ILIAS  release_7 Revision v7.30-3-g800a261c036
All Data Structures Namespaces Files Functions Variables Modules Pages
class.ilLDAPAttributeToUser.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
34 class ilLDAPAttributeToUser
35 {
36  const MODE_INITIALIZE_ROLES = 1;
37 
38  private $modes = [];
39 
40 
41  private $server_settings = null;
42  private $role_assignment = null;
43  private $db = null;
44 
45  private $user_data = array();
46  private $setting = null;
47  private $mapping = null;
48 
49  private $new_user_auth_mode = 'ldap';
50 
57  public function __construct(ilLDAPServer $a_server)
58  {
59  global $DIC;
60 
61  $ilDB = $DIC['ilDB'];
62  $ilSetting = $DIC['ilSetting'];
63  $lng = $DIC['lng'];
64  $ilLog = $DIC['ilLog'];
65 
66  // Initialise language object
67  if (!is_object($lng)) {
68  include_once './Services/Language/classes/class.ilLanguage.php';
69  $lng = new ilLanguage('en');
70  }
71 
72  $this->log = $ilLog;
73 
74  $this->server_settings = $a_server;
75  $this->setting = $ilSetting;
76 
77  $this->initLDAPAttributeMapping();
78  }
79 
80  // begin-patch ldap_multiple
85  public function getServer()
86  {
87  return $this->server_settings;
88  }
89  // end-patch ldap_multiple
90 
98  public function setUserData($a_data)
99  {
100  $this->user_data = $a_data;
101  }
102 
108  public function setNewUserAuthMode($a_authmode)
109  {
110  $this->new_user_auth_mode = $a_authmode;
111  }
112 
116  public function getNewUserAuthMode()
117  {
118  return $this->new_user_auth_mode;
119  }
120 
125  public function addMode($a_mode)
126  {
127  if (is_array($this->modes) && !in_array($a_mode, $this->modes)) {
128  $this->modes[] = $a_mode;
129  }
130  }
131 
137  public function isModeActive($a_mode)
138  {
139  return is_array($this->modes) && in_array($a_mode, $this->modes);
140  }
141 
142 
149  public function refresh()
150  {
151  global $DIC;
152 
153  $rbacadmin = $DIC['rbacadmin'];
154 
155  $this->usersToXML();
156 
157  include_once './Services/User/classes/class.ilUserImportParser.php';
158  include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
159 
160  $importParser = new ilUserImportParser();
161  $importParser->setXMLContent($this->writer->xmlDumpMem(false));
162  $importParser->setRoleAssignment(ilLDAPRoleAssignmentRules::getAllPossibleRoles($this->getServer()->getServerId()));
163  $importParser->setFolderId(7);
164  $importParser->startParsing();
165  $debug = $importParser->getProtocol();
166  #var_dump("<pre>",$this->writer->xmlDumpMem(),"</pre>");
167  #print_r($this->writer->xmlDumpMem($format));
168 
169  return true;
170  }
171 
178  protected function parseRoleAssignmentsForUpdate($a_usr_id, $a_external_account, $user)
179  {
180  $rules = $this->mapping->getRulesForUpdate();
181 
182  include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
183  foreach (ilLDAPRoleAssignmentRules::getAssignmentsForUpdate(
184  $this->getServer()->getServerId(),
185  $a_usr_id,
186  $a_external_account,
187  $user
188  ) as $role_data) {
189  $this->writer->xmlElement(
190  'Role',
191  array('Id' => $role_data['id'],
192  'Type' => $role_data['type'],
193  'Action' => $role_data['action']),
194  ''
195  );
196  }
197  }
198 
204  protected function parseRoleAssignmentsForCreation($a_external_account, $a_user)
205  {
206  include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
207  foreach (ilLDAPRoleAssignmentRules::getAssignmentsForCreation(
208  $this->getServer()->getServerId(),
209  $a_external_account,
210  $a_user
211  ) as $role_data) {
212  $this->writer->xmlElement(
213  'Role',
214  array('Id' => $role_data['id'],
215  'Type' => $role_data['type'],
216  'Action' => $role_data['action']),
217  ''
218  );
219  }
220  }
221 
228  private function usersToXML()
229  {
230  include_once('./Services/Xml/classes/class.ilXmlWriter.php');
231  $this->writer = new ilXmlWriter();
232  $this->writer->xmlStartTag('Users');
233 
234  $cnt_update = 0;
235  $cnt_create = 0;
236 
237  // Single users
238  foreach ($this->user_data as $external_account => $user) {
239  $user['ilExternalAccount'] = $external_account;
240 
241  // Required fields
242  if ($user['ilInternalAccount']) {
243  $usr_id = ilObjUser::_lookupId($user['ilInternalAccount']);
244 
245  ++$cnt_update;
246  // User exists
247  $this->writer->xmlStartTag('User', array('Id' => $usr_id,'Action' => 'Update'));
248  $this->writer->xmlElement('Login', array(), $user['ilInternalAccount']);
249  $this->writer->xmlElement('ExternalAccount', array(), $external_account);
250  $this->writer->xmlElement('AuthMode', array('type' => $this->getNewUserAuthMode()), null);
251 
252  if ($this->isModeActive(self::MODE_INITIALIZE_ROLES)) {
253  $this->parseRoleAssignmentsForCreation($external_account, $user);
254  } else {
255  $this->parseRoleAssignmentsForUpdate($usr_id, $external_account, $user);
256  }
257  $rules = $this->mapping->getRulesForUpdate();
258  } else {
259  ++$cnt_create;
260  // Create user
261  $this->writer->xmlStartTag('User', array('Action' => 'Insert'));
262  $this->writer->xmlElement('Login', array(), ilAuthUtils::_generateLogin($external_account));
263 
264  $this->parseRoleAssignmentsForCreation($external_account, $user);
265  $rules = $this->mapping->getRules();
266  }
267 
268  $this->writer->xmlElement('Active', array(), "true");
269  $this->writer->xmlElement('TimeLimitOwner', array(), 7);
270  $this->writer->xmlElement('TimeLimitUnlimited', array(), 1);
271  $this->writer->xmlElement('TimeLimitFrom', array(), time());
272  $this->writer->xmlElement('TimeLimitUntil', array(), time());
273 
274  // only for new users.
275  // If auth_mode is 'default' (ldap) this status should remain.
276  if (!$user['ilInternalAccount']) {
277  $this->writer->xmlElement(
278  'AuthMode',
279  array('type' => $this->getNewUserAuthMode()),
280  $this->getNewUserAuthMode()
281  );
282  $this->writer->xmlElement('ExternalAccount', array(), $external_account);
283  }
284  foreach ($rules as $field => $data) {
285  // Do Mapping: it is possible to assign multiple ldap attribute to one user data field
286  if (!($value = $this->doMapping($user, $data))) {
287  continue;
288  }
289 
290  switch ($field) {
291  case 'gender':
292  switch (strtolower($value)) {
293 
294  case 'm':
295  case 'male':
296  $this->writer->xmlElement('Gender', array(), 'm');
297  break;
298 
299  case 'f':
300  case 'female':
301  $this->writer->xmlElement('Gender', array(), 'f');
302  break;
303  // use the default for anything that is not clearly m or f
304  default:
305  $this->writer->xmlElement('Gender', array(), 'n');
306  break;
307 
308  }
309  break;
310 
311  case 'firstname':
312  $this->writer->xmlElement('Firstname', array(), $value);
313  break;
314 
315  case 'lastname':
316  $this->writer->xmlElement('Lastname', array(), $value);
317  break;
318 
319  case 'hobby':
320  $this->writer->xmlElement('Hobby', array(), $value);
321  break;
322 
323  case 'title':
324  $this->writer->xmlElement('Title', array(), $value);
325  break;
326 
327  case 'institution':
328  $this->writer->xmlElement('Institution', array(), $value);
329  break;
330 
331  case 'department':
332  $this->writer->xmlElement('Department', array(), $value);
333  break;
334 
335  case 'street':
336  $this->writer->xmlElement('Street', array(), $value);
337  break;
338 
339  case 'city':
340  $this->writer->xmlElement('City', array(), $value);
341  break;
342 
343  case 'zipcode':
344  $this->writer->xmlElement('PostalCode', array(), $value);
345  break;
346 
347  case 'country':
348  $this->writer->xmlElement('Country', array(), $value);
349  break;
350 
351  case 'phone_office':
352  $this->writer->xmlElement('PhoneOffice', array(), $value);
353  break;
354 
355  case 'phone_home':
356  $this->writer->xmlElement('PhoneHome', array(), $value);
357  break;
358 
359  case 'phone_mobile':
360  $this->writer->xmlElement('PhoneMobile', array(), $value);
361  break;
362 
363  case 'fax':
364  $this->writer->xmlElement('Fax', array(), $value);
365  break;
366 
367  case 'email':
368  $this->writer->xmlElement('Email', array(), $value);
369  break;
370 
371  case 'matriculation':
372  $this->writer->xmlElement('Matriculation', array(), $value);
373  break;
374 
375  /*
376  case 'photo':
377  $this->writer->xmlElement('PersonalPicture',array('encoding' => 'Base64','imagetype' => 'image/jpeg'),
378  base64_encode($this->convertInput($user[$value])));
379  break;
380  */
381  default:
382  // Handle user defined fields
383  if (substr($field, 0, 4) != 'udf_') {
384  continue 2;
385  }
386  $id_data = explode('_', $field);
387  if (!isset($id_data[1])) {
388  continue 2;
389  }
390  $this->initUserDefinedFields();
391  $definition = $this->udf->getDefinition($id_data[1]);
392  $this->writer->xmlElement(
393  'UserDefinedField',
394  array('Id' => $definition['il_id'],
395  'Name' => $definition['field_name']),
396  $value
397  );
398  break;
399 
400 
401  }
402  }
403  $this->writer->xmlEndTag('User');
404  }
405 
406  if ($cnt_create) {
407  $this->log->write('LDAP: Started creation of ' . $cnt_create . ' users.');
408  }
409  if ($cnt_update) {
410  $this->log->write('LDAP: Started update of ' . $cnt_update . ' users.');
411  }
412  $this->writer->xmlEndTag('Users');
413  }
414 
423  private function convertInput($a_value)
424  {
425  if (is_array($a_value)) {
426  return $a_value[0];
427  } else {
428  return $a_value;
429  }
430  }
431 
438  private function doMapping($user, $rule)
439  {
440  $mapping = trim(strtolower($rule['value']));
441 
442  if (strpos($mapping, ',') === false) {
443  return $this->convertInput($user[$mapping]);
444  }
445  // Is multiple mapping
446 
447  $fields = explode(',', $mapping);
448  $value = '';
449  foreach ($fields as $field) {
450  if (strlen($value)) {
451  $value .= ' ';
452  }
453  $value .= ($this->convertInput($user[trim($field)]));
454  }
455  return $value ? $value : '';
456  }
457 
458 
459 
460  private function initLDAPAttributeMapping()
461  {
462  include_once('Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
463  $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->server_settings->getServerId());
464  }
465 
466  private function initUserDefinedFields()
467  {
468  include_once('Services/User/classes/class.ilUserDefinedFields.php');
469  $this->udf = ilUserDefinedFields::_getInstance();
470  }
471 }
ilLDAPRoleAssignmentRules\getAssignmentsForCreation
static getAssignmentsForCreation($a_server_id, $a_usr_name, $a_usr_data)
Definition: class.ilLDAPRoleAssignmentRules.php:179
$data
$data
Definition: storeScorm.php:23
ilUserDefinedFields\_getInstance
static _getInstance()
Get instance.
Definition: class.ilUserDefinedFields.php:48
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId($a_server_id)
Get instance of class.
Definition: class.ilLDAPAttributeMapping.php:68
ilLDAPAttributeToUser\doMapping
doMapping($user, $rule)
doMapping
Definition: class.ilLDAPAttributeToUser.php:438
ilAuthUtils\_generateLogin
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:374
ilXmlWriter
XML writer class.
Definition: class.ilXmlWriter.php:17
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:832
ilLDAPRoleAssignmentRules\getAssignmentsForUpdate
static getAssignmentsForUpdate($a_server_id, $a_usr_id, $a_usr_name, $a_usr_data)
type $ilDB type $rbacadmin type $rbacreview type $ilSetting type $ilLog
Definition: class.ilLDAPRoleAssignmentRules.php:118
ilLDAPAttributeToUser\setUserData
setUserData($a_data)
Set user data received from pear auth or by ldap_search.
Definition: class.ilLDAPAttributeToUser.php:98
ilLDAPAttributeToUser\isModeActive
isModeActive($a_mode)
Check if mode is active.
Definition: class.ilLDAPAttributeToUser.php:137
ilLDAPAttributeToUser\convertInput
convertInput($a_value)
A value can be an array or a string This function converts arrays to strings.
Definition: class.ilLDAPAttributeToUser.php:423
$lng
$lng
Definition: save_question_post_data.php:23
$DIC
global $DIC
Definition: goto.php:24
ilLDAPAttributeToUser\__construct
__construct(ilLDAPServer $a_server)
Construct of ilLDAPAttribute2XML Defines between LDAP and ILIAS user attributes.
Definition: class.ilLDAPAttributeToUser.php:57
ilLDAPAttributeToUser\parseRoleAssignmentsForCreation
parseRoleAssignmentsForCreation($a_external_account, $a_user)
Parse role assignments for update of user account.
Definition: class.ilLDAPAttributeToUser.php:204
ilLDAPAttributeToUser\refresh
refresh()
Create/Update non existing users.
Definition: class.ilLDAPAttributeToUser.php:149
ilLDAPAttributeToUser\parseRoleAssignmentsForUpdate
parseRoleAssignmentsForUpdate($a_usr_id, $a_external_account, $user)
Parse role assignments for update of user account.
Definition: class.ilLDAPAttributeToUser.php:178
ilLDAPAttributeToUser\getNewUserAuthMode
getNewUserAuthMode()
Get auth mode for new users.
Definition: class.ilLDAPAttributeToUser.php:116
ilLDAPRoleAssignmentRules\getAllPossibleRoles
static getAllPossibleRoles($a_server_id)
Get all assignable roles (used for import parser)
Definition: class.ilLDAPRoleAssignmentRules.php:60
ilLDAPAttributeToUser\setNewUserAuthMode
setNewUserAuthMode($a_authmode)
Set auth mode for new users.
Definition: class.ilLDAPAttributeToUser.php:108
$ilSetting
global $ilSetting
Definition: privfeed.php:17
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilLDAPAttributeToUser
Update/create ILIAS user account by given LDAP attributes according to user attribute mapping setting...
Definition: class.ilLDAPAttributeToUser.php:34
ilLDAPAttributeToUser\getServer
getServer()
Get server settings.
Definition: class.ilLDAPAttributeToUser.php:85
ilLDAPAttributeToUser\addMode
addMode($a_mode)
Add import mode.
Definition: class.ilLDAPAttributeToUser.php:125
ilLDAPAttributeToUser\usersToXML
usersToXML()
Create xml string of user according to mapping rules.
Definition: class.ilLDAPAttributeToUser.php:228