ILIAS  release_7 Revision v7.30-3-g800a261c036
class.ilLDAPAttributeToUser.php
Go to the documentation of this file.
1<?php
2/*
3 +-----------------------------------------------------------------------------+
4 | ILIAS open source |
5 +-----------------------------------------------------------------------------+
6 | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7 | |
8 | This program is free software; you can redistribute it and/or |
9 | modify it under the terms of the GNU General Public License |
10 | as published by the Free Software Foundation; either version 2 |
11 | of the License, or (at your option) any later version. |
12 | |
13 | This program is distributed in the hope that it will be useful, |
14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | GNU General Public License for more details. |
17 | |
18 | You should have received a copy of the GNU General Public License |
19 | along with this program; if not, write to the Free Software |
20 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21 +-----------------------------------------------------------------------------+
22*/
23
34class ilLDAPAttributeToUser
35{
36 const MODE_INITIALIZE_ROLES = 1;
37
38 private $modes = [];
39
40
41 private $server_settings = null;
42 private $role_assignment = null;
43 private $db = null;
44
45 private $user_data = array();
46 private $setting = null;
47 private $mapping = null;
48
49 private $new_user_auth_mode = 'ldap';
50
57 public function __construct(ilLDAPServer $a_server)
58 {
59 global $DIC;
60
61 $ilDB = $DIC['ilDB'];
62 $ilSetting = $DIC['ilSetting'];
63 $lng = $DIC['lng'];
64 $ilLog = $DIC['ilLog'];
65
66 // Initialise language object
67 if (!is_object($lng)) {
68 include_once './Services/Language/classes/class.ilLanguage.php';
69 $lng = new ilLanguage('en');
70 }
71
72 $this->log = $ilLog;
73
74 $this->server_settings = $a_server;
75 $this->setting = $ilSetting;
76
77 $this->initLDAPAttributeMapping();
78 }
79
80 // begin-patch ldap_multiple
85 public function getServer()
86 {
87 return $this->server_settings;
88 }
89 // end-patch ldap_multiple
90
98 public function setUserData($a_data)
99 {
100 $this->user_data = $a_data;
101 }
102
108 public function setNewUserAuthMode($a_authmode)
109 {
110 $this->new_user_auth_mode = $a_authmode;
111 }
112
116 public function getNewUserAuthMode()
117 {
118 return $this->new_user_auth_mode;
119 }
120
125 public function addMode($a_mode)
126 {
127 if (is_array($this->modes) && !in_array($a_mode, $this->modes)) {
128 $this->modes[] = $a_mode;
129 }
130 }
131
137 public function isModeActive($a_mode)
138 {
139 return is_array($this->modes) && in_array($a_mode, $this->modes);
140 }
141
142
149 public function refresh()
150 {
151 global $DIC;
152
153 $rbacadmin = $DIC['rbacadmin'];
154
155 $this->usersToXML();
156
157 include_once './Services/User/classes/class.ilUserImportParser.php';
158 include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
159
160 $importParser = new ilUserImportParser();
161 $importParser->setXMLContent($this->writer->xmlDumpMem(false));
162 $importParser->setRoleAssignment(ilLDAPRoleAssignmentRules::getAllPossibleRoles($this->getServer()->getServerId()));
163 $importParser->setFolderId(7);
164 $importParser->startParsing();
165 $debug = $importParser->getProtocol();
166 #var_dump("<pre>",$this->writer->xmlDumpMem(),"</pre>");
167 #print_r($this->writer->xmlDumpMem($format));
168
169 return true;
170 }
171
178 protected function parseRoleAssignmentsForUpdate($a_usr_id, $a_external_account, $user)
179 {
180 $rules = $this->mapping->getRulesForUpdate();
181
182 include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
183 foreach (ilLDAPRoleAssignmentRules::getAssignmentsForUpdate(
184 $this->getServer()->getServerId(),
185 $a_usr_id,
186 $a_external_account,
187 $user
188 ) as $role_data) {
189 $this->writer->xmlElement(
190 'Role',
191 array('Id' => $role_data['id'],
192 'Type' => $role_data['type'],
193 'Action' => $role_data['action']),
194 ''
195 );
196 }
197 }
198
204 protected function parseRoleAssignmentsForCreation($a_external_account, $a_user)
205 {
206 include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
207 foreach (ilLDAPRoleAssignmentRules::getAssignmentsForCreation(
208 $this->getServer()->getServerId(),
209 $a_external_account,
210 $a_user
211 ) as $role_data) {
212 $this->writer->xmlElement(
213 'Role',
214 array('Id' => $role_data['id'],
215 'Type' => $role_data['type'],
216 'Action' => $role_data['action']),
217 ''
218 );
219 }
220 }
221
228 private function usersToXML()
229 {
230 include_once('./Services/Xml/classes/class.ilXmlWriter.php');
231 $this->writer = new ilXmlWriter();
232 $this->writer->xmlStartTag('Users');
233
234 $cnt_update = 0;
235 $cnt_create = 0;
236
237 // Single users
238 foreach ($this->user_data as $external_account => $user) {
239 $user['ilExternalAccount'] = $external_account;
240
241 // Required fields
242 if ($user['ilInternalAccount']) {
243 $usr_id = ilObjUser::_lookupId($user['ilInternalAccount']);
244
245 ++$cnt_update;
246 // User exists
247 $this->writer->xmlStartTag('User', array('Id' => $usr_id,'Action' => 'Update'));
248 $this->writer->xmlElement('Login', array(), $user['ilInternalAccount']);
249 $this->writer->xmlElement('ExternalAccount', array(), $external_account);
250 $this->writer->xmlElement('AuthMode', array('type' => $this->getNewUserAuthMode()), null);
251
252 if ($this->isModeActive(self::MODE_INITIALIZE_ROLES)) {
253 $this->parseRoleAssignmentsForCreation($external_account, $user);
254 } else {
255 $this->parseRoleAssignmentsForUpdate($usr_id, $external_account, $user);
256 }
257 $rules = $this->mapping->getRulesForUpdate();
258 } else {
259 ++$cnt_create;
260 // Create user
261 $this->writer->xmlStartTag('User', array('Action' => 'Insert'));
262 $this->writer->xmlElement('Login', array(), ilAuthUtils::_generateLogin($external_account));
263
264 $this->parseRoleAssignmentsForCreation($external_account, $user);
265 $rules = $this->mapping->getRules();
266 }
267
268 $this->writer->xmlElement('Active', array(), "true");
269 $this->writer->xmlElement('TimeLimitOwner', array(), 7);
270 $this->writer->xmlElement('TimeLimitUnlimited', array(), 1);
271 $this->writer->xmlElement('TimeLimitFrom', array(), time());
272 $this->writer->xmlElement('TimeLimitUntil', array(), time());
273
274 // only for new users.
275 // If auth_mode is 'default' (ldap) this status should remain.
276 if (!$user['ilInternalAccount']) {
277 $this->writer->xmlElement(
278 'AuthMode',
279 array('type' => $this->getNewUserAuthMode()),
280 $this->getNewUserAuthMode()
281 );
282 $this->writer->xmlElement('ExternalAccount', array(), $external_account);
283 }
284 foreach ($rules as $field => $data) {
285 // Do Mapping: it is possible to assign multiple ldap attribute to one user data field
286 if (!($value = $this->doMapping($user, $data))) {
287 continue;
288 }
289
290 switch ($field) {
291 case 'gender':
292 switch (strtolower($value)) {
293
294 case 'm':
295 case 'male':
296 $this->writer->xmlElement('Gender', array(), 'm');
297 break;
298
299 case 'f':
300 case 'female':
301 $this->writer->xmlElement('Gender', array(), 'f');
302 break;
303 // use the default for anything that is not clearly m or f
304 default:
305 $this->writer->xmlElement('Gender', array(), 'n');
306 break;
307
308 }
309 break;
310
311 case 'firstname':
312 $this->writer->xmlElement('Firstname', array(), $value);
313 break;
314
315 case 'lastname':
316 $this->writer->xmlElement('Lastname', array(), $value);
317 break;
318
319 case 'hobby':
320 $this->writer->xmlElement('Hobby', array(), $value);
321 break;
322
323 case 'title':
324 $this->writer->xmlElement('Title', array(), $value);
325 break;
326
327 case 'institution':
328 $this->writer->xmlElement('Institution', array(), $value);
329 break;
330
331 case 'department':
332 $this->writer->xmlElement('Department', array(), $value);
333 break;
334
335 case 'street':
336 $this->writer->xmlElement('Street', array(), $value);
337 break;
338
339 case 'city':
340 $this->writer->xmlElement('City', array(), $value);
341 break;
342
343 case 'zipcode':
344 $this->writer->xmlElement('PostalCode', array(), $value);
345 break;
346
347 case 'country':
348 $this->writer->xmlElement('Country', array(), $value);
349 break;
350
351 case 'phone_office':
352 $this->writer->xmlElement('PhoneOffice', array(), $value);
353 break;
354
355 case 'phone_home':
356 $this->writer->xmlElement('PhoneHome', array(), $value);
357 break;
358
359 case 'phone_mobile':
360 $this->writer->xmlElement('PhoneMobile', array(), $value);
361 break;
362
363 case 'fax':
364 $this->writer->xmlElement('Fax', array(), $value);
365 break;
366
367 case 'email':
368 $this->writer->xmlElement('Email', array(), $value);
369 break;
370
371 case 'matriculation':
372 $this->writer->xmlElement('Matriculation', array(), $value);
373 break;
374
375 /*
376 case 'photo':
377 $this->writer->xmlElement('PersonalPicture',array('encoding' => 'Base64','imagetype' => 'image/jpeg'),
378 base64_encode($this->convertInput($user[$value])));
379 break;
380 */
381 default:
382 // Handle user defined fields
383 if (substr($field, 0, 4) != 'udf_') {
384 continue 2;
385 }
386 $id_data = explode('_', $field);
387 if (!isset($id_data[1])) {
388 continue 2;
389 }
390 $this->initUserDefinedFields();
391 $definition = $this->udf->getDefinition($id_data[1]);
392 $this->writer->xmlElement(
393 'UserDefinedField',
394 array('Id' => $definition['il_id'],
395 'Name' => $definition['field_name']),
396 $value
397 );
398 break;
399
400
401 }
402 }
403 $this->writer->xmlEndTag('User');
404 }
405
406 if ($cnt_create) {
407 $this->log->write('LDAP: Started creation of ' . $cnt_create . ' users.');
408 }
409 if ($cnt_update) {
410 $this->log->write('LDAP: Started update of ' . $cnt_update . ' users.');
411 }
412 $this->writer->xmlEndTag('Users');
413 }
414
423 private function convertInput($a_value)
424 {
425 if (is_array($a_value)) {
426 return $a_value[0];
427 } else {
428 return $a_value;
429 }
430 }
431
438 private function doMapping($user, $rule)
439 {
440 $mapping = trim(strtolower($rule['value']));
441
442 if (strpos($mapping, ',') === false) {
443 return $this->convertInput($user[$mapping]);
444 }
445 // Is multiple mapping
446
447 $fields = explode(',', $mapping);
448 $value = '';
449 foreach ($fields as $field) {
450 if (strlen($value)) {
451 $value .= ' ';
452 }
453 $value .= ($this->convertInput($user[trim($field)]));
454 }
455 return $value ? $value : '';
456 }
457
458
459
460 private function initLDAPAttributeMapping()
461 {
462 include_once('Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
463 $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->server_settings->getServerId());
464 }
465
466 private function initUserDefinedFields()
467 {
468 include_once('Services/User/classes/class.ilUserDefinedFields.php');
469 $this->udf = ilUserDefinedFields::_getInstance();
470 }
471}
php
An exception for terminatinating execution or to throw for unit testing.
ilAuthUtils\_generateLogin
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:374
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId($a_server_id)
Get instance of class.
Definition: class.ilLDAPAttributeMapping.php:68
ilLDAPAttributeToUser
Update/create ILIAS user account by given LDAP attributes according to user attribute mapping setting...
Definition: class.ilLDAPAttributeToUser.php:35
ilLDAPAttributeToUser\isModeActive
isModeActive($a_mode)
Check if mode is active.
Definition: class.ilLDAPAttributeToUser.php:137
ilLDAPAttributeToUser\setUserData
setUserData($a_data)
Set user data received from pear auth or by ldap_search.
Definition: class.ilLDAPAttributeToUser.php:98
ilLDAPAttributeToUser\__construct
__construct(ilLDAPServer $a_server)
Construct of ilLDAPAttribute2XML Defines between LDAP and ILIAS user attributes.
Definition: class.ilLDAPAttributeToUser.php:57
ilLDAPAttributeToUser\setNewUserAuthMode
setNewUserAuthMode($a_authmode)
Set auth mode for new users.
Definition: class.ilLDAPAttributeToUser.php:108
ilLDAPAttributeToUser\parseRoleAssignmentsForCreation
parseRoleAssignmentsForCreation($a_external_account, $a_user)
Parse role assignments for update of user account.
Definition: class.ilLDAPAttributeToUser.php:204
ilLDAPAttributeToUser\convertInput
convertInput($a_value)
A value can be an array or a string This function converts arrays to strings.
Definition: class.ilLDAPAttributeToUser.php:423
ilLDAPAttributeToUser\usersToXML
usersToXML()
Create xml string of user according to mapping rules.
Definition: class.ilLDAPAttributeToUser.php:228
ilLDAPAttributeToUser\getNewUserAuthMode
getNewUserAuthMode()
Get auth mode for new users.
Definition: class.ilLDAPAttributeToUser.php:116
ilLDAPAttributeToUser\addMode
addMode($a_mode)
Add import mode.
Definition: class.ilLDAPAttributeToUser.php:125
ilLDAPAttributeToUser\parseRoleAssignmentsForUpdate
parseRoleAssignmentsForUpdate($a_usr_id, $a_external_account, $user)
Parse role assignments for update of user account.
Definition: class.ilLDAPAttributeToUser.php:178
ilLDAPAttributeToUser\refresh
refresh()
Create/Update non existing users.
Definition: class.ilLDAPAttributeToUser.php:149
ilLDAPAttributeToUser\doMapping
doMapping($user, $rule)
doMapping
Definition: class.ilLDAPAttributeToUser.php:438
ilLDAPRoleAssignmentRules\getAllPossibleRoles
static getAllPossibleRoles($a_server_id)
Get all assignable roles (used for import parser)
Definition: class.ilLDAPRoleAssignmentRules.php:60
ilLDAPRoleAssignmentRules\getAssignmentsForUpdate
static getAssignmentsForUpdate($a_server_id, $a_usr_id, $a_usr_name, $a_usr_data)
@global type $ilDB @global type $rbacadmin @global type $rbacreview @global type $ilSetting @global t...
Definition: class.ilLDAPRoleAssignmentRules.php:118
ilLDAPRoleAssignmentRules\getAssignmentsForCreation
static getAssignmentsForCreation($a_server_id, $a_usr_name, $a_usr_data)
Definition: class.ilLDAPRoleAssignmentRules.php:179
ilLanguage
language handling
Definition: class.ilLanguage.php:27
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:832
ilUserDefinedFields\_getInstance
static _getInstance()
Get instance.
Definition: class.ilUserDefinedFields.php:48
ilXmlWriter
XML writer class.
Definition: class.ilXmlWriter.php:18
$DIC
global $DIC
Definition: goto.php:24
$ilSetting
global $ilSetting
Definition: privfeed.php:17
$lng
$lng
Definition: save_question_post_data.php:23
$ilDB
global $ilDB
Definition: storeScorm2004.php:19
$data
$data
Definition: storeScorm.php:23