt('ldap_member_info'));
1724 $member->setRequired(true);
1725
1726 $member_isdn = new ilCheckboxInputGUI("");
1727 $member_isdn->setPostVar("memberisdn");
1728 $member_isdn->setOptionTitle($this->lng->txt('ldap_memberisdn'));
1729
1730 $role = new ilTextInputGUI($this->lng->txt('ldap_ilias_role'));
1731 $role->setPostVar("role");
1732 $role->setSize(32);
1733 $role->setMaxLength(255);
1734 $role->setInfo($this->lng->txt('ldap_role_info'));
1735 $role->setRequired(true);
1736
1737 $info = new ilTextAreaInputGUI($this->lng->txt('ldap_info_text'));
1738 $info->setPostVar("info");
1739 $info->setCols(50);
1740 $info->setRows(3);
1741 $info->setInfo($this->lng->txt('ldap_info_text_info'));
1742
1743 $info_type = new ilCheckboxInputGUI("");
1744 $info_type->setPostVar("info_type");
1745 $info_type->setOptionTitle($this->lng->txt('ldap_mapping_info_type'));
1746
1747 $propertie_form->addItem($url);
1748 $propertie_form->addItem($group_dn);
1749 $propertie_form->addItem($member);
1750 $propertie_form->addItem($member_isdn);
1751 $propertie_form->addItem($role);
1752 $propertie_form->addItem($info);
1753 $propertie_form->addItem($info_type);
1754
1755 return $propertie_form;
1756 }
1757
1758
1759
1763 public function addRoleMapping()
1764 {
1765 $propertie_form = $this->initRoleMappingForm("createRoleMapping");
1766 $propertie_form->getItemByPostVar("url")->setValue($this->server->getUrl());
1767
1768 if (isset($_GET["mapping_id"])) {
1769 include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1770 $mapping = new ilLDAPRoleGroupMappingSetting($_GET["mapping_id"]);
1771 $mapping->read();
1772
1773 $propertie_form->getItemByPostVar("url")->setValue($mapping->getURL());
1774 $propertie_form->getItemByPostVar("dn")->setValue($mapping->getDN());
1775 $propertie_form->getItemByPostVar("member")->setValue($mapping->getMemberAttribute());
1776 $propertie_form->getItemByPostVar("memberisdn")->setChecked($mapping->getMemberISDN());
1777 $propertie_form->getItemByPostVar("role")->setValue($mapping->getRoleName());
1778 $propertie_form->getItemByPostVar("info")->setValue($mapping->getMappingInfo());
1779 $propertie_form->getItemByPostVar("info_type")->setChecked($mapping->getMappingInfoType());
1780 }
1781
1782 $this->tpl->setContent($propertie_form->getHTML());
1783 }
1784
1785
1790 public function updateRoleMapping()
1791 {
1792 global $DIC;
1793
1794 $rbacreview = $DIC['rbacreview'];
1795 $propertie_form = $this->initRoleMappingForm("updateRoleMapping");
1796
1797 if ($propertie_form->checkInput() && $rbacreview->roleExists($propertie_form->getInput("role"))) {
1798 include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1799 $mapping = new ilLDAPRoleGroupMappingSetting($_GET["mapping_id"]);
1800 $mapping->setServerId($this->server->getServerId());
1801 $mapping->setURL($propertie_form->getInput("url"));
1802 $mapping->setDN($propertie_form->getInput("dn"));
1803 $mapping->setMemberAttribute($propertie_form->getInput("member"));
1804 $mapping->setMemberISDN($propertie_form->getInput("memberisdn"));
1805 $mapping->setRoleByName($propertie_form->getInput("role"));
1806 $mapping->setMappingInfo($propertie_form->getInput("info"));
1807 $mapping->setMappingInfoType($propertie_form->getInput("info_type"));
1808 $mapping->update();
1809
1810 ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
1811 $this->ctrl->redirect($this, "roleMapping");
1812 } else {
1813 if (!$rbacreview->roleExists($propertie_form->getInput("role"))) {
1814 ilUtil::sendFailure($this->lng->txt("ldap_role_not_exists") . " " .
1815 $propertie_form->getInput("role"));
1816 }
1817 $propertie_form->setValuesByPost();
1818 $this->tpl->setContent($propertie_form->getHTML());
1819 }
1820 }
1821
1825 public function saveSyncronizationSettings()
1826 {
1827 $this->server->setRoleBindDN(ilUtil::stripSlashes($_POST['role_bind_user']));
1828 $this->server->setRoleBindPassword(ilUtil::stripSlashes($_POST['role_bind_pass']));
1829 $this->server->enableRoleSynchronization((int) $_POST['role_sync_active']);
1830
1831 // Update or create
1832 if ($this->server->getServerId()) {
1833 $this->server->update();
1834 }
1835 ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
1836 $this->ctrl->redirect($this, "roleMapping");
1837 }
1838}
$parser
$parser
Definition: BPMN2Parser.php:23
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
php
An exception for terminatinating execution or to throw for unit testing.
IL_COMP_SERVICE
const IL_COMP_SERVICE
Definition: class.ilComponent.php:6
IL_LDAP_BIND_USER
const IL_LDAP_BIND_USER
Definition: class.ilLDAPServer.php:6
IL_LDAP_BIND_ANONYMOUS
const IL_LDAP_BIND_ANONYMOUS
Definition: class.ilLDAPServer.php:5
IL_LDAP_SCOPE_SUB
const IL_LDAP_SCOPE_SUB
Definition: class.ilLDAPServer.php:8
IL_LDAP_SCOPE_ONE
const IL_LDAP_SCOPE_ONE
Definition: class.ilLDAPServer.php:9
QP_COMBINATION_AND
const QP_COMBINATION_AND
Definition: class.ilQueryParser.php:35
ilAdministrationSettingsFormHandler\addFieldsToForm
static addFieldsToForm($a_form_id, ilPropertyFormGUI $a_form, ilObjectGUI $a_parent_gui)
Definition: class.ilAdministrationSettingsFormHandler.php:98
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:34
ilCombinationInputGUI
This class represents a number property in a property form.
Definition: class.ilCombinationInputGUI.php:32
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:16
ilCustomInputGUI
This class represents a custom property in a property form.
Definition: class.ilCustomInputGUI.php:35
ilFormSectionHeaderGUI
This class represents a section header in a property form.
Definition: class.ilFormSectionHeaderGUI.php:32
ilLDAPAttributeMappingUtils\_getMappingRulesByClass
static _getMappingRulesByClass($a_class)
Get mapping rule by objectClass.
Definition: class.ilLDAPAttributeMappingUtils.php:41
ilLDAPAttributeMapping\_lookupGlobalRole
static _lookupGlobalRole($a_server_id)
Lookup global role assignment.
Definition: class.ilLDAPAttributeMapping.php:102
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId($a_server_id)
Get instance of class.
Definition: class.ilLDAPAttributeMapping.php:68
ilLDAPRoleAssignmentRule\_getRules
static _getRules($a_server_id)
Get all rules.
Definition: class.ilLDAPRoleAssignmentRule.php:182
ilLDAPRoleAssignmentRule\_getInstanceByRuleId
static _getInstanceByRuleId($a_rule_id)
get instance by rule id
Definition: class.ilLDAPRoleAssignmentRule.php:59
ilLDAPRoleGroupMappingSettings\_getInstanceByServerId
static _getInstanceByServerId($a_server_id)
Get instance of class.
Definition: class.ilLDAPRoleGroupMappingSettings.php:68
ilLDAPServer\_getServerList
static _getServerList()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:206
ilLDAPServer\checkLDAPLib
static checkLDAPLib()
Check if ldap module is installed.
Definition: class.ilLDAPServer.php:99
ilLDAPSettingsGUI\setSubTabs
setSubTabs()
Set sub tabs for ldap section.
Definition: class.ilLDAPSettingsGUI.php:981
ilLDAPSettingsGUI\editRoleMapping
editRoleMapping()
Edit Assigments for role mapping.
Definition: class.ilLDAPSettingsGUI.php:1477
ilLDAPSettingsGUI\checkRoleAssignmentInput
checkRoleAssignmentInput($a_rule_id=0)
Check role assignment input.
Definition: class.ilLDAPSettingsGUI.php:472
ilLDAPSettingsGUI\prepareRoleSelect
prepareRoleSelect($a_as_select=true)
Used for old style table.
Definition: class.ilLDAPSettingsGUI.php:1092
ilLDAPSettingsGUI\userMapping
userMapping()
Ldap User Mapping.
Definition: class.ilLDAPSettingsGUI.php:1649
ilLDAPSettingsGUI\saveRoleSelection
saveRoleSelection()
Save role selection.
Definition: class.ilLDAPSettingsGUI.php:433
ilLDAPSettingsGUI\userMappingToolbar
userMappingToolbar()
Create Toolbar @global ilToolbarGUI $ilToolbar.
Definition: class.ilLDAPSettingsGUI.php:1345
ilLDAPSettingsGUI\loadRoleAssignmentRule
loadRoleAssignmentRule($a_rule_id, $a_from_form=true)
Load input from form.
Definition: class.ilLDAPSettingsGUI.php:508
ilLDAPSettingsGUI\editRoleAssignment
editRoleAssignment()
Edit role assignment.
Definition: class.ilLDAPSettingsGUI.php:159
ilLDAPSettingsGUI\roleAssignments
roleAssignments()
Edit role assignments.
Definition: class.ilLDAPSettingsGUI.php:126
ilLDAPSettingsGUI\initUserMappingForm
initUserMappingForm()
Create Property Form GUI for User Mapping.
Definition: class.ilLDAPSettingsGUI.php:1372
ilLDAPSettingsGUI\addRoleAutoCompleteObject
addRoleAutoCompleteObject()
Add Member for autoComplete.
Definition: class.ilLDAPSettingsGUI.php:1332
ilLDAPSettingsGUI\saveSyncronizationSettings
saveSyncronizationSettings()
save Syncronization Settings on Role Mapping screen
Definition: class.ilLDAPSettingsGUI.php:1825
ilLDAPSettingsGUI\confirmDeleteRoleMapping
confirmDeleteRoleMapping()
confirm delete role mappings
Definition: class.ilLDAPSettingsGUI.php:1537
ilLDAPSettingsGUI\prepareGlobalRoleSelection
prepareGlobalRoleSelection($a_as_select=true)
New implementation for InputForm.
Definition: class.ilLDAPSettingsGUI.php:1064
ilLDAPSettingsGUI\roleMapping
roleMapping()
Role Mapping Tab @global ilToolbarGUI $ilToolbar.
Definition: class.ilLDAPSettingsGUI.php:1418
ilLDAPSettingsGUI\hasActiveRoleAssignmentPlugins
hasActiveRoleAssignmentPlugins()
Check if the plugin is active.
Definition: class.ilLDAPSettingsGUI.php:1319
ilLDAPSettingsGUI\getServer
getServer()
Get server settings.
Definition: class.ilLDAPSettingsGUI.php:115
ilLDAPSettingsGUI\confirmDeleteRules
confirmDeleteRules()
Confirm delete rules.
Definition: class.ilLDAPSettingsGUI.php:265
ilLDAPSettingsGUI\confirmDeleteServerSettings
confirmDeleteServerSettings()
Confirm delete rules.
Definition: class.ilLDAPSettingsGUI.php:1598
ilLDAPSettingsGUI\createRoleMapping
createRoleMapping()
Check add screen input and save to db @global ilRbacReview $rbacreview.
Definition: class.ilLDAPSettingsGUI.php:1502
ilLDAPSettingsGUI\setValuesByArray
setValuesByArray()
set values of form array
Definition: class.ilLDAPSettingsGUI.php:184
ilLDAPSettingsGUI\showRoleSelection
showRoleSelection()
show role selection
Definition: class.ilLDAPSettingsGUI.php:399
ilLDAPSettingsGUI\loadMappingDetails
loadMappingDetails()
Load info about hide/show details.
Definition: class.ilLDAPSettingsGUI.php:1170
ilLDAPSettingsGUI\updateRoleAssignment
updateRoleAssignment()
update role assignment
Definition: class.ilLDAPSettingsGUI.php:217
ilLDAPSettingsGUI\addRoleAssignment
addRoleAssignment()
add new role assignment
Definition: class.ilLDAPSettingsGUI.php:324
ilLDAPSettingsGUI\addRoleMapping
addRoleMapping()
Add Assigments for role mapping.
Definition: class.ilLDAPSettingsGUI.php:1763
ilLDAPSettingsGUI\getRoleAssignmentTable
getRoleAssignmentTable()
Show active role assignments.
Definition: class.ilLDAPSettingsGUI.php:488
ilLDAPSettingsGUI\initFormRoleAssignments
initFormRoleAssignments($a_mode)
Init form table for new role assignments.
Definition: class.ilLDAPSettingsGUI.php:1191
ilLDAPSettingsGUI\deleteRules
deleteRules()
delete role assignment rule
Definition: class.ilLDAPSettingsGUI.php:301
ilLDAPSettingsGUI\updateRoleMapping
updateRoleMapping()
Check edit screen input and save to db @global ilRbacReview $rbacreview.
Definition: class.ilLDAPSettingsGUI.php:1790
ilLDAPSettingsGUI\initRoleMappingForm
initRoleMappingForm($command)
init propertyformgui for Assignment of LDAP Attributes to ILIAS User Profile
Definition: class.ilLDAPSettingsGUI.php:1690
ilNonEditableValueGUI
This class represents a non editable value in a property form.
Definition: class.ilNonEditableValueGUI.php:14
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:15
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:988
ilPasswordInputGUI
This class represents a password property in a property form.
Definition: class.ilPasswordInputGUI.php:12
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:48
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:34
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:32
ilRoleAutoCompleteInputGUI
This class represents a role + autocomplete feature form input.
Definition: class.ilRoleAutoCompleteInputGUI.php:14
ilRoleAutoCompleteInputGUI\echoAutoCompleteList
static echoAutoCompleteList()
Static asynchronous default auto complete function.
Definition: class.ilRoleAutoCompleteInputGUI.php:43
ilSelectInputGUI
This class represents a selection list property in a property form.
Definition: class.ilSelectInputGUI.php:18
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:35
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:17
ilUserDefinedFields\_getInstance
static _getInstance()
Get instance.
Definition: class.ilUserDefinedFields.php:48
ilUtil\_sortIds
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,...
Definition: class.ilUtil.php:4407
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4519
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2408
ilUtil\formSelect
static formSelect( $selected, $varname, $options, $multiple=false, $direct_text=false, $size="0", $style_class="", $attribs="", $disabled=false)
Builds a select form field with options and shows the selected option first.
Definition: class.ilUtil.php:329
$txt
$txt
Definition: error.php:13
$name
if($format !==null) $name
Definition: metadata.php:230
$url
$url
Definition: proxy_ylocal.php:28
$ilErr
$ilErr
Definition: raiseError.php:18
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$lang
$lang
Definition: xapiexit.php:8
$DIC
$DIC
Definition: xapitoken.php:46