ILIAS  release_7 Revision v7.30-3-g800a261c036
All Data Structures Namespaces Files Functions Variables Modules Pages
class.ilAuthShibbolethSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
13 class ilAuthShibbolethSettingsGUI
14 {
15 
19  private $ctrl;
23  private $ilias;
27  private $tabs_gui;
31  private $lng;
35  private $tpl;
39  private $ref_id;
40 
44  private $access;
45 
46 
53  public function __construct($a_auth_ref_id)
54  {
55  global $DIC;
56  $lng = $DIC['lng'];
57  $ilCtrl = $DIC['ilCtrl'];
58  $tpl = $DIC['tpl'];
59  $ilTabs = $DIC['ilTabs'];
60  $ilias = $DIC['ilias'];
61  $this->ctrl = $ilCtrl;
62  $this->access = $DIC['ilAccess'];
63  $this->tabs_gui = $ilTabs;
64  $this->lng = $lng;
65  $this->lng->loadLanguageModule('shib');
66  $this->ilias = $ilias;
67  $this->tpl = $tpl;
68  $this->ref_id = $a_auth_ref_id;
69  $this->obj_id = ilObject::_lookupObjId($this->ref_id);
70  }
71 
72 
78  public function executeCommand()
79  {
80  global $DIC;
81  $ilAccess = $DIC['ilAccess'];
82  $ilErr = $DIC['ilErr'];
83  $ilCtrl = $DIC['ilCtrl'];
84  $next_class = $this->ctrl->getNextClass($this);
85  $cmd = $this->ctrl->getCmd();
86  if (!$ilAccess->checkAccess('read', '', $this->ref_id)) {
87  $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
88  }
89  if (!$ilAccess->checkAccess('write', '', $this->ref_id) && $cmd != "settings") {
90  ilUtil::sendFailure($this->lng->txt('msg_no_perm_write'), true);
91  $ilCtrl->redirect($this, "settings");
92  }
93  $this->setSubTabs();
94  switch ($next_class) {
95  default:
96  if (!$cmd) {
97  $cmd = "settings";
98  }
99  $this->$cmd();
100  break;
101  }
102 
103  return true;
104  }
105 
106 
107  public function settings()
108  {
109  global $DIC;
110  $rbacreview = $DIC['rbacreview'];
111  $this->tabs_gui->setSubTabActive('shib_settings');
112  // set already saved data or default value for port
113  $settings = $this->ilias->getAllSettings();
114  // Compose role list
115  $role_list = $rbacreview->getRolesByFilter(2);
116  $role = array();
117  if (!isset($settings["shib_user_default_role"])) {
118  $settings["shib_user_default_role"] = 4;
119  }
120  if (!isset($settings["shib_idp_list"]) || $settings["shib_idp_list"] == '') {
121  $settings["shib_idp_list"] = "urn:mace:organization1:providerID, Example Organization 1\nurn:mace:organization2:providerID, Example Organization 2, /Shibboleth.sso/WAYF/SWITCHaai";
122  }
123  if (!isset($settings["shib_login_button"]) || $settings["shib_login_button"] == '') {
124  $settings["shib_login_button"] = "templates/default/images/shib_login_button.png";
125  }
126  if (!isset($settings["shib_hos_type"]) || $settings["shib_hos_type"] == '') {
127  $settings["shib_hos_type"] = 'internal_wayf';
128  }
129  foreach ($role_list as $data) {
130  $role[$data["obj_id"]] = $data["title"];
131  }
132  // Set text field content
133  $shib_settings = array(
134  'shib_login',
135  'shib_title',
136  'shib_firstname',
137  'shib_lastname',
138  'shib_email',
139  'shib_gender',
140  'shib_institution',
141  'shib_department',
142  'shib_zipcode',
143  'shib_city',
144  'shib_country',
145  'shib_street',
146  'shib_phone_office',
147  'shib_phone_home',
148  'shib_phone_mobile',
149  'shib_language',
150  'shib_matriculation',
151  );
152  //set PropertyFormGUI
153  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
154  $propertys = new ilPropertyFormGUI();
155  $propertys->setTitle($this->lng->txt("shib"));
156  $propertys->setFormAction($this->ctrl->getFormAction($this, "save"));
157 
158  if ($this->access->checkAccess('write', '', $this->ref_id)) {
159  $propertys->addCommandButton("save", $this->lng->txt("save"));
160  }
161 
162  $propertys->addCommandButton("settings", $this->lng->txt("cancel"));
163  //set enable shibboleth support
164  $enable = new ilCheckboxInputGUI();
165  $enable->setTitle($this->lng->txt("shib_active"));
166  $read_me_link = "./Services/AuthShibboleth/README.SHIBBOLETH.txt";
167  $info = "<a href='" . $read_me_link . "' target='_blank'>" . $this->lng->txt("auth_shib_instructions") . "</a>";
168  $enable->setInfo($info);
169  $enable->setPostVar("shib[active]");
170  $enable->setChecked($settings["shib_active"]);
171  //set allow local authentication
172  $local = new ilCheckboxInputGUI();
173  $local->setTitle($this->lng->txt("auth_allow_local"));
174  $local->setPostVar("shib[auth_allow_local]");
175  $local->setChecked($settings['shib_auth_allow_local']);
176  //set user default role
177  $defaultrole = new ilSelectInputGUI();
178  $defaultrole->setTitle($this->lng->txt("shib_user_default_role"));
179  $defaultrole->setPostVar("shib[user_default_role]");
180  $defaultrole->setOptions($role);
181  $defaultrole->setRequired(true);
182  $defaultrole->setValue($settings["shib_user_default_role"]);
183  // Administrator must activate new user accounts
184  $activate_new = new ilCheckboxInputGUI($this->lng->txt("shib_activate_new"), "shib[activate_new]");
185  $activate_new->setInfo($this->lng->txt("shib_activate_new_info"));
186  $activate_new->setChecked($settings["shib_activate_new"]);
187  //set name of federation
188  $name = new ilTextInputGUI();
189  $name->setTitle($this->lng->txt("shib_federation_name"));
190  $name->setPostVar("shib[federation_name]");
191  $name->setSize(40);
192  $name->setMaxLength(50);
193  $name->setRequired(true);
194  $name->setValue(stripslashes($settings["shib_federation_name"]));
195  //set Organize selection group
196  include_once("./Services/Form/classes/class.ilRadioGroupInputGUI.php");
197  include_once("./Services/Form/classes/class.ilRadioOption.php");
198  $organize = new ilRadioGroupInputGUI();
199  $organize->setTitle($this->lng->txt("shib_login_type"));
200  $organize->setPostVar("shib[hos_type]");
201  $organize->setRequired(true);
202  $organize->setValue($settings["shib_hos_type"]);
203  //set 1. option internalwayf
204  $internalwayf = new ilRadioOption();
205  $internalwayf->setTitle($this->lng->txt("shib_login_internal_wayf"));
206  $internalwayf->setValue("internal_wayf");
207  //set 1. option internalwayf textbox idplist
208  $idplist = new ilTextAreaInputGUI();
209  $idplist->setInfo($this->lng->txt("shib_idp_list"));
210  $idplist->setPostVar("shib[idp_list]");
211  $idplist->setRows(3);
212  $idplist->setCols(50);
213  $idplist->setValue($settings["shib_idp_list"]);
214  //set 2. Option externalwayf
215  $externalwayf = new ilRadioOption();
216  $externalwayf->setTitle($this->lng->txt("shib_login_external_wayf"));
217  $externalwayf->setValue("external_wayf");
218  //set 2. Option externalwayf textfield path to login button image
219  $loginbutton = new ilTextInputGUI();
220  $loginbutton->setInfo($this->lng->txt("shib_login_button"));
221  $loginbutton->setPostVar("shib[login_button]");
222  $loginbutton->setSize(50);
223  $loginbutton->setMaxLength(255);
224  $loginbutton->setValue($settings["shib_login_button"]);
225  //set 3. Option embeddedwayf
226  $embeddedwayf = new ilRadioOption();
227  $embeddedwayf->setTitle($this->lng->txt("shib_login_embedded_wayf"));
228  $embeddedwayf->setInfo($this->lng->txt("shib_login_embedded_wayf_description"));
229  $embeddedwayf->setValue("embedded_wayf");
230  //set login instructions
231  $logininstruction = new ilTextAreaInputGUI();
232  $logininstruction->setTitle($this->lng->txt("auth_login_instructions"));
233  $logininstruction->setPostVar("shib[login_instructions]");
234  $logininstruction->setRows(3);
235  $logininstruction->setCols(50);
236  $logininstruction->setValue(stripslashes($settings["shib_login_instructions"]));
237  //set path to data manipulation API
238  $dataconv = new ilTextInputGUI();
239  $dataconv->setTitle($this->lng->txt("shib_data_conv"));
240  $dataconv->setPostVar("shib[data_conv]");
241  $dataconv->setSize(80);
242  $dataconv->setMaxLength(512);
243  $dataconv->setValue($settings["shib_data_conv"]);
244  //field mappings
245  $fields = array();
246  foreach ($shib_settings as $setting) {
247  $field = str_replace('shib_', '', $setting);
248  $textinput = new ilTextInputGUI();
249  $textinput->setTitle($this->lng->txt($setting));
250  $textinput->setPostVar("shib[" . $field . "]");
251  $textinput->setValue($settings[$setting]);
252  $textinput->setSize(40);
253  $textinput->setMaxLength(50);
254  $checkinput = new ilCheckboxInputGUI("");
255  $checkinput->setOptionTitle($this->lng->txt("shib_update"));
256  $checkinput->setPostVar("shib[update_" . $field . "]");
257  $checkinput->setChecked($settings["shib_update_" . $field]);
258  if ($setting == 'shib_login' || $setting == 'shib_firstname'
259  || $setting == 'shib_lastname'
260  || $setting == 'shib_email'
261  ) {
262  $textinput->setRequired(true);
263  }
264  $fields[$setting] = array( "text" => $textinput, "check" => $checkinput );
265  }
266  $propertys->addItem($enable);
267  $propertys->addItem($local);
268  $propertys->addItem($activate_new);
269  $propertys->addItem($defaultrole);
270  $propertys->addItem($name);
271  $internalwayf->addSubItem($idplist);
272  $organize->addOption($internalwayf);
273  $externalwayf->addSubItem($loginbutton);
274  $organize->addOption($externalwayf);
275  $organize->addOption($embeddedwayf);
276  $propertys->addItem($organize);
277  $propertys->addItem($logininstruction);
278  $propertys->addItem($dataconv);
279  foreach ($shib_settings as $setting) {
280  $propertys->addItem($fields[$setting]["text"]);
281  if ($setting != "shib_login") {
282  $propertys->addItem($fields[$setting]["check"]);
283  }
284  }
285  $this->tpl->setContent($propertys->getHTML());
286  }
287 
288 
289  public function save()
290  {
291  $required = array("login", "hos_type", "firstname", "lastname", "email", "user_default_role", "federation_name");
292  array_walk($required, function (&$item) {
293  if (!$_POST["shib"][$item]) {
294  ilUtil::sendFailure($this->lng->txt("fill_out_all_required_fields"), true);
295  $this->ctrl->redirect($this, 'settings');
296  }
297  });
298 
299  // validate api
300  if ($_POST["shib"]["data_conv"] && $_POST["shib"]["data_conv"] != '' && !is_readable($_POST["shib"]["data_conv"])) {
301  ilUtil::sendFailure($this->lng->txt("shib_data_conv_warning"), true);
302  $this->ctrl->redirect($this, 'settings');
303  }
304  // all ok. save settings
305  $shib_settings = array(
306  'shib_login',
307  'shib_title',
308  'shib_firstname',
309  'shib_lastname',
310  'shib_email',
311  'shib_gender',
312  'shib_institution',
313  'shib_department',
314  'shib_zipcode',
315  'shib_city',
316  'shib_country',
317  'shib_street',
318  'shib_phone_office',
319  'shib_phone_home',
320  'shib_phone_mobile',
321  'shib_language',
322  'shib_matriculation'
323  );
324  foreach ($shib_settings as $setting) {
325  $field = str_replace('shib_', '', $setting);
326  if ($_POST["shib"]["update_" . $field] != "1") {
327  $_POST["shib"]["update_" . $field] = "0";
328  }
329  $this->ilias->setSetting($setting, trim($_POST["shib"][$field]));
330  $this->ilias->setSetting("shib_update_" . $field, $_POST["shib"]["update_" . $field]);
331  }
332  if ($_POST["shib"]["active"] != "1") {
333  $this->ilias->setSetting("shib_active", "0");
334  $this->ilias->setSetting("shibboleth_active", "0");
335  } else {
336  $this->ilias->setSetting("shib_active", "1");
337  $this->ilias->setSetting("shibboleth_active", "1");
338  }
339  $this->ilias->setSetting("shib_user_default_role", $_POST["shib"]["user_default_role"]);
340  $this->ilias->setSetting("shib_hos_type", $_POST["shib"]["hos_type"]);
341  $this->ilias->setSetting("shib_federation_name", $_POST["shib"]["federation_name"]);
342  $this->ilias->setSetting("shib_idp_list", $_POST["shib"]["idp_list"]);
343  $this->ilias->setSetting("shib_login_instructions", $_POST["shib"]["login_instructions"]);
344  $this->ilias->setSetting("shib_login_button", $_POST["shib"]["login_button"]);
345  $this->ilias->setSetting("shib_data_conv", $_POST["shib"]["data_conv"]);
346  $this->ilias->setSetting("shib_auth_allow_local", ($_POST['shib']['auth_allow_local'] == '1') ? '1' : '0');
347  $this->ilias->setSetting("shib_activate_new", ($_POST['shib']['activate_new'] == '1') ? '1' : '0');
348 
349  ilUtil::sendSuccess($this->lng->txt("shib_settings_saved"), true);
350  $this->ctrl->redirect($this, 'settings');
351  }
352 
353 
354  protected function roleAssignment()
355  {
356  $this->tabs_gui->setSubTabActive('shib_role_assignment');
357  $this->initFormRoleAssignment('default');
358  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
359  $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
360  if (strlen($html = $this->parseRulesTable())) {
361  $this->tpl->setVariable('RULE_TABLE', $html);
362  }
363 
364  return true;
365  }
366 
367 
368  protected function parseRulesTable()
369  {
370  include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php');
371  if (ilShibbolethRoleAssignmentRules::getCountRules() == 0) {
372  return '';
373  }
374  include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentTableGUI.php');
375  $rules_table = new ilShibbolethRoleAssignmentTableGUI($this, 'roleAssignment');
376  $rules_table->setTitle($this->lng->txt('shib_rules_tables'));
377  $rules_table->parse(ilShibbolethRoleAssignmentRules::getAllRules());
378  $rules_table->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
379  $rules_table->setSelectAllCheckbox("rule_id");
380 
381  return $rules_table->getHTML();
382  }
383 
384 
393  protected function confirmDeleteRules()
394  {
395  if (!is_array($_POST['rule_ids'])) {
396  ilUtil::sendFailure($this->lng->txt('select_one'));
397  $this->roleAssignment();
398 
399  return false;
400  }
401  $this->tabs_gui->setSubTabActive('shib_role_assignment');
402  include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
403  $c_gui = new ilConfirmationGUI();
404  // set confirm/cancel commands
405  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules"));
406  $c_gui->setHeaderText($this->lng->txt("shib_confirm_del_role_ass"));
407  $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignment");
408  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules");
409  // add items to delete
410  include_once('Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
411  foreach ($_POST["rule_ids"] as $rule_id) {
412  $rule = new ilShibbolethRoleAssignmentRule($rule_id);
413  $info = ilObject::_lookupTitle($rule->getRoleId());
414  $info .= " (";
415  $info .= $rule->conditionToString();
416  $info .= ')';
417  $c_gui->addItem('rule_ids[]', $rule_id, $info);
418  }
419  $this->tpl->setContent($c_gui->getHTML());
420  }
421 
422 
429  protected function deleteRules()
430  {
431  if (!is_array($_POST['rule_ids'])) {
432  ilUtil::sendFailure($this->lng->txt('select_once'));
433  $this->roleAssignment();
434 
435  return false;
436  }
437  include_once('Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
438  foreach ($_POST["rule_ids"] as $rule_id) {
439  $rule = new ilShibbolethRoleAssignmentRule($rule_id);
440  $rule->delete();
441  }
442  ilUtil::sendSuccess($this->lng->txt('shib_deleted_rule'));
443  $this->roleAssignment();
444 
445  return true;
446  }
447 
448 
449  protected function initFormRoleAssignment($a_mode = 'default')
450  {
451  include_once('./Services/Form/classes/class.ilPropertyFormGUI.php');
452  $this->form = new ilPropertyFormGUI();
453  $this->form->setFormAction($this->ctrl->getFormAction($this, 'cancel'));
454  $this->form->setTitle($this->lng->txt('shib_role_ass_table'));
455  if ($a_mode == 'default') {
456  $this->form->setTitle($this->lng->txt('shib_role_ass_table'));
457  $this->form->addCommandButton('addRoleAssignmentRule', $this->lng->txt('shib_new_rule'));
458  $this->form->addCommandButton('settings', $this->lng->txt('cancel'));
459  } else {
460  $this->form->setTitle($this->lng->txt('shib_update_role_ass_table'));
461  $this->form->addCommandButton('updateRoleAssignmentRule', $this->lng->txt('save'));
462  $this->form->addCommandButton('roleAssignment', $this->lng->txt('cancel'));
463  }
464  // Role selection
465  $role = new ilRadioGroupInputGUI($this->lng->txt('shib_role_name'), 'role_name');
466  $role->setRequired(true);
467  $global = new ilRadioOption($this->lng->txt('shib_global_role'), 0);
468  $role->addOption($global);
469  $role_select = new ilSelectInputGUI('', 'role_id');
470  $role_select->setOptions($this->prepareRoleSelect());
471  $global->addSubItem($role_select);
472  $local = new ilRadioOption($this->lng->txt('shib_local_role'), 1);
473  $role->addOption($local);
474  include_once './Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php';
475  $role_search = new ilRoleAutoCompleteInputGUI('', 'role_search', $this, 'addRoleAutoCompleteObject');
476  $role_search->setSize(40);
477  $local->addSubItem($role_search);
478  include_once './Services/AccessControl/classes/class.ilRoleAutoComplete.php';
479  $role->setInfo($this->lng->txt('shib_role_name_info'));
480  $this->form->addItem($role);
481  // Update options
482  $update = new ilNonEditableValueGUI($this->lng->txt('shib_update_roles'), 'update_roles');
483  $update->setValue($this->lng->txt('shib_check_role_assignment'));
484  $add = new ilCheckboxInputGUI('', 'add_missing');
485  $add->setOptionTitle($this->lng->txt('shib_add_missing'));
486  $add->setValue(1);
487  $update->addSubItem($add);
488  $remove = new ilCheckboxInputGUI('', 'remove_deprecated');
489  $remove->setOptionTitle($this->lng->txt('shib_remove_deprecated'));
490  $remove->setValue(1);
491  $update->addSubItem($remove);
492  $this->form->addItem($update);
493  // Assignment type
494  $kind = new ilRadioGroupInputGUI($this->lng->txt('shib_assignment_type'), 'kind');
495  $kind->setValue(1);
496  $kind->setRequired(true);
497  $attr = new ilRadioOption($this->lng->txt('shib_attribute'), 1);
498  $attr->setInfo($this->lng->txt('shib_attr_info'));
499  $name = new ilTextInputGUI($this->lng->txt('shib_attribute_name'), 'attr_name');
500  $name->setSize(32);
501  $attr->addSubItem($name);
502  $value = new ilTextInputGUI($this->lng->txt('shib_attribute_value'), 'attr_value');
503  $value->setSize(32);
504  $attr->addSubItem($value);
505  $kind->addOption($attr);
506  $pl_active = (bool) $this->hasActiveRoleAssignmentPlugins();
507  $pl = new ilRadioOption($this->lng->txt('shib_plugin'), 2);
508  $pl->setInfo($this->lng->txt('shib_plugin_info'));
509  $pl->setDisabled(!$pl_active);
510  $id = new ilNumberInputGUI($this->lng->txt('shib_plugin_id'), 'plugin_id');
511  $id->setDisabled(!$pl_active);
512  $id->setSize(3);
513  $id->setMaxLength(3);
514  $id->setMaxValue(999);
515  $id->setMinValue(1);
516  $pl->addSubItem($id);
517  $kind->addOption($pl);
518  $this->form->addItem($kind);
519  }
520 
521 
525  public function addRoleAutoCompleteObject()
526  {
527  include_once("./Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php");
528  ilRoleAutoCompleteInputGUI::echoAutoCompleteList();
529  }
530 
531 
532  protected function addRoleAssignmentRule()
533  {
534  global $DIC;
535  $ilAccess = $DIC['ilAccess'];
536  $ilErr = $DIC['ilErr'];
537  if (!$ilAccess->checkAccess('write', '', $this->ref_id)) {
538  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
539  $this->roleAssignment();
540 
541  return false;
542  }
543  $this->initFormRoleAssignment();
544  if (!$this->form->checkInput() or ($err = $this->checkInput())) {
545  if ($err) {
546  ilUtil::sendFailure($this->lng->txt($err));
547  }
548  $this->tabs_gui->setSubTabActive('shib_role_assignment');
549  $this->form->setValuesByPost();
550  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
551  $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
552  if (strlen($html = $this->parseRulesTable())) {
553  $this->tpl->setVariable('RULE_TABLE', $html);
554  }
555 
556  return true;
557  }
558  // Redirects if required
559  $this->showLocalRoleSelection();
560  $this->rule->add();
561  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
562  $this->roleAssignment();
563 
564  return true;
565  }
566 
567 
573  protected function editRoleAssignment()
574  {
575  $this->ctrl->setParameter($this, 'rule_id', (int) $_GET['rule_id']);
576  $this->tabs_gui->setSubTabActive('shib_role_assignment');
577  $this->initFormRoleAssignment('update');
578  $this->getRuleValues();
579  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
580  $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
581 
582  return true;
583  }
584 
585 
586  protected function updateRoleAssignmentRule()
587  {
588  global $DIC;
589  $ilAccess = $DIC['ilAccess'];
590  $ilErr = $DIC['ilErr'];
591  if (!$ilAccess->checkAccess('write', '', $this->ref_id)) {
592  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
593  $this->roleAssignment();
594 
595  return false;
596  }
597  $this->initFormRoleAssignment();
598  if (!$this->form->checkInput() or ($err = $this->checkInput((int) $_REQUEST['rule_id']))) {
599  if ($err) {
600  ilUtil::sendFailure($this->lng->txt($err));
601  }
602  $this->tabs_gui->setSubTabActive('shib_role_assignment');
603  $this->form->setValuesByPost();
604  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.shib_role_assignment.html', 'Services/AuthShibboleth');
605  $this->tpl->setVariable('NEW_RULE_TABLE', $this->form->getHTML());
606 
607  return true;
608  }
609  $this->showLocalRoleSelection('update');
610  $this->rule->update();
611  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
612  $this->roleAssignment();
613 
614  return true;
615  }
616 
617 
618  private function loadRule($a_rule_id = 0)
619  {
620  include_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php');
621  $this->rule = new ilShibbolethRoleAssignmentRule($a_rule_id);
622  if ($this->form->getInput('role_name') == 0) {
623  $this->rule->setRoleId($this->form->getInput('role_id'));
624  } elseif ($this->form->getInput('role_search')) {
625  // Search role
626  include_once './Services/Search/classes/class.ilQueryParser.php';
627  $parser = new ilQueryParser($this->form->getInput('role_search'));
628  // TODO: Handle minWordLength
629  $parser->setMinWordLength(1, true);
630  $parser->setCombination(QP_COMBINATION_AND);
631  $parser->parse();
632  include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
633  $object_search = new ilLikeObjectSearch($parser);
634  $object_search->setFilter(array( 'role' ));
635  $res = $object_search->performSearch();
636  $entries = $res->getEntries();
637  if (count($entries) == 1) {
638  $role = current($entries);
639  $this->rule->setRoleId($role['obj_id']);
640  } elseif (count($entries) > 1) {
641  $this->rule->setRoleId(-1);
642  }
643  }
644  $this->rule->setName($this->form->getInput('attr_name'));
645  $this->rule->setValue($this->form->getInput('attr_value'));
646  $this->rule->enableAddOnUpdate($this->form->getInput('add_missing'));
647  $this->rule->enableRemoveOnUpdate($this->form->getInput('remove_deprecated'));
648  $this->rule->enablePlugin($this->form->getInput('kind') == 2);
649  $this->rule->setPluginId($this->form->getInput('plugin_id'));
650 
651  return $this->rule;
652  }
653 
654 
655  private function getRuleValues()
656  {
657  global $DIC;
658  $rbacreview = $DIC['rbacreview'];
659  include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRule.php';
660  $rule = new ilShibbolethRoleAssignmentRule((int) $_GET['rule_id']);
661  $role = $rule->getRoleId();
662  if ($rbacreview->isGlobalRole($role)) {
663  $values['role_name'] = 0;
664  $values['role_id'] = $role;
665  } else {
666  $values['role_name'] = 1;
667  $values['role_search'] = ilObject::_lookupTitle($role);
668  }
669  $values['add_missing'] = (int) $rule->isAddOnUpdateEnabled();
670  $values['remove_deprecated'] = (int) $rule->isRemoveOnUpdateEnabled();
671  $values['attr_name'] = $rule->getName();
672  $values['attr_value'] = $rule->getValue();
673  if (!$rule->isPluginActive()) {
674  $values['kind'] = 1;
675  } else {
676  $values['kind'] = 2;
677  $values['plugin_id'] = $rule->getPluginId();
678  }
679  $this->form->setValuesByArray($values);
680  }
681 
682 
683  private function checkInput($a_rule_id = 0)
684  {
685  $this->loadRule($a_rule_id);
686 
687  return $this->rule->validate();
688  }
689 
690 
691  private function showLocalRoleSelection()
692  {
693  if ($this->rule->getRoleId() > 0) {
694  return false;
695  }
696  $_SESSION['shib_role_ass']['rule_id'] = $_REQUEST['rule_id'] ? $_REQUEST['rule_id'] : 0;
697  $_SESSION['shib_role_ass']['search'] = $this->form->getInput('role_search');
698  $_SESSION['shib_role_ass']['add_on_update'] = $this->rule->isAddOnUpdateEnabled();
699  $_SESSION['shib_role_ass']['remove_on_update'] = $this->rule->isRemoveOnUpdateEnabled();
700  $_SESSION['shib_role_ass']['name'] = $this->rule->getName();
701  $_SESSION['shib_role_ass']['value'] = $this->rule->getValue();
702  $_SESSION['shib_role_ass']['plugin'] = $this->rule->isPluginActive();
703  $_SESSION['shib_role_ass']['plugin_id'] = $this->rule->getPluginId();
704  $this->ctrl->redirect($this, 'chooseRole');
705  }
706 
707 
708  protected function chooseRole()
709  {
710  $this->tabs_gui->setSubTabActive('shib_role_assignment');
711  include_once './Services/Search/classes/class.ilQueryParser.php';
712  $parser = new ilQueryParser($_SESSION['shib_role_ass']['search']);
713  $parser->setMinWordLength(1, true);
714  $parser->setCombination(QP_COMBINATION_AND);
715  $parser->parse();
716  include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
717  $object_search = new ilLikeObjectSearch($parser);
718  $object_search->setFilter(array( 'role' ));
719  $res = $object_search->performSearch();
720  $entries = $res->getEntries();
721  include_once './Services/AccessControl/classes/class.ilRoleSelectionTableGUI.php';
722  $table = new ilRoleSelectionTableGUI($this, 'chooseRole');
723  $table->setTitle($this->lng->txt('shib_role_selection'));
724  $table->addMultiCommand('saveRoleSelection', $this->lng->txt('shib_choose_role'));
725  $table->addCommandButton('roleAssignment', $this->lng->txt('cancel'));
726  $table->parse($entries);
727  $this->tpl->setContent($table->getHTML());
728 
729  return true;
730  }
731 
732 
733  protected function saveRoleSelection()
734  {
735  $rule = new ilShibbolethRoleAssignmentRule($_SESSION['shib_role_ass']['rule_id']);
736  $rule->setRoleId((int) $_POST['role_id']);
737  $rule->setName($_SESSION['shib_role_ass']['name']);
738  $rule->setValue($_SESSION['shib_role_ass']['value']);
739  $rule->enablePlugin($_SESSION['shib_role_ass']['plugin']);
740  $rule->setPluginId($_SESSION['shib_role_ass']['plugin_id']);
741  $rule->enableAddOnUpdate($_SESSION['shib_role_ass']['add_on_update']);
742  $rule->enableRemoveOnUpdate($_SESSION['shib_role_ass']['remove_on_update']);
743  if ($rule->getRuleId()) {
744  $rule->update();
745  } else {
746  $rule->add();
747  }
748  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
749  unset($_SESSION['shib_role_ass']);
750  $this->roleAssignment();
751  }
752 
753 
759  private function hasActiveRoleAssignmentPlugins()
760  {
761  global $DIC;
762  $ilPluginAdmin = $DIC['ilPluginAdmin'];
763 
764  return count($ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, 'AuthShibboleth', 'shibhk'));
765  }
766 
767 
768  private function prepareRoleSelect($a_as_select = true)
769  {
770  global $DIC;
771  $rbacreview = $DIC['rbacreview'];
772  $ilObjDataCache = $DIC['ilObjDataCache'];
773  $global_roles = ilUtil::_sortIds($rbacreview->getGlobalRoles(), 'object_data', 'title', 'obj_id');
774  $select[0] = $this->lng->txt('links_select_one');
775  foreach ($global_roles as $role_id) {
776  $select[$role_id] = ilObject::_lookupTitle($role_id);
777  }
778 
779  return $select;
780  }
781 
782 
783  protected function setSubTabs()
784  {
785  global $DIC;
786  $ilSetting = $DIC['ilSetting'];
787  include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php';
788  if ($ilSetting->get('shib_active') == 0 and ilShibbolethRoleAssignmentRules::getCountRules() == 0) {
789  return false;
790  }
791  // DONE: show sub tabs if there is any role assignment rule
792  $this->tabs_gui->addSubTabTarget('shib_settings', $this->ctrl->getLinkTarget($this, 'settings'));
793  $this->tabs_gui->addSubTabTarget('shib_role_assignment', $this->ctrl->getLinkTarget($this, 'roleAssignment'));
794 
795  return true;
796  }
797 }
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
ilAuthShibbolethSettingsGUI
Class ilAuthShibbolethSettingsGUI.
Definition: class.ilAuthShibbolethSettingsGUI.php:13
$data
$data
Definition: storeScorm.php:23
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:33
ilAuthShibbolethSettingsGUI\hasActiveRoleAssignmentPlugins
hasActiveRoleAssignmentPlugins()
Check if plugin is active.
Definition: class.ilAuthShibbolethSettingsGUI.php:759
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:991
ilRadioOption\setInfo
setInfo($a_info)
Set Info.
Definition: class.ilRadioOption.php:71
$ilErr
$ilErr
Definition: raiseError.php:18
ilFormPropertyGUI\setInfo
setInfo($a_info)
Set Information Text.
Definition: class.ilFormPropertyGUI.php:145
$name
if($format !==null) $name
Definition: metadata.php:230
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
ilRoleAutoCompleteInputGUI\echoAutoCompleteList
static echoAutoCompleteList()
Static asynchronous default auto complete function.
Definition: class.ilRoleAutoCompleteInputGUI.php:43
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
ilUtil\_sortIds
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,7),&#39;usr_data&#39;,&#39;lastname&#39;,&#39;usr_id&#39;) => sorts by lastname.
Definition: class.ilUtil.php:4422
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:14
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1110
$DIC
global $DIC
Definition: goto.php:24
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4534
ilRoleAutoCompleteInputGUI
This class represents a role + autocomplete feature form input.
Definition: class.ilRoleAutoCompleteInputGUI.php:13
ilNonEditableValueGUI
This class represents a non editable value in a property form.
Definition: class.ilNonEditableValueGUI.php:13
$ilSetting
global $ilSetting
Definition: privfeed.php:17
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:34
QP_COMBINATION_AND
const QP_COMBINATION_AND
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilQueryParser.php:20
ilQueryParser\setMinWordLength
setMinWordLength($a_length, $a_force=false)
Definition: class.ilQueryParser.php:80
ilFormPropertyGUI\setDisabled
setDisabled($a_disabled)
Set Disabled.
Definition: class.ilFormPropertyGUI.php:205
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
ilFormPropertyGUI\setRequired
setRequired($a_required)
Set Required.
Definition: class.ilFormPropertyGUI.php:185
IL_COMP_SERVICE
const IL_COMP_SERVICE
Definition: class.ilComponent.php:6
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:15
ilAuthShibbolethSettingsGUI\addRoleAutoCompleteObject
addRoleAutoCompleteObject()
Add Member for autoComplete.
Definition: class.ilAuthShibbolethSettingsGUI.php:525