ILIAS  release_8 Revision v8.24
class.ilShibbolethRoleAssignmentRules.php
Go to the documentation of this file.
1<?php
2/******************************************************************************
3 *
4 * This file is part of ILIAS, a powerful learning management system.
5 *
6 * ILIAS is licensed with the GPL-3.0, you should have received a copy
7 * of said license along with the source code.
8 *
9 * If this is not the case or you just want to try ILIAS, you'll find
10 * us at:
11 * https://www.ilias.de
12 * https://github.com/ILIAS-eLearning
13 *
14 *****************************************************************************/
25class ilShibbolethRoleAssignmentRules
26{
27 protected static array $active_plugins = [];
28
32 public static function getAllRules(): array
33 {
34 global $DIC;
35 $ilDB = $DIC['ilDB'];
36 $rules = array();
40 $query = "SELECT rule_id FROM shib_role_assignment ORDER BY rule_id";
41 $res = $ilDB->query($query);
42 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
43 $rules[$row->rule_id] = new ilShibbolethRoleAssignmentRule($row->rule_id);
44 }
45
46 return $rules;
47 }
48
49 public static function getCountRules(): int
50 {
51 global $DIC;
52 $ilDB = $DIC['ilDB'];
53 $query = "SELECT COUNT(*) num FROM shib_role_assignment ";
54 $res = $ilDB->query($query);
55 $row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
56 return (int) ($row->num ?? 0);
57 }
58
59 public static function updateAssignments(int $a_usr_id, array $a_data): bool
60 {
61 global $DIC;
62 $ilDB = $DIC['ilDB'];
63 $rbacadmin = $DIC['rbacadmin'];
64 $rbacreview = $DIC['rbacreview'];
65 $ilLog = $DIC['ilLog'];
66 $query = "SELECT rule_id,add_on_update,remove_on_update FROM shib_role_assignment " . "WHERE add_on_update = 1 OR remove_on_update = 1";
67 $res = $ilDB->query($query);
68 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
69 $rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
70 // $matches = $rule->matches($a_data);
71 if ($rule->doesMatch($a_data) && $row->add_on_update) {
72 $ilLog->write(__METHOD__ . ': Assigned to role ' . ilObject::_lookupTitle($rule->getRoleId()));
73 $rbacadmin->assignUser($rule->getRoleId(), $a_usr_id);
74 }
75 if (!$rule->doesMatch($a_data) && $row->remove_on_update) {
76 $ilLog->write(__METHOD__ . ': Deassigned from role ' . ilObject::_lookupTitle($rule->getRoleId()));
77 $rbacadmin->deassignUser($rule->getRoleId(), $a_usr_id);
78 }
79 }
80 // check if is assigned to minimum one global role
81 if (!array_intersect($rbacreview->assignedRoles($a_usr_id), $rbacreview->getGlobalRoles())) {
82 $settings = new ilShibbolethSettings();
83 $default_role = $settings->getDefaultRole();
84 $ilLog->write(__METHOD__ . ': Assigned to default role ' . ilObject::_lookupTitle($default_role));
85 $rbacadmin->assignUser($default_role, $a_usr_id);
86 }
87
88 return true;
89 }
90
91 public static function doAssignments(int $a_usr_id, array $a_data): bool
92 {
93 global $DIC;
94 $ilDB = $DIC['ilDB'];
95 $rbacadmin = $DIC['rbacadmin'];
96 $ilLog = $DIC['ilLog'];
97 $query = "SELECT rule_id,add_on_update FROM shib_role_assignment WHERE add_on_update = 1";
98 $num_matches = 0;
99 $res = $ilDB->query($query);
100 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
101 $rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
102 if ($rule->doesMatch($a_data)) {
103 $num_matches++;
104 $ilLog->write(__METHOD__ . ': Assigned to role ' . ilObject::_lookupTitle($rule->getRoleId()));
105 $rbacadmin->assignUser($rule->getRoleId(), $a_usr_id);
106 }
107 }
108 // Assign to default if no matching found
109 if ($num_matches === 0) {
110 $settings = new ilShibbolethSettings();
111 $default_role = $settings->getDefaultRole();
112 $ilLog->write(__METHOD__ . ': Assigned to default role ' . ilObject::_lookupTitle($default_role));
113 $rbacadmin->assignUser($default_role, $a_usr_id);
114 }
115
116 return true;
117 }
118
119 public static function callPlugin(string $a_plugin_id, array $a_user_data): bool
120 {
121 global $DIC;
122 foreach ($DIC['component.factory']->getActivePluginsInSlot('shibhk') as $plugin) {
123 if ($plugin->checkRoleAssignment($a_plugin_id, $a_user_data)) {
124 return true;
125 }
126 }
127 return false;
128 }
129}
ilObject\_lookupTitle
static _lookupTitle(int $obj_id)
Definition: class.ilObject.php:837
ilShibbolethRoleAssignmentRules\doAssignments
static doAssignments(int $a_usr_id, array $a_data)
Definition: class.ilShibbolethRoleAssignmentRules.php:91
ilShibbolethRoleAssignmentRules\updateAssignments
static updateAssignments(int $a_usr_id, array $a_data)
Definition: class.ilShibbolethRoleAssignmentRules.php:59
ilShibbolethRoleAssignmentRules\callPlugin
static callPlugin(string $a_plugin_id, array $a_user_data)
Definition: class.ilShibbolethRoleAssignmentRules.php:119
ilShibbolethSettings
Class ilShibbolethSettings.
Definition: class.ilShibbolethSettings.php:28
$DIC
global $DIC
Definition: feed.php:28
$res
$res
Definition: ltiservices.php:69
ILIAS\LTI\ToolProvider\$settings
array $settings
Setting values (LTI parameters, custom parameters and local parameters).
Definition: System.php:200
$query
$query
Definition: proxy_ylocal.php:13