ILIAS  release_8 Revision v8.19
All Data Structures Namespaces Files Functions Variables Modules Pages
class.ilLDAPSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
24 class ilLDAPSettingsGUI
25 {
26  private int $ref_id;
27  private ilLDAPServer $server;
28  private ilLDAPAttributeMapping $mapping;
29  private ?ilPropertyFormGUI $form_gui = null;
30  private ?ilPropertyFormGUI $form = null;
31 
32  private ilCtrl $ctrl;
33  private ilTabsGUI $tabs_gui;
34  private ilLanguage $lng;
35  private ilGlobalTemplateInterface $tpl;
36  private ilErrorHandling $ilErr;
37  private ilAccessHandler $ilAccess;
38  private ilRbacReview $rbacReview;
39  private ilRbacSystem $rbacSystem;
40  private ilToolbarGUI $toolbar;
41  private ilGlobalTemplateInterface $main_tpl;
42  private ilComponentRepository $component_repository;
43  private ilUserDefinedFields $udf;
44  private ?ilLDAPRoleAssignmentRule $role_mapping_rule = null;
45  private ?ilLDAPRoleAssignmentRule $rule = null;
46  private ?ilLDAPRoleGroupMappingSettings $role_mapping = null;
47 
48  //vars for storing request parameters
50  private ?array $rule_ids = null;
51  private ?int $rule_id = null;
52  private ?int $role_id = null;
54  private ?array $mappings = null;
55  private ?string $mapping_template = null;
56  private ?int $ldap_server_id = null;
58  private ?array $server_ids = null;
59  private ?int $mapping_id = null;
60  private ?string $role_bind_user = null;
61  private ?string $role_bind_pass = null;
62  private bool $role_sync_active = false;
63  private array $attribute_mappings = [];
64 
68  public function __construct(int $a_auth_ref_id)
69  {
70  global $DIC;
71 
72  $this->ctrl = $DIC->ctrl();
73  $this->tabs_gui = $DIC->tabs();
74  $this->lng = $DIC->language();
75  $this->lng->loadLanguageModule('ldap');
76  $this->ilErr = $DIC['ilErr'];
77  $this->ilAccess = $DIC->access();
78  $this->component_repository = $DIC["component.repository"];
79  $this->rbacReview = $DIC->rbac()->review();
80  $this->rbacSystem = $DIC->rbac()->system();
81  $this->toolbar = $DIC->toolbar();
82  $this->main_tpl = $DIC->ui()->mainTemplate();
83 
84  $this->tpl = $DIC->ui()->mainTemplate();
85 
86  if ($this->ctrl->getCmd() !== "addServerSettings") {
87  $this->ctrl->saveParameter($this, 'ldap_server_id');
88  }
89 
90  $http_wrapper = $DIC->http()->wrapper();
91  $is_post_request = $DIC->http()->request()->getMethod() === "POST";
92  $refinery = $DIC->refinery();
93  if ($http_wrapper->query()->has("rule_id")) {
94  $this->rule_id = $http_wrapper->query()->retrieve(
95  "rule_id",
96  $refinery->kindlyTo()->int()
97  );
98  }
99  if ($http_wrapper->query()->has("ldap_server_id")) {
100  $this->ldap_server_id = $http_wrapper->query()->retrieve(
101  "ldap_server_id",
102  $refinery->kindlyTo()->int()
103  );
104  }
105  if ($http_wrapper->query()->has("mapping_id")) {
106  $this->mapping_id = $http_wrapper->query()->retrieve(
107  "mapping_id",
108  $refinery->kindlyTo()->int()
109  );
110  }
111  if ($is_post_request) {
112  if ($http_wrapper->post()->has('rule_ids')) {
113  $this->rule_ids = $http_wrapper->post()->retrieve(
114  'rule_ids',
115  $refinery->kindlyTo()->listOf($refinery->kindlyTo()->int())
116  );
117  }
118  if ($http_wrapper->post()->has('role_id')) {
119  $this->role_id = $http_wrapper->post()->retrieve(
120  'role_id',
121  $refinery->kindlyTo()->int()
122  );
123  }
124  if ($http_wrapper->post()->has('mappings')) {
125  $this->mappings = $http_wrapper->post()->retrieve(
126  'mappings',
127  $refinery->kindlyTo()->listOf($refinery->kindlyTo()->int())
128  );
129  }
130  if ($http_wrapper->post()->has('server_ids')) {
131  $this->server_ids = $http_wrapper->post()->retrieve(
132  'server_ids',
133  $refinery->kindlyTo()->listOf($refinery->kindlyTo()->int())
134  );
135  }
136  if ($http_wrapper->post()->has('mapping_template')) {
137  $this->mapping_template = $http_wrapper->post()->retrieve(
138  'mapping_template',
139  $refinery->kindlyTo()->string()
140  );
141  }
142  if ($http_wrapper->post()->has('role_bind_user')) {
143  $this->role_bind_user = ilUtil::stripSlashes($http_wrapper->post()->retrieve(
144  'role_bind_user',
145  $refinery->kindlyTo()->string()
146  ));
147  }
148  if ($http_wrapper->post()->has('role_bind_pass')) {
149  $this->role_bind_pass = ilUtil::stripSlashes($http_wrapper->post()->retrieve(
150  'role_bind_pass',
151  $refinery->kindlyTo()->string()
152  ));
153  }
154  if ($http_wrapper->post()->has('role_sync_active')) {
155  $this->role_sync_active = $http_wrapper->post()->retrieve(
156  'role_sync_active',
157  $refinery->kindlyTo()->bool()
158  );
159  }
160  foreach ($this->getAttributeMappingKeys() as $key) {
161  if ($http_wrapper->post()->has($key . '_value')) {
162  $this->attribute_mappings[$key] = [ilUtil::stripSlashes($http_wrapper->post()->retrieve(
163  $key . '_value',
164  $refinery->kindlyTo()->string()
165  )), $http_wrapper->post()->has($key . '_update')];
166  } else {
167  $this->attribute_mappings[$key] = ["", false];
168  }
169  }
170  }
171 
172  $this->ref_id = $a_auth_ref_id;
173 
174 
175  $this->initServer();
176  }
177 
181  public function executeCommand(): bool
182  {
183  $next_class = $this->ctrl->getNextClass($this);
184  $cmd = $this->ctrl->getCmd();
185 
186  if ($cmd !== "serverList" && !$this->rbacSystem->checkAccess("visible,read", $this->ref_id)) {
187  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('msg_no_perm_write'), true);
188  $this->ctrl->redirect($this, "serverList");
189  }
190  switch ($next_class) {
191  default:
192  if (!$cmd) {
193  $cmd = "serverList";
194  }
195  $this->$cmd();
196  break;
197  }
198  return true;
199  }
200 
201  private function checkAccess(string $a_permission): void
202  {
203  if (!$this->ilAccess->checkAccess($a_permission, '', $this->ref_id)) {
204  $this->ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $this->ilErr->WARNING);
205  }
206  }
207 
212  private function getAttributeMappingKeys(): array
213  {
214  $keys = [];
215  foreach (array_keys($this->getMappingFields()) as $key) {
216  $keys[] = $key;
217  }
218  foreach (ilUserDefinedFields::_getInstance()->getDefinitions() as $definition) {
219  $keys[] = 'udf_' . $definition['field_id'];
220  }
221  return $keys;
222  }
223 
224 
228  public function getServer(): ilLDAPServer
229  {
230  return $this->server;
231  }
232 
236  public function roleAssignments(): void
237  {
238  $this->setSubTabs();
239  $this->tabs_gui->activateTab('role_assignments');
240 
241  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP');
242 
243  $this->initFormRoleAssignments('create');
244  $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId(0);
245  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
246 
247 
248  if (count($rules = ilLDAPRoleAssignmentRule::_getRules($this->server->getServerId()))) {
249  $table_gui = new ilLDAPRoleAssignmentTableGUI($this, 'roleAssignments');
250  $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
251  $table_gui->parse($rules);
252  $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
253  $table_gui->setSelectAllCheckbox("rule_id");
254  $this->tpl->setVariable('RULES_TBL', $table_gui->getHTML());
255  }
256  }
257 
262  public function editRoleAssignment(): void
263  {
264  if (!$this->rule_id) {
265  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
266  $this->roleAssignments();
267  return;
268  }
269  $this->setSubTabs();
270  $this->tabs_gui->activateTab('role_assignments');
271 
272  $this->ctrl->saveParameter($this, 'rule_id');
273  $this->initFormRoleAssignments(
274  'edit'
275  );
276  $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($this->rule_id);
277  $this->setValuesByArray();
278  $this->tpl->setContent($this->form->getHTML());
279  }
280 
281 
285  private function setValuesByArray(): void
286  {
287  $role_id = $this->role_mapping_rule->getRoleId();
288  if ($this->rbacReview->isGlobalRole($role_id)) {
289  $val['role_name'] = 0;
290  $val['role_id'] = $role_id;
291  } else {
292  $val['role_name'] = 1;
293  $val['role_search'] = ilObject::_lookupTitle($role_id);
294  }
295  $val['add_missing'] = (int) $this->role_mapping_rule->isAddOnUpdateEnabled();
296  $val['remove_deprecated'] = (int) $this->role_mapping_rule->isRemoveOnUpdateEnabled();
297  $val['type'] = $this->role_mapping_rule->getType();
298  $val['dn'] = $this->role_mapping_rule->getDN();
299  $val['at'] = $this->role_mapping_rule->getMemberAttribute();
300  $val['isdn'] = $this->role_mapping_rule->isMemberAttributeDN();
301  $val['name'] = $this->role_mapping_rule->getAttributeName();
302  $val['value'] = $this->role_mapping_rule->getAttributeValue();
303  $val['plugin_id'] = $this->role_mapping_rule->getPluginId();
304 
305  $this->form->setValuesByArray($val);
306  }
307 
311  public function updateRoleAssignment(): bool
312  {
313  if (!$this->ilAccess->checkAccess('write', '', $this->ref_id)) {
314  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('permission_denied'), true);
315  $this->roleAssignments();
316  return false;
317  }
318 
319  $this->initFormRoleAssignments('edit');
320 
321  $formWithoutErrors = $this->form->checkInput();
322  $roleErrorMessage = $this->checkRoleAssignmentInput($this->rule_id);
323  if (!$formWithoutErrors || $roleErrorMessage !== '') {
324  if ($roleErrorMessage !== '') {
325  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt($roleErrorMessage));
326  }
327 
328  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP');
329 
330  $this->form->setValuesByPost();
331  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
332  $this->tabs_gui->activateSubTab('role_assignments');
333  return true;
334  }
335 
336  // Might redirect
337  if ($this->roleSelectionRequired()) {
338  $this->ctrl->redirect($this, 'showRoleSelection');
339  } else {
340  $this->rule->update();
341  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'));
342  $this->roleAssignments();
343  }
344  return true;
345  }
346 
351  public function confirmDeleteRules(): void
352  {
353  $this->checkAccess("write");
354 
355  if (!$this->rule_ids) {
356  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
357  $this->roleAssignments();
358  return;
359  }
360  $this->setSubTabs();
361  $this->tabs_gui->activateTab('role_assignments');
362 
363  $c_gui = new ilConfirmationGUI();
364 
365  // set confirm/cancel commands
366  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules"));
367  $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass"));
368  $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignments");
369  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules");
370 
371  // add items to delete
372  foreach ($this->rule_ids as $rule_id) {
373  $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
374  $c_gui->addItem('rule_ids[]', (string) $rule_id, $rule->conditionToString());
375  }
376  $this->tpl->setContent($c_gui->getHTML());
377  }
378 
382  public function deleteRules(): void
383  {
384  if (!$this->rule_ids) {
385  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_once'));
386  $this->roleAssignments();
387  return;
388  }
389  foreach ($this->rule_ids as $rule_id) {
390  $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
391  $rule->delete();
392  }
393  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('ldap_deleted_rule'));
394  $this->ctrl->redirect($this, 'roleAssignments');
395  }
396 
400  public function addRoleAssignment(): bool
401  {
402  if (!$this->ilAccess->checkAccess('write', '', $this->ref_id)) {
403  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('permission_denied'), true);
404  $this->roleAssignments();
405  return false;
406  }
407  $this->setSubTabs();
408  $this->initFormRoleAssignments('create');
409  $formWithoutErrors = $this->form->checkInput();
410  $roleErrorMessage = $this->checkRoleAssignmentInput();
411  if (!$formWithoutErrors || $roleErrorMessage !== '') {
412  if ($roleErrorMessage !== '') {
413  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt($roleErrorMessage));
414  }
415 
416  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP');
417 
418  // DONE: wrap this
419  $this->form->setValuesByPost();
420  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
421  $this->tpl->setVariable('RULES_TBL', $this->getRoleAssignmentTable());
422  $this->tabs_gui->activateSubTab('role_assignments');
423  return true;
424  }
425 
426  if ($this->roleSelectionRequired()) {
427  $this->ctrl->redirect($this, 'showRoleSelection');
428  } else {
429  $this->rule->create();
430  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'));
431  $this->ctrl->redirect($this, 'roleAssignments');
432  }
433  return true;
434  }
435 
436  private function roleSelectionRequired(): bool
437  {
438  if ($this->rule->getRoleId() > 0) {
439  return false;
440  }
441  $rule = [];
442  $rule['server_id'] = $this->getServer()->getServerId();
443  $rule['rule_id'] = $this->rule_id ?: 0;
444  $rule['role_search'] = $this->form->getInput('role_search');
445  $rule['add_on_update'] = $this->form->getInput('add_missing');
446  $rule['remove_on_update'] = $this->form->getInput('remove_deprecated');
447  $rule['type'] = $this->form->getInput('type');
448  $rule['dn'] = $this->form->getInput('dn');
449  $rule['at'] = $this->form->getInput('at');
450  $rule['isdn'] = $this->form->getInput('isdn');
451  $rule['name'] = $this->form->getInput('name');
452  $rule['value'] = $this->form->getInput('value');
453  $rule['plugin'] = $this->form->getInput('plugin_id');
454  ilSession::set("ldap_role_ass", serialize($rule));
455  $this->ctrl->saveParameter($this, 'rule_id');
456  return true;
457  }
458 
459 
460 
464  protected function showRoleSelection(): bool
465  {
466  $this->setSubTabs();
467  $this->tabs_gui->activateTab('role_assignment');
468  $this->ctrl->saveParameter($this, 'rule_id');
469 
470  $parser = new ilQueryParser(unserialize(ilSession::get('ldap_role_ass'), ["allowed_classes" => false])['role_search']);
471  $parser->setMinWordLength(1);
472  $parser->setCombination(ilQueryParser::QP_COMBINATION_AND);
473  $parser->parse();
474 
475  $object_search = new ilLikeObjectSearch($parser);
476  $object_search->setFilter(array('role'));
477  $res = $object_search->performSearch();
478 
479  $entries = $res->getEntries();
480 
481  $table = new ilRoleSelectionTableGUI($this, 'showRoleSelection');
482  $table->setTitle($this->lng->txt('ldap_role_selection'));
483  $table->addMultiCommand('saveRoleSelection', $this->lng->txt('ldap_choose_role'));
484  $table->parse($entries);
485 
486  $this->tpl->setContent($table->getHTML());
487  return true;
488  }
489 
494  protected function saveRoleSelection(): bool
495  {
496  if (!$this->ilAccess->checkAccess('write', '', $this->ref_id)) {
497  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('permission_denied'), true);
498  $this->roleAssignments();
499  return false;
500  }
501 
502  if (!$this->role_id) {
503  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
504  $this->showRoleSelection();
505  return false;
506  }
507 
508  $this->loadRoleAssignmentRule($this->rule_id ?? 0, false);
509  $this->rule->setRoleId($this->role_id);
510 
511  if ($this->rule_id) {
512  $this->rule->update();
513  } else {
514  $this->rule->create();
515  }
516 
517  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'));
518  $this->roleAssignments();
519  return true;
520  }
521 
522 
526  private function checkRoleAssignmentInput(int $a_rule_id = 0): string
527  {
528  $this->loadRoleAssignmentRule($a_rule_id);
529  $this->rule->validate();
530  return $this->ilErr->getMessage();
531  }
532 
536  protected function getRoleAssignmentTable(): string
537  {
538  if (count($rules = ilLDAPRoleAssignmentRule::_getRules($this->server->getServerId()))) {
539  $table_gui = new ilLDAPRoleAssignmentTableGUI($this, 'roleAssignments');
540  $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
541  $table_gui->parse($rules);
542  $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
543  $table_gui->setSelectAllCheckbox("rule_id");
544  return $table_gui->getHTML();
545  }
546  return '';
547  }
548 
549 
553  private function loadRoleAssignmentRule(int $a_rule_id, bool $load_from_form = true): void
554  {
555  if (is_object($this->rule)) {
556  return;
557  }
558 
559  $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id);
560 
561  if ($load_from_form) {
562  if ($this->form->getInput('role_name') === '0') {
563  $this->rule->setRoleId((int) $this->form->getInput('role_id'));
564  } elseif ($this->form->getInput('role_search')) {
565  $parser = new ilQueryParser('"' . $this->form->getInput('role_search') . '"');
566 
567  // TODO: Handle minWordLength
568  $parser->setMinWordLength(1);
569  $parser->setCombination(ilQueryParser::QP_COMBINATION_AND);
570  $parser->parse();
571 
572  $object_search = new ilLikeObjectSearch($parser);
573  $object_search->setFilter(array('role'));
574  $res = $object_search->performSearch();
575 
576  $entries = $res->getEntries();
577  if (count($entries) === 1) {
578  $role = current($entries);
579  $this->rule->setRoleId($role['obj_id']);
580  } elseif (count($entries) > 1) {
581  $this->rule->setRoleId(-1);
582  }
583  }
584 
585  $this->rule->setAttributeName($this->form->getInput('name'));
586  $this->rule->setAttributeValue($this->form->getInput('value'));
587  $this->rule->setDN($this->form->getInput('dn'));
588  $this->rule->setMemberAttribute($this->form->getInput('at'));
589  $this->rule->setMemberIsDN((bool) $this->form->getInput('isdn'));
590  $this->rule->enableAddOnUpdate((bool) $this->form->getInput('add_missing'));
591  $this->rule->enableRemoveOnUpdate((bool) $this->form->getInput('remove_deprecated'));
592  $this->rule->setPluginId((int) $this->form->getInput('plugin_id'));
593  $this->rule->setType((int) $this->form->getInput('type'));
594  $this->rule->setServerId($this->getServer()->getServerId());
595  return;
596  }
597 
598  // LOAD from session
599  $this->rule->setServerId($this->getServer()->getServerId());
600  $rule = unserialize(ilSession::get('ldap_role_ass'), ["allowed_classes" => false]);
601 
602  $this->rule->enableAddOnUpdate((bool) ($rule['add_on_update'] ?? false));
603  $this->rule->enableRemoveOnUpdate((bool) ($rule['remove_on_update'] ?? false));
604  $this->rule->setType((int) ilUtil::stripSlashes(
605  $rule['type'] ?? (string) ilLDAPRoleAssignmentRule::TYPE_ATTRIBUTE
606  ));
607  $this->rule->setDN(ilUtil::stripSlashes($rule['dn'] ?? ''));
608  $this->rule->setMemberAttribute(ilUtil::stripSlashes($rule['at'] ?? ''));
609  $this->rule->setMemberIsDN((bool) (ilUtil::stripSlashes($rule['isdn'] ?? false)));
610  $this->rule->setAttributeName(ilUtil::stripSlashes($rule['name'] ?? ''));
611  $this->rule->setAttributeValue(ilUtil::stripSlashes($rule['value'] ?? ''));
612  $this->rule->setPluginId((int) ilUtil::stripSlashes($rule['plugin'] ?? '0'));
613  }
614 
615  public function deleteRoleMapping(): bool
616  {
617  if (!$this->mappings) {
618  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
619  $this->roleMapping();
620  return false;
621  }
622 
623  $this->initRoleMapping();
624 
625  foreach ($this->mappings as $mapping_id) {
626  $this->role_mapping->delete($mapping_id);
627  }
628  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('ldap_deleted_role_mapping'));
629  $this->roleMapping();
630  return true;
631  }
632 
633  public function chooseMapping(): void
634  {
635  if (!$this->mapping_template) {
636  $this->userMapping();
637  return;
638  }
639 
640  $this->initAttributeMapping();
641  $this->mapping->clearRules();
642 
643  foreach (ilLDAPAttributeMappingUtils::_getMappingRulesByClass($this->mapping_template) as $key => $value) {
644  $this->mapping->setRule($key, $value, false);
645  }
646  $this->userMapping();
647  }
648 
649  public function saveMapping(): void
650  {
651  $this->initAttributeMapping();
652  $this->tabs_gui->activateTab('role_mapping');
653 
654  foreach (array_keys($this->getMappingFields()) as $key) {
655  $this->mapping->setRule(
656  $key,
657  $this->attribute_mappings[$key][0],
658  $this->attribute_mappings[$key][1]
659  );
660  }
661  $this->initUserDefinedFields();
662  foreach ($this->udf->getDefinitions() as $definition) {
663  $key = 'udf_' . $definition['field_id'];
664  $this->mapping->setRule(
665  $key,
666  $this->attribute_mappings[$key][0],
667  $this->attribute_mappings[$key][1]
668  );
669  }
670 
671  $this->mapping->save();
672  $this->userMapping();
673 
674  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'));
675  }
676 
677  public function serverList(): void
678  {
679  if (!$this->rbacSystem->checkAccess("visible,read", $this->ref_id)) {
680  $this->ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $this->ilErr->WARNING);
681  }
682 
683  if (!ilLDAPServer::checkLDAPLib() && $this->server->isActive()) {
684  $this->main_tpl->setOnScreenMessage('failure', 'Missing LDAP libraries. Please ensure that the PHP LDAP module is installed on your server.');
685  }
686 
687  if ($this->rbacSystem->checkAccess("write", $this->ref_id)) {
688  $this->toolbar->addButton(
689  $this->lng->txt("add_ldap_server"),
690  $this->ctrl->getLinkTarget($this, "addServerSettings")
691  );
692  }
693 
694  $table = new ilLDAPServerTableGUI($this, "serverList");
695 
696  $this->tpl->setContent($table->getHTML());
697  }
698 
699  public function setServerFormValues(): void
700  {
701  $this->form_gui->setValuesByArray(array(
702  'active' => $this->server->isActive(),
703  'ds' => !$this->server->isAuthenticationEnabled(),
704  'server_name' => $this->server->getName(),
705  'server_url' => $this->server->getUrlString(),
706  'version' => $this->server->getVersion(),
707  'base_dn' => $this->server->getBaseDN(),
708  'referrals' => $this->server->isActiveReferrer(),
709  'tls' => $this->server->isActiveTLS(),
710  'binding_type' => $this->server->getBindingType(),
711  'bind_dn' => $this->server->getBindUser(),
712  'bind_pass' => $this->server->getBindPassword(),
713  'bind_pass_retype' => $this->server->getBindPassword(),
714  'search_base' => $this->server->getSearchBase(),
715  'user_scope' => $this->server->getUserScope(),
716  'user_attribute' => $this->server->getUserAttribute(),
717  'filter' => $this->server->getFilter(),
718  'group_dn' => $this->server->getGroupDN(),
719  'group_scope' => $this->server->getGroupScope(),
720  'group_filter' => $this->server->getGroupFilter(),
721  'group_member' => $this->server->getGroupMember(),
722  'memberisdn' => $this->server->enabledGroupMemberIsDN(),
723  'group' => $this->server->getGroupName(),
724  'group_attribute' => $this->server->getGroupAttribute(),
725  'group_optional' => $this->server->isMembershipOptional(),
726  'group_user_filter' => $this->server->getGroupUserFilter(),
727  'sync_on_login' => $this->server->enabledSyncOnLogin(),
728  'sync_per_cron' => $this->server->enabledSyncPerCron(),
729  'global_role' => ilLDAPAttributeMapping::_lookupGlobalRole($this->server->getServerId()),
730  'migration' => (int) $this->server->isAccountMigrationEnabled(),
731  "name_filter" => $this->server->getUsernameFilter(),
732  'escape_dn' => $this->server->enabledEscapeDN()
733  ));
734  }
735 
736  private function initForm(): void
737  {
738  $this->form_gui = new ilPropertyFormGUI();
739  $this->form_gui->setFormAction($this->ctrl->getFormAction($this, 'save'));
740  $this->form_gui->setTitle($this->lng->txt('ldap_configure'));
741 
742  $active = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_enable'), 'active');
743  $active->setValue("1");
744  $this->form_gui->addItem($active);
745 
746  $ds = new ilCheckboxInputGUI($this->lng->txt('ldap_as_ds'), 'ds');
747  $ds->setValue("1");
748  $ds->setInfo($this->lng->txt('ldap_as_ds_info'));
749  $this->form_gui->addItem($ds);
750 
751  $servername = new ilTextInputGUI($this->lng->txt('ldap_server_name'), 'server_name');
752  $servername->setRequired(true);
753  $servername->setInfo($this->lng->txt('ldap_server_name_info'));
754  $servername->setSize(32);
755  $servername->setMaxLength(32);
756  $this->form_gui->addItem($servername);
757 
758  // start Patch Name Filter
759  $namefilter = new ilTextInputGUI($this->lng->txt('ldap_username_filter'), "name_filter");//ADD LANG VAR
760  $namefilter->setInfo($this->lng->txt("ldap_username_filter_info"));
761  $namefilter->setSize(64);
762  $namefilter->setMaxLength(255);
763  $this->form_gui->addItem($namefilter);
764  // end Patch Name Filter
765 
766  $serverurl = new ilTextInputGUI($this->lng->txt('ldap_server'), 'server_url');
767  $serverurl->setRequired(true);
768  $serverurl->setInfo($this->lng->txt('ldap_server_url_info'));
769  $serverurl->setSize(64);
770  $serverurl->setMaxLength(255);
771  $this->form_gui->addItem($serverurl);
772 
773  $version = new ilSelectInputGUI($this->lng->txt('ldap_version'), 'version');
774  $version->setOptions(array(2 => 2, 3 => 3));
775  $version->setInfo($this->lng->txt('ldap_server_version_info'));
776  $this->form_gui->addItem($version);
777 
778  $basedsn = new ilTextInputGUI($this->lng->txt('basedn'), 'base_dn');
779  $basedsn->setRequired(true);
780  $basedsn->setSize(64);
781  $basedsn->setMaxLength(255);
782  $this->form_gui->addItem($basedsn);
783 
784  $referrals = new ilCheckboxInputGUI($this->lng->txt('ldap_referrals'), 'referrals');
785  $referrals->setValue("1");
786  $referrals->setInfo($this->lng->txt('ldap_referrals_info'));
787  $this->form_gui->addItem($referrals);
788 
789  $section_security = new ilFormSectionHeaderGUI();
790  $section_security->setTitle($this->lng->txt('ldap_server_security_settings'));
791  $this->form_gui->addItem($section_security);
792 
793  $tls = new ilCheckboxInputGUI($this->lng->txt('ldap_tls'), 'tls');
794  $tls->setValue("1");
795  $this->form_gui->addItem($tls);
796 
797  $binding = new ilRadioGroupInputGUI($this->lng->txt('ldap_server_binding'), 'binding_type');
798  $anonymous = new ilRadioOption($this->lng->txt('ldap_bind_anonymous'), (string) ilLDAPServer::LDAP_BIND_ANONYMOUS);
799  $binding->addOption($anonymous);
800  $user = new ilRadioOption($this->lng->txt('ldap_bind_user'), (string) ilLDAPServer::LDAP_BIND_USER);
801  $dn = new ilTextInputGUI($this->lng->txt('ldap_server_bind_dn'), 'bind_dn');
802  $dn->setSize(64);
803  $dn->setMaxLength(255);
804  $user->addSubItem($dn);
805  $pass = new ilPasswordInputGUI($this->lng->txt('ldap_server_bind_pass'), 'bind_pass');
806  $pass->setSkipSyntaxCheck(true);
807  $pass->setSize(12);
808  $pass->setMaxLength(100);
809  $user->addSubItem($pass);
810  $binding->addOption($user);
811  $this->form_gui->addItem($binding);
812 
813  $section_auth = new ilFormSectionHeaderGUI();
814  $section_auth->setTitle($this->lng->txt('ldap_authentication_settings'));
815  $this->form_gui->addItem($section_auth);
816 
817  $search_base = new ilTextInputGUI($this->lng->txt('ldap_user_dn'), 'search_base');
818  $search_base->setInfo($this->lng->txt('ldap_search_base_info'));
819  $search_base->setSize(64);
820  $search_base->setMaxLength(255);
821  $this->form_gui->addItem($search_base);
822 
823  $user_scope = new ilSelectInputGUI($this->lng->txt('ldap_user_scope'), 'user_scope');
824  $user_scope->setOptions(array(ilLDAPServer::LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
825  ilLDAPServer::LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')));
826  $user_scope->setInfo($this->lng->txt('ldap_user_scope_info'));
827  $this->form_gui->addItem($user_scope);
828 
829  $user_attribute = new ilTextInputGUI($this->lng->txt('ldap_user_attribute'), 'user_attribute');
830  $user_attribute->setSize(16);
831  $user_attribute->setMaxLength(64);
832  $user_attribute->setRequired(true);
833  $this->form_gui->addItem($user_attribute);
834 
835  $filter = new ilTextInputGUI($this->lng->txt('ldap_search_filter'), 'filter');
836  $filter->setInfo($this->lng->txt('ldap_filter_info'));
837  $filter->setSize(64);
838  $filter->setMaxLength(512);
839  $this->form_gui->addItem($filter);
840 
841  $section_restrictions = new ilFormSectionHeaderGUI();
842  $section_restrictions->setTitle($this->lng->txt('ldap_group_restrictions'));
843  $this->form_gui->addItem($section_restrictions);
844 
845  $group_dn = new ilTextInputGUI($this->lng->txt('ldap_group_search_base'), 'group_dn');
846  $group_dn->setInfo($this->lng->txt('ldap_group_dn_info'));
847  $group_dn->setSize(64);
848  $group_dn->setMaxLength(255);
849  $this->form_gui->addItem($group_dn);
850 
851  $group_scope = new ilSelectInputGUI($this->lng->txt('ldap_group_scope'), 'group_scope');
852  $group_scope->setOptions(array(ilLDAPServer::LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
853  ilLDAPServer::LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')));
854  $group_scope->setInfo($this->lng->txt('ldap_group_scope_info'));
855  $this->form_gui->addItem($group_scope);
856 
857  $group_filter = new ilTextInputGUI($this->lng->txt('ldap_group_filter'), 'group_filter');
858  $group_filter->setInfo($this->lng->txt('ldap_group_filter_info'));
859  $group_filter->setSize(64);
860  $group_filter->setMaxLength(255);
861  $this->form_gui->addItem($group_filter);
862 
863  $group_member = new ilTextInputGUI($this->lng->txt('ldap_group_member'), 'group_member');
864  $group_member->setInfo($this->lng->txt('ldap_group_member_info'));
865  $group_member->setSize(32);
866  $group_member->setMaxLength(255);
867  $this->form_gui->addItem($group_member);
868 
869 
870  $group_member_isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_memberisdn'), 'memberisdn');
871  #$group_member_isdn->setInfo($this->lng->txt('ldap_group_member_info'));
872  $this->form_gui->addItem($group_member_isdn);
873  #$group_member->addSubItem($group_member_isdn);
874 
875  $escapedn = new ilCheckboxInputGUI($this->lng->txt('ldap_escapedn'), 'escape_dn');
876  $escapedn->setValue("1");
877  $escapedn->setInfo($this->lng->txt('ldap_escapedn_info'));
878  $this->form_gui->addItem($escapedn);
879 
880  $group = new ilTextInputGUI($this->lng->txt('ldap_group_name'), 'group');
881  $group->setInfo($this->lng->txt('ldap_group_name_info'));
882  $group->setSize(32);
883  $group->setMaxLength(255);
884  $this->form_gui->addItem($group);
885 
886  $group_atrr = new ilTextInputGUI($this->lng->txt('ldap_group_attribute'), 'group_attribute');
887  $group_atrr->setInfo($this->lng->txt('ldap_group_attribute_info'));
888  $group_atrr->setSize(16);
889  $group_atrr->setMaxLength(64);
890  $this->form_gui->addItem($group_atrr);
891 
892  $group_optional = new ilCheckboxInputGUI($this->lng->txt('ldap_group_membership'), 'group_optional');
893  $group_optional->setOptionTitle($this->lng->txt('ldap_group_member_optional'));
894  $group_optional->setInfo($this->lng->txt('ldap_group_optional_info'));
895  $group_optional->setValue("1");
896  $group_user_filter = new ilTextInputGUI($this->lng->txt('ldap_group_user_filter'), 'group_user_filter');
897  $group_user_filter->setSize(64);
898  $group_user_filter->setMaxLength(255);
899  $group_optional->addSubItem($group_user_filter);
900  $this->form_gui->addItem($group_optional);
901 
902  $section_sync = new ilFormSectionHeaderGUI();
903  $section_sync->setTitle($this->lng->txt('ldap_user_sync'));
904  $this->form_gui->addItem($section_sync);
905 
906  $ci_gui = new ilCustomInputGUI($this->lng->txt('ldap_moment_sync'));
907  $sync_on_login = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_login'), 'sync_on_login');
908  $sync_on_login->setValue("1");
909  $ci_gui->addSubItem($sync_on_login);
910  $sync_per_cron = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_cron'), 'sync_per_cron');
911  $sync_per_cron->setValue("1");
912  $ci_gui->addSubItem($sync_per_cron);
913  $ci_gui->setInfo($this->lng->txt('ldap_user_sync_info'));
914  $this->form_gui->addItem($ci_gui);
915 
916  $global_role = new ilSelectInputGUI($this->lng->txt('ldap_global_role_assignment'), 'global_role');
917  $global_role->setOptions($this->prepareGlobalRoleSelection());
918  $global_role->setInfo($this->lng->txt('ldap_global_role_info'));
919  $this->form_gui->addItem($global_role);
920 
921  $migr = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_migration'), 'migration');
922  $migr->setInfo($this->lng->txt('auth_ldap_migration_info'));
923  $migr->setValue("1");
924  $this->form_gui->addItem($migr);
925 
926  ilAdministrationSettingsFormHandler::addFieldsToForm(
927  ilAdministrationSettingsFormHandler::FORM_LDAP,
928  $this->form_gui,
929  ilAdministrationSettingsFormHandler::getSettingsGUIInstance("auth")
930  );
931 
932  $this->form_gui->addCommandButton('save', $this->lng->txt('save'));
933  if ($this->ctrl->getCmd() === "addServerSettings") {
934  $this->form_gui->addCommandButton('serverList', $this->lng->txt('cancel'));
935  }
936  }
937 
938  /*
939  * Update Settings
940  */
941  public function save(): bool
942  {
943  $this->setSubTabs();
944  $this->tabs_gui->setTabActive('settings');
945 
946  $this->initForm();
947  if ($this->form_gui->checkInput()) {
948  $this->server->toggleActive((bool) $this->form_gui->getInput('active'));
949  $this->server->enableAuthentication(!(bool) $this->form_gui->getInput('ds'));
950  $this->server->setName($this->form_gui->getInput('server_name'));
951  $this->server->setUrl($this->form_gui->getInput('server_url'));
952  $this->server->setVersion((int) $this->form_gui->getInput('version'));
953  $this->server->setBaseDN($this->form_gui->getInput('base_dn'));
954  $this->server->toggleReferrer((bool) $this->form_gui->getInput('referrals'));
955  $this->server->toggleTLS((bool) $this->form_gui->getInput('tls'));
956  $this->server->setBindingType((int) $this->form_gui->getInput('binding_type'));
957  $this->server->setBindUser($this->form_gui->getInput('bind_dn'));
958  $this->server->setBindPassword($this->form_gui->getInput('bind_pass'));
959  $this->server->setSearchBase($this->form_gui->getInput('search_base'));
960  $this->server->setUserScope((int) $this->form_gui->getInput('user_scope'));
961  $this->server->setUserAttribute($this->form_gui->getInput('user_attribute'));
962  $this->server->setFilter($this->form_gui->getInput('filter'));
963  $this->server->setGroupDN($this->form_gui->getInput('group_dn'));
964  $this->server->setGroupScope((int) $this->form_gui->getInput('group_scope'));
965  $this->server->setGroupFilter($this->form_gui->getInput('group_filter'));
966  $this->server->setGroupMember($this->form_gui->getInput('group_member'));
967  $this->server->enableGroupMemberIsDN((bool) $this->form_gui->getInput('memberisdn'));
968  $this->server->setGroupName($this->form_gui->getInput('group'));
969  $this->server->setGroupAttribute($this->form_gui->getInput('group_attribute'));
970  $this->server->setGroupUserFilter($this->form_gui->getInput('group_user_filter'));
971  $this->server->toggleMembershipOptional((bool) $this->form_gui->getInput('group_optional'));
972  $this->server->enableSyncOnLogin((bool) $this->form_gui->getInput('sync_on_login'));
973  $this->server->enableSyncPerCron((bool) $this->form_gui->getInput('sync_per_cron'));
974  $this->server->setGlobalRole((int) $this->form_gui->getInput('global_role'));
975  $this->server->enableAccountMigration((bool) $this->form_gui->getInput('migration'));
976  $this->server->setUsernameFilter($this->form_gui->getInput("name_filter"));
977  $this->server->enableEscapeDN((bool) $this->form_gui->getInput('escape_dn'));
978  if (!$this->server->validate()) {
979  $this->main_tpl->setOnScreenMessage('failure', $this->ilErr->getMessage());
980  $this->form_gui->setValuesByPost();
981  $this->tpl->setContent($this->form_gui->getHTML());
982  return false;
983  }
984 
985  // Update or create
986  if ($this->server->getServerId()) {
987  $this->server->update();
988  } else {
989  $this->server->create();
990  }
991 
992  // Now server_id exists => update LDAP attribute mapping
993  $this->initAttributeMapping();
994  $this->mapping->setRule('global_role', (string) $this->form_gui->getInput('global_role'), false);
995  $this->mapping->save();
996 
997  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'), true);
998  $this->ctrl->redirect($this, 'serverList');
999  return true;
1000  }
1001 
1002  $this->form_gui->setValuesByPost();
1003  $this->tpl->setContent($this->form_gui->getHTML());
1004  return true;
1005  }
1006 
1007 
1008 
1012  private function setSubTabs(): void
1013  {
1014  $this->tabs_gui->clearTargets();
1015 
1016  $this->tabs_gui->setBackTarget(
1017  $this->lng->txt("back"),
1018  $this->ctrl->getLinkTarget($this, 'serverList')
1019  );
1020 
1021 
1022  $this->tabs_gui->addTab(
1023  "settings",
1024  $this->lng->txt("ldap_settings"),
1025  $this->ctrl->getLinkTarget($this, 'editServerSettings')
1026  );
1027 
1028  // Disable all other tabs, if server hasn't been configured.
1029  if (!count(ilLDAPServer::_getServerList())) {
1030  return;
1031  }
1032 
1033  $this->tabs_gui->addTab(
1034  "user_mapping",
1035  $this->lng->txt("ldap_user_mapping"),
1036  $this->ctrl->getLinkTarget($this, 'userMapping')
1037  );
1038 
1039  $this->tabs_gui->addTab(
1040  "role_assignments",
1041  $this->lng->txt('ldap_role_assignments'),
1042  $this->ctrl->getLinkTarget($this, 'roleAssignments')
1043  );
1044 
1045  $this->tabs_gui->addTab(
1046  "role_mapping",
1047  $this->lng->txt("ldap_role_mapping"),
1048  $this->ctrl->getLinkTarget($this, 'roleMapping')
1049  );
1050  }
1051 
1052 
1053  private function initServer(): void
1054  {
1055  $server_id = 0;
1056  if ($this->ldap_server_id) {
1057  $server_id = $this->ldap_server_id;
1058  }
1059 
1060 
1061  $this->server = new ilLDAPServer($server_id);
1062  }
1063 
1064  private function initAttributeMapping(): void
1065  {
1066  $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->getServer()->getServerId());
1067  }
1068 
1069  private function initRoleMapping(): void
1070  {
1071  $this->role_mapping = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId($this->getServer()->getServerId());
1072  }
1073 
1077  private function prepareGlobalRoleSelection(): array
1078  {
1079  $global_roles = ilUtil::_sortIds(
1080  $this->rbacReview->getGlobalRoles(),
1081  'object_data',
1082  'title',
1083  'obj_id'
1084  );
1085 
1086  $select[0] = $this->lng->txt('links_select_one');
1087  foreach ($global_roles as $role_id) {
1088  $select[$role_id] = ilObject::_lookupTitle((int) $role_id);
1089  }
1090  return $select;
1091  }
1092 
1093  private function getMappingFields(): array
1094  {
1095  return array('gender' => $this->lng->txt('gender'),
1096  'firstname' => $this->lng->txt('firstname'),
1097  'lastname' => $this->lng->txt('lastname'),
1098  'title' => $this->lng->txt('person_title'),
1099  'institution' => $this->lng->txt('institution'),
1100  'department' => $this->lng->txt('department'),
1101  'street' => $this->lng->txt('street'),
1102  'city' => $this->lng->txt('city'),
1103  'zipcode' => $this->lng->txt('zipcode'),
1104  'country' => $this->lng->txt('country'),
1105  'phone_office' => $this->lng->txt('phone_office'),
1106  'phone_home' => $this->lng->txt('phone_home'),
1107  'phone_mobile' => $this->lng->txt('phone_mobile'),
1108  'fax' => $this->lng->txt('fax'),
1109  'email' => $this->lng->txt('email'),
1110  'second_email' => $this->lng->txt('second_email'),
1111  'hobby' => $this->lng->txt('hobby'),
1112  'matriculation' => $this->lng->txt('matriculation'));
1113  }
1114 
1115  private function initUserDefinedFields(): void
1116  {
1117  $this->udf = ilUserDefinedFields::_getInstance();
1118  }
1119 
1120  private function prepareMappingSelect(): string
1121  {
1122  return ilLegacyFormElementsUtil::formSelect(
1123  $this->mapping_template,
1124  'mapping_template',
1125  [0 => $this->lng->txt('ldap_mapping_template'),
1126  "inetOrgPerson" => 'inetOrgPerson',
1127  "organizationalPerson" => 'organizationalPerson',
1128  "person" => 'person',
1129  "ad_2003" => 'Active Directory (Win 2003)'
1130  ],
1131  false,
1132  true
1133  );
1134  }
1135 
1141  protected function initFormRoleAssignments(string $a_mode): void
1142  {
1143  $this->form = new ilPropertyFormGUI();
1144  $this->form->setFormAction($this->ctrl->getFormAction($this));
1145 
1146  switch ($a_mode) {
1147  case 'edit':
1148  $this->form->setTitle($this->lng->txt('ldap_edit_role_ass_rule'));
1149  $this->form->addCommandButton('updateRoleAssignment', $this->lng->txt('save'));
1150  //$this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
1151  break;
1152  case 'create':
1153  $this->form->setTitle($this->lng->txt('ldap_add_role_ass_rule'));
1154  $this->form->addCommandButton('addRoleAssignment', $this->lng->txt('ldap_btn_add_role_ass'));
1155  //$this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
1156  break;
1157  }
1158 
1159  // Role Selection
1160  $role = new ilRadioGroupInputGUI($this->lng->txt('ldap_ilias_role'), 'role_name');
1161  $role->setRequired(true);
1162 
1163  $global = new ilRadioOption($this->lng->txt('ldap_global_role'), "0");
1164 
1165  $role->addOption($global);
1166 
1167  $role_select = new ilSelectInputGUI('', 'role_id');
1168  $role_select->setOptions($this->prepareGlobalRoleSelection());
1169  $global->addSubItem($role_select);
1170 
1171  $local = new ilRadioOption($this->lng->txt('ldap_local_role'), "1");
1172 
1173  $role->addOption($local);
1174 
1175  $role_search = new ilRoleAutoCompleteInputGUI('', 'role_search', $this, 'addRoleAutoCompleteObject');
1176  $role_search->setSize(40);
1177  $local->addSubItem($role_search);
1178 
1179  $role->setInfo($this->lng->txt('ldap_role_name_info'));
1180  $this->form->addItem($role);
1181 
1182  // Update options
1183  $update = new ilNonEditableValueGUI($this->lng->txt('ldap_update_roles'), 'update_roles');
1184  $update->setValue($this->lng->txt('ldap_check_role_assignment'));
1185 
1186  $add = new ilCheckboxInputGUI('', 'add_missing');
1187  $add->setOptionTitle($this->lng->txt('ldap_add_missing'));
1188  $update->addSubItem($add);
1189 
1190  $remove = new ilCheckboxInputGUI('', 'remove_deprecated');
1191  $remove->setOptionTitle($this->lng->txt('ldap_remove_deprecated'));
1192  $update->addSubItem($remove);
1193 
1194  $this->form->addItem($update);
1195 
1196 
1197 
1198  // Assignment Type
1199  $group = new ilRadioGroupInputGUI($this->lng->txt('ldap_assignment_type'), 'type');
1200  #$group->setValue($current_rule->getType());
1201  $group->setRequired(true);
1202 
1203  // Option by group
1204  $radio_group = new ilRadioOption($this->lng->txt('ldap_role_by_group'), (string) ilLDAPRoleAssignmentRule::TYPE_GROUP);
1205 
1206  $dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn'), 'dn');
1207  #$dn->setValue($current_rule->getDN());
1208  $dn->setSize(32);
1209  $dn->setMaxLength(512);
1210  $dn->setInfo($this->lng->txt('ldap_role_grp_dn_info'));
1211  $radio_group->addSubItem($dn);
1212  $at = new ilTextInputGUI($this->lng->txt('ldap_role_grp_at'), 'at');
1213  #$at->setValue($current_rule->getMemberAttribute());
1214  $at->setSize(16);
1215  $at->setMaxLength(128);
1216  $radio_group->addSubItem($at);
1217  $isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_role_grp_isdn'), 'isdn');
1218  #$isdn->setChecked($current_rule->isMemberAttributeDN());
1219  $isdn->setInfo($this->lng->txt('ldap_group_member_info'));
1220  $radio_group->addSubItem($isdn);
1221  $radio_group->setInfo($this->lng->txt('ldap_role_grp_info'));
1222 
1223  $group->addOption($radio_group);
1224 
1225  // Option by Attribute
1226  $radio_attribute = new ilRadioOption($this->lng->txt('ldap_role_by_attribute'), (string) ilLDAPRoleAssignmentRule::TYPE_ATTRIBUTE);
1227  $name = new ilTextInputGUI($this->lng->txt('ldap_role_at_name'), 'name');
1228  #$name->setValue($current_rule->getAttributeName());
1229  $name->setSize(32);
1230  $name->setMaxLength(128);
1231  #$name->setInfo($this->lng->txt('ldap_role_at_name_info'));
1232  $radio_attribute->addSubItem($name);
1233 
1234  // Radio Attribute
1235  $val = new ilTextInputGUI($this->lng->txt('ldap_role_at_value'), 'value');
1236  #$val->setValue($current_rule->getAttributeValue());
1237  $val->setSize(32);
1238  $val->setMaxLength(128);
1239  #$val->setInfo($this->lng->txt('ldap_role_at_value_info'));
1240  $radio_attribute->addSubItem($val);
1241  $radio_attribute->setInfo($this->lng->txt('ldap_role_at_info'));
1242 
1243  $group->addOption($radio_attribute);
1244 
1245  // Option by Plugin
1246  $pl_active = $this->component_repository->getPluginSlotById("ldaphk")->hasActivePlugins();
1247  $pl = new ilRadioOption($this->lng->txt('ldap_plugin'), "3");
1248 
1249  $pl->setInfo($this->lng->txt('ldap_plugin_info'));
1250  $pl->setDisabled(!$pl_active);
1251 
1252  $id = new ilNumberInputGUI($this->lng->txt('ldap_plugin_id'), 'plugin_id');
1253  $id->setDisabled(!$pl_active);
1254  $id->setSize(3);
1255  $id->setMaxLength(3);
1256  $id->setMaxValue(999);
1257  $id->setMinValue(1);
1258  $pl->addSubItem($id);
1259 
1260  $group->addOption($pl);
1261  $this->form->addItem($group);
1262  }
1263 
1264 
1268  public function addRoleAutoCompleteObject(): void
1269  {
1270  ilRoleAutoCompleteInputGUI::echoAutoCompleteList();
1271  }
1272 
1276  private function userMappingToolbar(): void
1277  {
1278  $select_form = new ilSelectInputGUI("mapping_template");
1279  $select_form->setPostVar("mapping_template");
1280  $options = array(
1281  "" => $this->lng->txt('ldap_mapping_template'),
1282  "inetOrgPerson" => 'inetOrgPerson',
1283  "organizationalPerson" => 'organizationalPerson',
1284  "person" => 'person',
1285  "ad_2003" => 'Active Directory (Win 2003)');
1286  $select_form->setOptions($options);
1287  $select_form->setValue($this->mapping_template);
1288 
1289  $this->toolbar->addInputItem($select_form);
1290  $this->toolbar->addFormButton($this->lng->txt('show'), "chooseMapping");
1291  $this->toolbar->setFormAction($this->ctrl->getFormAction($this, "chooseMapping"));
1292  }
1293 
1297  private function initUserMappingForm(): ilPropertyFormGUI
1298  {
1299  $propertie_form = new ilPropertyFormGUI();
1300  $propertie_form->setTitle($this->lng->txt('ldap_mapping_table'));
1301  $propertie_form->setFormAction($this->ctrl->getFormAction($this, 'saveMapping'));
1302  $propertie_form->addCommandButton('saveMapping', $this->lng->txt('save'));
1303 
1304  foreach ($this->getMappingFields() as $mapping => $lang) {
1305  $text_form = new ilTextInputGUI($lang);
1306  $text_form->setPostVar($mapping . "_value");
1307  $text_form->setValue($this->mapping->getValue($mapping));
1308  $text_form->setSize(32);
1309  $text_form->setMaxLength(255);
1310  $propertie_form->addItem($text_form);
1311 
1312  $checkbox_form = new ilCheckboxInputGUI("");
1313  $checkbox_form->setPostVar($mapping . "_update");
1314  $checkbox_form->setChecked($this->mapping->enabledUpdate($mapping));
1315  $checkbox_form->setOptionTitle($this->lng->txt('ldap_update_field_info'));
1316  $propertie_form->addItem($checkbox_form);
1317  }
1318 
1319  $this->initUserDefinedFields();
1320  foreach ($this->udf->getDefinitions() as $definition) {
1321  $text_form = new ilTextInputGUI($definition['field_name']);
1322  $text_form->setPostVar('udf_' . $definition['field_id'] . '_value');
1323  $text_form->setValue($this->mapping->getValue('udf_' . $definition['field_id']));
1324  $text_form->setSize(32);
1325  $text_form->setMaxLength(255);
1326  $propertie_form->addItem($text_form);
1327 
1328  $checkbox_form = new ilCheckboxInputGUI("");
1329  $checkbox_form->setPostVar('udf_' . $definition['field_id'] . '_update');
1330  $checkbox_form->setChecked($this->mapping->enabledUpdate('udf_' . $definition['field_id']));
1331  $checkbox_form->setOptionTitle($this->lng->txt('ldap_update_field_info'));
1332  $propertie_form->addItem($checkbox_form);
1333  }
1334 
1335  return $propertie_form;
1336  }
1337 
1341  public function roleMapping(): void
1342  {
1343  $this->setSubTabs();
1344  $this->tabs_gui->setTabActive('role_mapping');
1345  $this->toolbar->addButton(
1346  $this->lng->txt("ldap_new_role_assignment"),
1347  $this->ctrl->getLinkTarget($this, 'addRoleMapping')
1348  );
1349 
1350  //Set propertyform for synchronization settings
1351  $propertie_form = new ilPropertyFormGUI();
1352  $propertie_form->setTitle($this->lng->txt('ldap_role_settings'));
1353  $propertie_form->setFormAction($this->ctrl->getFormAction($this, "saveSyncronizationSettings"));
1354  $propertie_form->addCommandButton("saveSyncronizationSettings", $this->lng->txt('save'));
1355  $role_active = new ilCheckboxInputGUI($this->lng->txt('ldap_role_active'));
1356  $role_active->setPostVar('role_sync_active');
1357  $role_active->setChecked($this->server->enabledRoleSynchronization());
1358  $propertie_form->addItem($role_active);
1359  $binding = new ilCombinationInputGUI($this->lng->txt('ldap_server_binding'));
1360  $binding->setInfo($this->lng->txt('ldap_role_bind_user_info'));
1361  $user = new ilTextInputGUI("");
1362  $user->setPostVar("role_bind_user");
1363  $user->setValue($this->server->getRoleBindDN());
1364  $user->setSize(50);
1365  $user->setMaxLength(255);
1366  $binding->addCombinationItem("0", $user, $this->lng->txt('ldap_role_bind_user'));
1367 
1368  $pass = new ilPasswordInputGUI("");
1369  $pass->setPostVar("role_bind_pass");
1370  $pass->setValue($this->server->getRoleBindPassword());
1371  $pass->setSize(12);
1372  $pass->setMaxLength(100);
1373  $pass->setRetype(false);
1374  $binding->addCombinationItem("1", $pass, $this->lng->txt('ldap_role_bind_pass'));
1375 
1376  $propertie_form->addItem($binding);
1377 
1378  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_mappings.html', 'Services/LDAP');
1379  $this->tpl->setVariable("NEW_ASSIGNMENT_TBL", $propertie_form->getHTML());
1380 
1381  //Set Group Assignments Table if mappings exist
1382  $mapping_instance = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId($this->server->getServerId());
1383  $mappings = $mapping_instance->getMappings();
1384  if (count($mappings)) {
1385  $table_gui = new ilLDAPRoleMappingTableGUI($this, $this->server->getServerId());
1386  $table_gui->setTitle($this->lng->txt('ldap_role_group_assignments'));
1387  $table_gui->setData($mappings);
1388  $this->tpl->setVariable("RULES_TBL", $table_gui->getHTML());
1389  }
1390  }
1391 
1395  public function editRoleMapping(): void
1396  {
1397  $mapping = new ilLDAPRoleGroupMappingSetting($this->mapping_id);
1398  $mapping->read();
1399 
1400  $propertie_form = $this->initRoleMappingForm("updateRoleMapping");
1401  $propertie_form->setTitle($this->lng->txt('ldap_edit_role_assignment'));
1402  if ($propertie_form->getItemByPostVar("url")) {
1403  $propertie_form->getItemByPostVar("url")->setValue($mapping->getURL());
1404  }
1405  if ($propertie_form->getItemByPostVar("dn")) {
1406  $propertie_form->getItemByPostVar("dn")->setValue($mapping->getDN());
1407  }
1408  if ($propertie_form->getItemByPostVar("member")) {
1409  $propertie_form->getItemByPostVar("member")->setValue($mapping->getMemberAttribute());
1410  }
1411  if ($propertie_form->getItemByPostVar("memberisdn")) {
1412  $propertie_form->getItemByPostVar("memberisdn")->setChecked($mapping->getMemberISDN());
1413  }
1414  if ($propertie_form->getItemByPostVar("role")) {
1415  $propertie_form->getItemByPostVar("role")->setValue($mapping->getRoleName());
1416  }
1417  if ($propertie_form->getItemByPostVar("info")) {
1418  $propertie_form->getItemByPostVar("info")->setValue($mapping->getMappingInfo());
1419  }
1420  if ($propertie_form->getItemByPostVar("info_type")) {
1421  $propertie_form->getItemByPostVar("info_type")->setChecked($mapping->getMappingInfoType());
1422  }
1423 
1424  $this->tpl->setContent($propertie_form->getHTML());
1425  }
1426 
1427 
1428 
1432  public function createRoleMapping(): void
1433  {
1434  $propertie_form = $this->initRoleMappingForm("createRoleMapping");
1435 
1436  if ($propertie_form->checkInput() && $this->rbacReview->roleExists($propertie_form->getInput("role"))) {
1437  $mapping = new ilLDAPRoleGroupMappingSetting(0);
1438  $mapping->setServerId($this->server->getServerId());
1439  $mapping->setURL($propertie_form->getInput("url"));
1440  $mapping->setDN($propertie_form->getInput("dn"));
1441  $mapping->setMemberAttribute($propertie_form->getInput("member"));
1442  $mapping->setMemberISDN((bool) $propertie_form->getInput("memberisdn"));
1443  $mapping->setRoleByName($propertie_form->getInput("role"));
1444  $mapping->setMappingInfo($propertie_form->getInput("info"));
1445  $mapping->setMappingInfoType((bool) $propertie_form->getInput("info_type"));
1446  $mapping->save();
1447 
1448  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'), true);
1449  $this->ctrl->redirect($this, "roleMapping");
1450  } else {
1451  if (!$this->rbacReview->roleExists($propertie_form->getInput("role"))) {
1452  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt("ldap_role_not_exists") . " " .
1453  $propertie_form->getInput("role"));
1454  }
1455  $propertie_form->setValuesByPost();
1456  $this->tpl->setContent($propertie_form->getHTML());
1457  }
1458  }
1459 
1463  public function confirmDeleteRoleMapping(): void
1464  {
1465  if (!$this->mappings) {
1466  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'), true);
1467  $this->ctrl->redirect($this, "roleMapping");
1468  return;
1469  }
1470 
1471  $c_gui = new ilConfirmationGUI();
1472 
1473  // set confirm/cancel commands
1474  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRoleMapping"));
1475  $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass"));
1476  $c_gui->setCancel($this->lng->txt("cancel"), "roleMapping");
1477  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRoleMapping");
1478 
1479  foreach ($this->mappings as $id) {
1480  $mapping = new ilLDAPRoleGroupMappingSetting($id);
1481  $mapping->read();
1482  $txt = $this->lng->txt('obj_role') . ": " . $mapping->getRoleName() . ", ";
1483  $txt .= $this->lng->txt('ldap_group_dn') . ": " . $mapping->getDN() . ", ";
1484  $txt .= $this->lng->txt('ldap_server_short') . " " . $mapping->getURL() . ", ";
1485  $txt .= $this->lng->txt('ldap_group_member_short') . " " . $mapping->getMemberAttribute();
1486 
1487  $c_gui->addItem("mappings[]", (string) $id, $txt);
1488  }
1489  $this->tpl->setContent($c_gui->getHTML());
1490  }
1491 
1492  public function addServerSettings(): void
1493  {
1494  $this->checkAccess("write");
1495 
1496  $this->ctrl->clearParameters($this);
1497 
1498  $this->initForm();
1499  $this->tpl->setContent($this->form_gui->getHTML());
1500  }
1501 
1502  public function editServerSettings(): void
1503  {
1504  $this->checkAccess("write");
1505 
1506  $this->setSubTabs();
1507  $this->tabs_gui->setTabActive('settings');
1508 
1509  $this->initForm();
1510  $this->setServerFormValues();
1511  $this->tpl->setContent($this->form_gui->getHTML());
1512  }
1513 
1514 
1518  public function confirmDeleteServerSettings(): void
1519  {
1520  $this->checkAccess("write");
1521 
1522  if (!$this->ldap_server_id) {
1523  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
1524  $this->serverList();
1525  return;
1526  }
1527 
1528  $c_gui = new ilConfirmationGUI();
1529 
1530  // set confirm/cancel commands
1531  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteServerSettings"));
1532  $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_server_settings"));
1533  $c_gui->setCancel($this->lng->txt("cancel"), "serverList");
1534  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteServerSettings");
1535 
1536  // add items to delete
1537  $setting = new ilLDAPServer($this->ldap_server_id);
1538  $c_gui->addItem('server_ids[]', (string) $setting->getServerId(), $setting->getName());
1539 
1540  $this->tpl->setContent($c_gui->getHTML());
1541  }
1542 
1546  public function deleteServerSettings(): void
1547  {
1548  if (!$this->server_ids) {
1549  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
1550  $this->serverList();
1551  return;
1552  }
1553 
1554  foreach ($this->server_ids as $server_id) {
1555  $setting = new ilLDAPServer($server_id);
1556  $setting->delete();
1557  }
1558  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('deleted'));
1559  $this->ctrl->redirect($this, "serverlist");
1560  }
1561 
1565  public function userMapping(): void
1566  {
1567  $this->initAttributeMapping();
1568 
1569  $this->setSubTabs();
1570  $this->tabs_gui->activateTab('user_mapping');
1571  $this->userMappingToolbar();
1572 
1573  $propertie_form = $this->initUserMappingForm();
1574 
1575  $this->tpl->setContent($propertie_form->getHTML());
1576  }
1577 
1578 
1579 
1580  public function activateServer(): void
1581  {
1582  $this->checkAccess("write");
1583 
1584  $this->server->toggleActive(true);
1585  $this->server->update();
1586  $this->serverList();
1587  }
1588 
1589  public function deactivateServer(): void
1590  {
1591  $this->checkAccess("write");
1592 
1593  $this->server->toggleActive(false);
1594  $this->server->update();
1595  $this->serverList();
1596  }
1597 
1598 
1599 
1600 
1605  private function initRoleMappingForm(string $command): ilPropertyFormGUI
1606  {
1607  $this->setSubTabs();
1608  $this->tabs_gui->activateTab('role_mapping');
1609 
1610  if ($this->mapping_id) {
1611  $this->ctrl->setParameter($this, 'mapping_id', $this->mapping_id);
1612  }
1613 
1614  $propertie_form = new ilPropertyFormGUI();
1615  $propertie_form->setTitle($this->lng->txt('ldap_mapping_table'));
1616  $propertie_form->setFormAction($this->ctrl->getFormAction($this, $command));
1617  $propertie_form->addCommandButton($command, $this->lng->txt('save'));
1618  $propertie_form->addCommandButton("roleMapping", $this->lng->txt('cancel'));
1619 
1620  $url = new ilTextInputGUI($this->lng->txt('ldap_server'));
1621  $url->setPostVar("url");
1622  $url->setSize(50);
1623  $url->setMaxLength(255);
1624  $url->setRequired(true);
1625 
1626  $group_dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn'));
1627  $group_dn->setPostVar("dn");
1628  $group_dn->setSize(50);
1629  $group_dn->setMaxLength(255);
1630  $group_dn->setInfo($this->lng->txt('ldap_dn_info'));
1631  $group_dn->setRequired(true);
1632 
1633  $member = new ilTextInputGUI($this->lng->txt('ldap_group_member'));
1634  $member->setPostVar("member");
1635  $member->setSize(32);
1636  $member->setMaxLength(255);
1637  $member->setInfo($this->lng->txt('ldap_member_info'));
1638  $member->setRequired(true);
1639 
1640  $member_isdn = new ilCheckboxInputGUI("");
1641  $member_isdn->setPostVar("memberisdn");
1642  $member_isdn->setOptionTitle($this->lng->txt('ldap_memberisdn'));
1643 
1644  $role = new ilTextInputGUI($this->lng->txt('ldap_ilias_role'));
1645  $role->setPostVar("role");
1646  $role->setSize(32);
1647  $role->setMaxLength(255);
1648  $role->setInfo($this->lng->txt('ldap_role_info'));
1649  $role->setRequired(true);
1650 
1651  $info = new ilTextAreaInputGUI($this->lng->txt('ldap_info_text'));
1652  $info->setPostVar("info");
1653  $info->setCols(50);
1654  $info->setRows(3);
1655  $info->setInfo($this->lng->txt('ldap_info_text_info'));
1656 
1657  $info_type = new ilCheckboxInputGUI("");
1658  $info_type->setPostVar("info_type");
1659  $info_type->setOptionTitle($this->lng->txt('ldap_mapping_info_type'));
1660 
1661  $propertie_form->addItem($url);
1662  $propertie_form->addItem($group_dn);
1663  $propertie_form->addItem($member);
1664  $propertie_form->addItem($member_isdn);
1665  $propertie_form->addItem($role);
1666  $propertie_form->addItem($info);
1667  $propertie_form->addItem($info_type);
1668 
1669  return $propertie_form;
1670  }
1671 
1672 
1673 
1677  public function addRoleMapping(): void
1678  {
1679  $propertie_form = $this->initRoleMappingForm("createRoleMapping");
1680  if ($propertie_form->getItemByPostVar("url")) {
1681  $propertie_form->getItemByPostVar("url")->setValue($this->server->getUrl());
1682  }
1683  if ($this->mapping_id) {
1684  $mapping = new ilLDAPRoleGroupMappingSetting($this->mapping_id);
1685  $mapping->read();
1686  if ($propertie_form->getItemByPostVar("url")) {
1687  $propertie_form->getItemByPostVar("url")->setValue($mapping->getURL());
1688  }
1689  if ($propertie_form->getItemByPostVar("dn")) {
1690  $propertie_form->getItemByPostVar("dn")->setValue($mapping->getDN());
1691  }
1692  if ($propertie_form->getItemByPostVar("member")) {
1693  $propertie_form->getItemByPostVar("member")->setValue($mapping->getMemberAttribute());
1694  }
1695  if ($propertie_form->getItemByPostVar("memberisdn")) {
1696  $propertie_form->getItemByPostVar("memberisdn")->setChecked($mapping->getMemberISDN());
1697  }
1698  if ($propertie_form->getItemByPostVar("role")) {
1699  $propertie_form->getItemByPostVar("role")->setValue($mapping->getRoleName());
1700  }
1701  if ($propertie_form->getItemByPostVar("info")) {
1702  $propertie_form->getItemByPostVar("info")->setValue($mapping->getMappingInfo());
1703  }
1704  if ($propertie_form->getItemByPostVar("info_type")) {
1705  $propertie_form->getItemByPostVar("info_type")->setChecked($mapping->getMappingInfoType());
1706  }
1707  }
1708 
1709  $this->tpl->setContent($propertie_form->getHTML());
1710  }
1711 
1712 
1716  public function updateRoleMapping(): void
1717  {
1718  $propertie_form = $this->initRoleMappingForm("updateRoleMapping");
1719 
1720  if ($propertie_form->checkInput() && $this->rbacReview->roleExists($propertie_form->getInput("role"))) {
1721  $mapping = new ilLDAPRoleGroupMappingSetting($this->mapping_id);
1722  $mapping->setServerId($this->server->getServerId());
1723  $mapping->setURL($propertie_form->getInput("url"));
1724  $mapping->setDN($propertie_form->getInput("dn"));
1725  $mapping->setMemberAttribute($propertie_form->getInput("member"));
1726  $mapping->setMemberISDN((bool) $propertie_form->getInput("memberisdn"));
1727  $mapping->setRoleByName($propertie_form->getInput("role"));
1728  $mapping->setMappingInfo($propertie_form->getInput("info"));
1729  $mapping->setMappingInfoType((bool) $propertie_form->getInput("info_type"));
1730  $mapping->update();
1731 
1732  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'), true);
1733  $this->ctrl->redirect($this, "roleMapping");
1734  } else {
1735  if (!$this->rbacReview->roleExists($propertie_form->getInput("role"))) {
1736  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt("ldap_role_not_exists") . " " .
1737  $propertie_form->getInput("role"));
1738  }
1739  $propertie_form->setValuesByPost();
1740  $this->tpl->setContent($propertie_form->getHTML());
1741  }
1742  }
1743 
1747  public function saveSyncronizationSettings(): void
1748  {
1749  $this->server->setRoleBindDN($this->role_bind_user);
1750  $this->server->setRoleBindPassword($this->role_bind_pass);
1751  $this->server->enableRoleSynchronization($this->role_sync_active);
1752 
1753  // Update or create
1754  if ($this->server->getServerId()) {
1755  $this->server->update();
1756  }
1757  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'), true);
1758  $this->ctrl->redirect($this, "roleMapping");
1759  }
1760 }
ilLDAPServer\checkLDAPLib
static checkLDAPLib()
Check if ldap module is installed.
Definition: class.ilLDAPServer.php:129
ilLDAPSettingsGUI\confirmDeleteRules
confirmDeleteRules()
Confirm delete rules.
Definition: class.ilLDAPSettingsGUI.php:351
ilLDAPSettingsGUI\userMappingToolbar
userMappingToolbar()
Create Toolbar.
Definition: class.ilLDAPSettingsGUI.php:1276
ilSession\get
static get(string $a_var)
Definition: class.ilSession.php:459
ilLDAPSettingsGUI\checkRoleAssignmentInput
checkRoleAssignmentInput(int $a_rule_id=0)
Check role assignment input.
Definition: class.ilLDAPSettingsGUI.php:526
ilRadioOption
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilRadioOption.php:26
$res
$res
Definition: ltiservices.php:69
ilComponentRepository
Readable part of repository interface to ilComponentDataDB.
Definition: class.ilComponentRepository.php:25
ilLDAPSettingsGUI\createRoleMapping
createRoleMapping()
Check add screen input and save to db.
Definition: class.ilLDAPSettingsGUI.php:1432
ilLDAPSettingsGUI\loadRoleAssignmentRule
loadRoleAssignmentRule(int $a_rule_id, bool $load_from_form=true)
Load input from form.
Definition: class.ilLDAPSettingsGUI.php:553
ilLDAPSettingsGUI\$role_mapping
ilLDAPRoleGroupMappingSettings $role_mapping
Definition: class.ilLDAPSettingsGUI.php:46
ilLDAPSettingsGUI\__construct
__construct(int $a_auth_ref_id)
Definition: class.ilLDAPSettingsGUI.php:68
ilTabsGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilTabsGUI.php:23
ilLDAPSettingsGUI\initFormRoleAssignments
initFormRoleAssignments(string $a_mode)
Init form table for new role assignments.
Definition: class.ilLDAPSettingsGUI.php:1141
ilLDAPSettingsGUI\saveSyncronizationSettings
saveSyncronizationSettings()
save Syncronization Settings on Role Mapping screen
Definition: class.ilLDAPSettingsGUI.php:1747
ilLDAPServer\_getServerList
static _getServerList()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:227
ilUserDefinedFields
Additional user data fields definition.
Definition: class.ilUserDefinedFields.php:29
ilFormSectionHeaderGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilFormSectionHeaderGUI.php:26
ilRadioOption\setInfo
setInfo(string $a_info)
Definition: class.ilRadioOption.php:54
ilUtil\stripSlashes
static stripSlashes(string $a_str, bool $a_strip_html=true, string $a_allow="")
Definition: class.ilUtil.php:401
ilLDAPSettingsGUI\prepareGlobalRoleSelection
prepareGlobalRoleSelection()
New implementation for InputForm.
Definition: class.ilLDAPSettingsGUI.php:1077
ilLDAPSettingsGUI\getServer
getServer()
Get server settings.
Definition: class.ilLDAPSettingsGUI.php:228
ilLDAPSettingsGUI\updateRoleMapping
updateRoleMapping()
Check edit screen input and save to db.
Definition: class.ilLDAPSettingsGUI.php:1716
ilLegacyFormElementsUtil\formSelect
static formSelect( $selected, string $varname, array $options, bool $multiple=false, bool $direct_text=false, int $size=0, string $style_class="", array $attribs=[], bool $disabled=false)
Builds a select form field with options and shows the selected option first.
Definition: class.ilLegacyFormElementsUtil.php:316
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:26
ilLDAPSettingsGUI\setSubTabs
setSubTabs()
Set sub tabs for ldap section.
Definition: class.ilLDAPSettingsGUI.php:1012
ilLDAPSettingsGUI\editRoleAssignment
editRoleAssignment()
Edit role assignment.
Definition: class.ilLDAPSettingsGUI.php:262
$update
$update
Definition: imgupload.php:92
ilLDAPAttributeMappingUtils\_getMappingRulesByClass
static _getMappingRulesByClass(string $a_class)
Get mapping rule by objectClass.
Definition: class.ilLDAPAttributeMappingUtils.php:33
ilLDAPSettingsGUI\setValuesByArray
setValuesByArray()
set values of form array
Definition: class.ilLDAPSettingsGUI.php:285
ilLDAPSettingsGUI\$main_tpl
ilGlobalTemplateInterface $main_tpl
Definition: class.ilLDAPSettingsGUI.php:41
ilLDAPSettingsGUI\showRoleSelection
showRoleSelection()
show role selection
Definition: class.ilLDAPSettingsGUI.php:464
ilLDAPSettingsGUI\$tpl
ilGlobalTemplateInterface $tpl
Definition: class.ilLDAPSettingsGUI.php:35
ilLDAPSettingsGUI\confirmDeleteRoleMapping
confirmDeleteRoleMapping()
confirm delete role mappings
Definition: class.ilLDAPSettingsGUI.php:1463
ilLDAPRoleAssignmentRule\_getRules
static _getRules($a_server_id)
Get all rules.
Definition: class.ilLDAPRoleAssignmentRule.php:180
ilFormPropertyGUI\setPostVar
setPostVar(string $a_postvar)
Definition: class.ilFormPropertyGUI.php:112
$DIC
global $DIC
Definition: feed.php:28
ilQueryParser\setMinWordLength
setMinWordLength(int $a_length)
Definition: class.ilQueryParser.php:77
ilLDAPSettingsGUI\$form_gui
ilPropertyFormGUI $form_gui
Definition: class.ilLDAPSettingsGUI.php:29
$name
if($format !==null) $name
Definition: metadata.php:247
ilLDAPSettingsGUI\checkAccess
checkAccess(string $a_permission)
Definition: class.ilLDAPSettingsGUI.php:201
ilLDAPSettingsGUI\addRoleMapping
addRoleMapping()
Add Assigments for role mapping.
Definition: class.ilLDAPSettingsGUI.php:1677
ilLDAPSettingsGUI\$component_repository
ilComponentRepository $component_repository
Definition: class.ilLDAPSettingsGUI.php:42
ilLDAPSettingsGUI\confirmDeleteServerSettings
confirmDeleteServerSettings()
Confirm delete rules.
Definition: class.ilLDAPSettingsGUI.php:1518
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:26
ilRoleAutoCompleteInputGUI\echoAutoCompleteList
static echoAutoCompleteList()
Static asynchronous default auto complete function.
Definition: class.ilRoleAutoCompleteInputGUI.php:57
ilObject\_lookupTitle
static _lookupTitle(int $obj_id)
Definition: class.ilObject.php:837
ilLDAPSettingsGUI\deleteRules
deleteRules()
delete role assignment rule
Definition: class.ilLDAPSettingsGUI.php:382
ilLDAPSettingsGUI\$mapping
ilLDAPAttributeMapping $mapping
Definition: class.ilLDAPSettingsGUI.php:28
$keys
$keys
Definition: metadata.php:204
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:26
ilLDAPSettingsGUI\addRoleAutoCompleteObject
addRoleAutoCompleteObject()
Add Member for autoComplete.
Definition: class.ilLDAPSettingsGUI.php:1268
ilLDAPSettingsGUI\addRoleAssignment
addRoleAssignment()
add new role assignment
Definition: class.ilLDAPSettingsGUI.php:400
ILIAS\LTI\ToolProvider\$key
string $key
Consumer key/client ID value.
Definition: System.php:193
ilLDAPAttributeMapping\_lookupGlobalRole
static _lookupGlobalRole(int $a_server_id)
Definition: class.ilLDAPAttributeMapping.php:65
ilLDAPSettingsGUI\userMapping
userMapping()
Ldap User Mapping.
Definition: class.ilLDAPSettingsGUI.php:1565
ilLDAPSettingsGUI\$udf
ilUserDefinedFields $udf
Definition: class.ilLDAPSettingsGUI.php:43
ilPasswordInputGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilPasswordInputGUI.php:26
ilLDAPSettingsGUI\roleAssignments
roleAssignments()
Edit role assignments.
Definition: class.ilLDAPSettingsGUI.php:236
ilLDAPSettingsGUI\roleMapping
roleMapping()
Role Mapping Tab.
Definition: class.ilLDAPSettingsGUI.php:1341
ilLDAPSettingsGUI\updateRoleAssignment
updateRoleAssignment()
update role assignment
Definition: class.ilLDAPSettingsGUI.php:311
$txt
$txt
Definition: error.php:13
ilFormPropertyGUI\setRequired
setRequired(bool $a_required)
Definition: class.ilFormPropertyGUI.php:149
ILIAS\Repository\form
form( $class_path, string $cmd)
Definition: trait.GlobalDICGUIServices.php:105
ilRoleAutoCompleteInputGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilRoleAutoCompleteInputGUI.php:26
ilTable2GUI\setTitle
setTitle(string $a_title, string $a_icon="", string $a_icon_alt="")
Definition: class.ilTable2GUI.php:448
ilLDAPAttributeMapping
This class stores the settings that define the mapping between LDAP attribute and user profile fields...
Definition: class.ilLDAPAttributeMapping.php:26
ilUtil\_sortIds
static _sortIds(array $a_ids, string $a_table, string $a_field, string $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,7),&#39;usr_data&#39;,&#39;lastname&#39;,&#39;usr_id&#39;) => sorts by lastname.
Definition: class.ilUtil.php:1223
$lang
$lang
Definition: xapiexit.php:26
ilLDAPSettingsGUI\initUserMappingForm
initUserMappingForm()
Create Property Form GUI for User Mapping.
Definition: class.ilLDAPSettingsGUI.php:1297
ilLDAPSettingsGUI\saveRoleSelection
saveRoleSelection()
Save role selection.
Definition: class.ilLDAPSettingsGUI.php:494
ilLDAPRoleAssignmentRule\_getInstanceByRuleId
static _getInstanceByRuleId(int $a_rule_id)
Definition: class.ilLDAPRoleAssignmentRule.php:64
ilRoleSelectionTableGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilRoleSelectionTableGUI.php:25
ilCombinationInputGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilCombinationInputGUI.php:26
ilCustomInputGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilCustomInputGUI.php:27
ilLDAPRoleGroupMappingSettings\_getInstanceByServerId
static _getInstanceByServerId(int $a_server_id)
Get instance of class.
Definition: class.ilLDAPRoleGroupMappingSettings.php:59
ilErrorHandling
Error Handling & global info handling uses PEAR error class.
Definition: class.ilErrorHandling.php:38
ilLDAPAttributeMapping\read
read()
Read mapping settings from db.
Definition: class.ilLDAPAttributeMapping.php:233
ilNonEditableValueGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilNonEditableValueGUI.php:26
ilLDAPSettingsGUI\getAttributeMappingKeys
getAttributeMappingKeys()
Get all possible attribute keys for mapping ldap attribute to ilias user attributes.
Definition: class.ilLDAPSettingsGUI.php:212
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:26
ilAdministrationSettingsFormHandler\addFieldsToForm
static addFieldsToForm(int $a_form_id, ilPropertyFormGUI $a_form, ilObjectGUI $a_parent_gui)
Definition: class.ilAdministrationSettingsFormHandler.php:117
$id
$id
plugin.php for ilComponentBuildPluginInfoObjectiveTest::testAddPlugins
Definition: plugin.php:23
$url
$url
Definition: proxy_ylocal.php:28
ilLDAPAttributeMapping\save
save()
Save mapping rules to db.
Definition: class.ilLDAPAttributeMapping.php:177
ilLDAPSettingsGUI\$rule
ilLDAPRoleAssignmentRule $rule
Definition: class.ilLDAPSettingsGUI.php:45
ilLDAPSettingsGUI\initRoleMappingForm
initRoleMappingForm(string $command)
init propertyformgui for Assignment of LDAP Attributes to ILIAS User Profile
Definition: class.ilLDAPSettingsGUI.php:1605
ilCheckboxInputGUI\setOptionTitle
setOptionTitle(string $a_optiontitle)
Definition: class.ilCheckboxInputGUI.php:64
ilSession\set
static set(string $a_var, $a_val)
Set a value.
Definition: class.ilSession.php:451
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId(int $a_server_id)
Definition: class.ilLDAPAttributeMapping.php:45
$version
$version
Definition: plugin.php:24
ilLDAPSettingsGUI\$role_mapping_rule
ilLDAPRoleAssignmentRule $role_mapping_rule
Definition: class.ilLDAPSettingsGUI.php:44
ilLDAPSettingsGUI\getRoleAssignmentTable
getRoleAssignmentTable()
Show active role assignments.
Definition: class.ilLDAPSettingsGUI.php:536
ilConfirmationGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilConfirmationGUI.php:24
ilLDAPSettingsGUI\editRoleMapping
editRoleMapping()
Edit Assigments for role mapping.
Definition: class.ilLDAPSettingsGUI.php:1395
ILIAS\Repository\$refinery
Refinery Factory $refinery
Definition: trait.BaseGUIRequest.php:36