ILIAS  trunk Revision v11.0_alpha-1749-g1a06bdef097
All Data Structures Namespaces Files Functions Variables Enumerations Enumerator Modules Pages
Public Member Functions | Data Fields | Protected Member Functions | Private Member Functions | Private Attributes
ilLDAPAttributeToUser Class Reference

Update/create ILIAS user account by given LDAP attributes according to user attribute mapping settings. More...

+ Collaboration diagram for ilLDAPAttributeToUser:

Public Member Functions

 __construct (ilLDAPServer $a_server)
 Construct of ilLDAPAttribute2XML Defines between LDAP and ILIAS user attributes. More...
 
 getServer ()
 Get server settings. More...
 
 setUserData (array $a_data)
 Set user data received from pear auth or by ldap_search. More...
 
 setNewUserAuthMode (string $a_authmode)
 Set auth mode for new users. More...
 
 getNewUserAuthMode ()
 Get auth mode for new users. More...
 
 addMode (int $a_mode)
 Add import mode. More...
 
 isModeActive (int $a_mode)
 Check if mode is active. More...
 
 refresh ()
 Create/Update non existing users. More...
 

Data Fields

const MODE_INITIALIZE_ROLES = 1
 

Protected Member Functions

 parseRoleAssignmentsForUpdate (int $a_usr_id, string $a_external_account, array $user)
 Parse role assignments for update of user account. More...
 
 parseRoleAssignmentsForCreation (string $a_external_account, array $a_user)
 Parse role assignments for update of user account. More...
 

Private Member Functions

 usersToXML ()
 Create xml string of user according to mapping rules. More...
 
 convertInput ($a_value)
 A value can be an array or a string This function converts arrays to strings. More...
 
 doMapping (array $user, array $rule)
 
 initLDAPAttributeMapping ()
 
 initUserDefinedFields ()
 

Private Attributes

array $modes = []
 
ilLDAPServer $server_settings
 
array $user_data = []
 
ilLDAPAttributeMapping $mapping
 
string $new_user_auth_mode = 'ldap'
 
ilLogger $logger
 
ilXmlWriter $writer
 
ilUserDefinedFields $udf
 

Detailed Description

Update/create ILIAS user account by given LDAP attributes according to user attribute mapping settings.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om

Definition at line 27 of file class.ilLDAPAttributeToUser.php.

Constructor & Destructor Documentation

◆ __construct()

ilLDAPAttributeToUser::__construct ( ilLDAPServer  $a_server)

Construct of ilLDAPAttribute2XML Defines between LDAP and ILIAS user attributes.

Definition at line 44 of file class.ilLDAPAttributeToUser.php.

References $DIC, initLDAPAttributeMapping(), and ILIAS\Repository\logger().

45  {
46  global $DIC;
47 
48  $this->logger = $DIC->logger()->auth();
49 
50  $this->server_settings = $a_server;
51 
52  $this->initLDAPAttributeMapping();
53  }
$DIC
global $DIC
Definition: shib_login.php:22
+ Here is the call graph for this function:

Member Function Documentation

◆ addMode()

ilLDAPAttributeToUser::addMode ( int  $a_mode)

Add import mode.

Definition at line 95 of file class.ilLDAPAttributeToUser.php.

95  : void
96  {
97  //TODO check for proper value
98  if (!in_array($a_mode, $this->modes, true)) {
99  $this->modes[] = $a_mode;
100  }
101  }

◆ convertInput()

ilLDAPAttributeToUser::convertInput (   $a_value)
private

A value can be an array or a string This function converts arrays to strings.

Parameters
array|stringvalue
Returns
string

Definition at line 383 of file class.ilLDAPAttributeToUser.php.

Referenced by doMapping().

383  : string
384  {
385  if (is_array($a_value)) {
386  return $a_value[0];
387  }
388 
389  return $a_value;
390  }
+ Here is the caller graph for this function:

◆ doMapping()

ilLDAPAttributeToUser::doMapping ( array  $user,
array  $rule 
)
private

Definition at line 392 of file class.ilLDAPAttributeToUser.php.

References convertInput().

Referenced by usersToXML().

392  : string
393  {
394  $mapping = strtolower(trim($rule['value']));
395 
396  if (strpos($mapping, ',') === false) {
397  return $this->convertInput($user[$mapping] ?? '');
398  }
399  // Is multiple mapping
400 
401  $fields = explode(',', $mapping);
402  $value = '';
403  foreach ($fields as $field) {
404  if ($value !== '') {
405  $value .= ' ';
406  }
407  $value .= ($this->convertInput($user[trim($field)] ?? ''));
408  }
409  return $value;
410  }
ilLDAPAttributeToUser\convertInput
convertInput($a_value)
A value can be an array or a string This function converts arrays to strings.
Definition: class.ilLDAPAttributeToUser.php:383
ilLDAPAttributeToUser\$mapping
ilLDAPAttributeMapping $mapping
Definition: class.ilLDAPAttributeToUser.php:34
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getNewUserAuthMode()

ilLDAPAttributeToUser::getNewUserAuthMode ( )

Get auth mode for new users.

Definition at line 87 of file class.ilLDAPAttributeToUser.php.

References $new_user_auth_mode.

Referenced by usersToXML().

87  : string
88  {
89  return $this->new_user_auth_mode;
90  }
+ Here is the caller graph for this function:

◆ getServer()

ilLDAPAttributeToUser::getServer ( )

Get server settings.

Returns
ilLDAPServer

Definition at line 59 of file class.ilLDAPAttributeToUser.php.

References $server_settings.

Referenced by parseRoleAssignmentsForCreation(), parseRoleAssignmentsForUpdate(), and refresh().

59  : ilLDAPServer
60  {
61  return $this->server_settings;
62  }
+ Here is the caller graph for this function:

◆ initLDAPAttributeMapping()

ilLDAPAttributeToUser::initLDAPAttributeMapping ( )
private

Definition at line 412 of file class.ilLDAPAttributeToUser.php.

References ilLDAPAttributeMapping\_getInstanceByServerId().

Referenced by __construct().

412  : void
413  {
414  $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->server_settings->getServerId());
415  }
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId(int $a_server_id)
Definition: class.ilLDAPAttributeMapping.php:45
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ initUserDefinedFields()

ilLDAPAttributeToUser::initUserDefinedFields ( )
private

Definition at line 417 of file class.ilLDAPAttributeToUser.php.

References ilUserDefinedFields\_getInstance().

Referenced by usersToXML().

417  : void
418  {
419  $this->udf = ilUserDefinedFields::_getInstance();
420  }
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isModeActive()

ilLDAPAttributeToUser::isModeActive ( int  $a_mode)

Check if mode is active.

Parameters
int$a_mode
Returns
bool

Definition at line 108 of file class.ilLDAPAttributeToUser.php.

Referenced by usersToXML().

108  : bool
109  {
110  return in_array($a_mode, $this->modes, true);
111  }
+ Here is the caller graph for this function:

◆ parseRoleAssignmentsForCreation()

ilLDAPAttributeToUser::parseRoleAssignmentsForCreation ( string  $a_external_account,
array  $a_user 
)
protected

Parse role assignments for update of user account.

Parameters
string$a_external_account
array$a_user

Definition at line 161 of file class.ilLDAPAttributeToUser.php.

References ilLDAPRoleAssignmentRules\getAssignmentsForCreation(), and getServer().

Referenced by usersToXML().

161  : void
162  {
163  foreach (ilLDAPRoleAssignmentRules::getAssignmentsForCreation(
164  $this->getServer()->getServerId(),
165  $a_external_account,
166  $a_user
167  ) as $role_data) {
168  $this->writer->xmlElement(
169  'Role',
170  [
171  'Id' => $role_data['id'],
172  'Type' => $role_data['type'],
173  'Action' => $role_data['action']
174  ],
175  ''
176  );
177  }
178  }
ilLDAPRoleAssignmentRules\getAssignmentsForCreation
static getAssignmentsForCreation(int $a_server_id, string $a_usr_name, array $a_usr_data)
Definition: class.ilLDAPRoleAssignmentRules.php:140
ilLDAPAttributeToUser\getServer
getServer()
Get server settings.
Definition: class.ilLDAPAttributeToUser.php:59
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ parseRoleAssignmentsForUpdate()

ilLDAPAttributeToUser::parseRoleAssignmentsForUpdate ( int  $a_usr_id,
string  $a_external_account,
array  $user 
)
protected

Parse role assignments for update of user account.

Parameters
int$a_usr_id
string$a_external_account
array$user

Definition at line 136 of file class.ilLDAPAttributeToUser.php.

References ilLDAPRoleAssignmentRules\getAssignmentsForUpdate(), and getServer().

Referenced by usersToXML().

136  : void
137  {
138  foreach (ilLDAPRoleAssignmentRules::getAssignmentsForUpdate(
139  $this->getServer()->getServerId(),
140  $a_usr_id,
141  $a_external_account,
142  $user
143  ) as $role_data) {
144  $this->writer->xmlElement(
145  'Role',
146  [
147  'Id' => $role_data['id'],
148  'Type' => $role_data['type'],
149  'Action' => $role_data['action']
150  ],
151  ''
152  );
153  }
154  }
ilLDAPRoleAssignmentRules\getAssignmentsForUpdate
static getAssignmentsForUpdate(int $a_server_id, $a_usr_id, $a_usr_name, $a_usr_data)
Definition: class.ilLDAPRoleAssignmentRules.php:90
ilLDAPAttributeToUser\getServer
getServer()
Get server settings.
Definition: class.ilLDAPAttributeToUser.php:59
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ refresh()

ilLDAPAttributeToUser::refresh ( )

Create/Update non existing users.

Definition at line 117 of file class.ilLDAPAttributeToUser.php.

References ilLDAPRoleAssignmentRules\getAllPossibleRoles(), getServer(), and usersToXML().

117  : bool
118  {
119  $this->usersToXML();
120 
121  $importParser = new ilUserImportParser();
122  $importParser->setXMLContent($this->writer->xmlDumpMem(false));
123  $importParser->setRoleAssignment(ilLDAPRoleAssignmentRules::getAllPossibleRoles($this->getServer()->getServerId()));
124  $importParser->setFolderId(7);
125  $importParser->startParsing();
126 
127  return true;
128  }
ilLDAPRoleAssignmentRules\getAllPossibleRoles
static getAllPossibleRoles(int $a_server_id)
Get all assignable roles (used for import parser)
Definition: class.ilLDAPRoleAssignmentRules.php:43
ilLDAPAttributeToUser\getServer
getServer()
Get server settings.
Definition: class.ilLDAPAttributeToUser.php:59
ilLDAPAttributeToUser\usersToXML
usersToXML()
Create xml string of user according to mapping rules.
Definition: class.ilLDAPAttributeToUser.php:183
+ Here is the call graph for this function:

◆ setNewUserAuthMode()

ilLDAPAttributeToUser::setNewUserAuthMode ( string  $a_authmode)

Set auth mode for new users.

Parameters
string$a_authmode

Definition at line 79 of file class.ilLDAPAttributeToUser.php.

79  : void
80  {
81  $this->new_user_auth_mode = $a_authmode;
82  }

◆ setUserData()

ilLDAPAttributeToUser::setUserData ( array  $a_data)

Set user data received from pear auth or by ldap_search.

Parameters
arrayarray of auth data. array('ilias_account1' => array(firstname => 'Stefan',...),...)

Definition at line 70 of file class.ilLDAPAttributeToUser.php.

70  : void
71  {
72  $this->user_data = $a_data;
73  }

◆ usersToXML()

ilLDAPAttributeToUser::usersToXML ( )
private

Create xml string of user according to mapping rules.

Definition at line 183 of file class.ilLDAPAttributeToUser.php.

References $data, ilAuthUtils\_generateLogin(), ilObjUser\_lookupId(), doMapping(), getNewUserAuthMode(), initUserDefinedFields(), isModeActive(), ILIAS\Repository\logger(), parseRoleAssignmentsForCreation(), and parseRoleAssignmentsForUpdate().

Referenced by refresh().

183  : void
184  {
185  $this->writer = new ilXmlWriter();
186  $this->writer->xmlStartTag('Users');
187 
188  $cnt_update = 0;
189  $cnt_create = 0;
190 
191  // Single users
192  foreach ($this->user_data as $external_account => $user) {
193  $external_account = (string) $external_account;
194 
195  $user['ilExternalAccount'] = $external_account;
196 
197  // Required fields
198  if ($user['ilInternalAccount']) {
199  $usr_id = ilObjUser::_lookupId($user['ilInternalAccount']);
200 
201  ++$cnt_update;
202  // User exists
203  $this->writer->xmlStartTag('User', ['Id' => $usr_id, 'Action' => 'Update']);
204  $this->writer->xmlElement('Login', [], $user['ilInternalAccount']);
205  $this->writer->xmlElement('ExternalAccount', [], $external_account);
206  $this->writer->xmlElement('AuthMode', ['type' => $this->getNewUserAuthMode()]);
207 
208  if ($this->isModeActive(self::MODE_INITIALIZE_ROLES)) {
209  $this->parseRoleAssignmentsForCreation($external_account, $user);
210  } else {
211  $this->parseRoleAssignmentsForUpdate($usr_id, $external_account, $user);
212  }
213  $rules = $this->mapping->getRulesForUpdate();
214  } else {
215  ++$cnt_create;
216  // Create user
217  $this->writer->xmlStartTag('User', ['Action' => 'Insert']);
218  $this->writer->xmlElement('Login', [], ilAuthUtils::_generateLogin($external_account));
219 
220  $this->parseRoleAssignmentsForCreation($external_account, $user);
221  $rules = $this->mapping->getRules(true);
222  }
223 
224  $this->writer->xmlElement('Active', [], "true");
225  $this->writer->xmlElement('TimeLimitOwner', [], 7);
226  $this->writer->xmlElement('TimeLimitUnlimited', [], 1);
227  $this->writer->xmlElement('TimeLimitFrom', [], time());
228  $this->writer->xmlElement('TimeLimitUntil', [], time());
229 
230  // only for new users.
231  // If auth_mode is 'default' (ldap) this status should remain.
232  if (!$user['ilInternalAccount']) {
233  $this->writer->xmlElement(
234  'AuthMode',
235  ['type' => $this->getNewUserAuthMode()],
236  $this->getNewUserAuthMode()
237  );
238  $this->writer->xmlElement('ExternalAccount', [], $external_account);
239  }
240  foreach ($rules as $field => $data) {
241  // Do Mapping: it is possible to assign multiple ldap attribute to one user data field
242  if (!($value = $this->doMapping($user, $data))) {
243  continue;
244  }
245 
246  switch ($field) {
247  case 'gender':
248  switch (strtolower($value)) {
249  case 'm':
250  case 'male':
251  $this->writer->xmlElement('Gender', [], 'm');
252  break;
253 
254  case 'f':
255  case 'female':
256  $this->writer->xmlElement('Gender', [], 'f');
257  break;
258 
259  default:
260  // use the default for anything that is not clearly m or f
261  $this->writer->xmlElement('Gender', [], 'n');
262  break;
263  }
264  break;
265 
266  case 'firstname':
267  $this->writer->xmlElement('Firstname', [], $value);
268  break;
269 
270  case 'lastname':
271  $this->writer->xmlElement('Lastname', [], $value);
272  break;
273 
274  case 'hobby':
275  $this->writer->xmlElement('Hobby', [], $value);
276  break;
277 
278  case 'title':
279  $this->writer->xmlElement('Title', [], $value);
280  break;
281 
282  case 'institution':
283  $this->writer->xmlElement('Institution', [], $value);
284  break;
285 
286  case 'department':
287  $this->writer->xmlElement('Department', [], $value);
288  break;
289 
290  case 'street':
291  $this->writer->xmlElement('Street', [], $value);
292  break;
293 
294  case 'city':
295  $this->writer->xmlElement('City', [], $value);
296  break;
297 
298  case 'zipcode':
299  $this->writer->xmlElement('PostalCode', [], $value);
300  break;
301 
302  case 'country':
303  $this->writer->xmlElement('Country', [], $value);
304  break;
305 
306  case 'phone_office':
307  $this->writer->xmlElement('PhoneOffice', [], $value);
308  break;
309 
310  case 'phone_home':
311  $this->writer->xmlElement('PhoneHome', [], $value);
312  break;
313 
314  case 'phone_mobile':
315  $this->writer->xmlElement('PhoneMobile', [], $value);
316  break;
317 
318  case 'fax':
319  $this->writer->xmlElement('Fax', [], $value);
320  break;
321 
322  case 'email':
323  $this->writer->xmlElement('Email', [], $value);
324  break;
325 
326  case 'second_email':
327  $this->writer->xmlElement('SecondEmail', [], $value);
328  break;
329 
330  case 'matriculation':
331  $this->writer->xmlElement('Matriculation', [], $value);
332  break;
333 
334  default:
335  // Handle user defined fields
336  if (strpos($field, 'udf_') !== 0) {
337  continue 2;
338  }
339  $id_data = explode('_', $field);
340  if (!isset($id_data[1])) {
341  continue 2;
342  }
343  $this->initUserDefinedFields();
344  $definition = $this->udf->getDefinition((int) $id_data[1]);
345  if (empty($definition)) {
346  $this->logger->warning(sprintf(
347  "Invalid/Orphaned UD field mapping detected: %s",
348  $field
349  ));
350  break;
351  }
352 
353  $this->writer->xmlElement(
354  'UserDefinedField',
355  [
356  'Id' => $definition['il_id'],
357  'Name' => $definition['field_name']
358  ],
359  $value
360  );
361  break;
362  }
363  }
364  $this->writer->xmlEndTag('User');
365  }
366 
367  if ($cnt_create) {
368  $this->logger->info('LDAP: Started creation of ' . $cnt_create . ' users.');
369  }
370  if ($cnt_update) {
371  $this->logger->info('LDAP: Started update of ' . $cnt_update . ' users.');
372  }
373  $this->writer->xmlEndTag('Users');
374  }
ilAuthUtils\_generateLogin
static _generateLogin(string $a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:373
ilObjUser\_lookupId
static _lookupId($a_user_str)
Definition: class.ilObjUser.php:692
ilLDAPAttributeToUser\parseRoleAssignmentsForCreation
parseRoleAssignmentsForCreation(string $a_external_account, array $a_user)
Parse role assignments for update of user account.
Definition: class.ilLDAPAttributeToUser.php:161
ilLDAPAttributeToUser\parseRoleAssignmentsForUpdate
parseRoleAssignmentsForUpdate(int $a_usr_id, string $a_external_account, array $user)
Parse role assignments for update of user account.
Definition: class.ilLDAPAttributeToUser.php:136
ilLDAPAttributeToUser\doMapping
doMapping(array $user, array $rule)
Definition: class.ilLDAPAttributeToUser.php:392
ilLDAPAttributeToUser\getNewUserAuthMode
getNewUserAuthMode()
Get auth mode for new users.
Definition: class.ilLDAPAttributeToUser.php:87
ilLDAPAttributeToUser\isModeActive
isModeActive(int $a_mode)
Check if mode is active.
Definition: class.ilLDAPAttributeToUser.php:108
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

Field Documentation

◆ $logger

ilLogger ilLDAPAttributeToUser::$logger
private

Definition at line 36 of file class.ilLDAPAttributeToUser.php.

◆ $mapping

ilLDAPAttributeMapping ilLDAPAttributeToUser::$mapping
private

Definition at line 34 of file class.ilLDAPAttributeToUser.php.

◆ $modes

array ilLDAPAttributeToUser::$modes = []
private

Definition at line 31 of file class.ilLDAPAttributeToUser.php.

◆ $new_user_auth_mode

string ilLDAPAttributeToUser::$new_user_auth_mode = 'ldap'
private

Definition at line 35 of file class.ilLDAPAttributeToUser.php.

Referenced by getNewUserAuthMode().

◆ $server_settings

ilLDAPServer ilLDAPAttributeToUser::$server_settings
private

Definition at line 32 of file class.ilLDAPAttributeToUser.php.

Referenced by getServer().

◆ $udf

ilUserDefinedFields ilLDAPAttributeToUser::$udf
private

Definition at line 38 of file class.ilLDAPAttributeToUser.php.

◆ $user_data

array ilLDAPAttributeToUser::$user_data = []
private

Definition at line 33 of file class.ilLDAPAttributeToUser.php.

◆ $writer

ilXmlWriter ilLDAPAttributeToUser::$writer
private

Definition at line 37 of file class.ilLDAPAttributeToUser.php.

◆ MODE_INITIALIZE_ROLES

const ilLDAPAttributeToUser::MODE_INITIALIZE_ROLES = 1

Definition at line 29 of file class.ilLDAPAttributeToUser.php.

Referenced by ilLDAPUserSynchronisation\performUpdate().

The documentation for this class was generated from the following file: