ILIAS  release_8 Revision v8.24
Public Member Functions | Static Public Member Functions | Data Fields | Static Public Attributes | Protected Attributes | Private Member Functions | Private Attributes | Static Private Attributes
ilSecuritySettings Class Reference

This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Learning e.V. More...

+ Collaboration diagram for ilSecuritySettings:

Public Member Functions

 setPasswordCharsAndNumbersEnabled (bool $a_chars_and_numbers_enabled)
 set if the passwords have to contain characters and numbers More...
 
 isPasswordCharsAndNumbersEnabled ()
 get boolean if the passwords have to contain characters and numbers More...
 
 setPasswordSpecialCharsEnabled (bool $a_password_special_chars_enabled)
 set if the passwords have to contain special characters More...
 
 isPasswordSpecialCharsEnabled ()
 get boolean if the passwords have to contain special characters More...
 
 setPasswordMinLength (int $a_password_min_length)
 set the minimum length for passwords More...
 
 getPasswordMinLength ()
 get the minimum length for passwords More...
 
 setPasswordMaxLength (int $a_password_max_length)
 set the maximum length for passwords More...
 
 getPasswordMaxLength ()
 get the maximum length for passwords More...
 
 setPasswordMaxAge (int $a_password_max_age)
 set the maximum password age More...
 
 getPasswordMaxAge ()
 get the maximum password age More...
 
 setLoginMaxAttempts (int $a_login_max_attempts)
 set the maximum count of login attempts More...
 
 getLoginMaxAttempts ()
 get the maximum count of login attempts More...
 
 setHTTPSEnabled (bool $value)
 Enable https for certain scripts. More...
 
 isHTTPSEnabled ()
 read access to https enabled property More...
 
 setPasswordChangeOnFirstLoginEnabled (bool $a_password_change_on_first_login_enabled)
 set if the passwords have to be changed by users on first login More...
 
 isPasswordChangeOnFirstLoginEnabled ()
 get boolean if the passwords have to be changed by users on first login More...
 
 isAdminRoleProtected ()
 
 protectedAdminRole (bool $a_stat)
 
 checkAdminRoleAccessible (int $a_usr_id)
 Check if the administrator role is accessible for a specific user. More...
 
 save ()
 Save settings. More...
 
 validate (ilPropertyFormGUI $a_form=null)
 validate settings More...
 
 isPreventionOfSimultaneousLoginsEnabled ()
 Prevention of simultaneous logins with the same account. More...
 
 setPreventionOfSimultaneousLogins (bool $value)
 Enable/Disable prevention of simultaneous logins with the same account. More...
 
 setPasswordNumberOfUppercaseChars (int $password_ucase_chars_num)
 Set number of uppercase characters required. More...
 
 getPasswordNumberOfUppercaseChars ()
 Returns number of uppercase characters required. More...
 
 setPasswordNumberOfLowercaseChars (int $password_lcase_chars_num)
 Set number of lowercase characters required. More...
 
 getPasswordNumberOfLowercaseChars ()
 Returns number of lowercase characters required. More...
 
 setPasswordMustNotContainLoginnameStatus ($status)
 Set whether the password must not contain the loginname or not. More...
 
 getPasswordMustNotContainLoginnameStatus ()
 Return whether the password must not contain the loginname or not. More...
 

Static Public Member Functions

static _getInstance ()
 Get instance of ilSecuritySettings. More...
 

Data Fields

const SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH = 4
 
const SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH = 5
 
const SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE = 6
 
const SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS = 7
 
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1 = 11
 
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2 = 8
 
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3 = 9
 
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH = 10
 
const DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED = true
 
const DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED = false
 
const DEFAULT_PASSWORD_MIN_LENGTH = 8
 
const DEFAULT_PASSWORD_MAX_LENGTH = 0
 
const DEFAULT_PASSWORD_MAX_AGE = 90
 
const DEFAULT_LOGIN_MAX_ATTEMPTS = 5
 
const DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED = false
 
const DEFAULT_PREVENT_SIMULTANEOUS_LOGINS = false
 

Static Public Attributes

static int $SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS = 1
 
static int $SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE = 2
 
static int $SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE = 3
 

Protected Attributes

ilHTTPS $https
 

Private Member Functions

 __construct ()
 Private constructor: use _getInstance() More...
 
 read ()
 read settings @access private More...
 

Private Attributes

ilDBInterface $db
 
ilSetting $settings
 
ilRbacReview $review
 
bool $https_enable
 
bool $password_chars_and_numbers_enabled = self::DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED
 
bool $password_special_chars_enabled = self::DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED
 
int $password_min_length = self::DEFAULT_PASSWORD_MIN_LENGTH
 
int $password_max_length = self::DEFAULT_PASSWORD_MAX_LENGTH
 
int $password_max_age = self::DEFAULT_PASSWORD_MAX_AGE
 
int $password_ucase_chars_num = 0
 
int $password_lcase_chars_num = 0
 
int $login_max_attempts = self::DEFAULT_LOGIN_MAX_ATTEMPTS
 
bool $password_must_not_contain_loginname = false
 
bool $password_change_on_first_login_enabled = self::DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED
 
bool $prevent_simultaneous_logins = self::DEFAULT_PREVENT_SIMULTANEOUS_LOGINS
 
bool $protect_admin_role = false
 

Static Private Attributes

static self $instance = null
 

Detailed Description

This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Learning e.V.

ILIAS is licensed with the GPL-3.0, see https://www.gnu.org/licenses/gpl-3.0.en.html You should have received a copy of said license along with the source code, too. If this is not the case or you just want to try ILIAS, you'll find us at: https://www.ilias.de https://github.com/ILIAS-eLearning Singleton class that stores all security settings

Author
Roland Küstermann rolan.nosp@m.d@ku.nosp@m.ester.nosp@m.mann.nosp@m..com
Stefan Meyer smeye.nosp@m.r.il.nosp@m.ias@g.nosp@m.mx.d.nosp@m.e /

Definition at line 24 of file class.ilSecuritySettings.php.

Constructor & Destructor Documentation

◆ __construct()

ilSecuritySettings::__construct ( )
private

Private constructor: use _getInstance()

Definition at line 75 of file class.ilSecuritySettings.php.

76 {
77 global $DIC;
78
79 $this->db = $DIC->database();
80 $this->settings = $DIC->settings();
81 $this->review = $DIC->rbac()->review();
82 $this->https = $DIC['https'];
83
84 $this->read();
85 }
ilSecuritySettings\read
read()
read settings @access private
Definition: class.ilSecuritySettings.php:291
$DIC
global $DIC
Definition: feed.php:28

References $DIC, read(), and ILIAS\Repository\settings().

+ Here is the call graph for this function:

Member Function Documentation

◆ _getInstance()

static ilSecuritySettings::_getInstance ( )
static

Get instance of ilSecuritySettings.

Returns
ilSecuritySettings instance @access public

Definition at line 92 of file class.ilSecuritySettings.php.

92 : ilSecuritySettings
93 {
94 if (!self::$instance instanceof self) {
95 self::$instance = new self();
96 }
97 return self::$instance;
98 }
ilSecuritySettings
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilSecuritySettings.php:25

References $instance.

Referenced by ilObjRoleFolderGUI\addToExternalSettingsForm(), ilObjUserFolderGUI\addToExternalSettingsForm(), ilAuthFrontend\checkExceededLoginAttempts(), ilObjUserFolderGUI\generalSettingsObject(), ilSecuritySettingsChecker\generatePasswords(), ilSecuritySettingsChecker\getPasswordRequirementsInfo(), ilAuthFrontend\handleAuthenticationFail(), ilAuthFrontend\handleAuthenticationSuccess(), ilObjRoleFolderGUI\initSettingsForm(), ilSecuritySettingsChecker\isPassword(), ilObjUser\isPasswordChangeDemanded(), ilObjUser\isPasswordExpired(), ilRoleAssignmentTableGUI\parse(), ilObjUserFolderGUI\saveGeneralSettingsObject(), ilObjRoleFolderGUI\saveSettingsObject(), ilObjPrivacySecurityGUI\showSecurity(), and ilObjRoleGUI\userassignmentObject().

+ Here is the caller graph for this function:

◆ checkAdminRoleAccessible()

ilSecuritySettings::checkAdminRoleAccessible ( int  $a_usr_id)

Check if the administrator role is accessible for a specific user.

Definition at line 247 of file class.ilSecuritySettings.php.

247 : bool
248 {
249 if (!$this->isAdminRoleProtected()) {
250 return true;
251 }
252 if ($this->review->isAssigned($a_usr_id, SYSTEM_ROLE_ID)) {
253 return true;
254 }
255 return false;
256 }
SYSTEM_ROLE_ID
const SYSTEM_ROLE_ID
Definition: constants.php:29

References isAdminRoleProtected(), and SYSTEM_ROLE_ID.

+ Here is the call graph for this function:

◆ getLoginMaxAttempts()

ilSecuritySettings::getLoginMaxAttempts ( )

get the maximum count of login attempts

Definition at line 195 of file class.ilSecuritySettings.php.

195 : int
196 {
197 return $this->login_max_attempts;
198 }

References $login_max_attempts.

Referenced by save(), and validate().

+ Here is the caller graph for this function:

◆ getPasswordMaxAge()

ilSecuritySettings::getPasswordMaxAge ( )

get the maximum password age

Definition at line 179 of file class.ilSecuritySettings.php.

179 : int
180 {
181 return $this->password_max_age;
182 }

References $password_max_age.

Referenced by save(), and validate().

+ Here is the caller graph for this function:

◆ getPasswordMaxLength()

ilSecuritySettings::getPasswordMaxLength ( )

get the maximum length for passwords

Definition at line 163 of file class.ilSecuritySettings.php.

163 : int
164 {
165 return $this->password_max_length;
166 }

References $password_max_length.

Referenced by ilObjUserFolderGUI\getPasswordPolicySettingsMap(), save(), and validate().

+ Here is the caller graph for this function:

◆ getPasswordMinLength()

ilSecuritySettings::getPasswordMinLength ( )

get the minimum length for passwords

Definition at line 147 of file class.ilSecuritySettings.php.

147 : int
148 {
149 return $this->password_min_length;
150 }

References $password_min_length.

Referenced by ilObjUserFolderGUI\getPasswordPolicySettingsMap(), save(), and validate().

+ Here is the caller graph for this function:

◆ getPasswordMustNotContainLoginnameStatus()

ilSecuritySettings::getPasswordMustNotContainLoginnameStatus ( )

Return whether the password must not contain the loginname or not.

Definition at line 519 of file class.ilSecuritySettings.php.

519 : bool
520 {
521 return $this->password_must_not_contain_loginname;
522 }

References $password_must_not_contain_loginname.

Referenced by ilObjUserFolderGUI\getPasswordPolicySettingsMap(), and save().

+ Here is the caller graph for this function:

◆ getPasswordNumberOfLowercaseChars()

ilSecuritySettings::getPasswordNumberOfLowercaseChars ( )

Returns number of lowercase characters required.

Definition at line 503 of file class.ilSecuritySettings.php.

503 : int
504 {
505 return $this->password_lcase_chars_num;
506 }

References $password_lcase_chars_num.

Referenced by ilObjUserFolderGUI\getPasswordPolicySettingsMap(), save(), and validate().

+ Here is the caller graph for this function:

◆ getPasswordNumberOfUppercaseChars()

ilSecuritySettings::getPasswordNumberOfUppercaseChars ( )

Returns number of uppercase characters required.

Definition at line 487 of file class.ilSecuritySettings.php.

487 : int
488 {
489 return $this->password_ucase_chars_num;
490 }

References $password_ucase_chars_num.

Referenced by ilObjUserFolderGUI\getPasswordPolicySettingsMap(), save(), and validate().

+ Here is the caller graph for this function:

◆ isAdminRoleProtected()

ilSecuritySettings::isAdminRoleProtected ( )

Definition at line 234 of file class.ilSecuritySettings.php.

234 : bool
235 {
236 return (bool) $this->protect_admin_role;
237 }

References $protect_admin_role.

Referenced by checkAdminRoleAccessible(), and save().

+ Here is the caller graph for this function:

◆ isHTTPSEnabled()

ilSecuritySettings::isHTTPSEnabled ( )

read access to https enabled property

Definition at line 211 of file class.ilSecuritySettings.php.

211 : bool
212 {
213 return $this->https_enable;
214 }

References $https_enable.

Referenced by save(), and validate().

+ Here is the caller graph for this function:

◆ isPasswordChangeOnFirstLoginEnabled()

ilSecuritySettings::isPasswordChangeOnFirstLoginEnabled ( )

get boolean if the passwords have to be changed by users on first login

Definition at line 229 of file class.ilSecuritySettings.php.

229 : bool
230 {
231 return $this->password_change_on_first_login_enabled;
232 }

References $password_change_on_first_login_enabled.

Referenced by save().

+ Here is the caller graph for this function:

◆ isPasswordCharsAndNumbersEnabled()

ilSecuritySettings::isPasswordCharsAndNumbersEnabled ( )

get boolean if the passwords have to contain characters and numbers

Definition at line 113 of file class.ilSecuritySettings.php.

113 : bool
114 {
115 return $this->password_chars_and_numbers_enabled;
116 }

References $password_chars_and_numbers_enabled.

Referenced by ilObjUserFolderGUI\getPasswordPolicySettingsMap(), save(), and validate().

+ Here is the caller graph for this function:

◆ isPasswordSpecialCharsEnabled()

ilSecuritySettings::isPasswordSpecialCharsEnabled ( )

get boolean if the passwords have to contain special characters

Definition at line 131 of file class.ilSecuritySettings.php.

131 : bool
132 {
133 return $this->password_special_chars_enabled;
134 }

References $password_special_chars_enabled.

Referenced by ilObjUserFolderGUI\getPasswordPolicySettingsMap(), save(), and validate().

+ Here is the caller graph for this function:

◆ isPreventionOfSimultaneousLoginsEnabled()

ilSecuritySettings::isPreventionOfSimultaneousLoginsEnabled ( )

Prevention of simultaneous logins with the same account.

Returns
bool true, if prevention of simultaneous logins with the same account is enabled, false otherwise

Definition at line 463 of file class.ilSecuritySettings.php.

463 : bool
464 {
465 return $this->prevent_simultaneous_logins;
466 }

References $prevent_simultaneous_logins.

Referenced by save().

+ Here is the caller graph for this function:

◆ protectedAdminRole()

ilSecuritySettings::protectedAdminRole ( bool  $a_stat)

Definition at line 239 of file class.ilSecuritySettings.php.

239 : void
240 {
241 $this->protect_admin_role = $a_stat;
242 }

◆ read()

ilSecuritySettings::read ( )
private

read settings @access private

Parameters

Definition at line 291 of file class.ilSecuritySettings.php.

291 : void
292 {
293 $query = "SELECT object_reference.ref_id FROM object_reference,tree,object_data " .
294 "WHERE tree.parent = " . $this->db->quote(SYSTEM_FOLDER_ID, 'integer') . " " .
295 "AND object_data.type = 'ps' " .
296 "AND object_reference.ref_id = tree.child " .
297 "AND object_reference.obj_id = object_data.obj_id";
298 $res = $this->db->query($query);
299 $row = $res->fetchRow(ilDBConstants::FETCHMODE_ASSOC);
300
301 $this->https_enable = (bool) $this->settings->get('https', null);
302
303 $this->password_chars_and_numbers_enabled = (bool) $this->settings->get(
304 'ps_password_chars_and_numbers_enabled',
305 (string) self::DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED
306 );
307 $this->password_special_chars_enabled = (bool) $this->settings->get(
308 'ps_password_special_chars_enabled',
309 (string) self::DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED
310 );
311 $this->password_min_length = (int) $this->settings->get(
312 'ps_password_min_length',
313 (string) self::DEFAULT_PASSWORD_MIN_LENGTH
314 );
315 $this->password_max_length = (int) $this->settings->get(
316 'ps_password_max_length',
317 (string) self::DEFAULT_PASSWORD_MAX_LENGTH
318 );
319 $this->password_max_age = (int) $this->settings->get('ps_password_max_age', (string) self::DEFAULT_PASSWORD_MAX_AGE);
320 $this->login_max_attempts = (int) $this->settings->get(
321 'ps_login_max_attempts',
322 (string) self::DEFAULT_LOGIN_MAX_ATTEMPTS
323 );
324 $this->password_ucase_chars_num = (int) $this->settings->get('ps_password_uppercase_chars_num', "0");
325 $this->password_lcase_chars_num = (int) $this->settings->get('ps_password_lowercase_chars_num', "0");
326 $this->password_must_not_contain_loginname = (bool) $this->settings->get(
327 'ps_password_must_not_contain_loginame',
328 null
329 );
330 $this->password_change_on_first_login_enabled = (bool) $this->settings->get(
331 'ps_password_change_on_first_login_enabled',
332 (string) self::DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED
333 );
334 $this->prevent_simultaneous_logins = (bool) $this->settings->get(
335 'ps_prevent_simultaneous_logins',
336 (string) self::DEFAULT_PREVENT_SIMULTANEOUS_LOGINS
337 );
338 $this->protect_admin_role = (bool) $this->settings->get('ps_protect_admin', (string) $this->protect_admin_role);
339 }
ilSecuritySettings\DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED
const DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED
Definition: class.ilSecuritySettings.php:54
SYSTEM_FOLDER_ID
const SYSTEM_FOLDER_ID
Definition: constants.php:35
$res
$res
Definition: ltiservices.php:69
$query
$query
Definition: proxy_ylocal.php:13

References $protect_admin_role, $query, $res, DEFAULT_LOGIN_MAX_ATTEMPTS, DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED, DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED, DEFAULT_PASSWORD_MAX_AGE, DEFAULT_PASSWORD_MAX_LENGTH, DEFAULT_PASSWORD_MIN_LENGTH, DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED, DEFAULT_PREVENT_SIMULTANEOUS_LOGINS, ilDBConstants\FETCHMODE_ASSOC, ILIAS\Repository\int(), ILIAS\Repository\settings(), and SYSTEM_FOLDER_ID.

Referenced by __construct().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ save()

ilSecuritySettings::save ( )

Save settings.

Definition at line 261 of file class.ilSecuritySettings.php.

261 : void
262 {
263 $this->settings->set('https', (string) $this->isHTTPSEnabled());
264
265 $this->settings->set('ps_password_chars_and_numbers_enabled', (string) $this->isPasswordCharsAndNumbersEnabled());
266 $this->settings->set('ps_password_special_chars_enabled', (string) $this->isPasswordSpecialCharsEnabled());
267 $this->settings->set('ps_password_min_length', (string) $this->getPasswordMinLength());
268 $this->settings->set('ps_password_max_length', (string) $this->getPasswordMaxLength());
269 $this->settings->set('ps_password_max_age', (string) $this->getPasswordMaxAge());
270 $this->settings->set('ps_login_max_attempts', (string) $this->getLoginMaxAttempts());
271 $this->settings->set('ps_password_uppercase_chars_num', (string) $this->getPasswordNumberOfUppercaseChars());
272 $this->settings->set('ps_password_lowercase_chars_num', (string) $this->getPasswordNumberOfLowercaseChars());
273 $this->settings->set(
274 'ps_password_must_not_contain_loginame',
275 (string) $this->getPasswordMustNotContainLoginnameStatus()
276 );
277
278 $this->settings->set(
279 'ps_password_change_on_first_login_enabled',
280 (string) $this->isPasswordChangeOnFirstLoginEnabled()
281 );
282 $this->settings->set('ps_prevent_simultaneous_logins', (string) $this->isPreventionOfSimultaneousLoginsEnabled());
283 $this->settings->set('ps_protect_admin', (string) $this->isAdminRoleProtected());
284 }
ilSecuritySettings\isPasswordSpecialCharsEnabled
isPasswordSpecialCharsEnabled()
get boolean if the passwords have to contain special characters
Definition: class.ilSecuritySettings.php:131
ilSecuritySettings\getLoginMaxAttempts
getLoginMaxAttempts()
get the maximum count of login attempts
Definition: class.ilSecuritySettings.php:195
ilSecuritySettings\getPasswordMustNotContainLoginnameStatus
getPasswordMustNotContainLoginnameStatus()
Return whether the password must not contain the loginname or not.
Definition: class.ilSecuritySettings.php:519
ilSecuritySettings\getPasswordMinLength
getPasswordMinLength()
get the minimum length for passwords
Definition: class.ilSecuritySettings.php:147
ilSecuritySettings\getPasswordMaxLength
getPasswordMaxLength()
get the maximum length for passwords
Definition: class.ilSecuritySettings.php:163
ilSecuritySettings\isPreventionOfSimultaneousLoginsEnabled
isPreventionOfSimultaneousLoginsEnabled()
Prevention of simultaneous logins with the same account.
Definition: class.ilSecuritySettings.php:463
ilSecuritySettings\getPasswordNumberOfUppercaseChars
getPasswordNumberOfUppercaseChars()
Returns number of uppercase characters required.
Definition: class.ilSecuritySettings.php:487
ilSecuritySettings\isHTTPSEnabled
isHTTPSEnabled()
read access to https enabled property
Definition: class.ilSecuritySettings.php:211
ilSecuritySettings\isPasswordCharsAndNumbersEnabled
isPasswordCharsAndNumbersEnabled()
get boolean if the passwords have to contain characters and numbers
Definition: class.ilSecuritySettings.php:113
ilSecuritySettings\isPasswordChangeOnFirstLoginEnabled
isPasswordChangeOnFirstLoginEnabled()
get boolean if the passwords have to be changed by users on first login
Definition: class.ilSecuritySettings.php:229
ilSecuritySettings\getPasswordMaxAge
getPasswordMaxAge()
get the maximum password age
Definition: class.ilSecuritySettings.php:179
ilSecuritySettings\getPasswordNumberOfLowercaseChars
getPasswordNumberOfLowercaseChars()
Returns number of lowercase characters required.
Definition: class.ilSecuritySettings.php:503

References getLoginMaxAttempts(), getPasswordMaxAge(), getPasswordMaxLength(), getPasswordMinLength(), getPasswordMustNotContainLoginnameStatus(), getPasswordNumberOfLowercaseChars(), getPasswordNumberOfUppercaseChars(), isAdminRoleProtected(), isHTTPSEnabled(), isPasswordChangeOnFirstLoginEnabled(), isPasswordCharsAndNumbersEnabled(), isPasswordSpecialCharsEnabled(), isPreventionOfSimultaneousLoginsEnabled(), and ILIAS\Repository\settings().

+ Here is the call graph for this function:

◆ setHTTPSEnabled()

ilSecuritySettings::setHTTPSEnabled ( bool  $value)

Enable https for certain scripts.

Definition at line 203 of file class.ilSecuritySettings.php.

203 : void
204 {
205 $this->https_enable = $value;
206 }

◆ setLoginMaxAttempts()

ilSecuritySettings::setLoginMaxAttempts ( int  $a_login_max_attempts)

set the maximum count of login attempts

Definition at line 187 of file class.ilSecuritySettings.php.

187 : void
188 {
189 $this->login_max_attempts = $a_login_max_attempts;
190 }

◆ setPasswordChangeOnFirstLoginEnabled()

ilSecuritySettings::setPasswordChangeOnFirstLoginEnabled ( bool  $a_password_change_on_first_login_enabled)

set if the passwords have to be changed by users on first login

Definition at line 220 of file class.ilSecuritySettings.php.

220 : void
221 {
222 $this->password_change_on_first_login_enabled = $a_password_change_on_first_login_enabled;
223 }

◆ setPasswordCharsAndNumbersEnabled()

ilSecuritySettings::setPasswordCharsAndNumbersEnabled ( bool  $a_chars_and_numbers_enabled)

set if the passwords have to contain characters and numbers

Definition at line 104 of file class.ilSecuritySettings.php.

104 : void
105 {
106 $this->password_chars_and_numbers_enabled = $a_chars_and_numbers_enabled;
107 }

◆ setPasswordMaxAge()

ilSecuritySettings::setPasswordMaxAge ( int  $a_password_max_age)

set the maximum password age

Definition at line 171 of file class.ilSecuritySettings.php.

171 : void
172 {
173 $this->password_max_age = $a_password_max_age;
174 }

◆ setPasswordMaxLength()

ilSecuritySettings::setPasswordMaxLength ( int  $a_password_max_length)

set the maximum length for passwords

Definition at line 155 of file class.ilSecuritySettings.php.

155 : void
156 {
157 $this->password_max_length = $a_password_max_length;
158 }

◆ setPasswordMinLength()

ilSecuritySettings::setPasswordMinLength ( int  $a_password_min_length)

set the minimum length for passwords

Definition at line 139 of file class.ilSecuritySettings.php.

139 : void
140 {
141 $this->password_min_length = $a_password_min_length;
142 }

◆ setPasswordMustNotContainLoginnameStatus()

ilSecuritySettings::setPasswordMustNotContainLoginnameStatus (   $status)

Set whether the password must not contain the loginname or not.

Definition at line 511 of file class.ilSecuritySettings.php.

511 : void
512 {
513 $this->password_must_not_contain_loginname = (bool) $status;
514 }

◆ setPasswordNumberOfLowercaseChars()

ilSecuritySettings::setPasswordNumberOfLowercaseChars ( int  $password_lcase_chars_num)

Set number of lowercase characters required.

Definition at line 495 of file class.ilSecuritySettings.php.

495 : void
496 {
497 $this->password_lcase_chars_num = $password_lcase_chars_num;
498 }

References $password_lcase_chars_num.

◆ setPasswordNumberOfUppercaseChars()

ilSecuritySettings::setPasswordNumberOfUppercaseChars ( int  $password_ucase_chars_num)

Set number of uppercase characters required.

Definition at line 479 of file class.ilSecuritySettings.php.

479 : void
480 {
481 $this->password_ucase_chars_num = $password_ucase_chars_num;
482 }

References $password_ucase_chars_num.

◆ setPasswordSpecialCharsEnabled()

ilSecuritySettings::setPasswordSpecialCharsEnabled ( bool  $a_password_special_chars_enabled)

set if the passwords have to contain special characters

Definition at line 122 of file class.ilSecuritySettings.php.

122 : void
123 {
124 $this->password_special_chars_enabled = $a_password_special_chars_enabled;
125 }

◆ setPreventionOfSimultaneousLogins()

ilSecuritySettings::setPreventionOfSimultaneousLogins ( bool  $value)

Enable/Disable prevention of simultaneous logins with the same account.

Definition at line 471 of file class.ilSecuritySettings.php.

471 : void
472 {
473 $this->prevent_simultaneous_logins = $value;
474 }

◆ validate()

ilSecuritySettings::validate ( ilPropertyFormGUI  $a_form = null)

validate settings

Parameters
ilPropertyFormGUI | null$a_form
Returns
int|null 0, if everything is ok, an error code otherwise

Definition at line 346 of file class.ilSecuritySettings.php.

346 : ?int
347 {
348 $code = null;
349
350 if ($this->isHTTPSEnabled()) {
351 if (!$this->https->checkHTTPS()) {
352 $code = ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE;
353 if (!$a_form) {
354 return $code;
355 } else {
356 $a_form->getItemByPostVar('https_enabled')
357 ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
358 }
359 }
360 }
361
362 if ($this->getPasswordMinLength() < 0) {
363 $code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH;
364 if (!$a_form) {
365 return $code;
366 } else {
367 $a_form->getItemByPostVar('password_min_length')
368 ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
369 }
370 }
371
372 if ($this->getPasswordMaxLength() < 0) {
373 $code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH;
374 if (!$a_form) {
375 return $code;
376 } else {
377 $a_form->getItemByPostVar('password_max_length')
378 ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
379 }
380 }
381
382 $password_min_length = 1;
383 $password_min_length_error_code = null;
384
385 if ($this->getPasswordNumberOfUppercaseChars() > 0 || $this->getPasswordNumberOfLowercaseChars() > 0) {
386 $password_min_length = 0;
387 if ($this->getPasswordNumberOfUppercaseChars() > 0) {
388 $password_min_length += $this->getPasswordNumberOfUppercaseChars();
389 }
390 if ($this->getPasswordNumberOfLowercaseChars() > 0) {
391 $password_min_length += $this->getPasswordNumberOfLowercaseChars();
392 }
393 $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1;
394 }
395
396 if ($this->isPasswordCharsAndNumbersEnabled()) {
397 $password_min_length++;
398 $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2;
399
400 if ($this->isPasswordSpecialCharsEnabled()) {
401 $password_min_length++;
402 $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3;
403 }
404 } elseif ($password_min_length > 1 && $this->isPasswordSpecialCharsEnabled()) {
405 $password_min_length++;
406 $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3;
407 }
408
409 if ($this->getPasswordMinLength() > 0 && $this->getPasswordMinLength() < $password_min_length) {
410 $code = $password_min_length_error_code;
411 if (!$a_form) {
412 return $code;
413 } else {
414 $a_form->getItemByPostVar('password_min_length')
415 ->setAlert(sprintf(ilObjPrivacySecurityGUI::getErrorMessage($code), $password_min_length));
416 }
417 }
418 if ($this->getPasswordMaxLength() > 0 && $this->getPasswordMaxLength() < $this->getPasswordMinLength()) {
419 $code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH;
420 if (!$a_form) {
421 return $code;
422 } else {
423 $a_form->getItemByPostVar('password_max_length')
424 ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
425 }
426 }
427 if ($this->getPasswordMaxAge() < 0) {
428 $code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE;
429 if (!$a_form) {
430 return $code;
431 } else {
432 $a_form->getItemByPostVar('password_max_age')
433 ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
434 }
435 }
436
437 if ($this->getLoginMaxAttempts() < 0) {
438 $code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS;
439 if (!$a_form) {
440 return $code;
441 } else {
442 $a_form->getItemByPostVar('login_max_attempts')
443 ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
444 }
445 }
446
447 /*
448 * todo: have to check for local auth if first login password change is enabled??
449 * than: add errorcode
450 */
451
452 if (!$a_form) {
453 return 0;
454 } else {
455 return $code;
456 }
457 }
ilObjPrivacySecurityGUI\getErrorMessage
static getErrorMessage(int $code)
return error message for error code
Definition: class.ilObjPrivacySecurityGUI.php:344
ilPropertyFormGUI\getItemByPostVar
getItemByPostVar(string $a_post_var)
Definition: class.ilPropertyFormGUI.php:250
ilSecuritySettings\SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2
Definition: class.ilSecuritySettings.php:35
ilSecuritySettings\SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS
const SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS
Definition: class.ilSecuritySettings.php:33
ilSecuritySettings\$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE
static int $SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE
Definition: class.ilSecuritySettings.php:28
ilSecuritySettings\SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH
const SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH
Definition: class.ilSecuritySettings.php:31
ilSecuritySettings\SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3
Definition: class.ilSecuritySettings.php:36
ilSecuritySettings\SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE
const SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE
Definition: class.ilSecuritySettings.php:32
ilSecuritySettings\SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH
Definition: class.ilSecuritySettings.php:37
ilSecuritySettings\SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1
Definition: class.ilSecuritySettings.php:34
ilSecuritySettings\SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH
const SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH
Definition: class.ilSecuritySettings.php:30

References $password_min_length, $SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE, ilObjPrivacySecurityGUI\getErrorMessage(), getLoginMaxAttempts(), getPasswordMaxAge(), getPasswordMaxLength(), getPasswordMinLength(), getPasswordNumberOfLowercaseChars(), getPasswordNumberOfUppercaseChars(), isHTTPSEnabled(), isPasswordCharsAndNumbersEnabled(), isPasswordSpecialCharsEnabled(), SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS, SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE, SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH, SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH, SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH, SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1, SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2, and SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3.

+ Here is the call graph for this function:

Field Documentation

◆ $db

ilDBInterface ilSecuritySettings::$db
private

Definition at line 40 of file class.ilSecuritySettings.php.

◆ $https

ilHTTPS ilSecuritySettings::$https
protected

Definition at line 43 of file class.ilSecuritySettings.php.

◆ $https_enable

bool ilSecuritySettings::$https_enable
private

Definition at line 45 of file class.ilSecuritySettings.php.

Referenced by isHTTPSEnabled().

◆ $instance

self ilSecuritySettings::$instance = null
staticprivate

Definition at line 39 of file class.ilSecuritySettings.php.

Referenced by _getInstance().

◆ $login_max_attempts

int ilSecuritySettings::$login_max_attempts = self::DEFAULT_LOGIN_MAX_ATTEMPTS
private

Definition at line 64 of file class.ilSecuritySettings.php.

Referenced by getLoginMaxAttempts().

◆ $password_change_on_first_login_enabled

bool ilSecuritySettings::$password_change_on_first_login_enabled = self::DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED
private

Definition at line 67 of file class.ilSecuritySettings.php.

Referenced by isPasswordChangeOnFirstLoginEnabled().

◆ $password_chars_and_numbers_enabled

bool ilSecuritySettings::$password_chars_and_numbers_enabled = self::DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED
private

Definition at line 57 of file class.ilSecuritySettings.php.

Referenced by isPasswordCharsAndNumbersEnabled().

◆ $password_lcase_chars_num

int ilSecuritySettings::$password_lcase_chars_num = 0
private

Definition at line 63 of file class.ilSecuritySettings.php.

Referenced by getPasswordNumberOfLowercaseChars(), and setPasswordNumberOfLowercaseChars().

◆ $password_max_age

int ilSecuritySettings::$password_max_age = self::DEFAULT_PASSWORD_MAX_AGE
private

Definition at line 61 of file class.ilSecuritySettings.php.

Referenced by getPasswordMaxAge().

◆ $password_max_length

int ilSecuritySettings::$password_max_length = self::DEFAULT_PASSWORD_MAX_LENGTH
private

Definition at line 60 of file class.ilSecuritySettings.php.

Referenced by getPasswordMaxLength().

◆ $password_min_length

int ilSecuritySettings::$password_min_length = self::DEFAULT_PASSWORD_MIN_LENGTH
private

Definition at line 59 of file class.ilSecuritySettings.php.

Referenced by getPasswordMinLength(), and validate().

◆ $password_must_not_contain_loginname

bool ilSecuritySettings::$password_must_not_contain_loginname = false
private

Definition at line 65 of file class.ilSecuritySettings.php.

Referenced by getPasswordMustNotContainLoginnameStatus().

◆ $password_special_chars_enabled

bool ilSecuritySettings::$password_special_chars_enabled = self::DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED
private

Definition at line 58 of file class.ilSecuritySettings.php.

Referenced by isPasswordSpecialCharsEnabled().

◆ $password_ucase_chars_num

int ilSecuritySettings::$password_ucase_chars_num = 0
private

Definition at line 62 of file class.ilSecuritySettings.php.

Referenced by getPasswordNumberOfUppercaseChars(), and setPasswordNumberOfUppercaseChars().

◆ $prevent_simultaneous_logins

bool ilSecuritySettings::$prevent_simultaneous_logins = self::DEFAULT_PREVENT_SIMULTANEOUS_LOGINS
private

Definition at line 68 of file class.ilSecuritySettings.php.

Referenced by isPreventionOfSimultaneousLoginsEnabled().

◆ $protect_admin_role

bool ilSecuritySettings::$protect_admin_role = false
private

Definition at line 70 of file class.ilSecuritySettings.php.

Referenced by isAdminRoleProtected(), and read().

◆ $review

ilRbacReview ilSecuritySettings::$review
private

Definition at line 42 of file class.ilSecuritySettings.php.

◆ $SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS

int ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS = 1
static

Definition at line 26 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages().

◆ $SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE

int ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE = 2
static

Definition at line 27 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages().

◆ $SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE

int ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE = 3
static

Definition at line 28 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

◆ $settings

ilSetting ilSecuritySettings::$settings
private

Definition at line 41 of file class.ilSecuritySettings.php.

◆ DEFAULT_LOGIN_MAX_ATTEMPTS

const ilSecuritySettings::DEFAULT_LOGIN_MAX_ATTEMPTS = 5

Definition at line 52 of file class.ilSecuritySettings.php.

Referenced by read().

◆ DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED

const ilSecuritySettings::DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED = false

Definition at line 54 of file class.ilSecuritySettings.php.

Referenced by read().

◆ DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED

const ilSecuritySettings::DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED = true

Definition at line 47 of file class.ilSecuritySettings.php.

Referenced by read().

◆ DEFAULT_PASSWORD_MAX_AGE

const ilSecuritySettings::DEFAULT_PASSWORD_MAX_AGE = 90

Definition at line 51 of file class.ilSecuritySettings.php.

Referenced by read().

◆ DEFAULT_PASSWORD_MAX_LENGTH

const ilSecuritySettings::DEFAULT_PASSWORD_MAX_LENGTH = 0

Definition at line 50 of file class.ilSecuritySettings.php.

Referenced by read().

◆ DEFAULT_PASSWORD_MIN_LENGTH

const ilSecuritySettings::DEFAULT_PASSWORD_MIN_LENGTH = 8

Definition at line 49 of file class.ilSecuritySettings.php.

Referenced by read().

◆ DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED

const ilSecuritySettings::DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED = false

Definition at line 48 of file class.ilSecuritySettings.php.

Referenced by read().

◆ DEFAULT_PREVENT_SIMULTANEOUS_LOGINS

const ilSecuritySettings::DEFAULT_PREVENT_SIMULTANEOUS_LOGINS = false

Definition at line 55 of file class.ilSecuritySettings.php.

Referenced by read().

◆ SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS = 7

Definition at line 33 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

◆ SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE = 6

Definition at line 32 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

◆ SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH = 5

Definition at line 31 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

◆ SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH = 4

Definition at line 30 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

◆ SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH = 10

Definition at line 37 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

◆ SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1 = 11

Definition at line 34 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

◆ SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2 = 8

Definition at line 35 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

◆ SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3 = 9

Definition at line 36 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

The documentation for this class was generated from the following file: