ILIAS  release_7 Revision v7.30-3-g800a261c036
All Data Structures Namespaces Files Functions Variables Modules Pages
class.ilLDAPSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
33 class ilLDAPSettingsGUI
34 {
35  private $ref_id = null;
36  private $server = null;
37  private $dic;
38 
39  public function __construct($a_auth_ref_id)
40  {
41  global $DIC;
42 
43  $this->dic = $DIC;
44  $this->ctrl = $this->dic->ctrl();
45  $this->tabs_gui = $this->dic->tabs();
46  $this->lng = $this->dic->language();
47  $this->lng->loadLanguageModule('ldap');
48 
49  $this->tpl = $this->dic['tpl'];
50 
51  if ($_GET["cmd"] != "addServerSettings") {
52  $this->ctrl->saveParameter($this, 'ldap_server_id');
53  }
54 
55 
56  $this->ref_id = $a_auth_ref_id;
57 
58 
59  $this->initServer();
60  }
61 
62  public function executeCommand()
63  {
64  $next_class = $this->ctrl->getNextClass($this);
65  $cmd = $this->ctrl->getCmd();
66 
67  if (!$this->dic->rbac()->system()->checkAccess("visible,read", $this->ref_id) && $cmd != "serverList") {
68  ilUtil::sendFailure($this->lng->txt('msg_no_perm_write'), true);
69  $this->ctrl->redirect($this, "serverList");
70  }
71 
72 
73  switch ($next_class) {
74  default:
75  if (!$cmd) {
76  $cmd = "serverList";
77  }
78  $this->$cmd();
79  break;
80  }
81  return true;
82  }
83 
87  protected function checkAccess($a_permission)
88  {
89  global $DIC;
90 
91  $ilErr = $DIC['ilErr'];
92 
93  if (!$this->checkAccessBool($a_permission)) {
94  $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
95  }
96  }
97 
102  protected function checkAccessBool($a_permission)
103  {
104  global $DIC;
105 
106  $access = $DIC->access();
107 
108  return $access->checkAccess($a_permission, '', $this->ref_id);
109  }
110 
115  public function getServer()
116  {
117  return $this->server;
118  }
119 
126  public function roleAssignments()
127  {
128  global $DIC;
129 
130  $rbacreview = $DIC['rbacreview'];
131 
132  $this->setSubTabs();
133  $this->tabs_gui->setTabActive('role_assignments');
134 
135  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP');
136 
137  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
138  $this->initFormRoleAssignments('create', $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId(0));
139  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
140 
141 
142  if (count($rules = ilLDAPRoleAssignmentRule::_getRules($this->server->getServerId()))) {
143  include_once("./Services/LDAP/classes/class.ilLDAPRoleAssignmentTableGUI.php");
144  $table_gui = new ilLDAPRoleAssignmentTableGUI($this, 'roleAssignments');
145  $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
146  $table_gui->parse($rules);
147  $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
148  $table_gui->setSelectAllCheckbox("rule_id");
149  $this->tpl->setVariable('RULES_TBL', $table_gui->getHTML());
150  }
151  }
152 
159  public function editRoleAssignment()
160  {
161  if (!(int) $_GET['rule_id']) {
162  ilUtil::sendFailure($this->lng->txt('select_one'));
163  $this->roleAssignments();
164  return false;
165  }
166  $this->setSubTabs();
167  $this->tabs_gui->setTabActive('role_assignments');
168 
169  $this->ctrl->saveParameter($this, 'rule_id', (int) $_GET['rule_id']);
170  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
171  $this->initFormRoleAssignments(
172  'edit',
173  $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId((int) $_GET['rule_id'])
174  );
175  $this->setValuesByArray();
176  $this->tpl->setContent($this->form->getHTML());
177  }
178 
179 
184  protected function setValuesByArray()
185  {
186  global $DIC;
187 
188  $rbacreview = $DIC['rbacreview'];
189 
190  $role_id = $this->role_mapping_rule->getRoleId();
191  if ($rbacreview->isGlobalRole($role_id)) {
192  $val['role_name'] = 0;
193  $val['role_id'] = $role_id;
194  } else {
195  $val['role_name'] = 1;
196  $val['role_search'] = ilObject::_lookupTitle($role_id);
197  }
198  $val['add_missing'] = (int) $this->role_mapping_rule->isAddOnUpdateEnabled();
199  $val['remove_deprecated'] = (int) $this->role_mapping_rule->isRemoveOnUpdateEnabled();
200  $val['type'] = (int) $this->role_mapping_rule->getType();
201  $val['dn'] = $this->role_mapping_rule->getDN();
202  $val['at'] = $this->role_mapping_rule->getMemberAttribute();
203  $val['isdn'] = $this->role_mapping_rule->isMemberAttributeDN();
204  $val['name'] = $this->role_mapping_rule->getAttributeName();
205  $val['value'] = $this->role_mapping_rule->getAttributeValue();
206  $val['plugin_id'] = $this->role_mapping_rule->getPluginId();
207 
208  $this->form->setValuesByArray($val);
209  }
210 
217  public function updateRoleAssignment()
218  {
219  global $DIC;
220 
221  $ilErr = $DIC['ilErr'];
222  $ilAccess = $DIC['ilAccess'];
223 
224  if (!$ilAccess->checkAccess('write', '', $this->ref_id)) {
225  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
226  $this->roleAssignment();
227  return false;
228  }
229 
230  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
231  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
232 
233  $this->initFormRoleAssignments('edit');
234  if (!$this->form->checkInput() or ($err = $this->checkRoleAssignmentInput((int) $_REQUEST['rule_id']))) {
235  if ($err) {
236  ilUtil::sendFailure($this->lng->txt($err));
237  }
238 
239  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP');
240 
241  // DONE: wrap this
242  $this->form->setValuesByPost();
243  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
244  #$this->tpl->setVariable('RULES_TBL',$this->getRoleAssignmentTable());
245  $this->tabs_gui->setSubTabActive('shib_role_assignment');
246  return true;
247  }
248 
249  // Might redirect
250  $this->roleSelection();
251 
252  $this->rule->update();
253  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
254  $this->roleAssignments();
255  return true;
256  }
257 
265  public function confirmDeleteRules()
266  {
267  $this->checkAccess("write");
268 
269  if (!is_array($_POST['rule_ids'])) {
270  ilUtil::sendFailure($this->lng->txt('select_one'));
271  $this->roleAssignments();
272  return false;
273  }
274  $this->setSubTabs();
275  $this->tabs_gui->setTabActive('role_assignments');
276 
277  include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
278  $c_gui = new ilConfirmationGUI();
279 
280  // set confirm/cancel commands
281  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules"));
282  $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass"));
283  $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignments");
284  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules");
285 
286  // add items to delete
287  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
288  foreach ($_POST["rule_ids"] as $rule_id) {
289  $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
290  $c_gui->addItem('rule_ids[]', $rule_id, $rule->conditionToString());
291  }
292  $this->tpl->setContent($c_gui->getHTML());
293  }
294 
301  public function deleteRules()
302  {
303  if (!is_array($_POST['rule_ids'])) {
304  ilUtil::sendFailure($this->lng->txt('select_once'));
305  $this->roleAssignments();
306  return false;
307  }
308  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
309  foreach ($_POST["rule_ids"] as $rule_id) {
310  $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
311  $rule->delete();
312  }
313  ilUtil::sendSuccess($this->lng->txt('ldap_deleted_rule'));
314  $this->roleAssignments();
315  return true;
316  }
317 
324  public function addRoleAssignment()
325  {
326  global $DIC;
327 
328  $ilErr = $DIC['ilErr'];
329  $ilAccess = $DIC['ilAccess'];
330 
331  if (!$ilAccess->checkAccess('write', '', $this->ref_id)) {
332  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
333  $this->roleAssignment();
334  return false;
335  }
336 
337  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
338  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
339 
340  $this->initFormRoleAssignments('create');
341  if (!$this->form->checkInput() or ($err = $this->checkRoleAssignmentInput())) {
342  if ($err) {
343  ilUtil::sendFailure($this->lng->txt($err));
344  }
345 
346  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP');
347 
348  // DONE: wrap this
349  $this->form->setValuesByPost();
350  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
351  $this->tpl->setVariable('RULES_TBL', $this->getRoleAssignmentTable());
352  $this->tabs_gui->setSubTabActive('shib_role_assignment');
353  return true;
354  }
355 
356  // Might redirect
357  $this->roleSelection();
358 
359  $this->rule->create();
360  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
361  unset($_POST);
362  $this->roleAssignments();
363  return true;
364  }
365 
370  protected function roleSelection()
371  {
372  if ($this->rule->getRoleId() > 0) {
373  return false;
374  }
375  $_SESSION['ldap_role_ass']['server_id'] = $this->getServer()->getServerId();
376  $_SESSION['ldap_role_ass']['rule_id'] = $_REQUEST['rule_id'] ? $_REQUEST['rule_id'] : 0;
377  $_SESSION['ldap_role_ass']['role_search'] = $this->form->getInput('role_search');
378  $_SESSION['ldap_role_ass']['add_on_update'] = $this->form->getInput('add_missing');
379  $_SESSION['ldap_role_ass']['remove_on_update'] = $this->form->getInput('remove_deprecated');
380  $_SESSION['ldap_role_ass']['type'] = $this->form->getInput('type');
381  $_SESSION['ldap_role_ass']['dn'] = $this->form->getInput('dn');
382  $_SESSION['ldap_role_ass']['at'] = $this->form->getInput('at');
383  $_SESSION['ldap_role_ass']['isdn'] = $this->form->getInput('isdn');
384  $_SESSION['ldap_role_ass']['name'] = $this->form->getInput('name');
385  $_SESSION['ldap_role_ass']['value'] = $this->form->getInput('value');
386  $_SESSION['ldap_role_ass']['plugin'] = $this->form->getInput('plugin_id');
387 
388 
389  $this->ctrl->saveParameter($this, 'rule_id');
390  $this->ctrl->redirect($this, 'showRoleSelection');
391  }
392 
393 
394 
399  protected function showRoleSelection()
400  {
401  $this->setSubTabs();
402  $this->tabs_gui->setTabActive('role_assignment');
403  $this->ctrl->saveParameter($this, 'rule_id');
404 
405  include_once './Services/Search/classes/class.ilQueryParser.php';
406  $parser = new ilQueryParser($_SESSION['ldap_role_ass']['role_search']);
407  $parser->setMinWordLength(1, true);
408  $parser->setCombination(QP_COMBINATION_AND);
409  $parser->parse();
410 
411  include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
412  $object_search = new ilLikeObjectSearch($parser);
413  $object_search->setFilter(array('role'));
414  $res = $object_search->performSearch();
415 
416  $entries = $res->getEntries();
417 
418  include_once './Services/AccessControl/classes/class.ilRoleSelectionTableGUI.php';
419  $table = new ilRoleSelectionTableGUI($this, 'showRoleSelection');
420  $table->setTitle($this->lng->txt('ldap_role_selection'));
421  $table->addMultiCommand('saveRoleSelection', $this->lng->txt('ldap_choose_role'));
422  #$table->addCommandButton('roleAssignment',$this->lng->txt('cancel'));
423  $table->parse($entries);
424 
425  $this->tpl->setContent($table->getHTML());
426  return true;
427  }
428 
433  protected function saveRoleSelection()
434  {
435  global $DIC;
436 
437  $ilErr = $DIC['ilErr'];
438  $ilAccess = $DIC['ilAccess'];
439 
440  if (!$ilAccess->checkAccess('write', '', $this->ref_id)) {
441  ilUtil::sendFailure($this->lng->txt('permission_denied'), true);
442  $this->roleAssignment();
443  return false;
444  }
445 
446  if (!(int) $_REQUEST['role_id']) {
447  ilUtil::sendFailure($this->lng->txt('select_one'));
448  $this->showRoleSelection();
449  return false;
450  }
451 
452  $this->loadRoleAssignmentRule((int) $_REQUEST['rule_id'], false);
453  $this->rule->setRoleId((int) $_REQUEST['role_id']);
454 
455  if ((int) $_REQUEST['rule_id']) {
456  $this->rule->update();
457  } else {
458  $this->rule->create();
459  }
460 
461  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
462  $this->roleAssignments();
463  return true;
464  }
465 
466 
472  protected function checkRoleAssignmentInput($a_rule_id = 0)
473  {
474  global $DIC;
475 
476  $ilErr = $DIC['ilErr'];
477 
478  $this->loadRoleAssignmentRule($a_rule_id);
479  $this->rule->validate();
480  return $ilErr->getMessage();
481  }
482 
483 
488  protected function getRoleAssignmentTable()
489  {
490  if (count($rules = ilLDAPRoleAssignmentRule::_getRules($this->server->getServerId()))) {
491  include_once("./Services/LDAP/classes/class.ilLDAPRoleAssignmentTableGUI.php");
492  $table_gui = new ilLDAPRoleAssignmentTableGUI($this, 'roleAssignments');
493  $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
494  $table_gui->parse($rules);
495  $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
496  $table_gui->setSelectAllCheckbox("rule_id");
497  return $table_gui->getHTML();
498  }
499  return '';
500  }
501 
502 
508  protected function loadRoleAssignmentRule($a_rule_id, $a_from_form = true)
509  {
510  if (is_object($this->rule)) {
511  return true;
512  }
513 
514  include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
515  $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id);
516 
517 
518  if ($a_from_form) {
519  if ($this->form->getInput('role_name') == 0) {
520  $this->rule->setRoleId($this->form->getInput('role_id'));
521  } elseif ($this->form->getInput('role_search')) {
522  // Search role
523  include_once './Services/Search/classes/class.ilQueryParser.php';
524 
525  $parser = new ilQueryParser('"' . $this->form->getInput('role_search') . '"');
526 
527  // TODO: Handle minWordLength
528  $parser->setMinWordLength(1, true);
529  $parser->setCombination(QP_COMBINATION_AND);
530  $parser->parse();
531 
532  include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
533  $object_search = new ilLikeObjectSearch($parser);
534  $object_search->setFilter(array('role'));
535  $res = $object_search->performSearch();
536 
537  $entries = $res->getEntries();
538  if (count($entries) == 1) {
539  $role = current($entries);
540  $this->rule->setRoleId($role['obj_id']);
541  } elseif (count($entries) > 1) {
542  $this->rule->setRoleId(-1);
543  }
544  }
545 
546  $this->rule->setAttributeName($this->form->getInput('name'));
547  $this->rule->setAttributeValue($this->form->getInput('value'));
548  $this->rule->setDN($this->form->getInput('dn'));
549  $this->rule->setMemberAttribute($this->form->getInput('at'));
550  $this->rule->setMemberIsDN($this->form->getInput('isdn'));
551  $this->rule->enableAddOnUpdate($this->form->getInput('add_missing'));
552  $this->rule->enableRemoveOnUpdate($this->form->getInput('remove_deprecated'));
553  $this->rule->setPluginId($this->form->getInput('plugin_id'));
554  $this->rule->setType($this->form->getInput('type'));
555  $this->rule->setServerId($this->getServer()->getServerId());
556  return true;
557  }
558 
559  // LOAD from session
560  $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id);
561  $this->rule->setServerId($this->getServer()->getServerId());
562  $this->rule->enableAddOnUpdate((int) $_SESSION['ldap_role_ass']['add_on_update']);
563  $this->rule->enableRemoveOnUpdate((int) $_SESSION['ldap_role_ass']['remove_on_update']);
564  $this->rule->setType(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['type']));
565  $this->rule->setDN(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['dn']));
566  $this->rule->setMemberAttribute(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['at']));
567  $this->rule->setMemberIsDN(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['isdn']));
568  $this->rule->setAttributeName(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['name']));
569  $this->rule->setAttributeValue(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['value']));
570  $this->rule->setPluginId(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['plugin']));
571  return true;
572  }
573 
574  public function deleteRoleMapping()
575  {
576  if (!count($_POST['mappings'])) {
577  ilUtil::sendFailure($this->lng->txt('select_one'));
578  $this->roleMapping();
579  return false;
580  }
581 
582  $this->initRoleMapping();
583 
584  foreach ($_POST['mappings'] as $mapping_id) {
585  $this->role_mapping->delete($mapping_id);
586  }
587  ilUtil::sendSuccess($this->lng->txt('ldap_deleted_role_mapping'));
588  $this->roleMapping();
589  return true;
590  }
591 
592  public function chooseMapping()
593  {
594  if (!$_POST['mapping_template']) {
595  $this->userMapping();
596  return;
597  }
598 
599  $this->initAttributeMapping();
600  $this->mapping->clearRules();
601 
602  include_once('Services/LDAP/classes/class.ilLDAPAttributeMappingUtils.php');
603  foreach (ilLDAPAttributeMappingUtils::_getMappingRulesByClass($_POST['mapping_template']) as $key => $value) {
604  $this->mapping->setRule($key, $value, 0);
605  }
606  $this->userMapping();
607  return true;
608  }
609 
610  public function saveMapping()
611  {
612  $this->initAttributeMapping();
613  $this->tabs_gui->setTabActive('role_mapping');
614 
615  foreach ($this->getMappingFields() as $key => $mapping) {
616  $this->mapping->setRule($key, ilUtil::stripSlashes($_POST[$key . '_value']), (int) $_POST[$key . '_update']);
617  }
618  $this->initUserDefinedFields();
619  foreach ($this->udf->getDefinitions() as $definition) {
620  $key = 'udf_' . $definition['field_id'];
621  $this->mapping->setRule($key, ilUtil::stripSlashes($_POST[$key . '_value']), (int) $_POST[$key . '_update']);
622  }
623 
624  $this->mapping->save();
625  $this->userMapping();
626 
627  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
628  unset($_POST['mapping_template']);
629  return;
630  }
631 
632  public function serverList()
633  {
634  global $DIC;
635 
636  if (!$this->dic->rbac()->system()->checkAccess("visible,read", $this->ref_id) && $cmd != "serverList") {
637  $DIC['ilErr']->raiseError($this->lng->txt('msg_no_perm_read'), $DIC['ilErr']->WARNING);
638  }
639 
640  if (!ilLDAPServer::checkLDAPLib() and $this->server->isActive()) {
641  ilUtil::sendFailure('Missing LDAP libraries. Please ensure that the PHP LDAP module is installed on your server.');
642  }
643 
644  if ($this->dic->rbac()->system()->checkAccess("write", $this->ref_id)) {
645  $DIC->toolbar()->addButton(
646  $this->lng->txt("add_ldap_server"),
647  $this->ctrl->getLinkTarget($this, "addServerSettings")
648  );
649  }
650 
651  include_once './Services/LDAP/classes/class.ilLDAPServerTableGUI.php';
652 
653  $table = new ilLDAPServerTableGUI($this, "serverList");
654 
655 
656  return $this->tpl->setContent($table->getHTML());
657  }
658 
659  public function setServerFormValues()
660  {
661  $this->form_gui->setValuesByArray(array(
662  'active' => $this->server->isActive(),
663  'ds' => !$this->server->isAuthenticationEnabled(),
664  'server_name' => $this->server->getName(),
665  'server_url' => $this->server->getUrlString(),
666  'version' => $this->server->getVersion(),
667  'base_dn' => $this->server->getBaseDN(),
668  'referrals' => $this->server->isActiveReferrer(),
669  'tls' => $this->server->isActiveTLS(),
670  'binding_type' => $this->server->getBindingType(),
671  'bind_dn' => $this->server->getBindUser(),
672  'bind_pass' => $this->server->getBindPassword(),
673  'bind_pass_retype' => $this->server->getBindPassword(),
674  'search_base' => $this->server->getSearchBase(),
675  'user_scope' => $this->server->getUserScope(),
676  'user_attribute' => $this->server->getUserAttribute(),
677  'filter' => $this->server->getFilter(),
678  'group_dn' => $this->server->getGroupDN(),
679  'group_scope' => $this->server->getGroupScope(),
680  'group_filter' => $this->server->getGroupFilter(),
681  'group_member' => $this->server->getGroupMember(),
682  'memberisdn' => $this->server->enabledGroupMemberIsDN(),
683  'group' => $this->server->getGroupName(),
684  'group_attribute' => $this->server->getGroupAttribute(),
685  'group_optional' => $this->server->isMembershipOptional(),
686  'group_user_filter' => $this->server->getGroupUserFilter(),
687  'sync_on_login' => $this->server->enabledSyncOnLogin(),
688  'sync_per_cron' => $this->server->enabledSyncPerCron(),
689  'global_role' => ilLDAPAttributeMapping::_lookupGlobalRole($this->server->getServerId()),
690  'migration' => (int) $this->server->isAccountMigrationEnabled(),
691  "name_filter" => $this->server->getUsernameFilter(),
692  'escape_dn' => $this->server->enabledEscapeDN()
693  ));
694  }
695 
696  private function initForm()
697  {
698  include_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
699 
700  $this->form_gui = new ilPropertyFormGUI();
701  $this->form_gui->setFormAction($this->ctrl->getFormAction($this, 'save'));
702  $this->form_gui->setTitle($this->lng->txt('ldap_configure'));
703 
704  $active = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_enable'), 'active');
705  $active->setValue(1);
706  $this->form_gui->addItem($active);
707 
708  $ds = new ilCheckboxInputGUI($this->lng->txt('ldap_as_ds'), 'ds');
709  $ds->setValue(1);
710  $ds->setInfo($this->lng->txt('ldap_as_ds_info'));
711  $this->form_gui->addItem($ds);
712 
713  $servername = new ilTextInputGUI($this->lng->txt('ldap_server_name'), 'server_name');
714  $servername->setRequired(true);
715  $servername->setInfo($this->lng->txt('ldap_server_name_info'));
716  $servername->setSize(32);
717  $servername->setMaxLength(32);
718  $this->form_gui->addItem($servername);
719 
720  // start Patch Name Filter
721  $namefilter = new ilTextInputGUI($this->lng->txt('ldap_username_filter'), "name_filter");//ADD LANG VAR
722  $namefilter->setInfo($this->lng->txt("ldap_username_filter_info"));
723  $namefilter->setSize(64);
724  $namefilter->setMaxLength(255);
725  $this->form_gui->addItem($namefilter);
726  // end Patch Name Filter
727 
728  $serverurl = new ilTextInputGUI($this->lng->txt('ldap_server'), 'server_url');
729  $serverurl->setRequired(true);
730  $serverurl->setInfo($this->lng->txt('ldap_server_url_info'));
731  $serverurl->setSize(64);
732  $serverurl->setMaxLength(255);
733  $this->form_gui->addItem($serverurl);
734 
735  $version = new ilSelectInputGUI($this->lng->txt('ldap_version'), 'version');
736  $version->setOptions(array(2 => 2, 3 => 3));
737  $version->setInfo($this->lng->txt('ldap_server_version_info'));
738  $this->form_gui->addItem($version);
739 
740  $basedsn = new ilTextInputGUI($this->lng->txt('basedn'), 'base_dn');
741  $basedsn->setRequired(true);
742  $basedsn->setSize(64);
743  $basedsn->setMaxLength(255);
744  $this->form_gui->addItem($basedsn);
745 
746  $referrals = new ilCheckboxInputGUI($this->lng->txt('ldap_referrals'), 'referrals');
747  $referrals->setValue(1);
748  $referrals->setInfo($this->lng->txt('ldap_referrals_info'));
749  $this->form_gui->addItem($referrals);
750 
751  $section_security = new ilFormSectionHeaderGUI();
752  $section_security->setTitle($this->lng->txt('ldap_server_security_settings'));
753  $this->form_gui->addItem($section_security);
754 
755  $tls = new ilCheckboxInputGUI($this->lng->txt('ldap_tls'), 'tls');
756  $tls->setValue(1);
757  $this->form_gui->addItem($tls);
758 
759  $binding = new ilRadioGroupInputGUI($this->lng->txt('ldap_server_binding'), 'binding_type');
760  $anonymous = new ilRadioOption($this->lng->txt('ldap_bind_anonymous'), IL_LDAP_BIND_ANONYMOUS);
761  $binding->addOption($anonymous);
762  $user = new ilRadioOption($this->lng->txt('ldap_bind_user'), IL_LDAP_BIND_USER);
763  $dn = new ilTextInputGUI($this->lng->txt('ldap_server_bind_dn'), 'bind_dn');
764  $dn->setSize(64);
765  $dn->setMaxLength(255);
766  $user->addSubItem($dn);
767  $pass = new ilPasswordInputGUI($this->lng->txt('ldap_server_bind_pass'), 'bind_pass');
768  $pass->setSkipSyntaxCheck(true);
769  $pass->setSize(12);
770  $pass->setMaxLength(36);
771  $user->addSubItem($pass);
772  $binding->addOption($user);
773  $this->form_gui->addItem($binding);
774 
775  $section_auth = new ilFormSectionHeaderGUI();
776  $section_auth->setTitle($this->lng->txt('ldap_authentication_settings'));
777  $this->form_gui->addItem($section_auth);
778 
779  $search_base = new ilTextInputGUI($this->lng->txt('ldap_user_dn'), 'search_base');
780  $search_base->setInfo($this->lng->txt('ldap_search_base_info'));
781  $search_base->setSize(64);
782  $search_base->setMaxLength(255);
783  $this->form_gui->addItem($search_base);
784 
785  $user_scope = new ilSelectInputGUI($this->lng->txt('ldap_user_scope'), 'user_scope');
786  $user_scope->setOptions(array(IL_LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
787  IL_LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')));
788  $user_scope->setInfo($this->lng->txt('ldap_user_scope_info'));
789  $this->form_gui->addItem($user_scope);
790 
791  $user_attribute = new ilTextInputGUI($this->lng->txt('ldap_user_attribute'), 'user_attribute');
792  $user_attribute->setSize(16);
793  $user_attribute->setMaxLength(64);
794  $user_attribute->setRequired(true);
795  $this->form_gui->addItem($user_attribute);
796 
797  $filter = new ilTextInputGUI($this->lng->txt('ldap_search_filter'), 'filter');
798  $filter->setInfo($this->lng->txt('ldap_filter_info'));
799  $filter->setSize(64);
800  $filter->setMaxLength(512);
801  $this->form_gui->addItem($filter);
802 
803  $section_restrictions = new ilFormSectionHeaderGUI();
804  $section_restrictions->setTitle($this->lng->txt('ldap_group_restrictions'));
805  $this->form_gui->addItem($section_restrictions);
806 
807  $group_dn = new ilTextInputGUI($this->lng->txt('ldap_group_search_base'), 'group_dn');
808  $group_dn->setInfo($this->lng->txt('ldap_group_dn_info'));
809  $group_dn->setSize(64);
810  $group_dn->setMaxLength(255);
811  $this->form_gui->addItem($group_dn);
812 
813  $group_scope = new ilSelectInputGUI($this->lng->txt('ldap_group_scope'), 'group_scope');
814  $group_scope->setOptions(array(IL_LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
815  IL_LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')));
816  $group_scope->setInfo($this->lng->txt('ldap_group_scope_info'));
817  $this->form_gui->addItem($group_scope);
818 
819  $group_filter = new ilTextInputGUI($this->lng->txt('ldap_group_filter'), 'group_filter');
820  $group_filter->setInfo($this->lng->txt('ldap_group_filter_info'));
821  $group_filter->setSize(64);
822  $group_filter->setMaxLength(255);
823  $this->form_gui->addItem($group_filter);
824 
825  $group_member = new ilTextInputGUI($this->lng->txt('ldap_group_member'), 'group_member');
826  $group_member->setInfo($this->lng->txt('ldap_group_member_info'));
827  $group_member->setSize(32);
828  $group_member->setMaxLength(255);
829  $this->form_gui->addItem($group_member);
830 
831 
832  $group_member_isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_memberisdn'), 'memberisdn');
833  #$group_member_isdn->setInfo($this->lng->txt('ldap_group_member_info'));
834  $this->form_gui->addItem($group_member_isdn);
835  #$group_member->addSubItem($group_member_isdn);
836 
837  $escapedn = new ilCheckboxInputGUI($this->lng->txt('ldap_escapedn'), 'escape_dn');
838  $escapedn->setValue(1);
839  $escapedn->setInfo($this->lng->txt('ldap_escapedn_info'));
840  $this->form_gui->addItem($escapedn);
841 
842  $group = new ilTextInputGUI($this->lng->txt('ldap_group_name'), 'group');
843  $group->setInfo($this->lng->txt('ldap_group_name_info'));
844  $group->setSize(32);
845  $group->setMaxLength(255);
846  $this->form_gui->addItem($group);
847 
848  $group_atrr = new ilTextInputGUI($this->lng->txt('ldap_group_attribute'), 'group_attribute');
849  $group_atrr->setInfo($this->lng->txt('ldap_group_attribute_info'));
850  $group_atrr->setSize(16);
851  $group_atrr->setMaxLength(64);
852  $this->form_gui->addItem($group_atrr);
853 
854  $group_optional = new ilCheckboxInputGUI($this->lng->txt('ldap_group_membership'), 'group_optional');
855  $group_optional->setOptionTitle($this->lng->txt('ldap_group_member_optional'));
856  $group_optional->setInfo($this->lng->txt('ldap_group_optional_info'));
857  $group_optional->setValue(1);
858  $group_user_filter = new ilTextInputGUI($this->lng->txt('ldap_group_user_filter'), 'group_user_filter');
859  $group_user_filter->setSize(64);
860  $group_user_filter->setMaxLength(255);
861  $group_optional->addSubItem($group_user_filter);
862  $this->form_gui->addItem($group_optional);
863 
864  $section_sync = new ilFormSectionHeaderGUI();
865  $section_sync->setTitle($this->lng->txt('ldap_user_sync'));
866  $this->form_gui->addItem($section_sync);
867 
868  $ci_gui = new ilCustomInputGUI($this->lng->txt('ldap_moment_sync'));
869  $sync_on_login = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_login'), 'sync_on_login');
870  $sync_on_login->setValue(1);
871  $ci_gui->addSubItem($sync_on_login);
872  $sync_per_cron = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_cron'), 'sync_per_cron');
873  $sync_per_cron->setValue(1);
874  $ci_gui->addSubItem($sync_per_cron);
875  $ci_gui->setInfo($this->lng->txt('ldap_user_sync_info'));
876  $this->form_gui->addItem($ci_gui);
877 
878  $global_role = new ilSelectInputGUI($this->lng->txt('ldap_global_role_assignment'), 'global_role');
879  $global_role->setOptions($this->prepareRoleSelect(false));
880  $global_role->setInfo($this->lng->txt('ldap_global_role_info'));
881  $this->form_gui->addItem($global_role);
882 
883  $migr = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_migration'), 'migration');
884  $migr->setInfo($this->lng->txt('auth_ldap_migration_info'));
885  $migr->setValue(1);
886  $this->form_gui->addItem($migr);
887 
888 
889  include_once "Services/Administration/classes/class.ilAdministrationSettingsFormHandler.php";
890  ilAdministrationSettingsFormHandler::addFieldsToForm(
891  ilAdministrationSettingsFormHandler::FORM_LDAP,
892  $this->form_gui,
893  ilAdministrationSettingsFormHandler::getSettingsGUIInstance("auth")
894  );
895 
896 
897  $this->form_gui->addCommandButton('save', $this->lng->txt('save'));
898  if ($_GET["cmd"] == "addServerSettings") {
899  $this->form_gui->addCommandButton('serverList', $this->lng->txt('cancel'));
900  }
901  }
902 
903  /*
904  * Update Settings
905  */
906  public function save()
907  {
908  global $DIC;
909 
910  $ilErr = $DIC['ilErr'];
911 
912  $this->setSubTabs();
913  $this->tabs_gui->setTabActive('settings');
914 
915  $this->initForm();
916  if ($this->form_gui->checkInput()) {
917  $this->server->toggleActive((int) $this->form_gui->getInput('active'));
918  $this->server->enableAuthentication(!$this->form_gui->getInput('ds'));
919  $this->server->setName($this->form_gui->getInput('server_name'));
920  $this->server->setUrl($this->form_gui->getInput('server_url'));
921  $this->server->setVersion($this->form_gui->getInput('version'));
922  $this->server->setBaseDN($this->form_gui->getInput('base_dn'));
923  $this->server->toggleReferrer($this->form_gui->getInput('referrals'));
924  $this->server->toggleTLS($this->form_gui->getInput('tls'));
925  $this->server->setBindingType((int) $this->form_gui->getInput('binding_type'));
926  $this->server->setBindUser($this->form_gui->getInput('bind_dn'));
927  $this->server->setBindPassword($this->form_gui->getInput('bind_pass'));
928  $this->server->setSearchBase($this->form_gui->getInput('search_base'));
929  $this->server->setUserScope($this->form_gui->getInput('user_scope'));
930  $this->server->setUserAttribute($this->form_gui->getInput('user_attribute'));
931  $this->server->setFilter($this->form_gui->getInput('filter'));
932  $this->server->setGroupDN($this->form_gui->getInput('group_dn'));
933  $this->server->setGroupScope((int) $this->form_gui->getInput('group_scope'));
934  $this->server->setGroupFilter($this->form_gui->getInput('group_filter'));
935  $this->server->setGroupMember($this->form_gui->getInput('group_member'));
936  $this->server->enableGroupMemberIsDN((int) $this->form_gui->getInput('memberisdn'));
937  $this->server->setGroupName($this->form_gui->getInput('group'));
938  $this->server->setGroupAttribute($this->form_gui->getInput('group_attribute'));
939  $this->server->setGroupUserFilter($this->form_gui->getInput('group_user_filter'));
940  $this->server->toggleMembershipOptional((int) $this->form_gui->getInput('group_optional'));
941  $this->server->enableSyncOnLogin((int) $this->form_gui->getInput('sync_on_login'));
942  $this->server->enableSyncPerCron((int) $this->form_gui->getInput('sync_per_cron'));
943  $this->server->setGlobalRole((int) $this->form_gui->getInput('global_role'));
944  $this->server->enableAccountMigration((int) $this->form_gui->getInput('migration'));
945  $this->server->setUsernameFilter($this->form_gui->getInput("name_filter"));
946  $this->server->enableEscapeDN((bool) $this->form_gui->getInput('escape_dn'));
947  if (!$this->server->validate()) {
948  ilUtil::sendFailure($ilErr->getMessage());
949  $this->form_gui->setValuesByPost();
950  return $this->tpl->setContent($this->form_gui->getHtml());
951  }
952 
953  // Update or create
954  if ($this->server->getServerId()) {
955  $this->server->update();
956  } else {
957  $this->server->create();
958  }
959 
960  // Now server_id exists => update LDAP attribute mapping
961  $this->initAttributeMapping();
962  $this->mapping->setRule('global_role', (int) $this->form_gui->getInput('global_role'), false);
963  $this->mapping->save();
964 
965  ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
966  $this->ctrl->redirect($this, 'serverList');
967  return true;
968  }
969 
970  $this->form_gui->setValuesByPost();
971  return $this->tpl->setContent($this->form_gui->getHtml());
972  }
973 
974 
975 
981  private function setSubTabs()
982  {
983  $this->tabs_gui->clearTargets();
984 
985  $this->tabs_gui->setBackTarget(
986  $this->lng->txt("back"),
987  $this->ctrl->getLinkTarget($this, 'serverList')
988  );
989 
990  /*$this->tabs_gui->addSubTabTarget("ldap_settings",
991  $this->ctrl->getLinkTarget($this,'serverList'),
992  "serverList",get_class($this));*/
993 
994  $this->tabs_gui->addTab(
995  "settings",
996  $this->lng->txt("ldap_settings"),
997  $this->ctrl->getLinkTarget($this, 'editServerSettings')
998  );
999 
1000  // Disable all other tabs, if server hasn't been configured.
1001  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
1002  if (!count(ilLDAPServer::_getServerList())) {
1003  return true;
1004  }
1005 
1006  /*$this->tabs_gui->addSubTabTarget("ldap_user_mapping",
1007  $this->ctrl->getLinkTarget($this,'userMapping'),
1008  "userMapping",get_class($this));*/
1009 
1010  $this->tabs_gui->addTab(
1011  "user_mapping",
1012  $this->lng->txt("ldap_user_mapping"),
1013  $this->ctrl->getLinkTarget($this, 'userMapping')
1014  );
1015 
1016  /*$this->tabs_gui->addSubTabTarget('ldap_role_assignments',
1017  $this->ctrl->getLinkTarget($this,'roleAssignments'),
1018  "roleAssignments",get_class($this));*/
1019 
1020  $this->tabs_gui->addTab(
1021  "role_assignments",
1022  $this->lng->txt('ldap_role_assignments'),
1023  $this->ctrl->getLinkTarget($this, 'roleAssignments')
1024  );
1025 
1026  /*$this->tabs_gui->addSubTabTarget("ldap_role_mapping",
1027  $this->ctrl->getLinkTarget($this,'roleMapping'),
1028  "roleMapping",get_class($this));
1029  "roleMapping",get_class($this));*/
1030  $this->tabs_gui->addTab(
1031  "role_mapping",
1032  $this->lng->txt("ldap_role_mapping"),
1033  $this->ctrl->getLinkTarget($this, 'roleMapping')
1034  );
1035  }
1036 
1037 
1038  private function initServer()
1039  {
1040  include_once './Services/LDAP/classes/class.ilLDAPServer.php';
1041  if (!$_REQUEST['ldap_server_id']) {
1042  $_REQUEST['ldap_server_id'] = 0;
1043  }
1044  $this->server = new ilLDAPServer((int) $_REQUEST['ldap_server_id']);
1045  }
1046 
1047  private function initAttributeMapping()
1048  {
1049  include_once './Services/LDAP/classes/class.ilLDAPAttributeMapping.php';
1050  $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->getServer()->getServerId());
1051  }
1052 
1053  private function initRoleMapping()
1054  {
1055  include_once './Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
1056  $this->role_mapping = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId($this->getServer()->getServerId());
1057  }
1058 
1064  private function prepareGlobalRoleSelection($a_as_select = true)
1065  {
1066  global $DIC;
1067 
1068  $rbacreview = $DIC['rbacreview'];
1069  $ilObjDataCache = $DIC['ilObjDataCache'];
1070 
1071  $global_roles = ilUtil::_sortIds(
1072  $rbacreview->getGlobalRoles(),
1073  'object_data',
1074  'title',
1075  'obj_id'
1076  );
1077 
1078  $select[0] = $this->lng->txt('links_select_one');
1079  foreach ($global_roles as $role_id) {
1080  $select[$role_id] = ilObject::_lookupTitle($role_id);
1081  }
1082  return $select;
1083  }
1084 
1085 
1092  private function prepareRoleSelect($a_as_select = true)
1093  {
1094  global $DIC;
1095 
1096  $rbacreview = $DIC['rbacreview'];
1097  $ilObjDataCache = $DIC['ilObjDataCache'];
1098 
1099  include_once('./Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
1100 
1101  $global_roles = ilUtil::_sortIds(
1102  $rbacreview->getGlobalRoles(),
1103  'object_data',
1104  'title',
1105  'obj_id'
1106  );
1107 
1108  $select[0] = $this->lng->txt('links_select_one');
1109  foreach ($global_roles as $role_id) {
1110  $select[$role_id] = ilObject::_lookupTitle($role_id);
1111  }
1112 
1113  if ($a_as_select) {
1114  return ilUtil::formSelect(
1115  ilLDAPAttributeMapping::_lookupGlobalRole($this->server->getServerId()),
1116  'global_role',
1117  $select,
1118  false,
1119  true
1120  );
1121  } else {
1122  return $select;
1123  }
1124  }
1125 
1126 
1127  private function getMappingFields()
1128  {
1129  return array('gender' => $this->lng->txt('gender'),
1130  'firstname' => $this->lng->txt('firstname'),
1131  'lastname' => $this->lng->txt('lastname'),
1132  'title' => $this->lng->txt('person_title'),
1133  'institution' => $this->lng->txt('institution'),
1134  'department' => $this->lng->txt('department'),
1135  'street' => $this->lng->txt('street'),
1136  'city' => $this->lng->txt('city'),
1137  'zipcode' => $this->lng->txt('zipcode'),
1138  'country' => $this->lng->txt('country'),
1139  'phone_office' => $this->lng->txt('phone_office'),
1140  'phone_home' => $this->lng->txt('phone_home'),
1141  'phone_mobile' => $this->lng->txt('phone_mobile'),
1142  'fax' => $this->lng->txt('fax'),
1143  'email' => $this->lng->txt('email'),
1144  'hobby' => $this->lng->txt('hobby'),
1145  'matriculation' => $this->lng->txt('matriculation'));
1146  #'photo' => $this->lng->txt('photo'));
1147  }
1148 
1149  private function initUserDefinedFields()
1150  {
1151  include_once("./Services/User/classes/class.ilUserDefinedFields.php");
1152  $this->udf = ilUserDefinedFields::_getInstance();
1153  }
1154 
1155  private function prepareMappingSelect()
1156  {
1157  return ilUtil::formSelect($_POST['mapping_template'], 'mapping_template', array(0 => $this->lng->txt('ldap_mapping_template'),
1158  "inetOrgPerson" => 'inetOrgPerson',
1159  "organizationalPerson" => 'organizationalPerson',
1160  "person" => 'person',
1161  "ad_2003" => 'Active Directory (Win 2003)'), false, true);
1162  }
1163 
1170  private function loadMappingDetails()
1171  {
1172  if (!isset($_SESSION['ldap_mapping_details'])) {
1173  $_SESSION['ldap_mapping_details'] = array();
1174  }
1175  if (isset($_GET['details_show'])) {
1176  $_SESSION['ldap_mapping_details'][$_GET['details_show']] = $_GET['details_show'];
1177  }
1178  if (isset($_GET['details_hide'])) {
1179  unset($_SESSION['ldap_mapping_details'][$_GET['details_hide']]);
1180  }
1181  }
1182 
1191  protected function initFormRoleAssignments($a_mode)
1192  {
1193  include_once('Services/Form/classes/class.ilPropertyFormGUI.php');
1194  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php');
1195 
1196  $this->form = new ilPropertyFormGUI();
1197  $this->form->setFormAction($this->ctrl->getFormAction($this));
1198 
1199  switch ($a_mode) {
1200  case 'edit':
1201  $this->form->setTitle($this->lng->txt('ldap_edit_role_ass_rule'));
1202  $this->form->addCommandButton('updateRoleAssignment', $this->lng->txt('save'));
1203  //$this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
1204  break;
1205  case 'create':
1206  $this->form->setTitle($this->lng->txt('ldap_add_role_ass_rule'));
1207  $this->form->addCommandButton('addRoleAssignment', $this->lng->txt('ldap_btn_add_role_ass'));
1208  //$this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
1209  break;
1210  }
1211 
1212  // Role Selection
1213  $role = new ilRadioGroupInputGUI($this->lng->txt('ldap_ilias_role'), 'role_name');
1214  $role->setRequired(true);
1215 
1216  $global = new ilRadioOption($this->lng->txt('ldap_global_role'), 0);
1217  $role->addOption($global);
1218 
1219  $role_select = new ilSelectInputGUI('', 'role_id');
1220  $role_select->setOptions($this->prepareGlobalRoleSelection());
1221  $global->addSubItem($role_select);
1222 
1223  $local = new ilRadioOption($this->lng->txt('ldap_local_role'), 1);
1224  $role->addOption($local);
1225 
1226  include_once './Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php';
1227  $role_search = new ilRoleAutoCompleteInputGUI('', 'role_search', $this, 'addRoleAutoCompleteObject');
1228  $role_search->setSize(40);
1229  $local->addSubItem($role_search);
1230 
1231  $role->setInfo($this->lng->txt('ldap_role_name_info'));
1232  $this->form->addItem($role);
1233 
1234  // Update options
1235  $update = new ilNonEditableValueGUI($this->lng->txt('ldap_update_roles'), 'update_roles');
1236  $update->setValue($this->lng->txt('ldap_check_role_assignment'));
1237 
1238  $add = new ilCheckboxInputGUI('', 'add_missing');
1239  $add->setOptionTitle($this->lng->txt('ldap_add_missing'));
1240  $update->addSubItem($add);
1241 
1242  $remove = new ilCheckboxInputGUI('', 'remove_deprecated');
1243  $remove->setOptionTitle($this->lng->txt('ldap_remove_deprecated'));
1244  $update->addSubItem($remove);
1245 
1246  $this->form->addItem($update);
1247 
1248 
1249 
1250  // Assignment Type
1251  $group = new ilRadioGroupInputGUI($this->lng->txt('ldap_assignment_type'), 'type');
1252  #$group->setValue($current_rule->getType());
1253  $group->setRequired(true);
1254 
1255  // Option by group
1256  $radio_group = new ilRadioOption($this->lng->txt('ldap_role_by_group'), ilLDAPRoleAssignmentRule::TYPE_GROUP);
1257 
1258  $dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn'), 'dn');
1259  #$dn->setValue($current_rule->getDN());
1260  $dn->setSize(32);
1261  $dn->setMaxLength(512);
1262  $dn->setInfo($this->lng->txt('ldap_role_grp_dn_info'));
1263  $radio_group->addSubItem($dn);
1264  $at = new ilTextInputGUI($this->lng->txt('ldap_role_grp_at'), 'at');
1265  #$at->setValue($current_rule->getMemberAttribute());
1266  $at->setSize(16);
1267  $at->setMaxLength(128);
1268  $radio_group->addSubItem($at);
1269  $isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_role_grp_isdn'), 'isdn');
1270  #$isdn->setChecked($current_rule->isMemberAttributeDN());
1271  $isdn->setInfo($this->lng->txt('ldap_group_member_info'));
1272  $radio_group->addSubItem($isdn);
1273  $radio_group->setInfo($this->lng->txt('ldap_role_grp_info'));
1274 
1275  $group->addOption($radio_group);
1276 
1277  // Option by Attribute
1278  $radio_attribute = new ilRadioOption($this->lng->txt('ldap_role_by_attribute'), ilLDAPRoleAssignmentRule::TYPE_ATTRIBUTE);
1279  $name = new ilTextInputGUI($this->lng->txt('ldap_role_at_name'), 'name');
1280  #$name->setValue($current_rule->getAttributeName());
1281  $name->setSize(32);
1282  $name->setMaxLength(128);
1283  #$name->setInfo($this->lng->txt('ldap_role_at_name_info'));
1284  $radio_attribute->addSubItem($name);
1285 
1286  // Radio Attribute
1287  $val = new ilTextInputGUI($this->lng->txt('ldap_role_at_value'), 'value');
1288  #$val->setValue($current_rule->getAttributeValue());
1289  $val->setSize(32);
1290  $val->setMaxLength(128);
1291  #$val->setInfo($this->lng->txt('ldap_role_at_value_info'));
1292  $radio_attribute->addSubItem($val);
1293  $radio_attribute->setInfo($this->lng->txt('ldap_role_at_info'));
1294 
1295  $group->addOption($radio_attribute);
1296 
1297  // Option by Plugin
1298  $pl_active = (bool) $this->hasActiveRoleAssignmentPlugins();
1299  $pl = new ilRadioOption($this->lng->txt('ldap_plugin'), 3);
1300  $pl->setInfo($this->lng->txt('ldap_plugin_info'));
1301  $pl->setDisabled(!$pl_active);
1302 
1303  $id = new ilNumberInputGUI($this->lng->txt('ldap_plugin_id'), 'plugin_id');
1304  $id->setDisabled(!$pl_active);
1305  $id->setSize(3);
1306  $id->setMaxLength(3);
1307  $id->setMaxValue(999);
1308  $id->setMinValue(1);
1309  $pl->addSubItem($id);
1310 
1311  $group->addOption($pl);
1312  $this->form->addItem($group);
1313  }
1314 
1319  private function hasActiveRoleAssignmentPlugins()
1320  {
1321  global $DIC;
1322 
1323  $ilPluginAdmin = $DIC['ilPluginAdmin'];
1324 
1325  return count($ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, 'LDAP', 'ldaphk')) ? true : false;
1326  }
1327 
1328 
1332  public function addRoleAutoCompleteObject()
1333  {
1334  include_once("./Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php");
1335  ilRoleAutoCompleteInputGUI::echoAutoCompleteList();
1336  }
1337 
1338 
1339 
1340 
1345  private function userMappingToolbar()
1346  {
1347  global $DIC;
1348 
1349  $ilToolbar = $DIC['ilToolbar'];
1350  include_once("./Services/Form/classes/class.ilSelectInputGUI.php");
1351 
1352  $select_form = new ilSelectInputGUI("mapping_template");
1353  $select_form->setPostVar("mapping_template");
1354  $options = array(
1355  "" => $this->lng->txt('ldap_mapping_template'),
1356  "inetOrgPerson" => 'inetOrgPerson',
1357  "organizationalPerson" => 'organizationalPerson',
1358  "person" => 'person',
1359  "ad_2003" => 'Active Directory (Win 2003)');
1360  $select_form->setOptions($options);
1361  $select_form->setValue($_POST['mapping_template']);
1362 
1363  $ilToolbar->addInputItem($select_form);
1364  $ilToolbar->addFormButton($this->lng->txt('show'), "chooseMapping");
1365  $ilToolbar->setFormAction($this->ctrl->getFormAction($this, "chooseMapping"));
1366  }
1367 
1372  private function initUserMappingForm()
1373  {
1374  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1375  $propertie_form = new ilPropertyFormGUI();
1376  $propertie_form->setTitle($this->lng->txt('ldap_mapping_table'));
1377  $propertie_form->setFormAction($this->ctrl->getFormAction($this, 'saveMapping'));
1378  $propertie_form->addCommandButton('saveMapping', $this->lng->txt('save'));
1379 
1380  foreach ($this->getMappingFields() as $mapping => $lang) {
1381  $text_form = new ilTextInputGUI($lang);
1382  $text_form->setPostVar($mapping . "_value");
1383  $text_form->setValue($this->mapping->getValue($mapping));
1384  $text_form->setSize(32);
1385  $text_form->setMaxLength(255);
1386  $propertie_form->addItem($text_form);
1387 
1388  $checkbox_form = new ilCheckboxInputGUI("");
1389  $checkbox_form->setPostVar($mapping . "_update");
1390  $checkbox_form->setChecked($this->mapping->enabledUpdate($mapping));
1391  $checkbox_form->setOptionTitle($this->lng->txt('ldap_update_field_info'));
1392  $propertie_form->addItem($checkbox_form);
1393  }
1394 
1395  $this->initUserDefinedFields();
1396  foreach ($this->udf->getDefinitions() as $definition) {
1397  $text_form = new ilTextInputGUI($definition['field_name']);
1398  $text_form->setPostVar('udf_' . $definition['field_id'] . '_value');
1399  $text_form->setValue($this->mapping->getValue('udf_' . $definition['field_id']));
1400  $text_form->setSize(32);
1401  $text_form->setMaxLength(255);
1402  $propertie_form->addItem($text_form);
1403 
1404  $checkbox_form = new ilCheckboxInputGUI("");
1405  $checkbox_form->setPostVar('udf_' . $definition['field_id'] . '_update');
1406  $checkbox_form->setChecked($this->mapping->enabledUpdate('udf_' . $definition['field_id']));
1407  $checkbox_form->setOptionTitle($this->lng->txt('ldap_update_field_info'));
1408  $propertie_form->addItem($checkbox_form);
1409  }
1410 
1411  return $propertie_form;
1412  }
1413 
1418  public function roleMapping()
1419  {
1420  global $DIC;
1421 
1422  $ilToolbar = $DIC['ilToolbar'];
1423  $this->setSubTabs();
1424  $this->tabs_gui->setTabActive('role_mapping');
1425  $ilToolbar->addButton(
1426  $this->lng->txt("ldap_new_role_assignment"),
1427  $this->ctrl->getLinkTarget($this, 'addRoleMapping')
1428  );
1429  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1430 
1431  //Set propertyform for synchronization settings
1432  include_once("./Services/Form/classes/class.ilCombinationInputGUI.php");
1433  $propertie_form = new ilPropertyFormGUI();
1434  $propertie_form->setTitle($this->lng->txt('ldap_role_settings'));
1435  $propertie_form->setFormAction($this->ctrl->getFormAction($this, "saveSyncronizationSettings"));
1436  $propertie_form->addCommandButton("saveSyncronizationSettings", $this->lng->txt('save'));
1437  $role_active = new ilCheckboxInputGUI($this->lng->txt('ldap_role_active'));
1438  $role_active->setPostVar('role_sync_active');
1439  $role_active->setChecked($this->server->enabledRoleSynchronization() ? true : false);
1440  $propertie_form->addItem($role_active);
1441  $binding = new ilCombinationInputGUI($this->lng->txt('ldap_server_binding'));
1442  $binding->setInfo($this->lng->txt('ldap_role_bind_user_info'));
1443  $user = new ilTextInputGUI("");
1444  $user->setPostVar("role_bind_user");
1445  $user->setValue($this->server->getRoleBindDN());
1446  $user->setSize(50);
1447  $user->setMaxLength(255);
1448  $binding->addCombinationItem(0, $user, $this->lng->txt('ldap_role_bind_user'));
1449  $pass = new ilPasswordInputGUI("");
1450  $pass->setPostVar("role_bind_pass");
1451  $pass->setValue($this->server->getRoleBindPassword());
1452  $pass->setSize(12);
1453  $pass->setMaxLength(36);
1454  $pass->setRetype(false);
1455  $binding->addCombinationItem(1, $pass, $this->lng->txt('ldap_role_bind_pass'));
1456  $propertie_form->addItem($binding);
1457 
1458  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_mappings.html', 'Services/LDAP');
1459  $this->tpl->setVariable("NEW_ASSIGNMENT_TBL", $propertie_form->getHTML());
1460 
1461  //Set Group Assignments Table if mappings exist
1462  include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php');
1463  $mapping_instance = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId($this->server->getServerId());
1464  $mappings = $mapping_instance->getMappings();
1465  if (count($mappings)) {
1466  include_once("./Services/LDAP/classes/class.ilLDAPRoleMappingTableGUI.php");
1467  $table_gui = new ilLDAPRoleMappingTableGUI($this, $this->server->getServerId());
1468  $table_gui->setTitle($this->lng->txt('ldap_role_group_assignments'));
1469  $table_gui->setData($mappings);
1470  $this->tpl->setVariable("RULES_TBL", $table_gui->getHTML());
1471  }
1472  }
1473 
1477  public function editRoleMapping()
1478  {
1479  include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1480  $mapping = new ilLDAPRoleGroupMappingSetting($_GET["mapping_id"]);
1481  $mapping->read();
1482 
1483  $propertie_form = $this->initRoleMappingForm("updateRoleMapping");
1484  $propertie_form->setTitle($this->lng->txt('ldap_edit_role_assignment'));
1485  $propertie_form->getItemByPostVar("url")->setValue($mapping->getURL());
1486  $propertie_form->getItemByPostVar("dn")->setValue($mapping->getDN());
1487  $propertie_form->getItemByPostVar("member")->setValue($mapping->getMemberAttribute());
1488  $propertie_form->getItemByPostVar("memberisdn")->setChecked($mapping->getMemberISDN());
1489  $propertie_form->getItemByPostVar("role")->setValue($mapping->getRoleName());
1490  $propertie_form->getItemByPostVar("info")->setValue($mapping->getMappingInfo());
1491  $propertie_form->getItemByPostVar("info_type")->setChecked($mapping->getMappingInfoType());
1492 
1493  $this->tpl->setContent($propertie_form->getHTML());
1494  }
1495 
1496 
1497 
1502  public function createRoleMapping()
1503  {
1504  global $DIC;
1505 
1506  $rbacreview = $DIC['rbacreview'];
1507  $propertie_form = $this->initRoleMappingForm("createRoleMapping");
1508 
1509  if ($propertie_form->checkInput() && $rbacreview->roleExists($propertie_form->getInput("role"))) {
1510  include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1511  $mapping = new ilLDAPRoleGroupMappingSetting(0);
1512  $mapping->setServerId($this->server->getServerId());
1513  $mapping->setURL($propertie_form->getInput("url"));
1514  $mapping->setDN($propertie_form->getInput("dn"));
1515  $mapping->setMemberAttribute($propertie_form->getInput("member"));
1516  $mapping->setMemberISDN($propertie_form->getInput("memberisdn"));
1517  $mapping->setRoleByName($propertie_form->getInput("role"));
1518  $mapping->setMappingInfo($propertie_form->getInput("info"));
1519  $mapping->setMappingInfoType($propertie_form->getInput("info_type"));
1520  $mapping->save();
1521 
1522  ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
1523  $this->ctrl->redirect($this, "roleMapping");
1524  } else {
1525  if (!$rbacreview->roleExists($propertie_form->getInput("role"))) {
1526  ilUtil::sendFailure($this->lng->txt("ldap_role_not_exists") . " " .
1527  $propertie_form->getInput("role"));
1528  }
1529  $propertie_form->setValuesByPost();
1530  $this->tpl->setContent($propertie_form->getHTML());
1531  }
1532  }
1533 
1537  public function confirmDeleteRoleMapping()
1538  {
1539  if (!is_array($_POST['mappings'])) {
1540  ilUtil::sendFailure($this->lng->txt('select_one'), true);
1541  $this->ctrl->redirect($this, "roleMapping");
1542  return false;
1543  }
1544 
1545  include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
1546  $c_gui = new ilConfirmationGUI();
1547 
1548  // set confirm/cancel commands
1549  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRoleMapping"));
1550  $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass"));
1551  $c_gui->setCancel($this->lng->txt("cancel"), "roleMapping");
1552  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRoleMapping");
1553 
1554  foreach ($_POST['mappings'] as $id) {
1555  include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1556  $mapping = new ilLDAPRoleGroupMappingSetting($id);
1557  $mapping->read();
1558  $txt = $this->lng->txt('obj_role') . ": " . $mapping->getRoleName() . ", ";
1559  $txt .= $this->lng->txt('ldap_group_dn') . ": " . $mapping->getDN() . ", ";
1560  $txt .= $this->lng->txt('ldap_server_short') . " " . $mapping->getURL() . ", ";
1561  $txt .= $this->lng->txt('ldap_group_member_short') . " " . $mapping->getMemberAttribute();
1562 
1563  $c_gui->addItem("mappings[]", $id, $txt);
1564  }
1565  $this->tpl->setContent($c_gui->getHTML());
1566  }
1567 
1568  public function addServerSettings()
1569  {
1570  $this->checkAccess("write");
1571 
1572  $this->ctrl->clearParameters($this);
1573 
1574  $this->initForm();
1575  return $this->tpl->setContent($this->form_gui->getHtml());
1576  }
1577 
1578  public function editServerSettings()
1579  {
1580  $this->checkAccess("write");
1581 
1582  $this->setSubTabs();
1583  $this->tabs_gui->setTabActive('settings');
1584 
1585  $this->initForm();
1586  $this->setServerFormValues();
1587  return $this->tpl->setContent($this->form_gui->getHtml());
1588  }
1589 
1590 
1598  public function confirmDeleteServerSettings()
1599  {
1600  $this->checkAccess("write");
1601 
1602  if (!isset($_GET["ldap_server_id"])) {
1603  ilUtil::sendFailure($this->lng->txt('select_one'));
1604  $this->serverList();
1605  return false;
1606  }
1607 
1608  include_once("Services/Utilities/classes/class.ilConfirmationGUI.php");
1609  $c_gui = new ilConfirmationGUI();
1610 
1611  // set confirm/cancel commands
1612  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteServerSettings"));
1613  $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_server_settings"));
1614  $c_gui->setCancel($this->lng->txt("cancel"), "serverList");
1615  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteServerSettings");
1616 
1617  // add items to delete
1618  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
1619  foreach ((array) $_GET["ldap_server_id"] as $server_id) {
1620  $setting = new ilLDAPServer($server_id);
1621  $c_gui->addItem('server_ids[]', $server_id, $setting->getName());
1622  }
1623  $this->tpl->setContent($c_gui->getHTML());
1624  }
1625 
1629  public function deleteServerSettings()
1630  {
1631  if (!is_array($_POST["server_ids"])) {
1632  ilUtil::sendFailure($this->lng->txt('select_one'));
1633  $this->serverList();
1634  return false;
1635  }
1636 
1637  foreach ((array) $_POST["server_ids"] as $server_id) {
1638  $setting = new ilLDAPServer($server_id);
1639  $setting->delete();
1640  }
1641  ilUtil::sendSuccess($this->lng->txt('deleted'));
1642 
1643  $this->serverList();
1644  }
1645 
1649  public function userMapping()
1650  {
1651  $this->initAttributeMapping();
1652 
1653  $this->setSubTabs();
1654  $this->tabs_gui->setTabActive('user_mapping');
1655  $this->userMappingToolbar();
1656 
1657  $propertie_form = $this->initUserMappingForm();
1658 
1659  $this->tpl->setContent($propertie_form->getHTML());
1660  }
1661 
1662 
1663 
1664  public function activateServer()
1665  {
1666  $this->checkAccess("write");
1667 
1668  $this->server->toggleActive(1);
1669  $this->server->update();
1670  $this->serverList();
1671  }
1672 
1673  public function deactivateServer()
1674  {
1675  $this->checkAccess("write");
1676 
1677  $this->server->toggleActive(0);
1678  $this->server->update();
1679  $this->serverList();
1680  }
1681 
1682 
1683 
1684 
1690  private function initRoleMappingForm($command)
1691  {
1692  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1693  $this->setSubTabs();
1694  $this->tabs_gui->setTabActive('role_mapping');
1695 
1696  if (isset($_GET["mapping_id"])) {
1697  $this->ctrl->setParameter($this, 'mapping_id', $_GET["mapping_id"]);
1698  }
1699 
1700  $propertie_form = new ilPropertyFormGUI();
1701  $propertie_form->setTitle($this->lng->txt('ldap_mapping_table'));
1702  $propertie_form->setFormAction($this->ctrl->getFormAction($this, $command));
1703  $propertie_form->addCommandButton($command, $this->lng->txt('save'));
1704  $propertie_form->addCommandButton("roleMapping", $this->lng->txt('cancel'));
1705 
1706  $url = new ilTextInputGUI($this->lng->txt('ldap_server'));
1707  $url->setPostVar("url");
1708  $url->setSize(50);
1709  $url->setMaxLength(255);
1710  $url->setRequired(true);
1711 
1712  $group_dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn'));
1713  $group_dn->setPostVar("dn");
1714  $group_dn->setSize(50);
1715  $group_dn->setMaxLength(255);
1716  $group_dn->setInfo($this->lng->txt('ldap_dn_info'));
1717  $group_dn->setRequired(true);
1718 
1719  $member = new ilTextInputGUI($this->lng->txt('ldap_group_member'));
1720  $member->setPostVar("member");
1721  $member->setSize(32);
1722  $member->setMaxLength(255);
1723  $member->setInfo($this->lng->txt('ldap_member_info'));
1724  $member->setRequired(true);
1725 
1726  $member_isdn = new ilCheckboxInputGUI("");
1727  $member_isdn->setPostVar("memberisdn");
1728  $member_isdn->setOptionTitle($this->lng->txt('ldap_memberisdn'));
1729 
1730  $role = new ilTextInputGUI($this->lng->txt('ldap_ilias_role'));
1731  $role->setPostVar("role");
1732  $role->setSize(32);
1733  $role->setMaxLength(255);
1734  $role->setInfo($this->lng->txt('ldap_role_info'));
1735  $role->setRequired(true);
1736 
1737  $info = new ilTextAreaInputGUI($this->lng->txt('ldap_info_text'));
1738  $info->setPostVar("info");
1739  $info->setCols(50);
1740  $info->setRows(3);
1741  $info->setInfo($this->lng->txt('ldap_info_text_info'));
1742 
1743  $info_type = new ilCheckboxInputGUI("");
1744  $info_type->setPostVar("info_type");
1745  $info_type->setOptionTitle($this->lng->txt('ldap_mapping_info_type'));
1746 
1747  $propertie_form->addItem($url);
1748  $propertie_form->addItem($group_dn);
1749  $propertie_form->addItem($member);
1750  $propertie_form->addItem($member_isdn);
1751  $propertie_form->addItem($role);
1752  $propertie_form->addItem($info);
1753  $propertie_form->addItem($info_type);
1754 
1755  return $propertie_form;
1756  }
1757 
1758 
1759 
1763  public function addRoleMapping()
1764  {
1765  $propertie_form = $this->initRoleMappingForm("createRoleMapping");
1766  $propertie_form->getItemByPostVar("url")->setValue($this->server->getUrl());
1767 
1768  if (isset($_GET["mapping_id"])) {
1769  include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1770  $mapping = new ilLDAPRoleGroupMappingSetting($_GET["mapping_id"]);
1771  $mapping->read();
1772 
1773  $propertie_form->getItemByPostVar("url")->setValue($mapping->getURL());
1774  $propertie_form->getItemByPostVar("dn")->setValue($mapping->getDN());
1775  $propertie_form->getItemByPostVar("member")->setValue($mapping->getMemberAttribute());
1776  $propertie_form->getItemByPostVar("memberisdn")->setChecked($mapping->getMemberISDN());
1777  $propertie_form->getItemByPostVar("role")->setValue($mapping->getRoleName());
1778  $propertie_form->getItemByPostVar("info")->setValue($mapping->getMappingInfo());
1779  $propertie_form->getItemByPostVar("info_type")->setChecked($mapping->getMappingInfoType());
1780  }
1781 
1782  $this->tpl->setContent($propertie_form->getHTML());
1783  }
1784 
1785 
1790  public function updateRoleMapping()
1791  {
1792  global $DIC;
1793 
1794  $rbacreview = $DIC['rbacreview'];
1795  $propertie_form = $this->initRoleMappingForm("updateRoleMapping");
1796 
1797  if ($propertie_form->checkInput() && $rbacreview->roleExists($propertie_form->getInput("role"))) {
1798  include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php');
1799  $mapping = new ilLDAPRoleGroupMappingSetting($_GET["mapping_id"]);
1800  $mapping->setServerId($this->server->getServerId());
1801  $mapping->setURL($propertie_form->getInput("url"));
1802  $mapping->setDN($propertie_form->getInput("dn"));
1803  $mapping->setMemberAttribute($propertie_form->getInput("member"));
1804  $mapping->setMemberISDN($propertie_form->getInput("memberisdn"));
1805  $mapping->setRoleByName($propertie_form->getInput("role"));
1806  $mapping->setMappingInfo($propertie_form->getInput("info"));
1807  $mapping->setMappingInfoType($propertie_form->getInput("info_type"));
1808  $mapping->update();
1809 
1810  ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
1811  $this->ctrl->redirect($this, "roleMapping");
1812  } else {
1813  if (!$rbacreview->roleExists($propertie_form->getInput("role"))) {
1814  ilUtil::sendFailure($this->lng->txt("ldap_role_not_exists") . " " .
1815  $propertie_form->getInput("role"));
1816  }
1817  $propertie_form->setValuesByPost();
1818  $this->tpl->setContent($propertie_form->getHTML());
1819  }
1820  }
1821 
1825  public function saveSyncronizationSettings()
1826  {
1827  $this->server->setRoleBindDN(ilUtil::stripSlashes($_POST['role_bind_user']));
1828  $this->server->setRoleBindPassword(ilUtil::stripSlashes($_POST['role_bind_pass']));
1829  $this->server->enableRoleSynchronization((int) $_POST['role_sync_active']);
1830 
1831  // Update or create
1832  if ($this->server->getServerId()) {
1833  $this->server->update();
1834  }
1835  ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
1836  $this->ctrl->redirect($this, "roleMapping");
1837  }
1838 }
ilLDAPServer\checkLDAPLib
static checkLDAPLib()
Check if ldap module is installed.
Definition: class.ilLDAPServer.php:99
ilLDAPSettingsGUI\confirmDeleteRules
confirmDeleteRules()
Confirm delete rules.
Definition: class.ilLDAPSettingsGUI.php:265
ilLDAPSettingsGUI\userMappingToolbar
userMappingToolbar()
Create Toolbar ilToolbarGUI $ilToolbar.
Definition: class.ilLDAPSettingsGUI.php:1345
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
ilLDAPSettingsGUI\hasActiveRoleAssignmentPlugins
hasActiveRoleAssignmentPlugins()
Check if the plugin is active.
Definition: class.ilLDAPSettingsGUI.php:1319
ilLDAPSettingsGUI\createRoleMapping
createRoleMapping()
Check add screen input and save to db ilRbacReview $rbacreview.
Definition: class.ilLDAPSettingsGUI.php:1502
IL_LDAP_BIND_USER
const IL_LDAP_BIND_USER
Definition: class.ilLDAPServer.php:6
ilLDAPSettingsGUI\prepareGlobalRoleSelection
prepareGlobalRoleSelection($a_as_select=true)
New implementation for InputForm.
Definition: class.ilLDAPSettingsGUI.php:1064
ilLDAPSettingsGUI\checkRoleAssignmentInput
checkRoleAssignmentInput($a_rule_id=0)
Check role assignment input.
Definition: class.ilLDAPSettingsGUI.php:472
ilUserDefinedFields\_getInstance
static _getInstance()
Get instance.
Definition: class.ilUserDefinedFields.php:48
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId($a_server_id)
Get instance of class.
Definition: class.ilLDAPAttributeMapping.php:68
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilLDAPSettingsGUI\saveSyncronizationSettings
saveSyncronizationSettings()
save Syncronization Settings on Role Mapping screen
Definition: class.ilLDAPSettingsGUI.php:1825
ilLDAPServer\_getServerList
static _getServerList()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:206
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilLDAPSettingsGUI\loadMappingDetails
loadMappingDetails()
Load info about hide/show details.
Definition: class.ilLDAPSettingsGUI.php:1170
ilLDAPAttributeMapping\_lookupGlobalRole
static _lookupGlobalRole($a_server_id)
Lookup global role assignment.
Definition: class.ilLDAPAttributeMapping.php:102
ilFormSectionHeaderGUI
This class represents a section header in a property form.
Definition: class.ilFormSectionHeaderGUI.php:31
IL_LDAP_BIND_ANONYMOUS
const IL_LDAP_BIND_ANONYMOUS
Definition: class.ilLDAPServer.php:5
IL_LDAP_SCOPE_SUB
const IL_LDAP_SCOPE_SUB
Definition: class.ilLDAPServer.php:8
ilFormPropertyGUI\setPostVar
setPostVar($a_postvar)
Set Post Variable.
Definition: class.ilFormPropertyGUI.php:112
ilLDAPSettingsGUI\getServer
getServer()
Get server settings.
Definition: class.ilLDAPSettingsGUI.php:115
ilLDAPSettingsGUI\updateRoleMapping
updateRoleMapping()
Check edit screen input and save to db ilRbacReview $rbacreview.
Definition: class.ilLDAPSettingsGUI.php:1790
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:33
ilLDAPSettingsGUI\setSubTabs
setSubTabs()
Set sub tabs for ldap section.
Definition: class.ilLDAPSettingsGUI.php:981
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:991
ilLDAPSettingsGUI\editRoleAssignment
editRoleAssignment()
Edit role assignment.
Definition: class.ilLDAPSettingsGUI.php:159
ilLDAPSettingsGUI\prepareRoleSelect
prepareRoleSelect($a_as_select=true)
Used for old style table.
Definition: class.ilLDAPSettingsGUI.php:1092
ilLDAPSettingsGUI\setValuesByArray
setValuesByArray()
set values of form array
Definition: class.ilLDAPSettingsGUI.php:184
ilRadioOption\setInfo
setInfo($a_info)
Set Info.
Definition: class.ilRadioOption.php:71
ilLDAPSettingsGUI\initRoleMappingForm
initRoleMappingForm($command)
init propertyformgui for Assignment of LDAP Attributes to ILIAS User Profile
Definition: class.ilLDAPSettingsGUI.php:1690
ilLDAPSettingsGUI\showRoleSelection
showRoleSelection()
show role selection
Definition: class.ilLDAPSettingsGUI.php:399
ilLDAPSettingsGUI\confirmDeleteRoleMapping
confirmDeleteRoleMapping()
confirm delete role mappings
Definition: class.ilLDAPSettingsGUI.php:1537
ilLDAPRoleAssignmentRule\_getRules
static _getRules($a_server_id)
Get all rules.
Definition: class.ilLDAPRoleAssignmentRule.php:182
$ilErr
$ilErr
Definition: raiseError.php:18
ilAdministrationSettingsFormHandler\addFieldsToForm
static addFieldsToForm($a_form_id, ilPropertyFormGUI $a_form, ilObjectGUI $a_parent_gui)
Definition: class.ilAdministrationSettingsFormHandler.php:99
ilTable2GUI\setTitle
setTitle($a_title, $a_icon=0, $a_icon_alt=0)
Set title and title icon.
Definition: class.ilTable2GUI.php:535
ilFormPropertyGUI\setInfo
setInfo($a_info)
Set Information Text.
Definition: class.ilFormPropertyGUI.php:145
$name
if($format !==null) $name
Definition: metadata.php:230
ilLDAPSettingsGUI\addRoleMapping
addRoleMapping()
Add Assigments for role mapping.
Definition: class.ilLDAPSettingsGUI.php:1763
ilLDAPSettingsGUI\confirmDeleteServerSettings
confirmDeleteServerSettings()
Confirm delete rules.
Definition: class.ilLDAPSettingsGUI.php:1598
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
ilRoleAutoCompleteInputGUI\echoAutoCompleteList
static echoAutoCompleteList()
Static asynchronous default auto complete function.
Definition: class.ilRoleAutoCompleteInputGUI.php:43
ilLDAPRoleGroupMappingSettings\_getInstanceByServerId
static _getInstanceByServerId($a_server_id)
Get instance of class.
Definition: class.ilLDAPRoleGroupMappingSettings.php:68
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
ilLDAPSettingsGUI\deleteRules
deleteRules()
delete role assignment rule
Definition: class.ilLDAPSettingsGUI.php:301
ilUtil\_sortIds
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,7),&#39;usr_data&#39;,&#39;lastname&#39;,&#39;usr_id&#39;) => sorts by lastname.
Definition: class.ilUtil.php:4422
ilRadioOption\addSubItem
addSubItem($a_item)
Add Subitem.
Definition: class.ilRadioOption.php:121
ilLDAPRoleAssignmentRule\_getInstanceByRuleId
static _getInstanceByRuleId($a_rule_id)
get instance by rule id
Definition: class.ilLDAPRoleAssignmentRule.php:59
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:14
ilLDAPSettingsGUI\addRoleAutoCompleteObject
addRoleAutoCompleteObject()
Add Member for autoComplete.
Definition: class.ilLDAPSettingsGUI.php:1332
ilLDAPSettingsGUI\addRoleAssignment
addRoleAssignment()
add new role assignment
Definition: class.ilLDAPSettingsGUI.php:324
ilCheckboxInputGUI\setValue
setValue($a_value)
Set Value.
Definition: class.ilCheckboxInputGUI.php:65
$DIC
global $DIC
Definition: goto.php:24
IL_LDAP_SCOPE_ONE
const IL_LDAP_SCOPE_ONE
Definition: class.ilLDAPServer.php:9
ilLDAPSettingsGUI\userMapping
userMapping()
Ldap User Mapping.
Definition: class.ilLDAPSettingsGUI.php:1649
ilPasswordInputGUI
This class represents a password property in a property form.
Definition: class.ilPasswordInputGUI.php:11
ilLDAPSettingsGUI\roleAssignments
roleAssignments()
Edit role assignments.
Definition: class.ilLDAPSettingsGUI.php:126
ilLDAPSettingsGUI\roleMapping
roleMapping()
Role Mapping Tab ilToolbarGUI $ilToolbar.
Definition: class.ilLDAPSettingsGUI.php:1418
ilLDAPSettingsGUI\updateRoleAssignment
updateRoleAssignment()
update role assignment
Definition: class.ilLDAPSettingsGUI.php:217
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2406
$txt
$txt
Definition: error.php:13
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4534
ilRoleAutoCompleteInputGUI
This class represents a role + autocomplete feature form input.
Definition: class.ilRoleAutoCompleteInputGUI.php:13
$lang
$lang
Definition: xapiexit.php:8
ilLDAPSettingsGUI\initUserMappingForm
initUserMappingForm()
Create Property Form GUI for User Mapping.
Definition: class.ilLDAPSettingsGUI.php:1372
ilLDAPSettingsGUI\saveRoleSelection
saveRoleSelection()
Save role selection.
Definition: class.ilLDAPSettingsGUI.php:433
ilCombinationInputGUI
This class represents a number property in a property form.
Definition: class.ilCombinationInputGUI.php:31
ilCustomInputGUI
This class represents a custom property in a property form.
Definition: class.ilCustomInputGUI.php:34
ilUtil\formSelect
static formSelect( $selected, $varname, $options, $multiple=false, $direct_text=false, $size="0", $style_class="", $attribs="", $disabled=false)
Builds a select form field with options and shows the selected option first.
Definition: class.ilUtil.php:335
ilNonEditableValueGUI
This class represents a non editable value in a property form.
Definition: class.ilNonEditableValueGUI.php:13
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:34
ilLDAPSettingsGUI\initFormRoleAssignments
initFormRoleAssignments($a_mode)
Init form table for new role assignments.
Definition: class.ilLDAPSettingsGUI.php:1191
ilLDAPAttributeMappingUtils\_getMappingRulesByClass
static _getMappingRulesByClass($a_class)
Get mapping rule by objectClass.
Definition: class.ilLDAPAttributeMappingUtils.php:41
$url
$url
Definition: proxy_ylocal.php:28
QP_COMBINATION_AND
const QP_COMBINATION_AND
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilQueryParser.php:20
ilCheckboxInputGUI\setOptionTitle
setOptionTitle($a_optiontitle)
Set Option Title (optional).
Definition: class.ilCheckboxInputGUI.php:105
ilQueryParser\setMinWordLength
setMinWordLength($a_length, $a_force=false)
Definition: class.ilQueryParser.php:80
ilLDAPSettingsGUI\loadRoleAssignmentRule
loadRoleAssignmentRule($a_rule_id, $a_from_form=true)
Load input from form.
Definition: class.ilLDAPSettingsGUI.php:508
ilFormPropertyGUI\setDisabled
setDisabled($a_disabled)
Set Disabled.
Definition: class.ilFormPropertyGUI.php:205
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
ilFormPropertyGUI\setRequired
setRequired($a_required)
Set Required.
Definition: class.ilFormPropertyGUI.php:185
IL_COMP_SERVICE
const IL_COMP_SERVICE
Definition: class.ilComponent.php:6
ilLDAPSettingsGUI\getRoleAssignmentTable
getRoleAssignmentTable()
Show active role assignments.
Definition: class.ilLDAPSettingsGUI.php:488
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:15
ilLDAPSettingsGUI\editRoleMapping
editRoleMapping()
Edit Assigments for role mapping.
Definition: class.ilLDAPSettingsGUI.php:1477