ILIAS  release_8 Revision v8.24
class.ilLDAPSettingsGUI.php
Go to the documentation of this file.
1<?php
2
19declare(strict_types=1);
20
24class ilLDAPSettingsGUI
25{
26 private int $ref_id;
27 private ilLDAPServer $server;
28 private ilLDAPAttributeMapping $mapping;
29 private ?ilPropertyFormGUI $form_gui = null;
30 private ?ilPropertyFormGUI $form = null;
31
32 private ilCtrl $ctrl;
33 private ilTabsGUI $tabs_gui;
34 private ilLanguage $lng;
35 private ilGlobalTemplateInterface $tpl;
36 private ilErrorHandling $ilErr;
37 private ilAccessHandler $ilAccess;
38 private ilRbacReview $rbacReview;
39 private ilRbacSystem $rbacSystem;
40 private ilToolbarGUI $toolbar;
41 private ilGlobalTemplateInterface $main_tpl;
42 private ilComponentRepository $component_repository;
43 private ilUserDefinedFields $udf;
44 private ?ilLDAPRoleAssignmentRule $role_mapping_rule = null;
45 private ?ilLDAPRoleAssignmentRule $rule = null;
46 private ?ilLDAPRoleGroupMappingSettings $role_mapping = null;
47
48 //vars for storing request parameters
50 private ?array $rule_ids = null;
51 private ?int $rule_id = null;
52 private ?int $role_id = null;
54 private ?array $mappings = null;
55 private ?string $mapping_template = null;
56 private ?int $ldap_server_id = null;
58 private ?array $server_ids = null;
59 private ?int $mapping_id = null;
60 private ?string $role_bind_user = null;
61 private ?string $role_bind_pass = null;
62 private bool $role_sync_active = false;
63 private array $attribute_mappings = [];
64
68 public function __construct(int $a_auth_ref_id)
69 {
70 global $DIC;
71
72 $this->ctrl = $DIC->ctrl();
73 $this->tabs_gui = $DIC->tabs();
74 $this->lng = $DIC->language();
75 $this->lng->loadLanguageModule('ldap');
76 $this->ilErr = $DIC['ilErr'];
77 $this->ilAccess = $DIC->access();
78 $this->component_repository = $DIC["component.repository"];
79 $this->rbacReview = $DIC->rbac()->review();
80 $this->rbacSystem = $DIC->rbac()->system();
81 $this->toolbar = $DIC->toolbar();
82 $this->main_tpl = $DIC->ui()->mainTemplate();
83
84 $this->tpl = $DIC->ui()->mainTemplate();
85
86 if ($this->ctrl->getCmd() !== "addServerSettings") {
87 $this->ctrl->saveParameter($this, 'ldap_server_id');
88 }
89
90 $http_wrapper = $DIC->http()->wrapper();
91 $is_post_request = $DIC->http()->request()->getMethod() === "POST";
92 $refinery = $DIC->refinery();
93 if ($http_wrapper->query()->has("rule_id")) {
94 $this->rule_id = $http_wrapper->query()->retrieve(
95 "rule_id",
96 $refinery->kindlyTo()->int()
97 );
98 }
99 if ($http_wrapper->query()->has("ldap_server_id")) {
100 $this->ldap_server_id = $http_wrapper->query()->retrieve(
101 "ldap_server_id",
102 $refinery->kindlyTo()->int()
103 );
104 }
105 if ($http_wrapper->query()->has("mapping_id")) {
106 $this->mapping_id = $http_wrapper->query()->retrieve(
107 "mapping_id",
108 $refinery->kindlyTo()->int()
109 );
110 }
111 if ($is_post_request) {
112 if ($http_wrapper->post()->has('rule_ids')) {
113 $this->rule_ids = $http_wrapper->post()->retrieve(
114 'rule_ids',
115 $refinery->kindlyTo()->listOf($refinery->kindlyTo()->int())
116 );
117 }
118 if ($http_wrapper->post()->has('role_id')) {
119 $this->role_id = $http_wrapper->post()->retrieve(
120 'role_id',
121 $refinery->kindlyTo()->int()
122 );
123 }
124 if ($http_wrapper->post()->has('mappings')) {
125 $this->mappings = $http_wrapper->post()->retrieve(
126 'mappings',
127 $refinery->kindlyTo()->listOf($refinery->kindlyTo()->int())
128 );
129 }
130 if ($http_wrapper->post()->has('server_ids')) {
131 $this->server_ids = $http_wrapper->post()->retrieve(
132 'server_ids',
133 $refinery->kindlyTo()->listOf($refinery->kindlyTo()->int())
134 );
135 }
136 if ($http_wrapper->post()->has('mapping_template')) {
137 $this->mapping_template = $http_wrapper->post()->retrieve(
138 'mapping_template',
139 $refinery->kindlyTo()->string()
140 );
141 }
142 if ($http_wrapper->post()->has('role_bind_user')) {
143 $this->role_bind_user = ilUtil::stripSlashes($http_wrapper->post()->retrieve(
144 'role_bind_user',
145 $refinery->kindlyTo()->string()
146 ));
147 }
148 if ($http_wrapper->post()->has('role_bind_pass')) {
149 $this->role_bind_pass = ilUtil::stripSlashes($http_wrapper->post()->retrieve(
150 'role_bind_pass',
151 $refinery->kindlyTo()->string()
152 ));
153 }
154 if ($http_wrapper->post()->has('role_sync_active')) {
155 $this->role_sync_active = $http_wrapper->post()->retrieve(
156 'role_sync_active',
157 $refinery->kindlyTo()->bool()
158 );
159 }
160 foreach ($this->getAttributeMappingKeys() as $key) {
161 if ($http_wrapper->post()->has($key . '_value')) {
162 $this->attribute_mappings[$key] = [ilUtil::stripSlashes($http_wrapper->post()->retrieve(
163 $key . '_value',
164 $refinery->kindlyTo()->string()
165 )), $http_wrapper->post()->has($key . '_update')];
166 } else {
167 $this->attribute_mappings[$key] = ["", false];
168 }
169 }
170 }
171
172 $this->ref_id = $a_auth_ref_id;
173
174
175 $this->initServer();
176 }
177
181 public function executeCommand(): bool
182 {
183 $next_class = $this->ctrl->getNextClass($this);
184 $cmd = $this->ctrl->getCmd();
185
186 if ($cmd !== "serverList" && !$this->rbacSystem->checkAccess("visible,read", $this->ref_id)) {
187 $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('msg_no_perm_write'), true);
188 $this->ctrl->redirect($this, "serverList");
189 }
190 switch ($next_class) {
191 default:
192 if (!$cmd) {
193 $cmd = "serverList";
194 }
195 $this->$cmd();
196 break;
197 }
198 return true;
199 }
200
201 private function checkAccess(string $a_permission): void
202 {
203 if (!$this->ilAccess->checkAccess($a_permission, '', $this->ref_id)) {
204 $this->ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $this->ilErr->WARNING);
205 }
206 }
207
212 private function getAttributeMappingKeys(): array
213 {
214 $keys = [];
215 foreach (array_keys($this->getMappingFields()) as $key) {
216 $keys[] = $key;
217 }
218 foreach (ilUserDefinedFields::_getInstance()->getDefinitions() as $definition) {
219 $keys[] = 'udf_' . $definition['field_id'];
220 }
221 return $keys;
222 }
223
224
228 public function getServer(): ilLDAPServer
229 {
230 return $this->server;
231 }
232
236 public function roleAssignments(): void
237 {
238 $this->setSubTabs();
239 $this->tabs_gui->activateTab('role_assignments');
240
241 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP');
242
243 $this->initFormRoleAssignments('create');
244 $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId(0);
245 $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
246
247
248 if (count($rules = ilLDAPRoleAssignmentRule::_getRules($this->server->getServerId()))) {
249 $table_gui = new ilLDAPRoleAssignmentTableGUI($this, 'roleAssignments');
250 $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
251 $table_gui->parse($rules);
252 $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
253 $table_gui->setSelectAllCheckbox("rule_id");
254 $this->tpl->setVariable('RULES_TBL', $table_gui->getHTML());
255 }
256 }
257
262 public function editRoleAssignment(): void
263 {
264 if (!$this->rule_id) {
265 $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
266 $this->roleAssignments();
267 return;
268 }
269 $this->setSubTabs();
270 $this->tabs_gui->activateTab('role_assignments');
271
272 $this->ctrl->saveParameter($this, 'rule_id');
273 $this->initFormRoleAssignments(
274 'edit'
275 );
276 $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($this->rule_id);
277 $this->setValuesByArray();
278 $this->tpl->setContent($this->form->getHTML());
279 }
280
281
285 private function setValuesByArray(): void
286 {
287 $role_id = $this->role_mapping_rule->getRoleId();
288 if ($this->rbacReview->isGlobalRole($role_id)) {
289 $val['role_name'] = 0;
290 $val['role_id'] = $role_id;
291 } else {
292 $val['role_name'] = 1;
293 $val['role_search'] = ilObject::_lookupTitle($role_id);
294 }
295 $val['add_missing'] = (int) $this->role_mapping_rule->isAddOnUpdateEnabled();
296 $val['remove_deprecated'] = (int) $this->role_mapping_rule->isRemoveOnUpdateEnabled();
297 $val['type'] = $this->role_mapping_rule->getType();
298 $val['dn'] = $this->role_mapping_rule->getDN();
299 $val['at'] = $this->role_mapping_rule->getMemberAttribute();
300 $val['isdn'] = $this->role_mapping_rule->isMemberAttributeDN();
301 $val['name'] = $this->role_mapping_rule->getAttributeName();
302 $val['value'] = $this->role_mapping_rule->getAttributeValue();
303 $val['plugin_id'] = $this->role_mapping_rule->getPluginId();
304
305 $this->form->setValuesByArray($val);
306 }
307
311 public function updateRoleAssignment(): bool
312 {
313 if (!$this->ilAccess->checkAccess('write', '', $this->ref_id)) {
314 $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('permission_denied'), true);
315 $this->roleAssignments();
316 return false;
317 }
318
319 $this->initFormRoleAssignments('edit');
320
321 $formWithoutErrors = $this->form->checkInput();
322 $roleErrorMessage = $this->checkRoleAssignmentInput($this->rule_id);
323 if (!$formWithoutErrors || $roleErrorMessage !== '') {
324 if ($roleErrorMessage !== '') {
325 $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt($roleErrorMessage));
326 }
327
328 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP');
329
330 $this->form->setValuesByPost();
331 $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
332 $this->tabs_gui->activateSubTab('role_assignments');
333 return true;
334 }
335
336 // Might redirect
337 if ($this->roleSelectionRequired()) {
338 $this->ctrl->redirect($this, 'showRoleSelection');
339 } else {
340 $this->rule->update();
341 $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'));
342 $this->roleAssignments();
343 }
344 return true;
345 }
346
351 public function confirmDeleteRules(): void
352 {
353 $this->checkAccess("write");
354
355 if (!$this->rule_ids) {
356 $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
357 $this->roleAssignments();
358 return;
359 }
360 $this->setSubTabs();
361 $this->tabs_gui->activateTab('role_assignments');
362
363 $c_gui = new ilConfirmationGUI();
364
365 // set confirm/cancel commands
366 $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules"));
367 $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass"));
368 $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignments");
369 $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules");
370
371 // add items to delete
372 foreach ($this->rule_ids as $rule_id) {
373 $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
374 $c_gui->addItem('rule_ids[]', (string) $rule_id, $rule->conditionToString());
375 }
376 $this->tpl->setContent($c_gui->getHTML());
377 }
378
382 public function deleteRules(): void
383 {
384 if (!$this->rule_ids) {
385 $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_once'));
386 $this->roleAssignments();
387 return;
388 }
389 foreach ($this->rule_ids as $rule_id) {
390 $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
391 $rule->delete();
392 }
393 $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('ldap_deleted_rule'));
394 $this->ctrl->redirect($this, 'roleAssignments');
395 }
396
400 public function addRoleAssignment(): bool
401 {
402 if (!$this->ilAccess->checkAccess('write', '', $this->ref_id)) {
403 $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('permission_denied'), true);
404 $this->roleAssignments();
405 return false;
406 }
407 $this->setSubTabs();
408 $this->initFormRoleAssignments('create');
409 $formWithoutErrors = $this->form->checkInput();
410 $roleErrorMessage = $this->checkRoleAssignmentInput();
411 if (!$formWithoutErrors || $roleErrorMessage !== '') {
412 if ($roleErrorMessage !== '') {
413 $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt($roleErrorMessage));
414 }
415
416 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP');
417
418 // DONE: wrap this
419 $this->form->setValuesByPost();
420 $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
421 $this->tpl->setVariable('RULES_TBL', $this->getRoleAssignmentTable());
422 $this->tabs_gui->activateSubTab('role_assignments');
423 return true;
424 }
425
426 if ($this->roleSelectionRequired()) {
427 $this->ctrl->redirect($this, 'showRoleSelection');
428 } else {
429 $this->rule->create();
430 $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'));
431 $this->ctrl->redirect($this, 'roleAssignments');
432 }
433 return true;
434 }
435
436 private function roleSelectionRequired(): bool
437 {
438 if ($this->rule->getRoleId() > 0) {
439 return false;
440 }
441 $rule = [];
442 $rule['server_id'] = $this->getServer()->getServerId();
443 $rule['rule_id'] = $this->rule_id ?: 0;
444 $rule['role_search'] = $this->form->getInput('role_search');
445 $rule['add_on_update'] = $this->form->getInput('add_missing');
446 $rule['remove_on_update'] = $this->form->getInput('remove_deprecated');
447 $rule['type'] = $this->form->getInput('type');
448 $rule['dn'] = $this->form->getInput('dn');
449 $rule['at'] = $this->form->getInput('at');
450 $rule['isdn'] = $this->form->getInput('isdn');
451 $rule['name'] = $this->form->getInput('name');
452 $rule['value'] = $this->form->getInput('value');
453 $rule['plugin'] = $this->form->getInput('plugin_id');
454 ilSession::set("ldap_role_ass", serialize($rule));
455 $this->ctrl->saveParameter($this, 'rule_id');
456 return true;
457 }
458
459
460
464 protected function showRoleSelection(): bool
465 {
466 $this->setSubTabs();
467 $this->tabs_gui->activateTab('role_assignment');
468 $this->ctrl->saveParameter($this, 'rule_id');
469
470 $parser = new ilQueryParser(unserialize(ilSession::get('ldap_role_ass'), ["allowed_classes" => false])['role_search']);
471 $parser->setMinWordLength(1);
472 $parser->setCombination(ilQueryParser::QP_COMBINATION_AND);
473 $parser->parse();
474
475 $object_search = new ilLikeObjectSearch($parser);
476 $object_search->setFilter(array('role'));
477 $res = $object_search->performSearch();
478
479 $entries = $res->getEntries();
480
481 $table = new ilRoleSelectionTableGUI($this, 'showRoleSelection');
482 $table->setTitle($this->lng->txt('ldap_role_selection'));
483 $table->addMultiCommand('saveRoleSelection', $this->lng->txt('ldap_choose_role'));
484 $table->parse($entries);
485
486 $this->tpl->setContent($table->getHTML());
487 return true;
488 }
489
494 protected function saveRoleSelection(): bool
495 {
496 if (!$this->ilAccess->checkAccess('write', '', $this->ref_id)) {
497 $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('permission_denied'), true);
498 $this->roleAssignments();
499 return false;
500 }
501
502 if (!$this->role_id) {
503 $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
504 $this->showRoleSelection();
505 return false;
506 }
507
508 $this->loadRoleAssignmentRule($this->rule_id ?? 0, false);
509 $this->rule->setRoleId($this->role_id);
510
511 if ($this->rule_id) {
512 $this->rule->update();
513 } else {
514 $this->rule->create();
515 }
516
517 $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'));
518 $this->roleAssignments();
519 return true;
520 }
521
522
526 private function checkRoleAssignmentInput(int $a_rule_id = 0): string
527 {
528 $this->loadRoleAssignmentRule($a_rule_id);
529 $this->rule->validate();
530 return $this->ilErr->getMessage();
531 }
532
536 protected function getRoleAssignmentTable(): string
537 {
538 if (count($rules = ilLDAPRoleAssignmentRule::_getRules($this->server->getServerId()))) {
539 $table_gui = new ilLDAPRoleAssignmentTableGUI($this, 'roleAssignments');
540 $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
541 $table_gui->parse($rules);
542 $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
543 $table_gui->setSelectAllCheckbox("rule_id");
544 return $table_gui->getHTML();
545 }
546 return '';
547 }
548
549
553 private function loadRoleAssignmentRule(int $a_rule_id, bool $load_from_form = true): void
554 {
555 if (is_object($this->rule)) {
556 return;
557 }
558
559 $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id);
560
561 if ($load_from_form) {
562 if ($this->form->getInput('role_name') === '0') {
563 $this->rule->setRoleId((int) $this->form->getInput('role_id'));
564 } elseif ($this->form->getInput('role_search')) {
565 $parser = new ilQueryParser('"' . $this->form->getInput('role_search') . '"');
566
567 // TODO: Handle minWordLength
568 $parser->setMinWordLength(1);
569 $parser->setCombination(ilQueryParser::QP_COMBINATION_AND);
570 $parser->parse();
571
572 $object_search = new ilLikeObjectSearch($parser);
573 $object_search->setFilter(array('role'));
574 $res = $object_search->performSearch();
575
576 $entries = $res->getEntries();
577 if (count($entries) === 1) {
578 $role = current($entries);
579 $this->rule->setRoleId($role['obj_id']);
580 } elseif (count($entries) > 1) {
581 $this->rule->setRoleId(-1);
582 }
583 }
584
585 $this->rule->setAttributeName($this->form->getInput('name'));
586 $this->rule->setAttributeValue($this->form->getInput('value'));
587 $this->rule->setDN($this->form->getInput('dn'));
588 $this->rule->setMemberAttribute($this->form->getInput('at'));
589 $this->rule->setMemberIsDN((bool) $this->form->getInput('isdn'));
590 $this->rule->enableAddOnUpdate((bool) $this->form->getInput('add_missing'));
591 $this->rule->enableRemoveOnUpdate((bool) $this->form->getInput('remove_deprecated'));
592 $this->rule->setPluginId((int) $this->form->getInput('plugin_id'));
593 $this->rule->setType((int) $this->form->getInput('type'));
594 $this->rule->setServerId($this->getServer()->getServerId());
595 return;
596 }
597
598 // LOAD from session
599 $this->rule->setServerId($this->getServer()->getServerId());
600 $rule = unserialize(ilSession::get('ldap_role_ass'), ["allowed_classes" => false]);
601
602 $this->rule->enableAddOnUpdate((bool) ($rule['add_on_update'] ?? false));
603 $this->rule->enableRemoveOnUpdate((bool) ($rule['remove_on_update'] ?? false));
604 $this->rule->setType((int) ilUtil::stripSlashes(
605 $rule['type'] ?? (string) ilLDAPRoleAssignmentRule::TYPE_ATTRIBUTE
606 ));
607 $this->rule->setDN(ilUtil::stripSlashes($rule['dn'] ?? ''));
608 $this->rule->setMemberAttribute(ilUtil::stripSlashes($rule['at'] ?? ''));
609 $this->rule->setMemberIsDN((bool) (ilUtil::stripSlashes($rule['isdn'] ?? false)));
610 $this->rule->setAttributeName(ilUtil::stripSlashes($rule['name'] ?? ''));
611 $this->rule->setAttributeValue(ilUtil::stripSlashes($rule['value'] ?? ''));
612 $this->rule->setPluginId((int) ilUtil::stripSlashes($rule['plugin'] ?? '0'));
613 }
614
615 public function deleteRoleMapping(): bool
616 {
617 if (!$this->mappings) {
618 $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
619 $this->roleMapping();
620 return false;
621 }
622
623 $this->initRoleMapping();
624
625 foreach ($this->mappings as $mapping_id) {
626 $this->role_mapping->delete($mapping_id);
627 }
628 $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('ldap_deleted_role_mapping'));
629 $this->roleMapping();
630 return true;
631 }
632
633 public function chooseMapping(): void
634 {
635 if (!$this->mapping_template) {
636 $this->userMapping();
637 return;
638 }
639
640 $this->initAttributeMapping();
641 $this->mapping->clearRules();
642
643 foreach (ilLDAPAttributeMappingUtils::_getMappingRulesByClass($this->mapping_template) as $key => $value) {
644 $this->mapping->setRule($key, $value, false);
645 }
646 $this->userMapping();
647 }
648
649 public function saveMapping(): void
650 {
651 $this->initAttributeMapping();
652 $this->tabs_gui->activateTab('role_mapping');
653
654 foreach (array_keys($this->getMappingFields()) as $key) {
655 $this->mapping->setRule(
656 $key,
657 $this->attribute_mappings[$key][0],
658 $this->attribute_mappings[$key][1]
659 );
660 }
661 $this->initUserDefinedFields();
662 foreach ($this->udf->getDefinitions() as $definition) {
663 $key = 'udf_' . $definition['field_id'];
664 $this->mapping->setRule(
665 $key,
666 $this->attribute_mappings[$key][0],
667 $this->attribute_mappings[$key][1]
668 );
669 }
670
671 $this->mapping->save();
672 $this->userMapping();
673
674 $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'));
675 }
676
677 public function serverList(): void
678 {
679 if (!$this->rbacSystem->checkAccess("visible,read", $this->ref_id)) {
680 $this->ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $this->ilErr->WARNING);
681 }
682
683 if (!ilLDAPServer::checkLDAPLib() && $this->server->isActive()) {
684 $this->main_tpl->setOnScreenMessage('failure', 'Missing LDAP libraries. Please ensure that the PHP LDAP module is installed on your server.');
685 }
686
687 if ($this->rbacSystem->checkAccess("write", $this->ref_id)) {
688 $this->toolbar->addButton(
689 $this->lng->txt("add_ldap_server"),
690 $this->ctrl->getLinkTarget($this, "addServerSettings")
691 );
692 }
693
694 $table = new ilLDAPServerTableGUI($this, "serverList");
695
696 $this->tpl->setContent($table->getHTML());
697 }
698
699 public function setServerFormValues(): void
700 {
701 $this->form_gui->setValuesByArray(array(
702 'active' => $this->server->isActive(),
703 'ds' => !$this->server->isAuthenticationEnabled(),
704 'server_name' => $this->server->getName(),
705 'server_url' => $this->server->getUrlString(),
706 'version' => $this->server->getVersion(),
707 'base_dn' => $this->server->getBaseDN(),
708 'referrals' => $this->server->isActiveReferrer(),
709 'tls' => $this->server->isActiveTLS(),
710 'binding_type' => $this->server->getBindingType(),
711 'bind_dn' => $this->server->getBindUser(),
712 'bind_pass' => $this->server->getBindPassword(),
713 'bind_pass_retype' => $this->server->getBindPassword(),
714 'search_base' => $this->server->getSearchBase(),
715 'user_scope' => $this->server->getUserScope(),
716 'user_attribute' => $this->server->getUserAttribute(),
717 'filter' => $this->server->getFilter(),
718 'group_dn' => $this->server->getGroupDN(),
719 'group_scope' => $this->server->getGroupScope(),
720 'group_filter' => $this->server->getGroupFilter(),
721 'group_member' => $this->server->getGroupMember(),
722 'memberisdn' => $this->server->enabledGroupMemberIsDN(),
723 'group' => $this->server->getGroupName(),
724 'group_attribute' => $this->server->getGroupAttribute(),
725 'group_optional' => $this->server->isMembershipOptional(),
726 'group_user_filter' => $this->server->getGroupUserFilter(),
727 'sync_on_login' => $this->server->enabledSyncOnLogin(),
728 'sync_per_cron' => $this->server->enabledSyncPerCron(),
729 'global_role' => ilLDAPAttributeMapping::_lookupGlobalRole($this->server->getServerId()),
730 'migration' => (int) $this->server->isAccountMigrationEnabled(),
731 "name_filter" => $this->server->getUsernameFilter(),
732 'escape_dn' => $this->server->enabledEscapeDN()
733 ));
734 }
735
736 private function initForm(): void
737 {
738 $this->form_gui = new ilPropertyFormGUI();
739 $this->form_gui->setFormAction($this->ctrl->getFormAction($this, 'save'));
740 $this->form_gui->setTitle($this->lng->txt('ldap_configure'));
741
742 $active = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_enable'), 'active');
743 $active->setValue("1");
744 $this->form_gui->addItem($active);
745
746 $ds = new ilCheckboxInputGUI($this->lng->txt('ldap_as_ds'), 'ds');
747 $ds->setValue("1");
748 $ds->setInfo($this->lng->txt('ldap_as_ds_info'));
749 $this->form_gui->addItem($ds);
750
751 $servername = new ilTextInputGUI($this->lng->txt('ldap_server_name'), 'server_name');
752 $servername->setRequired(true);
753 $servername->setInfo($this->lng->txt('ldap_server_name_info'));
754 $servername->setSize(32);
755 $servername->setMaxLength(32);
756 $this->form_gui->addItem($servername);
757
758 // start Patch Name Filter
759 $namefilter = new ilTextInputGUI($this->lng->txt('ldap_username_filter'), "name_filter");//ADD LANG VAR
760 $namefilter->setInfo($this->lng->txt("ldap_username_filter_info"));
761 $namefilter->setSize(64);
762 $namefilter->setMaxLength(255);
763 $this->form_gui->addItem($namefilter);
764 // end Patch Name Filter
765
766 $serverurl = new ilTextInputGUI($this->lng->txt('ldap_server'), 'server_url');
767 $serverurl->setRequired(true);
768 $serverurl->setInfo($this->lng->txt('ldap_server_url_info'));
769 $serverurl->setSize(64);
770 $serverurl->setMaxLength(255);
771 $this->form_gui->addItem($serverurl);
772
773 $version = new ilSelectInputGUI($this->lng->txt('ldap_version'), 'version');
774 $version->setOptions(array(2 => 2, 3 => 3));
775 $version->setInfo($this->lng->txt('ldap_server_version_info'));
776 $this->form_gui->addItem($version);
777
778 $basedsn = new ilTextInputGUI($this->lng->txt('basedn'), 'base_dn');
779 $basedsn->setRequired(true);
780 $basedsn->setSize(64);
781 $basedsn->setMaxLength(255);
782 $this->form_gui->addItem($basedsn);
783
784 $referrals = new ilCheckboxInputGUI($this->lng->txt('ldap_referrals'), 'referrals');
785 $referrals->setValue("1");
786 $referrals->setInfo($this->lng->txt('ldap_referrals_info'));
787 $this->form_gui->addItem($referrals);
788
789 $section_security = new ilFormSectionHeaderGUI();
790 $section_security->setTitle($this->lng->txt('ldap_server_security_settings'));
791 $this->form_gui->addItem($section_security);
792
793 $tls = new ilCheckboxInputGUI($this->lng->txt('ldap_tls'), 'tls');
794 $tls->setValue("1");
795 $this->form_gui->addItem($tls);
796
797 $binding = new ilRadioGroupInputGUI($this->lng->txt('ldap_server_binding'), 'binding_type');
798 $anonymous = new ilRadioOption($this->lng->txt('ldap_bind_anonymous'), (string) ilLDAPServer::LDAP_BIND_ANONYMOUS);
799 $binding->addOption($anonymous);
800 $user = new ilRadioOption($this->lng->txt('ldap_bind_user'), (string) ilLDAPServer::LDAP_BIND_USER);
801 $dn = new ilTextInputGUI($this->lng->txt('ldap_server_bind_dn'), 'bind_dn');
802 $dn->setSize(64);
803 $dn->setMaxLength(255);
804 $user->addSubItem($dn);
805 $pass = new ilPasswordInputGUI($this->lng->txt('ldap_server_bind_pass'), 'bind_pass');
806 $pass->setSkipSyntaxCheck(true);
807 $pass->setSize(12);
808 $pass->setMaxLength(100);
809 $user->addSubItem($pass);
810 $binding->addOption($user);
811 $this->form_gui->addItem($binding);
812
813 $section_auth = new ilFormSectionHeaderGUI();
814 $section_auth->setTitle($this->lng->txt('ldap_authentication_settings'));
815 $this->form_gui->addItem($section_auth);
816
817 $search_base = new ilTextInputGUI($this->lng->txt('ldap_user_dn'), 'search_base');
818 $search_base->setInfo($this->lng->txt('ldap_search_base_info'));
819 $search_base->setSize(64);
820 $search_base->setMaxLength(255);
821 $this->form_gui->addItem($search_base);
822
823 $user_scope = new ilSelectInputGUI($this->lng->txt('ldap_user_scope'), 'user_scope');
824 $user_scope->setOptions(array(ilLDAPServer::LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
825 ilLDAPServer::LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')));
826 $user_scope->setInfo($this->lng->txt('ldap_user_scope_info'));
827 $this->form_gui->addItem($user_scope);
828
829 $user_attribute = new ilTextInputGUI($this->lng->txt('ldap_user_attribute'), 'user_attribute');
830 $user_attribute->setSize(16);
831 $user_attribute->setMaxLength(64);
832 $user_attribute->setRequired(true);
833 $this->form_gui->addItem($user_attribute);
834
835 $filter = new ilTextInputGUI($this->lng->txt('ldap_search_filter'), 'filter');
836 $filter->setInfo($this->lng->txt('ldap_filter_info'));
837 $filter->setSize(64);
838 $filter->setMaxLength(512);
839 $this->form_gui->addItem($filter);
840
841 $section_restrictions = new ilFormSectionHeaderGUI();
842 $section_restrictions->setTitle($this->lng->txt('ldap_group_restrictions'));
843 $this->form_gui->addItem($section_restrictions);
844
845 $group_dn = new ilTextInputGUI($this->lng->txt('ldap_group_search_base'), 'group_dn');
846 $group_dn->setInfo($this->lng->txt('ldap_group_dn_info'));
847 $group_dn->setSize(64);
848 $group_dn->setMaxLength(255);
849 $this->form_gui->addItem($group_dn);
850
851 $group_scope = new ilSelectInputGUI($this->lng->txt('ldap_group_scope'), 'group_scope');
852 $group_scope->setOptions(array(ilLDAPServer::LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
853 ilLDAPServer::LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')));
854 $group_scope->setInfo($this->lng->txt('ldap_group_scope_info'));
855 $this->form_gui->addItem($group_scope);
856
857 $group_filter = new ilTextInputGUI($this->lng->txt('ldap_group_filter'), 'group_filter');
858 $group_filter->setInfo($this->lng->txt('ldap_group_filter_info'));
859 $group_filter->setSize(64);
860 $group_filter->setMaxLength(255);
861 $this->form_gui->addItem($group_filter);
862
863 $group_member = new ilTextInputGUI($this->lng->txt('ldap_group_member'), 'group_member');
864 $group_member->setInfo($this->lng->txt('ldap_group_member_info'));
865 $group_member->setSize(32);
866 $group_member->setMaxLength(255);
867 $this->form_gui->addItem($group_member);
868
869
870 $group_member_isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_memberisdn'), 'memberisdn');
871 #$group_member_isdn->setInfo($this->lng->txt('ldap_group_member_info'));
872 $this->form_gui->addItem($group_member_isdn);
873 #$group_member->addSubItem($group_member_isdn);
874
875 $escapedn = new ilCheckboxInputGUI($this->lng->txt('ldap_escapedn'), 'escape_dn');
876 $escapedn->setValue("1");
877 $escapedn->setInfo($this->lng->txt('ldap_escapedn_info'));
878 $this->form_gui->addItem($escapedn);
879
880 $group = new ilTextInputGUI($this->lng->txt('ldap_group_name'), 'group');
881 $group->setInfo($this->lng->txt('ldap_group_name_info'));
882 $group->setSize(32);
883 $group->setMaxLength(255);
884 $this->form_gui->addItem($group);
885
886 $group_atrr = new ilTextInputGUI($this->lng->txt('ldap_group_attribute'), 'group_attribute');
887 $group_atrr->setInfo($this->lng->txt('ldap_group_attribute_info'));
888 $group_atrr->setSize(16);
889 $group_atrr->setMaxLength(64);
890 $this->form_gui->addItem($group_atrr);
891
892 $group_optional = new ilCheckboxInputGUI($this->lng->txt('ldap_group_membership'), 'group_optional');
893 $group_optional->setOptionTitle($this->lng->txt('ldap_group_member_optional'));
894 $group_optional->setInfo($this->lng->txt('ldap_group_optional_info'));
895 $group_optional->setValue("1");
896 $group_user_filter = new ilTextInputGUI($this->lng->txt('ldap_group_user_filter'), 'group_user_filter');
897 $group_user_filter->setSize(64);
898 $group_user_filter->setMaxLength(255);
899 $group_optional->addSubItem($group_user_filter);
900 $this->form_gui->addItem($group_optional);
901
902 $section_sync = new ilFormSectionHeaderGUI();
903 $section_sync->setTitle($this->lng->txt('ldap_user_sync'));
904 $this->form_gui->addItem($section_sync);
905
906 $ci_gui = new ilCustomInputGUI($this->lng->txt('ldap_moment_sync'));
907 $sync_on_login = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_login'), 'sync_on_login');
908 $sync_on_login->setValue("1");
909 $ci_gui->addSubItem($sync_on_login);
910 $sync_per_cron = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_cron'), 'sync_per_cron');
911 $sync_per_cron->setValue("1");
912 $ci_gui->addSubItem($sync_per_cron);
913 $ci_gui->setInfo($this->lng->txt('ldap_user_sync_info'));
914 $this->form_gui->addItem($ci_gui);
915
916 $global_role = new ilSelectInputGUI($this->lng->txt('ldap_global_role_assignment'), 'global_role');
917 $global_role->setOptions($this->prepareGlobalRoleSelection());
918 $global_role->setInfo($this->lng->txt('ldap_global_role_info'));
919 $this->form_gui->addItem($global_role);
920
921 $migr = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_migration'), 'migration');
922 $migr->setInfo($this->lng->txt('auth_ldap_migration_info'));
923 $migr->setValue("1");
924 $this->form_gui->addItem($migr);
925
926 ilAdministrationSettingsFormHandler::addFieldsToForm(
927 ilAdministrationSettingsFormHandler::FORM_LDAP,
928 $this->form_gui,
929 ilAdministrationSettingsFormHandler::getSettingsGUIInstance("auth")
930 );
931
932 $this->form_gui->addCommandButton('save', $this->lng->txt('save'));
933 if ($this->ctrl->getCmd() === "addServerSettings") {
934 $this->form_gui->addCommandButton('serverList', $this->lng->txt('cancel'));
935 }
936 }
937
938 /*
939 * Update Settings
940 */
941 public function save(): bool
942 {
943 $this->setSubTabs();
944 $this->tabs_gui->setTabActive('settings');
945
946 $this->initForm();
947 if ($this->form_gui->checkInput()) {
948 $this->server->toggleActive((bool) $this->form_gui->getInput('active'));
949 $this->server->enableAuthentication(!(bool) $this->form_gui->getInput('ds'));
950 $this->server->setName($this->form_gui->getInput('server_name'));
951 $this->server->setUrl($this->form_gui->getInput('server_url'));
952 $this->server->setVersion((int) $this->form_gui->getInput('version'));
953 $this->server->setBaseDN($this->form_gui->getInput('base_dn'));
954 $this->server->toggleReferrer((bool) $this->form_gui->getInput('referrals'));
955 $this->server->toggleTLS((bool) $this->form_gui->getInput('tls'));
956 $this->server->setBindingType((int) $this->form_gui->getInput('binding_type'));
957 $this->server->setBindUser($this->form_gui->getInput('bind_dn'));
958 $this->server->setBindPassword($this->form_gui->getInput('bind_pass'));
959 $this->server->setSearchBase($this->form_gui->getInput('search_base'));
960 $this->server->setUserScope((int) $this->form_gui->getInput('user_scope'));
961 $this->server->setUserAttribute($this->form_gui->getInput('user_attribute'));
962 $this->server->setFilter($this->form_gui->getInput('filter'));
963 $this->server->setGroupDN($this->form_gui->getInput('group_dn'));
964 $this->server->setGroupScope((int) $this->form_gui->getInput('group_scope'));
965 $this->server->setGroupFilter($this->form_gui->getInput('group_filter'));
966 $this->server->setGroupMember($this->form_gui->getInput('group_member'));
967 $this->server->enableGroupMemberIsDN((bool) $this->form_gui->getInput('memberisdn'));
968 $this->server->setGroupName($this->form_gui->getInput('group'));
969 $this->server->setGroupAttribute($this->form_gui->getInput('group_attribute'));
970 $this->server->setGroupUserFilter($this->form_gui->getInput('group_user_filter'));
971 $this->server->toggleMembershipOptional((bool) $this->form_gui->getInput('group_optional'));
972 $this->server->enableSyncOnLogin((bool) $this->form_gui->getInput('sync_on_login'));
973 $this->server->enableSyncPerCron((bool) $this->form_gui->getInput('sync_per_cron'));
974 $this->server->setGlobalRole((int) $this->form_gui->getInput('global_role'));
975 $this->server->enableAccountMigration((bool) $this->form_gui->getInput('migration'));
976 $this->server->setUsernameFilter($this->form_gui->getInput("name_filter"));
977 $this->server->enableEscapeDN((bool) $this->form_gui->getInput('escape_dn'));
978 if (!$this->server->validate()) {
979 $this->main_tpl->setOnScreenMessage('failure', $this->ilErr->getMessage());
980 $this->form_gui->setValuesByPost();
981 $this->tpl->setContent($this->form_gui->getHTML());
982 return false;
983 }
984
985 // Update or create
986 if ($this->server->getServerId()) {
987 $this->server->update();
988 } else {
989 $this->server->create();
990 }
991
992 // Now server_id exists => update LDAP attribute mapping
993 $this->initAttributeMapping();
994 $this->mapping->setRule('global_role', (string) $this->form_gui->getInput('global_role'), false);
995 $this->mapping->save();
996
997 $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'), true);
998 $this->ctrl->redirect($this, 'serverList');
999 return true;
1000 }
1001
1002 $this->form_gui->setValuesByPost();
1003 $this->tpl->setContent($this->form_gui->getHTML());
1004 return true;
1005 }
1006
1007
1008
1012 private function setSubTabs(): void
1013 {
1014 $this->tabs_gui->clearTargets();
1015
1016 $this->tabs_gui->setBackTarget(
1017 $this->lng->txt("back"),
1018 $this->ctrl->getLinkTarget($this, 'serverList')
1019 );
1020
1021
1022 $this->tabs_gui->addTab(
1023 "settings",
1024 $this->lng->txt("ldap_settings"),
1025 $this->ctrl->getLinkTarget($this, 'editServerSettings')
1026 );
1027
1028 // Disable all other tabs, if server hasn't been configured.
1029 if (!count(ilLDAPServer::_getServerList())) {
1030 return;
1031 }
1032
1033 $this->tabs_gui->addTab(
1034 "user_mapping",
1035 $this->lng->txt("ldap_user_mapping"),
1036 $this->ctrl->getLinkTarget($this, 'userMapping')
1037 );
1038
1039 $this->tabs_gui->addTab(
1040 "role_assignments",
1041 $this->lng->txt('ldap_role_assignments'),
1042 $this->ctrl->getLinkTarget($this, 'roleAssignments')
1043 );
1044
1045 $this->tabs_gui->addTab(
1046 "role_mapping",
1047 $this->lng->txt("ldap_role_mapping"),
1048 $this->ctrl->getLinkTarget($this, 'roleMapping')
1049 );
1050 }
1051
1052
1053 private function initServer(): void
1054 {
1055 $server_id = 0;
1056 if ($this->ldap_server_id) {
1057 $server_id = $this->ldap_server_id;
1058 }
1059
1060
1061 $this->server = new ilLDAPServer($server_id);
1062 }
1063
1064 private function initAttributeMapping(): void
1065 {
1066 $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->getServer()->getServerId());
1067 }
1068
1069 private function initRoleMapping(): void
1070 {
1071 $this->role_mapping = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId($this->getServer()->getServerId());
1072 }
1073
1077 private function prepareGlobalRoleSelection(): array
1078 {
1079 $global_roles = ilUtil::_sortIds(
1080 $this->rbacReview->getGlobalRoles(),
1081 'object_data',
1082 'title',
1083 'obj_id'
1084 );
1085
1086 $select[0] = $this->lng->txt('links_select_one');
1087 foreach ($global_roles as $role_id) {
1088 $select[$role_id] = ilObject::_lookupTitle((int) $role_id);
1089 }
1090 return $select;
1091 }
1092
1093 private function getMappingFields(): array
1094 {
1095 return array('gender' => $this->lng->txt('gender'),
1096 'firstname' => $this->lng->txt('firstname'),
1097 'lastname' => $this->lng->txt('lastname'),
1098 'title' => $this->lng->txt('person_title'),
1099 'institution' => $this->lng->txt('institution'),
1100 'department' => $this->lng->txt('department'),
1101 'street' => $this->lng->txt('street'),
1102 'city' => $this->lng->txt('city'),
1103 'zipcode' => $this->lng->txt('zipcode'),
1104 'country' => $this->lng->txt('country'),
1105 'phone_office' => $this->lng->txt('phone_office'),
1106 'phone_home' => $this->lng->txt('phone_home'),
1107 'phone_mobile' => $this->lng->txt('phone_mobile'),
1108 'fax' => $this->lng->txt('fax'),
1109 'email' => $this->lng->txt('email'),
1110 'second_email' => $this->lng->txt('second_email'),
1111 'hobby' => $this->lng->txt('hobby'),
1112 'matriculation' => $this->lng->txt('matriculation'));
1113 }
1114
1115 private function initUserDefinedFields(): void
1116 {
1117 $this->udf = ilUserDefinedFields::_getInstance();
1118 }
1119
1120 private function prepareMappingSelect(): string
1121 {
1122 return ilLegacyFormElementsUtil::formSelect(
1123 $this->mapping_template,
1124 'mapping_template',
1125 [0 => $this->lng->txt('ldap_mapping_template'),
1126 "inetOrgPerson" => 'inetOrgPerson',
1127 "organizationalPerson" => 'organizationalPerson',
1128 "person" => 'person',
1129 "ad_2003" => 'Active Directory (Win 2003)'
1130 ],
1131 false,
1132 true
1133 );
1134 }
1135
1141 protected function initFormRoleAssignments(string $a_mode): void
1142 {
1143 $this->form = new ilPropertyFormGUI();
1144 $this->form->setFormAction($this->ctrl->getFormAction($this));
1145
1146 switch ($a_mode) {
1147 case 'edit':
1148 $this->form->setTitle($this->lng->txt('ldap_edit_role_ass_rule'));
1149 $this->form->addCommandButton('updateRoleAssignment', $this->lng->txt('save'));
1150 //$this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
1151 break;
1152 case 'create':
1153 $this->form->setTitle($this->lng->txt('ldap_add_role_ass_rule'));
1154 $this->form->addCommandButton('addRoleAssignment', $this->lng->txt('ldap_btn_add_role_ass'));
1155 //$this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
1156 break;
1157 }
1158
1159 // Role Selection
1160 $role = new ilRadioGroupInputGUI($this->lng->txt('ldap_ilias_role'), 'role_name');
1161 $role->setRequired(true);
1162
1163 $global = new ilRadioOption($this->lng->txt('ldap_global_role'), "0");
1164
1165 $role->addOption($global);
1166
1167 $role_select = new ilSelectInputGUI('', 'role_id');
1168 $role_select->setOptions($this->prepareGlobalRoleSelection());
1169 $global->addSubItem($role_select);
1170
1171 $local = new ilRadioOption($this->lng->txt('ldap_local_role'), "1");
1172
1173 $role->addOption($local);
1174
1175 $role_search = new ilRoleAutoCompleteInputGUI('', 'role_search', $this, 'addRoleAutoCompleteObject');
1176 $role_search->setSize(40);
1177 $local->addSubItem($role_search);
1178
1179 $role->setInfo($this->lng->txt('ldap_role_name_info'));
1180 $this->form->addItem($role);
1181
1182 // Update options
1183 $update = new ilNonEditableValueGUI($this->lng->txt('ldap_update_roles'), 'update_roles');
1184 $update->setValue($this->lng->txt('ldap_check_role_assignment'));
1185
1186 $add = new ilCheckboxInputGUI('', 'add_missing');
1187 $add->setOptionTitle($this->lng->txt('ldap_add_missing'));
1188 $update->addSubItem($add);
1189
1190 $remove = new ilCheckboxInputGUI('', 'remove_deprecated');
1191 $remove->setOptionTitle($this->lng->txt('ldap_remove_deprecated'));
1192 $update->addSubItem($remove);
1193
1194 $this->form->addItem($update);
1195
1196
1197
1198 // Assignment Type
1199 $group = new ilRadioGroupInputGUI($this->lng->txt('ldap_assignment_type'), 'type');
1200 #$group->setValue($current_rule->getType());
1201 $group->setRequired(true);
1202
1203 // Option by group
1204 $radio_group = new ilRadioOption($this->lng->txt('ldap_role_by_group'), (string) ilLDAPRoleAssignmentRule::TYPE_GROUP);
1205
1206 $dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn'), 'dn');
1207 #$dn->setValue($current_rule->getDN());
1208 $dn->setSize(32);
1209 $dn->setMaxLength(512);
1210 $dn->setInfo($this->lng->txt('ldap_role_grp_dn_info'));
1211 $radio_group->addSubItem($dn);
1212 $at = new ilTextInputGUI($this->lng->txt('ldap_role_grp_at'), 'at');
1213 #$at->setValue($current_rule->getMemberAttribute());
1214 $at->setSize(16);
1215 $at->setMaxLength(128);
1216 $radio_group->addSubItem($at);
1217 $isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_role_grp_isdn'), 'isdn');
1218 #$isdn->setChecked($current_rule->isMemberAttributeDN());
1219 $isdn->setInfo($this->lng->txt('ldap_group_member_info'));
1220 $radio_group->addSubItem($isdn);
1221 $radio_group->setInfo($this->lng->txt('ldap_role_grp_info'));
1222
1223 $group->addOption($radio_group);
1224
1225 // Option by Attribute
1226 $radio_attribute = new ilRadioOption($this->lng->txt('ldap_role_by_attribute'), (string) ilLDAPRoleAssignmentRule::TYPE_ATTRIBUTE);
1227 $name = new ilTextInputGUI($this->lng->txt('ldap_role_at_name'), 'name');
1228 #$name->setValue($current_rule->getAttributeName());
1229 $name->setSize(32);
1230 $name->setMaxLength(128);
1231 #$name->setInfo($this->lng->txt('ldap_role_at_name_info'));
1232 $radio_attribute->addSubItem($name);
1233
1234 // Radio Attribute
1235 $val = new ilTextInputGUI($this->lng->txt('ldap_role_at_value'), 'value');
1236 #$val->setValue($current_rule->getAttributeValue());
1237 $val->setSize(32);
1238 $val->setMaxLength(128);
1239 #$val->setInfo($this->lng->txt('ldap_role_at_value_info'));
1240 $radio_attribute->addSubItem($val);
1241 $radio_attribute->setInfo($this->lng->txt('ldap_role_at_info'));
1242
1243 $group->addOption($radio_attribute);
1244
1245 // Option by Plugin
1246 $pl_active = $this->component_repository->getPluginSlotById("ldaphk")->hasActivePlugins();
1247 $pl = new ilRadioOption($this->lng->txt('ldap_plugin'), "3");
1248
1249 $pl->setInfo($this->lng->txt('ldap_plugin_info'));
1250 $pl->setDisabled(!$pl_active);
1251
1252 $id = new ilNumberInputGUI($this->lng->txt('ldap_plugin_id'), 'plugin_id');
1253 $id->setDisabled(!$pl_active);
1254 $id->setSize(3);
1255 $id->setMaxLength(3);
1256 $id->setMaxValue(999);
1257 $id->setMinValue(1);
1258 $pl->addSubItem($id);
1259
1260 $group->addOption($pl);
1261 $this->form->addItem($group);
1262 }
1263
1264
1268 public function addRoleAutoCompleteObject(): void
1269 {
1270 ilRoleAutoCompleteInputGUI::echoAutoCompleteList();
1271 }
1272
1276 private function userMappingToolbar(): void
1277 {
1278 $select_form = new ilSelectInputGUI("mapping_template");
1279 $select_form->setPostVar("mapping_template");
1280 $options = array(
1281 "" => $this->lng->txt('ldap_mapping_template'),
1282 "inetOrgPerson" => 'inetOrgPerson',
1283 "organizationalPerson" => 'organizationalPerson',
1284 "person" => 'person',
1285 "ad_2003" => 'Active Directory (Win 2003)');
1286 $select_form->setOptions($options);
1287 $select_form->setValue($this->mapping_template);
1288
1289 $this->toolbar->addInputItem($select_form);
1290 $this->toolbar->addFormButton($this->lng->txt('show'), "chooseMapping");
1291 $this->toolbar->setFormAction($this->ctrl->getFormAction($this, "chooseMapping"));
1292 }
1293
1297 private function initUserMappingForm(): ilPropertyFormGUI
1298 {
1299 $propertie_form = new ilPropertyFormGUI();
1300 $propertie_form->setTitle($this->lng->txt('ldap_mapping_table'));
1301 $propertie_form->setFormAction($this->ctrl->getFormAction($this, 'saveMapping'));
1302 $propertie_form->addCommandButton('saveMapping', $this->lng->txt('save'));
1303
1304 foreach ($this->getMappingFields() as $mapping => $lang) {
1305 $text_form = new ilTextInputGUI($lang);
1306 $text_form->setPostVar($mapping . "_value");
1307 $text_form->setValue($this->mapping->getValue($mapping));
1308 $text_form->setSize(32);
1309 $text_form->setMaxLength(255);
1310 $propertie_form->addItem($text_form);
1311
1312 $checkbox_form = new ilCheckboxInputGUI("");
1313 $checkbox_form->setPostVar($mapping . "_update");
1314 $checkbox_form->setChecked($this->mapping->enabledUpdate($mapping));
1315 $checkbox_form->setOptionTitle($this->lng->txt('ldap_update_field_info'));
1316 $propertie_form->addItem($checkbox_form);
1317 }
1318
1319 $this->initUserDefinedFields();
1320 foreach ($this->udf->getDefinitions() as $definition) {
1321 $text_form = new ilTextInputGUI($definition['field_name']);
1322 $text_form->setPostVar('udf_' . $definition['field_id'] . '_value');
1323 $text_form->setValue($this->mapping->getValue('udf_' . $definition['field_id']));
1324 $text_form->setSize(32);
1325 $text_form->setMaxLength(255);
1326 $propertie_form->addItem($text_form);
1327
1328 $checkbox_form = new ilCheckboxInputGUI("");
1329 $checkbox_form->setPostVar('udf_' . $definition['field_id'] . '_update');
1330 $checkbox_form->setChecked($this->mapping->enabledUpdate('udf_' . $definition['field_id']));
1331 $checkbox_form->setOptionTitle($this->lng->txt('ldap_update_field_info'));
1332 $propertie_form->addItem($checkbox_form);
1333 }
1334
1335 return $propertie_form;
1336 }
1337
1341 public function roleMapping(): void
1342 {
1343 $this->setSubTabs();
1344 $this->tabs_gui->setTabActive('role_mapping');
1345 $this->toolbar->addButton(
1346 $this->lng->txt("ldap_new_role_assignment"),
1347 $this->ctrl->getLinkTarget($this, 'addRoleMapping')
1348 );
1349
1350 //Set propertyform for synchronization settings
1351 $propertie_form = new ilPropertyFormGUI();
1352 $propertie_form->setTitle($this->lng->txt('ldap_role_settings'));
1353 $propertie_form->setFormAction($this->ctrl->getFormAction($this, "saveSyncronizationSettings"));
1354 $propertie_form->addCommandButton("saveSyncronizationSettings", $this->lng->txt('save'));
1355 $role_active = new ilCheckboxInputGUI($this->lng->txt('ldap_role_active'));
1356 $role_active->setPostVar('role_sync_active');
1357 $role_active->setChecked($this->server->enabledRoleSynchronization());
1358 $propertie_form->addItem($role_active);
1359 $binding = new ilCombinationInputGUI($this->lng->txt('ldap_server_binding'));
1360 $binding->setInfo($this->lng->txt('ldap_role_bind_user_info'));
1361 $user = new ilTextInputGUI("");
1362 $user->setPostVar("role_bind_user");
1363 $user->setValue($this->server->getRoleBindDN());
1364 $user->setSize(50);
1365 $user->setMaxLength(255);
1366 $binding->addCombinationItem("0", $user, $this->lng->txt('ldap_role_bind_user'));
1367
1368 $pass = new ilPasswordInputGUI("");
1369 $pass->setPostVar("role_bind_pass");
1370 $pass->setValue($this->server->getRoleBindPassword());
1371 $pass->setSize(12);
1372 $pass->setMaxLength(100);
1373 $pass->setRetype(false);
1374 $binding->addCombinationItem("1", $pass, $this->lng->txt('ldap_role_bind_pass'));
1375
1376 $propertie_form->addItem($binding);
1377
1378 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_mappings.html', 'Services/LDAP');
1379 $this->tpl->setVariable("NEW_ASSIGNMENT_TBL", $propertie_form->getHTML());
1380
1381 //Set Group Assignments Table if mappings exist
1382 $mapping_instance = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId($this->server->getServerId());
1383 $mappings = $mapping_instance->getMappings();
1384 if (count($mappings)) {
1385 $table_gui = new ilLDAPRoleMappingTableGUI($this, $this->server->getServerId());
1386 $table_gui->setTitle($this->lng->txt('ldap_role_group_assignments'));
1387 $table_gui->setData($mappings);
1388 $this->tpl->setVariable("RULES_TBL", $table_gui->getHTML());
1389 }
1390 }
1391
1395 public function editRoleMapping(): void
1396 {
1397 $mapping = new ilLDAPRoleGroupMappingSetting($this->mapping_id);
1398 $mapping->read();
1399
1400 $propertie_form = $this->initRoleMappingForm("updateRoleMapping");
1401 $propertie_form->setTitle($this->lng->txt('ldap_edit_role_assignment'));
1402 if ($propertie_form->getItemByPostVar("url")) {
1403 $propertie_form->getItemByPostVar("url")->setValue($mapping->getURL());
1404 }
1405 if ($propertie_form->getItemByPostVar("dn")) {
1406 $propertie_form->getItemByPostVar("dn")->setValue($mapping->getDN());
1407 }
1408 if ($propertie_form->getItemByPostVar("member")) {
1409 $propertie_form->getItemByPostVar("member")->setValue($mapping->getMemberAttribute());
1410 }
1411 if ($propertie_form->getItemByPostVar("memberisdn")) {
1412 $propertie_form->getItemByPostVar("memberisdn")->setChecked($mapping->getMemberISDN());
1413 }
1414 if ($propertie_form->getItemByPostVar("role")) {
1415 $propertie_form->getItemByPostVar("role")->setValue($mapping->getRoleName());
1416 }
1417 if ($propertie_form->getItemByPostVar("info")) {
1418 $propertie_form->getItemByPostVar("info")->setValue($mapping->getMappingInfo());
1419 }
1420 if ($propertie_form->getItemByPostVar("info_type")) {
1421 $propertie_form->getItemByPostVar("info_type")->setChecked($mapping->getMappingInfoType());
1422 }
1423
1424 $this->tpl->setContent($propertie_form->getHTML());
1425 }
1426
1427
1428
1432 public function createRoleMapping(): void
1433 {
1434 $propertie_form = $this->initRoleMappingForm("createRoleMapping");
1435
1436 if ($propertie_form->checkInput() && $this->rbacReview->roleExists($propertie_form->getInput("role"))) {
1437 $mapping = new ilLDAPRoleGroupMappingSetting(0);
1438 $mapping->setServerId($this->server->getServerId());
1439 $mapping->setURL($propertie_form->getInput("url"));
1440 $mapping->setDN($propertie_form->getInput("dn"));
1441 $mapping->setMemberAttribute($propertie_form->getInput("member"));
1442 $mapping->setMemberISDN((bool) $propertie_form->getInput("memberisdn"));
1443 $mapping->setRoleByName($propertie_form->getInput("role"));
1444 $mapping->setMappingInfo($propertie_form->getInput("info"));
1445 $mapping->setMappingInfoType((bool) $propertie_form->getInput("info_type"));
1446 $mapping->save();
1447
1448 $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'), true);
1449 $this->ctrl->redirect($this, "roleMapping");
1450 } else {
1451 if (!$this->rbacReview->roleExists($propertie_form->getInput("role"))) {
1452 $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt("ldap_role_not_exists") . " " .
1453 $propertie_form->getInput("role"));
1454 }
1455 $propertie_form->setValuesByPost();
1456 $this->tpl->setContent($propertie_form->getHTML());
1457 }
1458 }
1459
1463 public function confirmDeleteRoleMapping(): void
1464 {
1465 if (!$this->mappings) {
1466 $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'), true);
1467 $this->ctrl->redirect($this, "roleMapping");
1468 return;
1469 }
1470
1471 $c_gui = new ilConfirmationGUI();
1472
1473 // set confirm/cancel commands
1474 $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRoleMapping"));
1475 $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass"));
1476 $c_gui->setCancel($this->lng->txt("cancel"), "roleMapping");
1477 $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRoleMapping");
1478
1479 foreach ($this->mappings as $id) {
1480 $mapping = new ilLDAPRoleGroupMappingSetting($id);
1481 $mapping->read();
1482 $txt = $this->lng->txt('obj_role') . ": " . $mapping->getRoleName() . ", ";
1483 $txt .= $this->lng->txt('ldap_group_dn') . ": " . $mapping->getDN() . ", ";
1484 $txt .= $this->lng->txt('ldap_server_short') . " " . $mapping->getURL() . ", ";
1485 $txt .= $this->lng->txt('ldap_group_member_short') . " " . $mapping->getMemberAttribute();
1486
1487 $c_gui->addItem("mappings[]", (string) $id, $txt);
1488 }
1489 $this->tpl->setContent($c_gui->getHTML());
1490 }
1491
1492 public function addServerSettings(): void
1493 {
1494 $this->checkAccess("write");
1495
1496 $this->ctrl->clearParameters($this);
1497
1498 $this->initForm();
1499 $this->tpl->setContent($this->form_gui->getHTML());
1500 }
1501
1502 public function editServerSettings(): void
1503 {
1504 $this->checkAccess("write");
1505
1506 $this->setSubTabs();
1507 $this->tabs_gui->setTabActive('settings');
1508
1509 $this->initForm();
1510 $this->setServerFormValues();
1511 $this->tpl->setContent($this->form_gui->getHTML());
1512 }
1513
1514
1518 public function confirmDeleteServerSettings(): void
1519 {
1520 $this->checkAccess("write");
1521
1522 if (!$this->ldap_server_id) {
1523 $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
1524 $this->serverList();
1525 return;
1526 }
1527
1528 $c_gui = new ilConfirmationGUI();
1529
1530 // set confirm/cancel commands
1531 $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteServerSettings"));
1532 $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_server_settings"));
1533 $c_gui->setCancel($this->lng->txt("cancel"), "serverList");
1534 $c_gui->setConfirm($this->lng->txt("confirm"), "deleteServerSettings");
1535
1536 // add items to delete
1537 $setting = new ilLDAPServer($this->ldap_server_id);
1538 $c_gui->addItem('server_ids[]', (string) $setting->getServerId(), $setting->getName());
1539
1540 $this->tpl->setContent($c_gui->getHTML());
1541 }
1542
1546 public function deleteServerSettings(): void
1547 {
1548 if (!$this->server_ids) {
1549 $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
1550 $this->serverList();
1551 return;
1552 }
1553
1554 foreach ($this->server_ids as $server_id) {
1555 $setting = new ilLDAPServer($server_id);
1556 $setting->delete();
1557 }
1558 $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('deleted'));
1559 $this->ctrl->redirect($this, "serverlist");
1560 }
1561
1565 public function userMapping(): void
1566 {
1567 $this->initAttributeMapping();
1568
1569 $this->setSubTabs();
1570 $this->tabs_gui->activateTab('user_mapping');
1571 $this->userMappingToolbar();
1572
1573 $propertie_form = $this->initUserMappingForm();
1574
1575 $this->tpl->setContent($propertie_form->getHTML());
1576 }
1577
1578
1579
1580 public function activateServer(): void
1581 {
1582 $this->checkAccess("write");
1583
1584 $this->server->toggleActive(true);
1585 $this->server->update();
1586 $this->serverList();
1587 }
1588
1589 public function deactivateServer(): void
1590 {
1591 $this->checkAccess("write");
1592
1593 $this->server->toggleActive(false);
1594 $this->server->update();
1595 $this->serverList();
1596 }
1597
1598
1599
1600
1605 private function initRoleMappingForm(string $command): ilPropertyFormGUI
1606 {
1607 $this->setSubTabs();
1608 $this->tabs_gui->activateTab('role_mapping');
1609
1610 if ($this->mapping_id) {
1611 $this->ctrl->setParameter($this, 'mapping_id', $this->mapping_id);
1612 }
1613
1614 $propertie_form = new ilPropertyFormGUI();
1615 $propertie_form->setTitle($this->lng->txt('ldap_mapping_table'));
1616 $propertie_form->setFormAction($this->ctrl->getFormAction($this, $command));
1617 $propertie_form->addCommandButton($command, $this->lng->txt('save'));
1618 $propertie_form->addCommandButton("roleMapping", $this->lng->txt('cancel'));
1619
1620 $url = new ilTextInputGUI($this->lng->txt('ldap_server'));
1621 $url->setPostVar("url");
1622 $url->setSize(50);
1623 $url->setMaxLength(255);
1624 $url->setRequired(true);
1625
1626 $group_dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn'));
1627 $group_dn->setPostVar("dn");
1628 $group_dn->setSize(50);
1629 $group_dn->setMaxLength(255);
1630 $group_dn->setInfo($this->lng->txt('ldap_dn_info'));
1631 $group_dn->setRequired(true);
1632
1633 $member = new ilTextInputGUI($this->lng->txt('ldap_group_member'));
1634 $member->setPostVar("member");
1635 $member->setSize(32);
1636 $member->setMaxLength(255);
1637 $member->setInfo($this->lng->txt('ldap_member_info'));
1638 $member->setRequired(true);
1639
1640 $member_isdn = new ilCheckboxInputGUI("");
1641 $member_isdn->setPostVar("memberisdn");
1642 $member_isdn->setOptionTitle($this->lng->txt('ldap_memberisdn'));
1643
1644 $role = new ilTextInputGUI($this->lng->txt('ldap_ilias_role'));
1645 $role->setPostVar("role");
1646 $role->setSize(32);
1647 $role->setMaxLength(255);
1648 $role->setInfo($this->lng->txt('ldap_role_info'));
1649 $role->setRequired(true);
1650
1651 $info = new ilTextAreaInputGUI($this->lng->txt('ldap_info_text'));
1652 $info->setPostVar("info");
1653 $info->setCols(50);
1654 $info->setRows(3);
1655 $info->setInfo($this->lng->txt('ldap_info_text_info'));
1656
1657 $info_type = new ilCheckboxInputGUI("");
1658 $info_type->setPostVar("info_type");
1659 $info_type->setOptionTitle($this->lng->txt('ldap_mapping_info_type'));
1660
1661 $propertie_form->addItem($url);
1662 $propertie_form->addItem($group_dn);
1663 $propertie_form->addItem($member);
1664 $propertie_form->addItem($member_isdn);
1665 $propertie_form->addItem($role);
1666 $propertie_form->addItem($info);
1667 $propertie_form->addItem($info_type);
1668
1669 return $propertie_form;
1670 }
1671
1672
1673
1677 public function addRoleMapping(): void
1678 {
1679 $propertie_form = $this->initRoleMappingForm("createRoleMapping");
1680 if ($propertie_form->getItemByPostVar("url")) {
1681 $propertie_form->getItemByPostVar("url")->setValue($this->server->getUrl());
1682 }
1683 if ($this->mapping_id) {
1684 $mapping = new ilLDAPRoleGroupMappingSetting($this->mapping_id);
1685 $mapping->read();
1686 if ($propertie_form->getItemByPostVar("url")) {
1687 $propertie_form->getItemByPostVar("url")->setValue($mapping->getURL());
1688 }
1689 if ($propertie_form->getItemByPostVar("dn")) {
1690 $propertie_form->getItemByPostVar("dn")->setValue($mapping->getDN());
1691 }
1692 if ($propertie_form->getItemByPostVar("member")) {
1693 $propertie_form->getItemByPostVar("member")->setValue($mapping->getMemberAttribute());
1694 }
1695 if ($propertie_form->getItemByPostVar("memberisdn")) {
1696 $propertie_form->getItemByPostVar("memberisdn")->setChecked($mapping->getMemberISDN());
1697 }
1698 if ($propertie_form->getItemByPostVar("role")) {
1699 $propertie_form->getItemByPostVar("role")->setValue($mapping->getRoleName());
1700 }
1701 if ($propertie_form->getItemByPostVar("info")) {
1702 $propertie_form->getItemByPostVar("info")->setValue($mapping->getMappingInfo());
1703 }
1704 if ($propertie_form->getItemByPostVar("info_type")) {
1705 $propertie_form->getItemByPostVar("info_type")->setChecked($mapping->getMappingInfoType());
1706 }
1707 }
1708
1709 $this->tpl->setContent($propertie_form->getHTML());
1710 }
1711
1712
1716 public function updateRoleMapping(): void
1717 {
1718 $propertie_form = $this->initRoleMappingForm("updateRoleMapping");
1719
1720 if ($propertie_form->checkInput() && $this->rbacReview->roleExists($propertie_form->getInput("role"))) {
1721 $mapping = new ilLDAPRoleGroupMappingSetting($this->mapping_id);
1722 $mapping->setServerId($this->server->getServerId());
1723 $mapping->setURL($propertie_form->getInput("url"));
1724 $mapping->setDN($propertie_form->getInput("dn"));
1725 $mapping->setMemberAttribute($propertie_form->getInput("member"));
1726 $mapping->setMemberISDN((bool) $propertie_form->getInput("memberisdn"));
1727 $mapping->setRoleByName($propertie_form->getInput("role"));
1728 $mapping->setMappingInfo($propertie_form->getInput("info"));
1729 $mapping->setMappingInfoType((bool) $propertie_form->getInput("info_type"));
1730 $mapping->update();
1731
1732 $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'), true);
1733 $this->ctrl->redirect($this, "roleMapping");
1734 } else {
1735 if (!$this->rbacReview->roleExists($propertie_form->getInput("role"))) {
1736 $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt("ldap_role_not_exists") . " " .
1737 $propertie_form->getInput("role"));
1738 }
1739 $propertie_form->setValuesByPost();
1740 $this->tpl->setContent($propertie_form->getHTML());
1741 }
1742 }
1743
1747 public function saveSyncronizationSettings(): void
1748 {
1749 $this->server->setRoleBindDN($this->role_bind_user);
1750 $this->server->setRoleBindPassword($this->role_bind_pass);
1751 $this->server->enableRoleSynchronization($this->role_sync_active);
1752
1753 // Update or create
1754 if ($this->server->getServerId()) {
1755 $this->server->update();
1756 }
1757 $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'), true);
1758 $this->ctrl->redirect($this, "roleMapping");
1759 }
1760}
$version
$version
Definition: plugin.php:24
$id
$id
plugin.php for ilComponentBuildPluginInfoObjectiveTest::testAddPlugins
Definition: plugin.php:23
ilAccess
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilAccess.php:28
ilAccess\checkAccess
checkAccess(string $a_permission, string $a_cmd, int $a_ref_id, string $a_type="", ?int $a_obj_id=null, ?int $a_tree_id=null)
check access for an object (provide $a_type and $a_obj_id if available for better performance)
Definition: class.ilAccess.php:226
ilAdministrationSettingsFormHandler\addFieldsToForm
static addFieldsToForm(int $a_form_id, ilPropertyFormGUI $a_form, ilObjectGUI $a_parent_gui)
Definition: class.ilAdministrationSettingsFormHandler.php:117
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:27
ilCombinationInputGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilCombinationInputGUI.php:27
ilConfirmationGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilConfirmationGUI.php:25
ilCtrl
Class ilCtrl provides processing control methods.
Definition: class.ilCtrl.php:35
ilCustomInputGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilCustomInputGUI.php:28
ilErrorHandling
Error Handling & global info handling uses PEAR error class.
Definition: class.ilErrorHandling.php:39
ilFormSectionHeaderGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilFormSectionHeaderGUI.php:27
ilLDAPAttributeMappingUtils\_getMappingRulesByClass
static _getMappingRulesByClass(string $a_class)
Get mapping rule by objectClass.
Definition: class.ilLDAPAttributeMappingUtils.php:33
ilLDAPAttributeMapping
This class stores the settings that define the mapping between LDAP attribute and user profile fields...
Definition: class.ilLDAPAttributeMapping.php:27
ilLDAPAttributeMapping\_lookupGlobalRole
static _lookupGlobalRole(int $a_server_id)
Definition: class.ilLDAPAttributeMapping.php:65
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId(int $a_server_id)
Definition: class.ilLDAPAttributeMapping.php:45
ilLDAPAttributeMapping\save
save()
Save mapping rules to db.
Definition: class.ilLDAPAttributeMapping.php:177
ilLDAPAttributeMapping\read
read()
Read mapping settings from db.
Definition: class.ilLDAPAttributeMapping.php:233
ilLDAPRoleAssignmentRule\_getRules
static _getRules($a_server_id)
Get all rules.
Definition: class.ilLDAPRoleAssignmentRule.php:180
ilLDAPRoleAssignmentRule\_getInstanceByRuleId
static _getInstanceByRuleId(int $a_rule_id)
Definition: class.ilLDAPRoleAssignmentRule.php:64
ilLDAPRoleGroupMappingSettings\_getInstanceByServerId
static _getInstanceByServerId(int $a_server_id)
Get instance of class.
Definition: class.ilLDAPRoleGroupMappingSettings.php:59
ilLDAPServer\_getServerList
static _getServerList()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:227
ilLDAPServer\checkLDAPLib
static checkLDAPLib()
Check if ldap module is installed.
Definition: class.ilLDAPServer.php:129
ilLDAPSettingsGUI\setSubTabs
setSubTabs()
Set sub tabs for ldap section.
Definition: class.ilLDAPSettingsGUI.php:1012
ilLDAPSettingsGUI\editRoleMapping
editRoleMapping()
Edit Assigments for role mapping.
Definition: class.ilLDAPSettingsGUI.php:1395
ilLDAPSettingsGUI\$role_mapping_rule
ilLDAPRoleAssignmentRule $role_mapping_rule
Definition: class.ilLDAPSettingsGUI.php:44
ilLDAPSettingsGUI\$udf
ilUserDefinedFields $udf
Definition: class.ilLDAPSettingsGUI.php:43
ilLDAPSettingsGUI\userMapping
userMapping()
Ldap User Mapping.
Definition: class.ilLDAPSettingsGUI.php:1565
ilLDAPSettingsGUI\loadRoleAssignmentRule
loadRoleAssignmentRule(int $a_rule_id, bool $load_from_form=true)
Load input from form.
Definition: class.ilLDAPSettingsGUI.php:553
ilLDAPSettingsGUI\saveRoleSelection
saveRoleSelection()
Save role selection.
Definition: class.ilLDAPSettingsGUI.php:494
ilLDAPSettingsGUI\$component_repository
ilComponentRepository $component_repository
Definition: class.ilLDAPSettingsGUI.php:42
ilLDAPSettingsGUI\userMappingToolbar
userMappingToolbar()
Create Toolbar.
Definition: class.ilLDAPSettingsGUI.php:1276
ilLDAPSettingsGUI\editRoleAssignment
editRoleAssignment()
Edit role assignment.
Definition: class.ilLDAPSettingsGUI.php:262
ilLDAPSettingsGUI\initRoleMappingForm
initRoleMappingForm(string $command)
init propertyformgui for Assignment of LDAP Attributes to ILIAS User Profile
Definition: class.ilLDAPSettingsGUI.php:1605
ilLDAPSettingsGUI\roleAssignments
roleAssignments()
Edit role assignments.
Definition: class.ilLDAPSettingsGUI.php:236
ilLDAPSettingsGUI\initUserMappingForm
initUserMappingForm()
Create Property Form GUI for User Mapping.
Definition: class.ilLDAPSettingsGUI.php:1297
ilLDAPSettingsGUI\addRoleAutoCompleteObject
addRoleAutoCompleteObject()
Add Member for autoComplete.
Definition: class.ilLDAPSettingsGUI.php:1268
ilLDAPSettingsGUI\saveSyncronizationSettings
saveSyncronizationSettings()
save Syncronization Settings on Role Mapping screen
Definition: class.ilLDAPSettingsGUI.php:1747
ilLDAPSettingsGUI\getAttributeMappingKeys
getAttributeMappingKeys()
Get all possible attribute keys for mapping ldap attribute to ilias user attributes.
Definition: class.ilLDAPSettingsGUI.php:212
ilLDAPSettingsGUI\confirmDeleteRoleMapping
confirmDeleteRoleMapping()
confirm delete role mappings
Definition: class.ilLDAPSettingsGUI.php:1463
ilLDAPSettingsGUI\roleMapping
roleMapping()
Role Mapping Tab.
Definition: class.ilLDAPSettingsGUI.php:1341
ilLDAPSettingsGUI\getServer
getServer()
Get server settings.
Definition: class.ilLDAPSettingsGUI.php:228
ilLDAPSettingsGUI\$role_mapping
ilLDAPRoleGroupMappingSettings $role_mapping
Definition: class.ilLDAPSettingsGUI.php:46
ilLDAPSettingsGUI\checkRoleAssignmentInput
checkRoleAssignmentInput(int $a_rule_id=0)
Check role assignment input.
Definition: class.ilLDAPSettingsGUI.php:526
ilLDAPSettingsGUI\confirmDeleteRules
confirmDeleteRules()
Confirm delete rules.
Definition: class.ilLDAPSettingsGUI.php:351
ilLDAPSettingsGUI\confirmDeleteServerSettings
confirmDeleteServerSettings()
Confirm delete rules.
Definition: class.ilLDAPSettingsGUI.php:1518
ilLDAPSettingsGUI\$form_gui
ilPropertyFormGUI $form_gui
Definition: class.ilLDAPSettingsGUI.php:29
ilLDAPSettingsGUI\createRoleMapping
createRoleMapping()
Check add screen input and save to db.
Definition: class.ilLDAPSettingsGUI.php:1432
ilLDAPSettingsGUI\setValuesByArray
setValuesByArray()
set values of form array
Definition: class.ilLDAPSettingsGUI.php:285
ilLDAPSettingsGUI\showRoleSelection
showRoleSelection()
show role selection
Definition: class.ilLDAPSettingsGUI.php:464
ilLDAPSettingsGUI\checkAccess
checkAccess(string $a_permission)
Definition: class.ilLDAPSettingsGUI.php:201
ilLDAPSettingsGUI\__construct
__construct(int $a_auth_ref_id)
Definition: class.ilLDAPSettingsGUI.php:68
ilLDAPSettingsGUI\updateRoleAssignment
updateRoleAssignment()
update role assignment
Definition: class.ilLDAPSettingsGUI.php:311
ilLDAPSettingsGUI\prepareGlobalRoleSelection
prepareGlobalRoleSelection()
New implementation for InputForm.
Definition: class.ilLDAPSettingsGUI.php:1077
ilLDAPSettingsGUI\addRoleAssignment
addRoleAssignment()
add new role assignment
Definition: class.ilLDAPSettingsGUI.php:400
ilLDAPSettingsGUI\addRoleMapping
addRoleMapping()
Add Assigments for role mapping.
Definition: class.ilLDAPSettingsGUI.php:1677
ilLDAPSettingsGUI\initFormRoleAssignments
initFormRoleAssignments(string $a_mode)
Init form table for new role assignments.
Definition: class.ilLDAPSettingsGUI.php:1141
ilLDAPSettingsGUI\$tpl
ilGlobalTemplateInterface $tpl
Definition: class.ilLDAPSettingsGUI.php:35
ilLDAPSettingsGUI\getRoleAssignmentTable
getRoleAssignmentTable()
Show active role assignments.
Definition: class.ilLDAPSettingsGUI.php:536
ilLDAPSettingsGUI\$mapping
ilLDAPAttributeMapping $mapping
Definition: class.ilLDAPSettingsGUI.php:28
ilLDAPSettingsGUI\$main_tpl
ilGlobalTemplateInterface $main_tpl
Definition: class.ilLDAPSettingsGUI.php:41
ilLDAPSettingsGUI\$rule
ilLDAPRoleAssignmentRule $rule
Definition: class.ilLDAPSettingsGUI.php:45
ilLDAPSettingsGUI\deleteRules
deleteRules()
delete role assignment rule
Definition: class.ilLDAPSettingsGUI.php:382
ilLDAPSettingsGUI\updateRoleMapping
updateRoleMapping()
Check edit screen input and save to db.
Definition: class.ilLDAPSettingsGUI.php:1716
ilLanguage
language handling
Definition: class.ilLanguage.php:44
ilLegacyFormElementsUtil\formSelect
static formSelect( $selected, string $varname, array $options, bool $multiple=false, bool $direct_text=false, int $size=0, string $style_class="", array $attribs=[], bool $disabled=false)
Builds a select form field with options and shows the selected option first.
Definition: class.ilLegacyFormElementsUtil.php:316
ilNonEditableValueGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilNonEditableValueGUI.php:27
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:27
ilObject\_lookupTitle
static _lookupTitle(int $obj_id)
Definition: class.ilObject.php:837
ilPasswordInputGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilPasswordInputGUI.php:27
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:31
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:27
ilRadioOption
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilRadioOption.php:27
ilRbacReview
class ilRbacReview Contains Review functions of core Rbac.
Definition: class.ilRbacReview.php:34
ilRbacSystem
class ilRbacSystem system function like checkAccess, addActiveRole ... Supporting system functions ar...
Definition: class.ilRbacSystem.php:34
ilRoleAutoCompleteInputGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilRoleAutoCompleteInputGUI.php:27
ilRoleAutoCompleteInputGUI\echoAutoCompleteList
static echoAutoCompleteList()
Static asynchronous default auto complete function.
Definition: class.ilRoleAutoCompleteInputGUI.php:57
ilRoleSelectionTableGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilRoleSelectionTableGUI.php:26
ilSelectInputGUI
This class represents a selection list property in a property form.
Definition: class.ilSelectInputGUI.php:27
ilSession\get
static get(string $a_var)
Definition: class.ilSession.php:459
ilSession\set
static set(string $a_var, $a_val)
Set a value.
Definition: class.ilSession.php:451
ilTabsGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilTabsGUI.php:24
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:27
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:27
ilToolbarGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilToolbarGUI.php:26
ilUserDefinedFields
Additional user data fields definition.
Definition: class.ilUserDefinedFields.php:30
ilUtil\stripSlashes
static stripSlashes(string $a_str, bool $a_strip_html=true, string $a_allow="")
Definition: class.ilUtil.php:401
ilUtil\_sortIds
static _sortIds(array $a_ids, string $a_table, string $a_field, string $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,...
Definition: class.ilUtil.php:1223
$txt
$txt
Definition: error.php:13
$DIC
global $DIC
Definition: feed.php:28
$update
$update
Definition: imgupload.php:92
ilAccessHandler
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: interface.ilAccessHandler.php:27
ilComponentRepository
Readable part of repository interface to ilComponentDataDB.
Definition: class.ilComponentRepository.php:26
ilGlobalTemplateInterface
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: interface.ilGlobalTemplateInterface.php:25
$res
$res
Definition: ltiservices.php:69
$name
if($format !==null) $name
Definition: metadata.php:247
$keys
$keys
Definition: metadata.php:204
ILIAS\LTI\ToolProvider\$key
string $key
Consumer key/client ID value.
Definition: System.php:193
ILIAS\Repository\$refinery
Refinery Factory $refinery
Definition: trait.BaseGUIRequest.php:36
ILIAS\Repository\form
form( $class_path, string $cmd)
Definition: trait.GlobalDICGUIServices.php:105
$url
$url
Definition: proxy_ylocal.php:28
$lang
$lang
Definition: xapiexit.php:26