ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
class.ilLDAPCronSynchronization.php
Go to the documentation of this file.
1<?php
2
19declare(strict_types=1);
20
21use ILIAS\Cron\Job\Schedule\JobScheduleType;
22use ILIAS\Cron\Job\JobManager;
23use ILIAS\Cron\Job\JobResult;
24use ILIAS\Cron\CronJob;
25
30class ilLDAPCronSynchronization extends CronJob
31{
32 private ilLanguage $lng;
33 private ilLogger $logger;
34 private JobManager $cronManager;
35
36 private int $counter = 0;
37
38 public function __construct()
39 {
40 global $DIC;
41
42 $this->logger = $DIC->logger()->auth();
43 $this->cronManager = $DIC->cron()->manager();
44 $this->lng = $DIC->language();
45 $this->lng->loadLanguageModule('ldap');
46 }
47
48 public function getId(): string
49 {
50 return "ldap_sync";
51 }
52
53 public function getTitle(): string
54 {
55 return $this->lng->txt('ldap_user_sync_cron');
56 }
57
58 public function getDescription(): string
59 {
60 return $this->lng->txt("ldap_user_sync_cron_info");
61 }
62
63 public function getDefaultScheduleType(): JobScheduleType
64 {
65 return JobScheduleType::DAILY;
66 }
67
68 public function getDefaultScheduleValue(): ?int
69 {
70 return null;
71 }
72
73 public function hasAutoActivation(): bool
74 {
75 return false;
76 }
77
78 public function hasFlexibleSchedule(): bool
79 {
80 return false;
81 }
82
83 public function run(): JobResult
84 {
85 $status = JobResult::STATUS_NO_ACTION;
86
87 $messages = array();
88 foreach (ilLDAPServer::_getCronServerIds() as $server_id) {
89 try {
90 $current_server = new ilLDAPServer($server_id);
91 $current_server->doConnectionCheck();
92 $this->logger->info("LDAP: starting user synchronization for " . $current_server->getName());
93
94 $ldap_query = new ilLDAPQuery($current_server);
95 $ldap_query->bind();
96
97 if (is_array($users = $ldap_query->fetchUsers())) {
98 // Deactivate ldap users that are not in the list
99 $this->deactivateUsers($current_server, $users);
100 }
101
102 if (count($users)) {
103 ilUserCreationContext::getInstance()->addContext(ilUserCreationContext::CONTEXT_LDAP);
104
105 $offset = 0;
106 $limit = 500;
107 while ($user_sliced = array_slice($users, $offset, $limit, true)) {
108 $this->logger->info("LDAP: Starting update/creation of users ...");
109 $this->logger->info("LDAP: Offset: " . $offset);
110 $ldap_to_ilias = new ilLDAPAttributeToUser($current_server);
111 $ldap_to_ilias->setNewUserAuthMode($current_server->getAuthenticationMappingKey());
112 $ldap_to_ilias->setUserData($user_sliced);
113 $ldap_to_ilias->refresh();
114 $this->logger->info("LDAP: Finished update/creation");
115
116 $offset += $limit;
117
118 $this->cronManager->ping($this->getId());
119 }
120 $this->counter++;
121 } else {
122 $this->logger->info("LDAP: No users for update/create. Aborting.");
123 }
124 } catch (ilLDAPQueryException $exc) {
125 $mess = $exc->getMessage();
126 $this->logger->info($mess);
127
128 $messages[] = $mess;
129 }
130 }
131
132 if ($this->counter) {
133 $status = JobResult::STATUS_OK;
134 }
135 $result = new JobResult();
136 if (count($messages)) {
137 $result->setMessage(implode("\n", $messages));
138 }
139 $result->setStatus($status);
140 return $result;
141 }
142
146 private function deactivateUsers(ilLDAPServer $server, array $a_ldap_users): void
147 {
148 $inactive = [];
149
150 foreach (ilObjUser::_getExternalAccountsByAuthMode($server->getAuthenticationMappingKey(), true) as $usr_id => $external_account) {
151 if (!array_key_exists($external_account, $a_ldap_users)) {
152 $inactive[] = $usr_id;
153 }
154 }
155 if (count($inactive)) {
156 ilObjUser::_toggleActiveStatusOfUsers($inactive, false);
157 $this->logger->info('LDAP: Found ' . count($inactive) . ' inactive users.');
158
159 $this->counter++;
160 } else {
161 $this->logger->info('LDAP: No inactive users found');
162 }
163 }
164
165 public function addToExternalSettingsForm(int $a_form_id, array &$a_fields, bool $a_is_active): void
166 {
167 if ($a_form_id === ilAdministrationSettingsFormHandler::FORM_LDAP) {
168 $a_fields["ldap_user_sync_cron"] = [$a_is_active ?
169 $this->lng->txt("enabled") :
170 $this->lng->txt("disabled"),
171 ilAdministrationSettingsFormHandler::VALUE_BOOL];
172 }
173 }
174}
ilLDAPAttributeToUser
Update/create ILIAS user account by given LDAP attributes according to user attribute mapping setting...
Definition: class.ilLDAPAttributeToUser.php:30
ilLDAPCronSynchronization\hasAutoActivation
hasAutoActivation()
Is to be activated on "installation", does only work for ILIAS core cron jobs.
Definition: class.ilLDAPCronSynchronization.php:73
ilLDAPCronSynchronization\addToExternalSettingsForm
addToExternalSettingsForm(int $a_form_id, array &$a_fields, bool $a_is_active)
Definition: class.ilLDAPCronSynchronization.php:165
ilLDAPCronSynchronization\deactivateUsers
deactivateUsers(ilLDAPServer $server, array $a_ldap_users)
Deactivate users that are disabled in LDAP.
Definition: class.ilLDAPCronSynchronization.php:146
ilLDAPServer\_getCronServerIds
static _getCronServerIds()
Get list of acticve servers with option 'SyncCron'.
Definition: class.ilLDAPServer.php:163
ilLanguage
language handling
Definition: class.ilLanguage.php:43
ilLogger
Component logger with individual log levels by component id.
Definition: class.ilLogger.php:29
ilObjUser\_toggleActiveStatusOfUsers
static _toggleActiveStatusOfUsers(array $a_usr_ids, bool $a_status)
Definition: class.ilObjUser.php:2776
ilObjUser\_getExternalAccountsByAuthMode
static _getExternalAccountsByAuthMode(string $a_auth_mode, bool $a_read_auth_default=false)
Get list of external account by authentication method Note: If login == ext_account for two user with...
Definition: class.ilObjUser.php:2745
$DIC
global $DIC
Definition: shib_login.php:26
$server
$server
Definition: shib_login.php:28
$messages
$messages
Definition: xapiexit.php:21