ILIAS  release_8 Revision v8.19
All Data Structures Namespaces Files Functions Variables Modules Pages
Public Member Functions | Data Fields | Protected Member Functions | Private Member Functions | Private Attributes
ilLDAPAttributeToUser Class Reference

Update/create ILIAS user account by given LDAP attributes according to user attribute mapping settings. More...

+ Collaboration diagram for ilLDAPAttributeToUser:

Public Member Functions

 __construct (ilLDAPServer $a_server)
 Construct of ilLDAPAttribute2XML Defines between LDAP and ILIAS user attributes. More...
 
 getServer ()
 Get server settings. More...
 
 setUserData (array $a_data)
 Set user data received from pear auth or by ldap_search. More...
 
 setNewUserAuthMode (string $a_authmode)
 Set auth mode for new users. More...
 
 getNewUserAuthMode ()
 Get auth mode for new users. More...
 
 addMode (int $a_mode)
 Add import mode. More...
 
 isModeActive (int $a_mode)
 Check if mode is active. More...
 
 refresh ()
 Create/Update non existing users. More...
 

Data Fields

const MODE_INITIALIZE_ROLES = 1
 

Protected Member Functions

 parseRoleAssignmentsForUpdate (int $a_usr_id, string $a_external_account, array $user)
 Parse role assignments for update of user account. More...
 
 parseRoleAssignmentsForCreation (string $a_external_account, array $a_user)
 Parse role assignments for update of user account. More...
 

Private Member Functions

 usersToXML ()
 Create xml string of user according to mapping rules. More...
 
 convertInput ($a_value)
 A value can be an array or a string This function converts arrays to strings. More...
 
 doMapping (array $user, array $rule)
 
 initLDAPAttributeMapping ()
 
 initUserDefinedFields ()
 

Private Attributes

array $modes = []
 
ilLDAPServer $server_settings
 
array $user_data = []
 
ilLDAPAttributeMapping $mapping
 
string $new_user_auth_mode = 'ldap'
 
ilLogger $logger
 
ilXmlWriter $writer
 
ilUserDefinedFields $udf
 

Detailed Description

Update/create ILIAS user account by given LDAP attributes according to user attribute mapping settings.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om

Definition at line 27 of file class.ilLDAPAttributeToUser.php.

Constructor & Destructor Documentation

◆ __construct()

ilLDAPAttributeToUser::__construct ( ilLDAPServer  $a_server)

Construct of ilLDAPAttribute2XML Defines between LDAP and ILIAS user attributes.

Definition at line 44 of file class.ilLDAPAttributeToUser.php.

References $DIC, initLDAPAttributeMapping(), and ILIAS\Repository\logger().

45  {
46  global $DIC;
47 
48  $this->logger = $DIC->logger()->auth();
49 
50  $this->server_settings = $a_server;
51 
52  $this->initLDAPAttributeMapping();
53  }
$DIC
global $DIC
Definition: feed.php:28
+ Here is the call graph for this function:

Member Function Documentation

◆ addMode()

ilLDAPAttributeToUser::addMode ( int  $a_mode)

Add import mode.

Definition at line 95 of file class.ilLDAPAttributeToUser.php.

95  : void
96  {
97  //TODO check for proper value
98  if (!in_array($a_mode, $this->modes, true)) {
99  $this->modes[] = $a_mode;
100  }
101  }

◆ convertInput()

ilLDAPAttributeToUser::convertInput (   $a_value)
private

A value can be an array or a string This function converts arrays to strings.

Parameters
array|stringvalue
Returns
string

Definition at line 386 of file class.ilLDAPAttributeToUser.php.

Referenced by doMapping().

386  : string
387  {
388  if (is_array($a_value)) {
389  return $a_value[0];
390  }
391 
392  return $a_value;
393  }
+ Here is the caller graph for this function:

◆ doMapping()

ilLDAPAttributeToUser::doMapping ( array  $user,
array  $rule 
)
private

Definition at line 395 of file class.ilLDAPAttributeToUser.php.

References convertInput().

Referenced by usersToXML().

395  : string
396  {
397  $mapping = strtolower(trim($rule['value']));
398 
399  if (strpos($mapping, ',') === false) {
400  return $this->convertInput($user[$mapping] ?? '');
401  }
402  // Is multiple mapping
403 
404  $fields = explode(',', $mapping);
405  $value = '';
406  foreach ($fields as $field) {
407  if ($value !== '') {
408  $value .= ' ';
409  }
410  $value .= ($this->convertInput($user[trim($field)] ?? ''));
411  }
412  return $value;
413  }
ilLDAPAttributeToUser\convertInput
convertInput($a_value)
A value can be an array or a string This function converts arrays to strings.
Definition: class.ilLDAPAttributeToUser.php:386
ilLDAPAttributeToUser\$mapping
ilLDAPAttributeMapping $mapping
Definition: class.ilLDAPAttributeToUser.php:34
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getNewUserAuthMode()

ilLDAPAttributeToUser::getNewUserAuthMode ( )

Get auth mode for new users.

Definition at line 87 of file class.ilLDAPAttributeToUser.php.

References $new_user_auth_mode.

Referenced by usersToXML().

87  : string
88  {
89  return $this->new_user_auth_mode;
90  }
+ Here is the caller graph for this function:

◆ getServer()

ilLDAPAttributeToUser::getServer ( )

Get server settings.

Returns
ilLDAPServer

Definition at line 59 of file class.ilLDAPAttributeToUser.php.

References $server_settings.

Referenced by parseRoleAssignmentsForCreation(), parseRoleAssignmentsForUpdate(), and refresh().

59  : ilLDAPServer
60  {
61  return $this->server_settings;
62  }
+ Here is the caller graph for this function:

◆ initLDAPAttributeMapping()

ilLDAPAttributeToUser::initLDAPAttributeMapping ( )
private

Definition at line 415 of file class.ilLDAPAttributeToUser.php.

References ilLDAPAttributeMapping\_getInstanceByServerId().

Referenced by __construct().

415  : void
416  {
417  $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->server_settings->getServerId());
418  }
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId(int $a_server_id)
Definition: class.ilLDAPAttributeMapping.php:45
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ initUserDefinedFields()

ilLDAPAttributeToUser::initUserDefinedFields ( )
private

Definition at line 420 of file class.ilLDAPAttributeToUser.php.

References ilUserDefinedFields\_getInstance().

Referenced by usersToXML().

420  : void
421  {
422  $this->udf = ilUserDefinedFields::_getInstance();
423  }
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isModeActive()

ilLDAPAttributeToUser::isModeActive ( int  $a_mode)

Check if mode is active.

Parameters
int$a_mode
Returns
bool

Definition at line 108 of file class.ilLDAPAttributeToUser.php.

Referenced by usersToXML().

108  : bool
109  {
110  return in_array($a_mode, $this->modes, true);
111  }
+ Here is the caller graph for this function:

◆ parseRoleAssignmentsForCreation()

ilLDAPAttributeToUser::parseRoleAssignmentsForCreation ( string  $a_external_account,
array  $a_user 
)
protected

Parse role assignments for update of user account.

Parameters
string$a_external_account
array$a_user

Definition at line 161 of file class.ilLDAPAttributeToUser.php.

References ilLDAPRoleAssignmentRules\getAssignmentsForCreation(), and getServer().

Referenced by usersToXML().

161  : void
162  {
163  foreach (ilLDAPRoleAssignmentRules::getAssignmentsForCreation(
164  $this->getServer()->getServerId(),
165  $a_external_account,
166  $a_user
167  ) as $role_data) {
168  $this->writer->xmlElement(
169  'Role',
170  [
171  'Id' => $role_data['id'],
172  'Type' => $role_data['type'],
173  'Action' => $role_data['action']
174  ],
175  ''
176  );
177  }
178  }
ilLDAPRoleAssignmentRules\getAssignmentsForCreation
static getAssignmentsForCreation(int $a_server_id, string $a_usr_name, array $a_usr_data)
Definition: class.ilLDAPRoleAssignmentRules.php:140
ilLDAPAttributeToUser\getServer
getServer()
Get server settings.
Definition: class.ilLDAPAttributeToUser.php:59
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ parseRoleAssignmentsForUpdate()

ilLDAPAttributeToUser::parseRoleAssignmentsForUpdate ( int  $a_usr_id,
string  $a_external_account,
array  $user 
)
protected

Parse role assignments for update of user account.

Parameters
int$a_usr_id
string$a_external_account
array$user

Definition at line 136 of file class.ilLDAPAttributeToUser.php.

References ilLDAPRoleAssignmentRules\getAssignmentsForUpdate(), and getServer().

Referenced by usersToXML().

136  : void
137  {
138  foreach (ilLDAPRoleAssignmentRules::getAssignmentsForUpdate(
139  $this->getServer()->getServerId(),
140  $a_usr_id,
141  $a_external_account,
142  $user
143  ) as $role_data) {
144  $this->writer->xmlElement(
145  'Role',
146  [
147  'Id' => $role_data['id'],
148  'Type' => $role_data['type'],
149  'Action' => $role_data['action']
150  ],
151  ''
152  );
153  }
154  }
ilLDAPRoleAssignmentRules\getAssignmentsForUpdate
static getAssignmentsForUpdate(int $a_server_id, $a_usr_id, $a_usr_name, $a_usr_data)
Definition: class.ilLDAPRoleAssignmentRules.php:90
ilLDAPAttributeToUser\getServer
getServer()
Get server settings.
Definition: class.ilLDAPAttributeToUser.php:59
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ refresh()

ilLDAPAttributeToUser::refresh ( )

Create/Update non existing users.

Definition at line 117 of file class.ilLDAPAttributeToUser.php.

References ilLDAPRoleAssignmentRules\getAllPossibleRoles(), getServer(), and usersToXML().

117  : bool
118  {
119  $this->usersToXML();
120 
121  $importParser = new ilUserImportParser();
122  $importParser->setXMLContent($this->writer->xmlDumpMem(false));
123  $importParser->setRoleAssignment(ilLDAPRoleAssignmentRules::getAllPossibleRoles($this->getServer()->getServerId()));
124  $importParser->setFolderId(7);
125  $importParser->startParsing();
126 
127  return true;
128  }
ilLDAPRoleAssignmentRules\getAllPossibleRoles
static getAllPossibleRoles(int $a_server_id)
Get all assignable roles (used for import parser)
Definition: class.ilLDAPRoleAssignmentRules.php:43
ilLDAPAttributeToUser\getServer
getServer()
Get server settings.
Definition: class.ilLDAPAttributeToUser.php:59
ilLDAPAttributeToUser\usersToXML
usersToXML()
Create xml string of user according to mapping rules.
Definition: class.ilLDAPAttributeToUser.php:183
+ Here is the call graph for this function:

◆ setNewUserAuthMode()

ilLDAPAttributeToUser::setNewUserAuthMode ( string  $a_authmode)

Set auth mode for new users.

Parameters
string$a_authmode

Definition at line 79 of file class.ilLDAPAttributeToUser.php.

79  : void
80  {
81  $this->new_user_auth_mode = $a_authmode;
82  }

◆ setUserData()

ilLDAPAttributeToUser::setUserData ( array  $a_data)

Set user data received from pear auth or by ldap_search.

Parameters
arrayarray of auth data. array('ilias_account1' => array(firstname => 'Stefan',...),...)

Definition at line 70 of file class.ilLDAPAttributeToUser.php.

70  : void
71  {
72  $this->user_data = $a_data;
73  }

◆ usersToXML()

ilLDAPAttributeToUser::usersToXML ( )
private

Create xml string of user according to mapping rules.

Definition at line 183 of file class.ilLDAPAttributeToUser.php.

References $data, ilAuthUtils\_generateLogin(), ilObjUser\_lookupId(), doMapping(), getNewUserAuthMode(), initUserDefinedFields(), isModeActive(), ILIAS\Repository\logger(), parseRoleAssignmentsForCreation(), and parseRoleAssignmentsForUpdate().

Referenced by refresh().

183  : void
184  {
185  $this->writer = new ilXmlWriter();
186  $this->writer->xmlStartTag('Users');
187 
188  $cnt_update = 0;
189  $cnt_create = 0;
190 
191  // Single users
192  foreach ($this->user_data as $external_account => $user) {
193  $external_account = (string) $external_account;
194 
195  $user['ilExternalAccount'] = $external_account;
196 
197  // Required fields
198  if ($user['ilInternalAccount']) {
199  $usr_id = ilObjUser::_lookupId($user['ilInternalAccount']);
200 
201  ++$cnt_update;
202  // User exists
203  $this->writer->xmlStartTag('User', ['Id' => $usr_id, 'Action' => 'Update']);
204  $this->writer->xmlElement('Login', [], $user['ilInternalAccount']);
205  $this->writer->xmlElement('ExternalAccount', [], $external_account);
206  $this->writer->xmlElement('AuthMode', ['type' => $this->getNewUserAuthMode()]);
207 
208  if ($this->isModeActive(self::MODE_INITIALIZE_ROLES)) {
209  $this->parseRoleAssignmentsForCreation($external_account, $user);
210  } else {
211  $this->parseRoleAssignmentsForUpdate($usr_id, $external_account, $user);
212  }
213  $rules = $this->mapping->getRulesForUpdate();
214  } else {
215  ++$cnt_create;
216  // Create user
217  $this->writer->xmlStartTag('User', ['Action' => 'Insert']);
218  $this->writer->xmlElement('Login', [], ilAuthUtils::_generateLogin($external_account));
219 
220  $this->parseRoleAssignmentsForCreation($external_account, $user);
221  $rules = $this->mapping->getRules(true);
222  }
223 
224  $this->writer->xmlElement('Active', [], "true");
225  $this->writer->xmlElement('TimeLimitOwner', [], 7);
226  $this->writer->xmlElement('TimeLimitUnlimited', [], 1);
227  $this->writer->xmlElement('TimeLimitFrom', [], time());
228  $this->writer->xmlElement('TimeLimitUntil', [], time());
229 
230  // only for new users.
231  // If auth_mode is 'default' (ldap) this status should remain.
232  if (!$user['ilInternalAccount']) {
233  $this->writer->xmlElement(
234  'AuthMode',
235  ['type' => $this->getNewUserAuthMode()],
236  $this->getNewUserAuthMode()
237  );
238  $this->writer->xmlElement('ExternalAccount', [], $external_account);
239  }
240  foreach ($rules as $field => $data) {
241  // Do Mapping: it is possible to assign multiple ldap attribute to one user data field
242  if (!($value = $this->doMapping($user, $data))) {
243  continue;
244  }
245 
246  switch ($field) {
247  case 'gender':
248  switch (strtolower($value)) {
249 
250  case 'm':
251  case 'male':
252  $this->writer->xmlElement('Gender', [], 'm');
253  break;
254 
255  case 'f':
256  case 'female':
257  $this->writer->xmlElement('Gender', [], 'f');
258  break;
259 
260  default:
261  // use the default for anything that is not clearly m or f
262  $this->writer->xmlElement('Gender', [], 'n');
263  break;
264  }
265  break;
266 
267  case 'firstname':
268  $this->writer->xmlElement('Firstname', [], $value);
269  break;
270 
271  case 'lastname':
272  $this->writer->xmlElement('Lastname', [], $value);
273  break;
274 
275  case 'hobby':
276  $this->writer->xmlElement('Hobby', [], $value);
277  break;
278 
279  case 'title':
280  $this->writer->xmlElement('Title', [], $value);
281  break;
282 
283  case 'institution':
284  $this->writer->xmlElement('Institution', [], $value);
285  break;
286 
287  case 'department':
288  $this->writer->xmlElement('Department', [], $value);
289  break;
290 
291  case 'street':
292  $this->writer->xmlElement('Street', [], $value);
293  break;
294 
295  case 'city':
296  $this->writer->xmlElement('City', [], $value);
297  break;
298 
299  case 'zipcode':
300  $this->writer->xmlElement('PostalCode', [], $value);
301  break;
302 
303  case 'country':
304  $this->writer->xmlElement('Country', [], $value);
305  break;
306 
307  case 'phone_office':
308  $this->writer->xmlElement('PhoneOffice', [], $value);
309  break;
310 
311  case 'phone_home':
312  $this->writer->xmlElement('PhoneHome', [], $value);
313  break;
314 
315  case 'phone_mobile':
316  $this->writer->xmlElement('PhoneMobile', [], $value);
317  break;
318 
319  case 'fax':
320  $this->writer->xmlElement('Fax', [], $value);
321  break;
322 
323  case 'email':
324  $this->writer->xmlElement('Email', [], $value);
325  break;
326 
327  case 'second_email':
328  $this->writer->xmlElement('SecondEmail', [], $value);
329  break;
330 
331  case 'matriculation':
332  $this->writer->xmlElement('Matriculation', [], $value);
333  break;
334 
335  default:
336  // Handle user defined fields
337  if (strpos($field, 'udf_') !== 0) {
338  continue 2;
339  }
340  $id_data = explode('_', $field);
341  if (!isset($id_data[1])) {
342  continue 2;
343  }
344  $this->initUserDefinedFields();
345  $definition = $this->udf->getDefinition((int) $id_data[1]);
346  if (empty($definition)) {
347  $this->logger->warning(sprintf(
348  "Invalid/Orphaned UD field mapping detected: %s",
349  $field
350  ));
351  break;
352  }
353 
354  $this->writer->xmlElement(
355  'UserDefinedField',
356  [
357  'Id' => $definition['il_id'],
358  'Name' => $definition['field_name']
359  ],
360  $value
361  );
362  break;
363 
364 
365  }
366  }
367  $this->writer->xmlEndTag('User');
368  }
369 
370  if ($cnt_create) {
371  $this->logger->info('LDAP: Started creation of ' . $cnt_create . ' users.');
372  }
373  if ($cnt_update) {
374  $this->logger->info('LDAP: Started update of ' . $cnt_update . ' users.');
375  }
376  $this->writer->xmlEndTag('Users');
377  }
ilAuthUtils\_generateLogin
static _generateLogin(string $a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:370
ilXmlWriter
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilXmlWriter.php:30
ilObjUser\_lookupId
static _lookupId($a_user_str)
Definition: class.ilObjUser.php:674
ilLDAPAttributeToUser\parseRoleAssignmentsForCreation
parseRoleAssignmentsForCreation(string $a_external_account, array $a_user)
Parse role assignments for update of user account.
Definition: class.ilLDAPAttributeToUser.php:161
ilLDAPAttributeToUser\parseRoleAssignmentsForUpdate
parseRoleAssignmentsForUpdate(int $a_usr_id, string $a_external_account, array $user)
Parse role assignments for update of user account.
Definition: class.ilLDAPAttributeToUser.php:136
ilLDAPAttributeToUser\doMapping
doMapping(array $user, array $rule)
Definition: class.ilLDAPAttributeToUser.php:395
ilLDAPAttributeToUser\getNewUserAuthMode
getNewUserAuthMode()
Get auth mode for new users.
Definition: class.ilLDAPAttributeToUser.php:87
ilLDAPAttributeToUser\isModeActive
isModeActive(int $a_mode)
Check if mode is active.
Definition: class.ilLDAPAttributeToUser.php:108
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

Field Documentation

◆ $logger

ilLogger ilLDAPAttributeToUser::$logger
private

Definition at line 36 of file class.ilLDAPAttributeToUser.php.

◆ $mapping

ilLDAPAttributeMapping ilLDAPAttributeToUser::$mapping
private

Definition at line 34 of file class.ilLDAPAttributeToUser.php.

◆ $modes

array ilLDAPAttributeToUser::$modes = []
private

Definition at line 31 of file class.ilLDAPAttributeToUser.php.

◆ $new_user_auth_mode

string ilLDAPAttributeToUser::$new_user_auth_mode = 'ldap'
private

Definition at line 35 of file class.ilLDAPAttributeToUser.php.

Referenced by getNewUserAuthMode().

◆ $server_settings

ilLDAPServer ilLDAPAttributeToUser::$server_settings
private

Definition at line 32 of file class.ilLDAPAttributeToUser.php.

Referenced by getServer().

◆ $udf

ilUserDefinedFields ilLDAPAttributeToUser::$udf
private

Definition at line 38 of file class.ilLDAPAttributeToUser.php.

◆ $user_data

array ilLDAPAttributeToUser::$user_data = []
private

Definition at line 33 of file class.ilLDAPAttributeToUser.php.

◆ $writer

ilXmlWriter ilLDAPAttributeToUser::$writer
private

Definition at line 37 of file class.ilLDAPAttributeToUser.php.

◆ MODE_INITIALIZE_ROLES

const ilLDAPAttributeToUser::MODE_INITIALIZE_ROLES = 1

Definition at line 29 of file class.ilLDAPAttributeToUser.php.

Referenced by ilLDAPUserSynchronisation\performUpdate().

The documentation for this class was generated from the following file: