ILIAS  release_8 Revision v8.19
All Data Structures Namespaces Files Functions Variables Modules Pages
class.ilShibbolethRoleAssignmentRules.php
Go to the documentation of this file.
1 <?php
2 /******************************************************************************
3  *
4  * This file is part of ILIAS, a powerful learning management system.
5  *
6  * ILIAS is licensed with the GPL-3.0, you should have received a copy
7  * of said license along with the source code.
8  *
9  * If this is not the case or you just want to try ILIAS, you'll find
10  * us at:
11  * https://www.ilias.de
12  * https://github.com/ILIAS-eLearning
13  *
14  *****************************************************************************/
25 class ilShibbolethRoleAssignmentRules
26 {
27  protected static array $active_plugins = [];
28 
32  public static function getAllRules(): array
33  {
34  global $DIC;
35  $ilDB = $DIC['ilDB'];
36  $rules = array();
40  $query = "SELECT rule_id FROM shib_role_assignment ORDER BY rule_id";
41  $res = $ilDB->query($query);
42  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
43  $rules[$row->rule_id] = new ilShibbolethRoleAssignmentRule($row->rule_id);
44  }
45 
46  return $rules;
47  }
48 
49  public static function getCountRules(): int
50  {
51  global $DIC;
52  $ilDB = $DIC['ilDB'];
53  $query = "SELECT COUNT(*) num FROM shib_role_assignment ";
54  $res = $ilDB->query($query);
55  $row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
56  return (int) ($row->num ?? 0);
57  }
58 
59  public static function updateAssignments(int $a_usr_id, array $a_data): bool
60  {
61  global $DIC;
62  $ilDB = $DIC['ilDB'];
63  $rbacadmin = $DIC['rbacadmin'];
64  $rbacreview = $DIC['rbacreview'];
65  $ilLog = $DIC['ilLog'];
66  $query = "SELECT rule_id,add_on_update,remove_on_update FROM shib_role_assignment " . "WHERE add_on_update = 1 OR remove_on_update = 1";
67  $res = $ilDB->query($query);
68  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
69  $rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
70  // $matches = $rule->matches($a_data);
71  if ($rule->doesMatch($a_data) && $row->add_on_update) {
72  $ilLog->write(__METHOD__ . ': Assigned to role ' . ilObject::_lookupTitle($rule->getRoleId()));
73  $rbacadmin->assignUser($rule->getRoleId(), $a_usr_id);
74  }
75  if (!$rule->doesMatch($a_data) && $row->remove_on_update) {
76  $ilLog->write(__METHOD__ . ': Deassigned from role ' . ilObject::_lookupTitle($rule->getRoleId()));
77  $rbacadmin->deassignUser($rule->getRoleId(), $a_usr_id);
78  }
79  }
80  // check if is assigned to minimum one global role
81  if (!array_intersect($rbacreview->assignedRoles($a_usr_id), $rbacreview->getGlobalRoles())) {
82  $settings = new ilShibbolethSettings();
83  $default_role = $settings->getDefaultRole();
84  $ilLog->write(__METHOD__ . ': Assigned to default role ' . ilObject::_lookupTitle($default_role));
85  $rbacadmin->assignUser($default_role, $a_usr_id);
86  }
87 
88  return true;
89  }
90 
91  public static function doAssignments(int $a_usr_id, array $a_data): bool
92  {
93  global $DIC;
94  $ilDB = $DIC['ilDB'];
95  $rbacadmin = $DIC['rbacadmin'];
96  $ilLog = $DIC['ilLog'];
97  $query = "SELECT rule_id,add_on_update FROM shib_role_assignment WHERE add_on_update = 1";
98  $num_matches = 0;
99  $res = $ilDB->query($query);
100  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
101  $rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
102  if ($rule->doesMatch($a_data)) {
103  $num_matches++;
104  $ilLog->write(__METHOD__ . ': Assigned to role ' . ilObject::_lookupTitle($rule->getRoleId()));
105  $rbacadmin->assignUser($rule->getRoleId(), $a_usr_id);
106  }
107  }
108  // Assign to default if no matching found
109  if ($num_matches === 0) {
110  $settings = new ilShibbolethSettings();
111  $default_role = $settings->getDefaultRole();
112  $ilLog->write(__METHOD__ . ': Assigned to default role ' . ilObject::_lookupTitle($default_role));
113  $rbacadmin->assignUser($default_role, $a_usr_id);
114  }
115 
116  return true;
117  }
118 
119  public static function callPlugin(string $a_plugin_id, array $a_user_data): bool
120  {
121  global $DIC;
122  foreach ($DIC['component.factory']->getActivePluginsInSlot('shibhk') as $plugin) {
123  if ($plugin->checkRoleAssignment($a_plugin_id, $a_user_data)) {
124  return true;
125  }
126  }
127  return false;
128  }
129 }
$res
$res
Definition: ltiservices.php:69
ILIAS\LTI\ToolProvider\$settings
array $settings
Setting values (LTI parameters, custom parameters and local parameters).
Definition: System.php:200
ilShibbolethRoleAssignmentRules\doAssignments
static doAssignments(int $a_usr_id, array $a_data)
Definition: class.ilShibbolethRoleAssignmentRules.php:91
ilShibbolethRoleAssignmentRules\callPlugin
static callPlugin(string $a_plugin_id, array $a_user_data)
Definition: class.ilShibbolethRoleAssignmentRules.php:119
$DIC
global $DIC
Definition: feed.php:28
ilObject\_lookupTitle
static _lookupTitle(int $obj_id)
Definition: class.ilObject.php:837
ilShibbolethRoleAssignmentRules\updateAssignments
static updateAssignments(int $a_usr_id, array $a_data)
Definition: class.ilShibbolethRoleAssignmentRules.php:59
$query
$query
Definition: proxy_ylocal.php:13
ilShibbolethSettings
Class ilShibbolethSettings.
Definition: class.ilShibbolethSettings.php:27