ILIAS  trunk Revision v11.0_alpha-1689-g66c127b4ae8
All Data Structures Namespaces Files Functions Variables Enumerations Enumerator Modules Pages
class.ilLDAPSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
24 class ilLDAPSettingsGUI
25 {
26  private int $ref_id;
27  private ilLDAPServer $server;
28  private ilLDAPAttributeMapping $mapping;
29  private ?ilPropertyFormGUI $form_gui = null;
30  private ?ilPropertyFormGUI $form = null;
31 
32  private ilCtrl $ctrl;
33  private ilTabsGUI $tabs_gui;
34  private ilLanguage $lng;
35  private ilGlobalTemplateInterface $tpl;
36  private ilErrorHandling $ilErr;
37  private ilAccessHandler $ilAccess;
38  private ilRbacReview $rbacReview;
39  private ilRbacSystem $rbacSystem;
40  private ilToolbarGUI $toolbar;
41  private ilGlobalTemplateInterface $main_tpl;
42  private ilComponentRepository $component_repository;
43  private ilUserDefinedFields $udf;
44  private ?ilLDAPRoleAssignmentRule $role_mapping_rule = null;
45  private ?ilLDAPRoleAssignmentRule $rule = null;
46  private ?ilLDAPRoleGroupMappingSettings $role_mapping = null;
47 
48  //vars for storing request parameters
50  private ?array $rule_ids = null;
51  private ?int $rule_id = null;
52  private ?int $role_id = null;
54  private ?array $mappings = null;
55  private ?string $mapping_template = null;
56  private ?int $ldap_server_id = null;
58  private ?array $server_ids = null;
59  private ?int $mapping_id = null;
60  private ?string $role_bind_user = null;
61  private ?string $role_bind_pass = null;
62  private bool $role_sync_active = false;
63  private array $attribute_mappings = [];
64  private readonly \ILIAS\UI\Factory $ui_factory;
65  private readonly \ILIAS\UI\Renderer $ui_renderer;
66  private readonly \ILIAS\HTTP\GlobalHttpState $http;
67  private readonly \ILIAS\Refinery\Factory $refinery;
68 
72  public function __construct(int $a_auth_ref_id)
73  {
74  global $DIC;
75 
76  $this->ctrl = $DIC->ctrl();
77  $this->tabs_gui = $DIC->tabs();
78  $this->lng = $DIC->language();
79  $this->lng->loadLanguageModule('ldap');
80  $this->lng->loadLanguageModule('ui');
81  $this->ilErr = $DIC['ilErr'];
82  $this->ilAccess = $DIC->access();
83  $this->component_repository = $DIC["component.repository"];
84  $this->rbacReview = $DIC->rbac()->review();
85  $this->rbacSystem = $DIC->rbac()->system();
86  $this->toolbar = $DIC->toolbar();
87  $this->main_tpl = $DIC->ui()->mainTemplate();
88  $this->http = $DIC->http();
89  $this->ui_factory = $DIC->ui()->factory();
90  $this->ui_renderer = $DIC->ui()->renderer();
91  $this->refinery = $DIC->refinery();
92 
93  $this->tpl = $DIC->ui()->mainTemplate();
94 
95  if ($this->ctrl->getCmd() !== "addServerSettings") {
96  $this->ctrl->saveParameter($this, 'ldap_server_id');
97  }
98 
99  $http_wrapper = $DIC->http()->wrapper();
100  $is_post_request = $DIC->http()->request()->getMethod() === "POST";
101  $refinery = $DIC->refinery();
102  if ($http_wrapper->query()->has("rule_id")) {
103  $this->rule_id = $http_wrapper->query()->retrieve(
104  "rule_id",
105  $refinery->kindlyTo()->int()
106  );
107  }
108 
109  if ($http_wrapper->query()->has('ldap_server_id')) {
110  $this->ldap_server_id = $http_wrapper->query()->retrieve(
111  'ldap_server_id',
112  $refinery->kindlyTo()->int()
113  );
114  } elseif ($http_wrapper->query()->has('ldap_servers_server_id')) {
115  $this->ldap_server_id = $http_wrapper->query()->retrieve(
116  'ldap_servers_server_id',
117  $this->refinery->in()->series([
118  $refinery->kindlyTo()->listOf(
119  $refinery->kindlyTo()->int()
120  ),
121  $this->refinery->custom()->constraint(
122  fn($value): bool => count($value) === 1,
123  $this->lng->txt('select_one')
124  ),
125  $this->refinery->custom()->transformation(
126  fn($value): int => $value[0]
127  )
128  ])
129  );
130  }
131 
132  if ($http_wrapper->query()->has("mapping_id")) {
133  $this->mapping_id = $http_wrapper->query()->retrieve(
134  "mapping_id",
135  $refinery->kindlyTo()->int()
136  );
137  }
138  if ($is_post_request) {
139  if ($http_wrapper->post()->has('rule_ids')) {
140  $this->rule_ids = $http_wrapper->post()->retrieve(
141  'rule_ids',
142  $refinery->kindlyTo()->listOf($refinery->kindlyTo()->int())
143  );
144  }
145  if ($http_wrapper->post()->has('role_id')) {
146  $this->role_id = $http_wrapper->post()->retrieve(
147  'role_id',
148  $refinery->kindlyTo()->int()
149  );
150  }
151  if ($http_wrapper->post()->has('mappings')) {
152  $this->mappings = $http_wrapper->post()->retrieve(
153  'mappings',
154  $refinery->kindlyTo()->listOf($refinery->kindlyTo()->int())
155  );
156  }
157  if ($http_wrapper->post()->has('server_ids')) {
158  $this->server_ids = $http_wrapper->post()->retrieve(
159  'server_ids',
160  $refinery->kindlyTo()->listOf($refinery->kindlyTo()->int())
161  );
162  }
163  if ($http_wrapper->post()->has('mapping_template')) {
164  $this->mapping_template = $http_wrapper->post()->retrieve(
165  'mapping_template',
166  $refinery->kindlyTo()->string()
167  );
168  }
169  if ($http_wrapper->post()->has('role_bind_user')) {
170  $this->role_bind_user = ilUtil::stripSlashes($http_wrapper->post()->retrieve(
171  'role_bind_user',
172  $refinery->kindlyTo()->string()
173  ));
174  }
175  if ($http_wrapper->post()->has('role_bind_pass')) {
176  $this->role_bind_pass = ilUtil::stripSlashes($http_wrapper->post()->retrieve(
177  'role_bind_pass',
178  $refinery->kindlyTo()->string()
179  ));
180  }
181  if ($http_wrapper->post()->has('role_sync_active')) {
182  $this->role_sync_active = $http_wrapper->post()->retrieve(
183  'role_sync_active',
184  $refinery->kindlyTo()->bool()
185  );
186  }
187  foreach ($this->getAttributeMappingKeys() as $key) {
188  if ($http_wrapper->post()->has($key . '_value')) {
189  $this->attribute_mappings[$key] = [ilUtil::stripSlashes($http_wrapper->post()->retrieve(
190  $key . '_value',
191  $refinery->kindlyTo()->string()
192  )), $http_wrapper->post()->has($key . '_update')];
193  } else {
194  $this->attribute_mappings[$key] = ["", false];
195  }
196  }
197  }
198 
199  $this->ref_id = $a_auth_ref_id;
200 
201 
202  $this->initServer();
203  }
204 
208  public function executeCommand(): bool
209  {
210  $next_class = $this->ctrl->getNextClass($this);
211  $cmd = $this->ctrl->getCmd();
212 
213  if ($cmd !== "serverList" && !$this->rbacSystem->checkAccess("visible,read", $this->ref_id)) {
214  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('msg_no_perm_write'), true);
215  $this->ctrl->redirect($this, "serverList");
216  }
217  switch ($next_class) {
218  default:
219  if (!$cmd) {
220  $cmd = "serverList";
221  }
222  $this->$cmd();
223  break;
224  }
225  return true;
226  }
227 
228  private function checkAccess(string $a_permission): void
229  {
230  if (!$this->ilAccess->checkAccess($a_permission, '', $this->ref_id)) {
231  $this->ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $this->ilErr->WARNING);
232  }
233  }
234 
239  private function getAttributeMappingKeys(): array
240  {
241  $keys = [];
242  foreach (array_keys($this->getMappingFields()) as $key) {
243  $keys[] = $key;
244  }
245  foreach (ilUserDefinedFields::_getInstance()->getDefinitions() as $definition) {
246  $keys[] = 'udf_' . $definition['field_id'];
247  }
248  return $keys;
249  }
250 
251 
255  public function getServer(): ilLDAPServer
256  {
257  return $this->server;
258  }
259 
263  public function roleAssignments(): void
264  {
265  $this->setSubTabs();
266  $this->tabs_gui->activateTab('role_assignments');
267 
268  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'components/ILIAS/LDAP');
269 
270  $this->initFormRoleAssignments('create');
271  $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId(0);
272  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
273 
274 
275  if (count($rules = ilLDAPRoleAssignmentRule::_getRules($this->server->getServerId()))) {
276  $table_gui = new ilLDAPRoleAssignmentTableGUI($this, 'roleAssignments');
277  $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
278  $table_gui->parse($rules);
279  $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
280  $table_gui->setSelectAllCheckbox("rule_id");
281  $this->tpl->setVariable('RULES_TBL', $table_gui->getHTML());
282  }
283  }
284 
289  public function editRoleAssignment(): void
290  {
291  if (!$this->rule_id) {
292  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
293  $this->roleAssignments();
294  return;
295  }
296  $this->setSubTabs();
297  $this->tabs_gui->activateTab('role_assignments');
298 
299  $this->ctrl->saveParameter($this, 'rule_id');
300  $this->initFormRoleAssignments(
301  'edit'
302  );
303  $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($this->rule_id);
304  $this->setValuesByArray();
305  $this->tpl->setContent($this->form->getHTML());
306  }
307 
308 
312  private function setValuesByArray(): void
313  {
314  $role_id = $this->role_mapping_rule->getRoleId();
315  if ($this->rbacReview->isGlobalRole($role_id)) {
316  $val['role_name'] = 0;
317  $val['role_id'] = $role_id;
318  } else {
319  $val['role_name'] = 1;
320  $val['role_search'] = ilObject::_lookupTitle($role_id);
321  }
322  $val['add_missing'] = (int) $this->role_mapping_rule->isAddOnUpdateEnabled();
323  $val['remove_deprecated'] = (int) $this->role_mapping_rule->isRemoveOnUpdateEnabled();
324  $val['type'] = $this->role_mapping_rule->getType();
325  $val['dn'] = $this->role_mapping_rule->getDN();
326  $val['at'] = $this->role_mapping_rule->getMemberAttribute();
327  $val['isdn'] = $this->role_mapping_rule->isMemberAttributeDN();
328  $val['name'] = $this->role_mapping_rule->getAttributeName();
329  $val['value'] = $this->role_mapping_rule->getAttributeValue();
330  $val['plugin_id'] = $this->role_mapping_rule->getPluginId();
331 
332  $this->form->setValuesByArray($val);
333  }
334 
338  public function updateRoleAssignment(): bool
339  {
340  if (!$this->ilAccess->checkAccess('write', '', $this->ref_id)) {
341  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('permission_denied'), true);
342  $this->roleAssignments();
343  return false;
344  }
345 
346  $this->initFormRoleAssignments('edit');
347 
348  $formWithoutErrors = $this->form->checkInput();
349  $roleErrorMessage = $this->checkRoleAssignmentInput($this->rule_id);
350  if (!$formWithoutErrors || $roleErrorMessage !== '') {
351  if ($roleErrorMessage !== '') {
352  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt($roleErrorMessage));
353  }
354 
355  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'components/ILIAS/LDAP');
356 
357  $this->form->setValuesByPost();
358  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
359  $this->tabs_gui->activateSubTab('role_assignments');
360  return true;
361  }
362 
363  // Might redirect
364  if ($this->roleSelectionRequired()) {
365  $this->ctrl->redirect($this, 'showRoleSelection');
366  } else {
367  $this->rule->update();
368  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'));
369  $this->roleAssignments();
370  }
371  return true;
372  }
373 
378  public function confirmDeleteRules(): void
379  {
380  $this->checkAccess("write");
381 
382  if (!$this->rule_ids) {
383  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
384  $this->roleAssignments();
385  return;
386  }
387  $this->setSubTabs();
388  $this->tabs_gui->activateTab('role_assignments');
389 
390  $c_gui = new ilConfirmationGUI();
391 
392  // set confirm/cancel commands
393  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules"));
394  $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass"));
395  $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignments");
396  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules");
397 
398  // add items to delete
399  foreach ($this->rule_ids as $rule_id) {
400  $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
401  $c_gui->addItem('rule_ids[]', (string) $rule_id, $rule->conditionToString());
402  }
403  $this->tpl->setContent($c_gui->getHTML());
404  }
405 
409  public function deleteRules(): void
410  {
411  if (!$this->rule_ids) {
412  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_once'));
413  $this->roleAssignments();
414  return;
415  }
416  foreach ($this->rule_ids as $rule_id) {
417  $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id);
418  $rule->delete();
419  }
420  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('ldap_deleted_rule'));
421  $this->ctrl->redirect($this, 'roleAssignments');
422  }
423 
427  public function addRoleAssignment(): bool
428  {
429  if (!$this->ilAccess->checkAccess('write', '', $this->ref_id)) {
430  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('permission_denied'), true);
431  $this->roleAssignments();
432  return false;
433  }
434  $this->setSubTabs();
435  $this->initFormRoleAssignments('create');
436  $formWithoutErrors = $this->form->checkInput();
437  $roleErrorMessage = $this->checkRoleAssignmentInput();
438  if (!$formWithoutErrors || $roleErrorMessage !== '') {
439  if ($roleErrorMessage !== '') {
440  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt($roleErrorMessage));
441  }
442 
443  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'components/ILIAS/LDAP');
444 
445  // DONE: wrap this
446  $this->form->setValuesByPost();
447  $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML());
448  $this->tpl->setVariable('RULES_TBL', $this->getRoleAssignmentTable());
449  $this->tabs_gui->activateSubTab('role_assignments');
450  return true;
451  }
452 
453  if ($this->roleSelectionRequired()) {
454  $this->ctrl->redirect($this, 'showRoleSelection');
455  } else {
456  $this->rule->create();
457  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'));
458  $this->ctrl->redirect($this, 'roleAssignments');
459  }
460  return true;
461  }
462 
463  private function roleSelectionRequired(): bool
464  {
465  if ($this->rule->getRoleId() > 0) {
466  return false;
467  }
468  $rule = [];
469  $rule['server_id'] = $this->getServer()->getServerId();
470  $rule['rule_id'] = $this->rule_id ?: 0;
471  $rule['role_search'] = $this->form->getInput('role_search');
472  $rule['add_on_update'] = $this->form->getInput('add_missing');
473  $rule['remove_on_update'] = $this->form->getInput('remove_deprecated');
474  $rule['type'] = $this->form->getInput('type');
475  $rule['dn'] = $this->form->getInput('dn');
476  $rule['at'] = $this->form->getInput('at');
477  $rule['isdn'] = $this->form->getInput('isdn');
478  $rule['name'] = $this->form->getInput('name');
479  $rule['value'] = $this->form->getInput('value');
480  $rule['plugin'] = $this->form->getInput('plugin_id');
481  ilSession::set("ldap_role_ass", serialize($rule));
482  $this->ctrl->saveParameter($this, 'rule_id');
483  return true;
484  }
485 
486 
487 
491  protected function showRoleSelection(): bool
492  {
493  $this->setSubTabs();
494  $this->tabs_gui->activateTab('role_assignment');
495  $this->ctrl->saveParameter($this, 'rule_id');
496 
497  $parser = new ilQueryParser(unserialize(ilSession::get('ldap_role_ass'), ["allowed_classes" => false])['role_search']);
498  $parser->setMinWordLength(1);
499  $parser->setCombination(ilQueryParser::QP_COMBINATION_AND);
500  $parser->parse();
501 
502  $object_search = new ilLikeObjectSearch($parser);
503  $object_search->setFilter(array('role'));
504  $res = $object_search->performSearch();
505 
506  $entries = $res->getEntries();
507 
508  $table = new ilRoleSelectionTableGUI($this, 'showRoleSelection');
509  $table->setTitle($this->lng->txt('ldap_role_selection'));
510  $table->addMultiCommand('saveRoleSelection', $this->lng->txt('ldap_choose_role'));
511  $table->parse($entries);
512 
513  $this->tpl->setContent($table->getHTML());
514  return true;
515  }
516 
521  protected function saveRoleSelection(): bool
522  {
523  if (!$this->ilAccess->checkAccess('write', '', $this->ref_id)) {
524  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('permission_denied'), true);
525  $this->roleAssignments();
526  return false;
527  }
528 
529  if (!$this->role_id) {
530  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
531  $this->showRoleSelection();
532  return false;
533  }
534 
535  $this->loadRoleAssignmentRule($this->rule_id ?? 0, false);
536  $this->rule->setRoleId($this->role_id);
537 
538  if ($this->rule_id) {
539  $this->rule->update();
540  } else {
541  $this->rule->create();
542  }
543 
544  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'));
545  $this->roleAssignments();
546  return true;
547  }
548 
549 
553  private function checkRoleAssignmentInput(int $a_rule_id = 0): string
554  {
555  $this->loadRoleAssignmentRule($a_rule_id);
556  $this->rule->validate();
557  return $this->ilErr->getMessage();
558  }
559 
563  protected function getRoleAssignmentTable(): string
564  {
565  if (count($rules = ilLDAPRoleAssignmentRule::_getRules($this->server->getServerId()))) {
566  $table_gui = new ilLDAPRoleAssignmentTableGUI($this, 'roleAssignments');
567  $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass"));
568  $table_gui->parse($rules);
569  $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete"));
570  $table_gui->setSelectAllCheckbox("rule_id");
571  return $table_gui->getHTML();
572  }
573  return '';
574  }
575 
576 
580  private function loadRoleAssignmentRule(int $a_rule_id, bool $load_from_form = true): void
581  {
582  if (is_object($this->rule)) {
583  return;
584  }
585 
586  $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id);
587 
588  if ($load_from_form) {
589  if ($this->form->getInput('role_name') === '0') {
590  $this->rule->setRoleId((int) $this->form->getInput('role_id'));
591  } elseif ($this->form->getInput('role_search')) {
592  $parser = new ilQueryParser('"' . $this->form->getInput('role_search') . '"');
593 
594  // TODO: Handle minWordLength
595  $parser->setMinWordLength(1);
596  $parser->setCombination(ilQueryParser::QP_COMBINATION_AND);
597  $parser->parse();
598 
599  $object_search = new ilLikeObjectSearch($parser);
600  $object_search->setFilter(array('role'));
601  $res = $object_search->performSearch();
602 
603  $entries = $res->getEntries();
604  if (count($entries) === 1) {
605  $role = current($entries);
606  $this->rule->setRoleId($role['obj_id']);
607  } elseif (count($entries) > 1) {
608  $this->rule->setRoleId(-1);
609  }
610  }
611 
612  $this->rule->setAttributeName($this->form->getInput('name'));
613  $this->rule->setAttributeValue($this->form->getInput('value'));
614  $this->rule->setDN($this->form->getInput('dn'));
615  $this->rule->setMemberAttribute($this->form->getInput('at'));
616  $this->rule->setMemberIsDN((bool) $this->form->getInput('isdn'));
617  $this->rule->enableAddOnUpdate((bool) $this->form->getInput('add_missing'));
618  $this->rule->enableRemoveOnUpdate((bool) $this->form->getInput('remove_deprecated'));
619  $this->rule->setPluginId((int) $this->form->getInput('plugin_id'));
620  $this->rule->setType((int) $this->form->getInput('type'));
621  $this->rule->setServerId($this->getServer()->getServerId());
622  return;
623  }
624 
625  // LOAD from session
626  $this->rule->setServerId($this->getServer()->getServerId());
627  $rule = unserialize(ilSession::get('ldap_role_ass'), ["allowed_classes" => false]);
628 
629  $this->rule->enableAddOnUpdate((bool) ($rule['add_on_update'] ?? false));
630  $this->rule->enableRemoveOnUpdate((bool) ($rule['remove_on_update'] ?? false));
631  $this->rule->setType((int) ilUtil::stripSlashes(
632  $rule['type'] ?? (string) ilLDAPRoleAssignmentRule::TYPE_ATTRIBUTE
633  ));
634  $this->rule->setDN(ilUtil::stripSlashes($rule['dn'] ?? ''));
635  $this->rule->setMemberAttribute(ilUtil::stripSlashes($rule['at'] ?? ''));
636  $this->rule->setMemberIsDN((bool) (ilUtil::stripSlashes($rule['isdn'] ?? false)));
637  $this->rule->setAttributeName(ilUtil::stripSlashes($rule['name'] ?? ''));
638  $this->rule->setAttributeValue(ilUtil::stripSlashes($rule['value'] ?? ''));
639  $this->rule->setPluginId((int) ilUtil::stripSlashes($rule['plugin'] ?? '0'));
640  }
641 
642  public function deleteRoleMapping(): bool
643  {
644  if (!$this->mappings) {
645  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
646  $this->roleMapping();
647  return false;
648  }
649 
650  $this->initRoleMapping();
651 
652  foreach ($this->mappings as $mapping_id) {
653  $this->role_mapping->delete($mapping_id);
654  }
655  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('ldap_deleted_role_mapping'));
656  $this->roleMapping();
657  return true;
658  }
659 
660  public function chooseMapping(): void
661  {
662  if (!$this->mapping_template) {
663  $this->userMapping();
664  return;
665  }
666 
667  $this->initAttributeMapping();
668  $this->mapping->clearRules();
669 
670  foreach (ilLDAPAttributeMappingUtils::_getMappingRulesByClass($this->mapping_template) as $key => $value) {
671  $this->mapping->setRule($key, $value, false);
672  }
673  $this->userMapping();
674  }
675 
676  public function saveMapping(): void
677  {
678  $this->initAttributeMapping();
679  $this->tabs_gui->activateTab('role_mapping');
680 
681  foreach (array_keys($this->getMappingFields()) as $key) {
682  $this->mapping->setRule(
683  $key,
684  $this->attribute_mappings[$key][0],
685  $this->attribute_mappings[$key][1]
686  );
687  }
688  $this->initUserDefinedFields();
689  foreach ($this->udf->getDefinitions() as $definition) {
690  $key = 'udf_' . $definition['field_id'];
691  $this->mapping->setRule(
692  $key,
693  $this->attribute_mappings[$key][0],
694  $this->attribute_mappings[$key][1]
695  );
696  }
697 
698  $this->mapping->save();
699  $this->userMapping();
700 
701  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'));
702  }
703 
704  private function handleServerTableActions(): void
705  {
706  $action = $this->http->wrapper()->query()->retrieve(
707  'ldap_servers_table_action',
708  $this->refinery->byTrying([
709  $this->refinery->kindlyTo()->string(),
710  $this->refinery->always('')
711  ])
712  );
713  match ($action) {
714  'editServerSettings' => $this->editServerSettings(),
715  'activateServer' => $this->activateServer(),
716  'deactivateServer' => $this->deactivateServer(),
717  'confirmDeleteServerSettings' => $this->confirmDeleteServerSettings(),
718  default => $this->ctrl->redirect($this, 'serverList'),
719  };
720  }
721 
722  private function serverList(): void
723  {
724  if (!$this->rbacSystem->checkAccess('visible,read', $this->ref_id)) {
725  $this->ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $this->ilErr->WARNING);
726  }
727 
728  if (!ilLDAPServer::checkLDAPLib() && $this->server->isActive()) {
729  $this->main_tpl->setOnScreenMessage('failure', 'Missing LDAP libraries. Please ensure that the PHP LDAP module is installed on your server.');
730  }
731 
732  if ($this->rbacSystem->checkAccess('write', $this->ref_id)) {
733  $this->toolbar->addButton(
734  $this->lng->txt('add_ldap_server'),
735  $this->ctrl->getLinkTarget($this, 'addServerSettings')
736  );
737  }
738 
739  $table = new \ILIAS\LDAP\Server\UI\ServerTable(
740  ilLDAPServer::_getAllServer(),
741  $this,
742  $this->ui_factory,
743  $this->ui_renderer,
744  $this->lng,
745  $this->ctrl,
746  $this->http->request(),
747  new \ILIAS\Data\Factory(),
748  'handleServerTableActions',
749  $this->rbacSystem->checkAccess('write', $this->ref_id)
750  );
751 
752  $this->tpl->setContent($this->ui_renderer->render($table->getComponent()));
753  }
754 
755  public function setServerFormValues(): void
756  {
757  $this->form_gui->setValuesByArray(array(
758  'active' => $this->server->isActive(),
759  'ds' => !$this->server->isAuthenticationEnabled(),
760  'server_name' => $this->server->getName(),
761  'server_url' => $this->server->getUrlString(),
762  'version' => $this->server->getVersion(),
763  'base_dn' => $this->server->getBaseDN(),
764  'referrals' => $this->server->isActiveReferrer(),
765  'tls' => $this->server->isActiveTLS(),
766  'binding_type' => $this->server->getBindingType(),
767  'bind_dn' => $this->server->getBindUser(),
768  'bind_pass' => $this->server->getBindPassword(),
769  'bind_pass_retype' => $this->server->getBindPassword(),
770  'search_base' => $this->server->getSearchBase(),
771  'user_scope' => $this->server->getUserScope(),
772  'user_attribute' => $this->server->getUserAttribute(),
773  'filter' => $this->server->getFilter(),
774  'group_dn' => $this->server->getGroupDN(),
775  'group_scope' => $this->server->getGroupScope(),
776  'group_filter' => $this->server->getGroupFilter(),
777  'group_member' => $this->server->getGroupMember(),
778  'memberisdn' => $this->server->enabledGroupMemberIsDN(),
779  'group' => $this->server->getGroupName(),
780  'group_attribute' => $this->server->getGroupAttribute(),
781  'group_optional' => $this->server->isMembershipOptional(),
782  'group_user_filter' => $this->server->getGroupUserFilter(),
783  'sync_on_login' => $this->server->enabledSyncOnLogin(),
784  'sync_per_cron' => $this->server->enabledSyncPerCron(),
785  'global_role' => ilLDAPAttributeMapping::_lookupGlobalRole($this->server->getServerId()),
786  'migration' => (int) $this->server->isAccountMigrationEnabled(),
787  "name_filter" => $this->server->getUsernameFilter(),
788  'escape_dn' => $this->server->enabledEscapeDN()
789  ));
790  }
791 
792  private function initForm(): void
793  {
794  $this->form_gui = new ilPropertyFormGUI();
795  $this->form_gui->setFormAction($this->ctrl->getFormAction($this, 'save'));
796  $this->form_gui->setTitle($this->lng->txt('ldap_configure'));
797 
798  $active = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_enable'), 'active');
799  $active->setValue("1");
800  $this->form_gui->addItem($active);
801 
802  $ds = new ilCheckboxInputGUI($this->lng->txt('ldap_as_ds'), 'ds');
803  $ds->setValue("1");
804  $ds->setInfo($this->lng->txt('ldap_as_ds_info'));
805  $this->form_gui->addItem($ds);
806 
807  $servername = new ilTextInputGUI($this->lng->txt('ldap_server_name'), 'server_name');
808  $servername->setRequired(true);
809  $servername->setInfo($this->lng->txt('ldap_server_name_info'));
810  $servername->setSize(32);
811  $servername->setMaxLength(32);
812  $this->form_gui->addItem($servername);
813 
814  // start Patch Name Filter
815  $namefilter = new ilTextInputGUI($this->lng->txt('ldap_username_filter'), "name_filter");//ADD LANG VAR
816  $namefilter->setInfo($this->lng->txt("ldap_username_filter_info"));
817  $namefilter->setSize(64);
818  $namefilter->setMaxLength(255);
819  $this->form_gui->addItem($namefilter);
820  // end Patch Name Filter
821 
822  $serverurl = new ilTextInputGUI($this->lng->txt('ldap_server'), 'server_url');
823  $serverurl->setRequired(true);
824  $serverurl->setInfo($this->lng->txt('ldap_server_url_info'));
825  $serverurl->setSize(64);
826  $serverurl->setMaxLength(255);
827  $this->form_gui->addItem($serverurl);
828 
829  $version = new ilSelectInputGUI($this->lng->txt('ldap_version'), 'version');
830  $version->setOptions(array(2 => 2, 3 => 3));
831  $version->setInfo($this->lng->txt('ldap_server_version_info'));
832  $this->form_gui->addItem($version);
833 
834  $basedsn = new ilTextInputGUI($this->lng->txt('basedn'), 'base_dn');
835  $basedsn->setRequired(true);
836  $basedsn->setSize(64);
837  $basedsn->setMaxLength(255);
838  $this->form_gui->addItem($basedsn);
839 
840  $referrals = new ilCheckboxInputGUI($this->lng->txt('ldap_referrals'), 'referrals');
841  $referrals->setValue("1");
842  $referrals->setInfo($this->lng->txt('ldap_referrals_info'));
843  $this->form_gui->addItem($referrals);
844 
845  $section_security = new ilFormSectionHeaderGUI();
846  $section_security->setTitle($this->lng->txt('ldap_server_security_settings'));
847  $this->form_gui->addItem($section_security);
848 
849  $tls = new ilCheckboxInputGUI($this->lng->txt('ldap_tls'), 'tls');
850  $tls->setValue("1");
851  $this->form_gui->addItem($tls);
852 
853  $binding = new ilRadioGroupInputGUI($this->lng->txt('ldap_server_binding'), 'binding_type');
854  $anonymous = new ilRadioOption($this->lng->txt('ldap_bind_anonymous'), (string) ilLDAPServer::LDAP_BIND_ANONYMOUS);
855  $binding->addOption($anonymous);
856  $user = new ilRadioOption($this->lng->txt('ldap_bind_user'), (string) ilLDAPServer::LDAP_BIND_USER);
857  $dn = new ilTextInputGUI($this->lng->txt('ldap_server_bind_dn'), 'bind_dn');
858  $dn->setSize(64);
859  $dn->setMaxLength(255);
860  $user->addSubItem($dn);
861  $pass = new ilPasswordInputGUI($this->lng->txt('ldap_server_bind_pass'), 'bind_pass');
862  $pass->setSkipSyntaxCheck(true);
863  $pass->setSize(12);
864  $pass->setMaxLength(100);
865  $user->addSubItem($pass);
866  $binding->addOption($user);
867  $this->form_gui->addItem($binding);
868 
869  $section_auth = new ilFormSectionHeaderGUI();
870  $section_auth->setTitle($this->lng->txt('ldap_authentication_settings'));
871  $this->form_gui->addItem($section_auth);
872 
873  $search_base = new ilTextInputGUI($this->lng->txt('ldap_user_dn'), 'search_base');
874  $search_base->setInfo($this->lng->txt('ldap_search_base_info'));
875  $search_base->setSize(64);
876  $search_base->setMaxLength(255);
877  $this->form_gui->addItem($search_base);
878 
879  $user_scope = new ilSelectInputGUI($this->lng->txt('ldap_user_scope'), 'user_scope');
880  $user_scope->setOptions(array(ilLDAPServer::LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
881  ilLDAPServer::LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')));
882  $user_scope->setInfo($this->lng->txt('ldap_user_scope_info'));
883  $this->form_gui->addItem($user_scope);
884 
885  $user_attribute = new ilTextInputGUI($this->lng->txt('ldap_user_attribute'), 'user_attribute');
886  $user_attribute->setSize(16);
887  $user_attribute->setMaxLength(64);
888  $user_attribute->setRequired(true);
889  $this->form_gui->addItem($user_attribute);
890 
891  $filter = new ilTextInputGUI($this->lng->txt('ldap_search_filter'), 'filter');
892  $filter->setInfo($this->lng->txt('ldap_filter_info'));
893  $filter->setSize(64);
894  $filter->setMaxLength(512);
895  $this->form_gui->addItem($filter);
896 
897  $section_restrictions = new ilFormSectionHeaderGUI();
898  $section_restrictions->setTitle($this->lng->txt('ldap_group_restrictions'));
899  $this->form_gui->addItem($section_restrictions);
900 
901  $group_dn = new ilTextInputGUI($this->lng->txt('ldap_group_search_base'), 'group_dn');
902  $group_dn->setInfo($this->lng->txt('ldap_group_dn_info'));
903  $group_dn->setSize(64);
904  $group_dn->setMaxLength(255);
905  $this->form_gui->addItem($group_dn);
906 
907  $group_scope = new ilSelectInputGUI($this->lng->txt('ldap_group_scope'), 'group_scope');
908  $group_scope->setOptions(array(ilLDAPServer::LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'),
909  ilLDAPServer::LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub')));
910  $group_scope->setInfo($this->lng->txt('ldap_group_scope_info'));
911  $this->form_gui->addItem($group_scope);
912 
913  $group_filter = new ilTextInputGUI($this->lng->txt('ldap_group_filter'), 'group_filter');
914  $group_filter->setInfo($this->lng->txt('ldap_group_filter_info'));
915  $group_filter->setSize(64);
916  $group_filter->setMaxLength(255);
917  $this->form_gui->addItem($group_filter);
918 
919  $group_member = new ilTextInputGUI($this->lng->txt('ldap_group_member'), 'group_member');
920  $group_member->setInfo($this->lng->txt('ldap_group_member_info'));
921  $group_member->setSize(32);
922  $group_member->setMaxLength(255);
923  $this->form_gui->addItem($group_member);
924 
925 
926  $group_member_isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_memberisdn'), 'memberisdn');
927  #$group_member_isdn->setInfo($this->lng->txt('ldap_group_member_info'));
928  $this->form_gui->addItem($group_member_isdn);
929  #$group_member->addSubItem($group_member_isdn);
930 
931  $escapedn = new ilCheckboxInputGUI($this->lng->txt('ldap_escapedn'), 'escape_dn');
932  $escapedn->setValue("1");
933  $escapedn->setInfo($this->lng->txt('ldap_escapedn_info'));
934  $this->form_gui->addItem($escapedn);
935 
936  $group = new ilTextInputGUI($this->lng->txt('ldap_group_name'), 'group');
937  $group->setInfo($this->lng->txt('ldap_group_name_info'));
938  $group->setSize(32);
939  $group->setMaxLength(255);
940  $this->form_gui->addItem($group);
941 
942  $group_atrr = new ilTextInputGUI($this->lng->txt('ldap_group_attribute'), 'group_attribute');
943  $group_atrr->setInfo($this->lng->txt('ldap_group_attribute_info'));
944  $group_atrr->setSize(16);
945  $group_atrr->setMaxLength(64);
946  $this->form_gui->addItem($group_atrr);
947 
948  $group_optional = new ilCheckboxInputGUI($this->lng->txt('ldap_group_membership'), 'group_optional');
949  $group_optional->setOptionTitle($this->lng->txt('ldap_group_member_optional'));
950  $group_optional->setInfo($this->lng->txt('ldap_group_optional_info'));
951  $group_optional->setValue("1");
952  $group_user_filter = new ilTextInputGUI($this->lng->txt('ldap_group_user_filter'), 'group_user_filter');
953  $group_user_filter->setSize(64);
954  $group_user_filter->setMaxLength(255);
955  $group_optional->addSubItem($group_user_filter);
956  $this->form_gui->addItem($group_optional);
957 
958  $section_sync = new ilFormSectionHeaderGUI();
959  $section_sync->setTitle($this->lng->txt('ldap_user_sync'));
960  $this->form_gui->addItem($section_sync);
961 
962  $ci_gui = new ilCustomInputGUI($this->lng->txt('ldap_moment_sync'));
963  $sync_on_login = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_login'), 'sync_on_login');
964  $sync_on_login->setValue("1");
965  $ci_gui->addSubItem($sync_on_login);
966  $sync_per_cron = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_cron'), 'sync_per_cron');
967  $sync_per_cron->setValue("1");
968  $ci_gui->addSubItem($sync_per_cron);
969  $ci_gui->setInfo($this->lng->txt('ldap_user_sync_info'));
970  $this->form_gui->addItem($ci_gui);
971 
972  $global_role = new ilSelectInputGUI($this->lng->txt('ldap_global_role_assignment'), 'global_role');
973  $global_role->setOptions($this->prepareGlobalRoleSelection());
974  $global_role->setInfo($this->lng->txt('ldap_global_role_info'));
975  $this->form_gui->addItem($global_role);
976 
977  $migr = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_migration'), 'migration');
978  $migr->setInfo($this->lng->txt('auth_ldap_migration_info'));
979  $migr->setValue("1");
980  $this->form_gui->addItem($migr);
981 
982  ilAdministrationSettingsFormHandler::addFieldsToForm(
983  ilAdministrationSettingsFormHandler::FORM_LDAP,
984  $this->form_gui,
985  ilAdministrationSettingsFormHandler::getSettingsGUIInstance("auth")
986  );
987 
988  $this->form_gui->addCommandButton('save', $this->lng->txt('save'));
989  if ($this->ctrl->getCmd() === "addServerSettings") {
990  $this->form_gui->addCommandButton('serverList', $this->lng->txt('cancel'));
991  }
992  }
993 
994  /*
995  * Update Settings
996  */
997  public function save(): bool
998  {
999  $this->setSubTabs();
1000  $this->tabs_gui->setTabActive('settings');
1001 
1002  $this->initForm();
1003  if ($this->form_gui->checkInput()) {
1004  $this->server->toggleActive((bool) $this->form_gui->getInput('active'));
1005  $this->server->enableAuthentication(!(bool) $this->form_gui->getInput('ds'));
1006  $this->server->setName($this->form_gui->getInput('server_name'));
1007  $this->server->setUrl($this->form_gui->getInput('server_url'));
1008  $this->server->setVersion((int) $this->form_gui->getInput('version'));
1009  $this->server->setBaseDN($this->form_gui->getInput('base_dn'));
1010  $this->server->toggleReferrer((bool) $this->form_gui->getInput('referrals'));
1011  $this->server->toggleTLS((bool) $this->form_gui->getInput('tls'));
1012  $this->server->setBindingType((int) $this->form_gui->getInput('binding_type'));
1013  $this->server->setBindUser($this->form_gui->getInput('bind_dn'));
1014  $this->server->setBindPassword($this->form_gui->getInput('bind_pass'));
1015  $this->server->setSearchBase($this->form_gui->getInput('search_base'));
1016  $this->server->setUserScope((int) $this->form_gui->getInput('user_scope'));
1017  $this->server->setUserAttribute($this->form_gui->getInput('user_attribute'));
1018  $this->server->setFilter($this->form_gui->getInput('filter'));
1019  $this->server->setGroupDN($this->form_gui->getInput('group_dn'));
1020  $this->server->setGroupScope((int) $this->form_gui->getInput('group_scope'));
1021  $this->server->setGroupFilter($this->form_gui->getInput('group_filter'));
1022  $this->server->setGroupMember($this->form_gui->getInput('group_member'));
1023  $this->server->enableGroupMemberIsDN((bool) $this->form_gui->getInput('memberisdn'));
1024  $this->server->setGroupName($this->form_gui->getInput('group'));
1025  $this->server->setGroupAttribute($this->form_gui->getInput('group_attribute'));
1026  $this->server->setGroupUserFilter($this->form_gui->getInput('group_user_filter'));
1027  $this->server->toggleMembershipOptional((bool) $this->form_gui->getInput('group_optional'));
1028  $this->server->enableSyncOnLogin((bool) $this->form_gui->getInput('sync_on_login'));
1029  $this->server->enableSyncPerCron((bool) $this->form_gui->getInput('sync_per_cron'));
1030  $this->server->setGlobalRole((int) $this->form_gui->getInput('global_role'));
1031  $this->server->enableAccountMigration((bool) $this->form_gui->getInput('migration'));
1032  $this->server->setUsernameFilter($this->form_gui->getInput("name_filter"));
1033  $this->server->enableEscapeDN((bool) $this->form_gui->getInput('escape_dn'));
1034  if (!$this->server->validate()) {
1035  $this->main_tpl->setOnScreenMessage('failure', $this->ilErr->getMessage());
1036  $this->form_gui->setValuesByPost();
1037  $this->tpl->setContent($this->form_gui->getHTML());
1038  return false;
1039  }
1040 
1041  // Update or create
1042  if ($this->server->getServerId()) {
1043  $this->server->update();
1044  } else {
1045  $this->server->create();
1046  }
1047 
1048  // Now server_id exists => update LDAP attribute mapping
1049  $this->initAttributeMapping();
1050  $this->mapping->setRule('global_role', (string) $this->form_gui->getInput('global_role'), false);
1051  $this->mapping->save();
1052 
1053  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'), true);
1054  $this->ctrl->redirect($this, 'serverList');
1055  return true;
1056  }
1057 
1058  $this->form_gui->setValuesByPost();
1059  $this->tpl->setContent($this->form_gui->getHTML());
1060  return true;
1061  }
1062 
1063 
1064 
1068  private function setSubTabs(): void
1069  {
1070  $this->tabs_gui->clearTargets();
1071 
1072  $this->tabs_gui->setBackTarget(
1073  $this->lng->txt("back"),
1074  $this->ctrl->getLinkTarget($this, 'serverList')
1075  );
1076 
1077 
1078  $this->tabs_gui->addTab(
1079  "settings",
1080  $this->lng->txt("ldap_settings"),
1081  $this->ctrl->getLinkTarget($this, 'editServerSettings')
1082  );
1083 
1084  // Disable all other tabs, if server hasn't been configured.
1085  if (!count(ilLDAPServer::_getServerList())) {
1086  return;
1087  }
1088 
1089  $this->tabs_gui->addTab(
1090  "user_mapping",
1091  $this->lng->txt("ldap_user_mapping"),
1092  $this->ctrl->getLinkTarget($this, 'userMapping')
1093  );
1094 
1095  $this->tabs_gui->addTab(
1096  "role_assignments",
1097  $this->lng->txt('ldap_role_assignments'),
1098  $this->ctrl->getLinkTarget($this, 'roleAssignments')
1099  );
1100 
1101  $this->tabs_gui->addTab(
1102  "role_mapping",
1103  $this->lng->txt("ldap_role_mapping"),
1104  $this->ctrl->getLinkTarget($this, 'roleMapping')
1105  );
1106  }
1107 
1108 
1109  private function initServer(): void
1110  {
1111  $server_id = 0;
1112  if ($this->ldap_server_id) {
1113  $server_id = $this->ldap_server_id;
1114  }
1115 
1116 
1117  $this->server = new ilLDAPServer($server_id);
1118  }
1119 
1120  private function initAttributeMapping(): void
1121  {
1122  $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->getServer()->getServerId());
1123  }
1124 
1125  private function initRoleMapping(): void
1126  {
1127  $this->role_mapping = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId($this->getServer()->getServerId());
1128  }
1129 
1133  private function prepareGlobalRoleSelection(): array
1134  {
1135  $global_roles = ilUtil::_sortIds(
1136  $this->rbacReview->getGlobalRoles(),
1137  'object_data',
1138  'title',
1139  'obj_id'
1140  );
1141 
1142  $select[0] = $this->lng->txt('links_select_one');
1143  foreach ($global_roles as $role_id) {
1144  $select[$role_id] = ilObject::_lookupTitle((int) $role_id);
1145  }
1146  return $select;
1147  }
1148 
1149  private function getMappingFields(): array
1150  {
1151  return array('gender' => $this->lng->txt('gender'),
1152  'firstname' => $this->lng->txt('firstname'),
1153  'lastname' => $this->lng->txt('lastname'),
1154  'title' => $this->lng->txt('person_title'),
1155  'institution' => $this->lng->txt('institution'),
1156  'department' => $this->lng->txt('department'),
1157  'street' => $this->lng->txt('street'),
1158  'city' => $this->lng->txt('city'),
1159  'zipcode' => $this->lng->txt('zipcode'),
1160  'country' => $this->lng->txt('country'),
1161  'phone_office' => $this->lng->txt('phone_office'),
1162  'phone_home' => $this->lng->txt('phone_home'),
1163  'phone_mobile' => $this->lng->txt('phone_mobile'),
1164  'fax' => $this->lng->txt('fax'),
1165  'email' => $this->lng->txt('email'),
1166  'second_email' => $this->lng->txt('second_email'),
1167  'hobby' => $this->lng->txt('hobby'),
1168  'matriculation' => $this->lng->txt('matriculation'));
1169  }
1170 
1171  private function initUserDefinedFields(): void
1172  {
1173  $this->udf = ilUserDefinedFields::_getInstance();
1174  }
1175 
1176  private function prepareMappingSelect(): string
1177  {
1178  return ilLegacyFormElementsUtil::formSelect(
1179  $this->mapping_template,
1180  'mapping_template',
1181  [0 => $this->lng->txt('ldap_mapping_template'),
1182  "inetOrgPerson" => 'inetOrgPerson',
1183  "organizationalPerson" => 'organizationalPerson',
1184  "person" => 'person',
1185  "ad_2003" => 'Active Directory (Win 2003)'
1186  ],
1187  false,
1188  true
1189  );
1190  }
1191 
1197  protected function initFormRoleAssignments(string $a_mode): void
1198  {
1199  $this->form = new ilPropertyFormGUI();
1200  $this->form->setFormAction($this->ctrl->getFormAction($this));
1201 
1202  switch ($a_mode) {
1203  case 'edit':
1204  $this->form->setTitle($this->lng->txt('ldap_edit_role_ass_rule'));
1205  $this->form->addCommandButton('updateRoleAssignment', $this->lng->txt('save'));
1206  //$this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
1207  break;
1208  case 'create':
1209  $this->form->setTitle($this->lng->txt('ldap_add_role_ass_rule'));
1210  $this->form->addCommandButton('addRoleAssignment', $this->lng->txt('ldap_btn_add_role_ass'));
1211  //$this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel'));
1212  break;
1213  }
1214 
1215  // Role Selection
1216  $role = new ilRadioGroupInputGUI($this->lng->txt('ldap_ilias_role'), 'role_name');
1217  $role->setRequired(true);
1218 
1219  $global = new ilRadioOption($this->lng->txt('ldap_global_role'), "0");
1220 
1221  $role->addOption($global);
1222 
1223  $role_select = new ilSelectInputGUI('', 'role_id');
1224  $role_select->setOptions($this->prepareGlobalRoleSelection());
1225  $global->addSubItem($role_select);
1226 
1227  $local = new ilRadioOption($this->lng->txt('ldap_local_role'), "1");
1228 
1229  $role->addOption($local);
1230 
1231  $role_search = new ilRoleAutoCompleteInputGUI('', 'role_search', $this, 'addRoleAutoCompleteObject');
1232  $role_search->setSize(40);
1233  $local->addSubItem($role_search);
1234 
1235  $role->setInfo($this->lng->txt('ldap_role_name_info'));
1236  $this->form->addItem($role);
1237 
1238  // Update options
1239  $update = new ilNonEditableValueGUI($this->lng->txt('ldap_update_roles'), 'update_roles');
1240  $update->setValue($this->lng->txt('ldap_check_role_assignment'));
1241 
1242  $add = new ilCheckboxInputGUI('', 'add_missing');
1243  $add->setOptionTitle($this->lng->txt('ldap_add_missing'));
1244  $update->addSubItem($add);
1245 
1246  $remove = new ilCheckboxInputGUI('', 'remove_deprecated');
1247  $remove->setOptionTitle($this->lng->txt('ldap_remove_deprecated'));
1248  $update->addSubItem($remove);
1249 
1250  $this->form->addItem($update);
1251 
1252 
1253 
1254  // Assignment Type
1255  $group = new ilRadioGroupInputGUI($this->lng->txt('ldap_assignment_type'), 'type');
1256  #$group->setValue($current_rule->getType());
1257  $group->setRequired(true);
1258 
1259  // Option by group
1260  $radio_group = new ilRadioOption($this->lng->txt('ldap_role_by_group'), (string) ilLDAPRoleAssignmentRule::TYPE_GROUP);
1261 
1262  $dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn'), 'dn');
1263  #$dn->setValue($current_rule->getDN());
1264  $dn->setSize(32);
1265  $dn->setMaxLength(512);
1266  $dn->setInfo($this->lng->txt('ldap_role_grp_dn_info'));
1267  $radio_group->addSubItem($dn);
1268  $at = new ilTextInputGUI($this->lng->txt('ldap_role_grp_at'), 'at');
1269  #$at->setValue($current_rule->getMemberAttribute());
1270  $at->setSize(16);
1271  $at->setMaxLength(128);
1272  $radio_group->addSubItem($at);
1273  $isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_role_grp_isdn'), 'isdn');
1274  #$isdn->setChecked($current_rule->isMemberAttributeDN());
1275  $isdn->setInfo($this->lng->txt('ldap_group_member_info'));
1276  $radio_group->addSubItem($isdn);
1277  $radio_group->setInfo($this->lng->txt('ldap_role_grp_info'));
1278 
1279  $group->addOption($radio_group);
1280 
1281  // Option by Attribute
1282  $radio_attribute = new ilRadioOption($this->lng->txt('ldap_role_by_attribute'), (string) ilLDAPRoleAssignmentRule::TYPE_ATTRIBUTE);
1283  $name = new ilTextInputGUI($this->lng->txt('ldap_role_at_name'), 'name');
1284  #$name->setValue($current_rule->getAttributeName());
1285  $name->setSize(32);
1286  $name->setMaxLength(128);
1287  #$name->setInfo($this->lng->txt('ldap_role_at_name_info'));
1288  $radio_attribute->addSubItem($name);
1289 
1290  // Radio Attribute
1291  $val = new ilTextInputGUI($this->lng->txt('ldap_role_at_value'), 'value');
1292  #$val->setValue($current_rule->getAttributeValue());
1293  $val->setSize(32);
1294  $val->setMaxLength(128);
1295  #$val->setInfo($this->lng->txt('ldap_role_at_value_info'));
1296  $radio_attribute->addSubItem($val);
1297  $radio_attribute->setInfo($this->lng->txt('ldap_role_at_info'));
1298 
1299  $group->addOption($radio_attribute);
1300 
1301  // Option by Plugin
1302  $pl_active = $this->component_repository->getPluginSlotById("ldaphk")->hasActivePlugins();
1303  $pl = new ilRadioOption($this->lng->txt('ldap_plugin'), "3");
1304 
1305  $pl->setInfo($this->lng->txt('ldap_plugin_info'));
1306  $pl->setDisabled(!$pl_active);
1307 
1308  $id = new ilNumberInputGUI($this->lng->txt('ldap_plugin_id'), 'plugin_id');
1309  $id->setDisabled(!$pl_active);
1310  $id->setSize(3);
1311  $id->setMaxLength(3);
1312  $id->setMaxValue(999);
1313  $id->setMinValue(1);
1314  $pl->addSubItem($id);
1315 
1316  $group->addOption($pl);
1317  $this->form->addItem($group);
1318  }
1319 
1320 
1324  public function addRoleAutoCompleteObject(): void
1325  {
1326  ilRoleAutoCompleteInputGUI::echoAutoCompleteList();
1327  }
1328 
1332  private function userMappingToolbar(): void
1333  {
1334  $select_form = new ilSelectInputGUI("mapping_template");
1335  $select_form->setPostVar("mapping_template");
1336  $options = array(
1337  "" => $this->lng->txt('ldap_mapping_template'),
1338  "inetOrgPerson" => 'inetOrgPerson',
1339  "organizationalPerson" => 'organizationalPerson',
1340  "person" => 'person',
1341  "ad_2003" => 'Active Directory (Win 2003)');
1342  $select_form->setOptions($options);
1343  $select_form->setValue($this->mapping_template);
1344 
1345  $this->toolbar->addInputItem($select_form);
1346  $this->toolbar->addFormButton($this->lng->txt('show'), "chooseMapping");
1347  $this->toolbar->setFormAction($this->ctrl->getFormAction($this, "chooseMapping"));
1348  }
1349 
1353  private function initUserMappingForm(): ilPropertyFormGUI
1354  {
1355  $propertie_form = new ilPropertyFormGUI();
1356  $propertie_form->setTitle($this->lng->txt('ldap_mapping_table'));
1357  $propertie_form->setFormAction($this->ctrl->getFormAction($this, 'saveMapping'));
1358  $propertie_form->addCommandButton('saveMapping', $this->lng->txt('save'));
1359 
1360  foreach ($this->getMappingFields() as $mapping => $lang) {
1361  $text_form = new ilTextInputGUI($lang);
1362  $text_form->setPostVar($mapping . "_value");
1363  $text_form->setValue($this->mapping->getValue($mapping));
1364  $text_form->setSize(32);
1365  $text_form->setMaxLength(255);
1366  $propertie_form->addItem($text_form);
1367 
1368  $checkbox_form = new ilCheckboxInputGUI("");
1369  $checkbox_form->setPostVar($mapping . "_update");
1370  $checkbox_form->setChecked($this->mapping->enabledUpdate($mapping));
1371  $checkbox_form->setOptionTitle($this->lng->txt('ldap_update_field_info'));
1372  $propertie_form->addItem($checkbox_form);
1373  }
1374 
1375  $this->initUserDefinedFields();
1376  foreach ($this->udf->getDefinitions() as $definition) {
1377  $text_form = new ilTextInputGUI($definition['field_name']);
1378  $text_form->setPostVar('udf_' . $definition['field_id'] . '_value');
1379  $text_form->setValue($this->mapping->getValue('udf_' . $definition['field_id']));
1380  $text_form->setSize(32);
1381  $text_form->setMaxLength(255);
1382  $propertie_form->addItem($text_form);
1383 
1384  $checkbox_form = new ilCheckboxInputGUI("");
1385  $checkbox_form->setPostVar('udf_' . $definition['field_id'] . '_update');
1386  $checkbox_form->setChecked($this->mapping->enabledUpdate('udf_' . $definition['field_id']));
1387  $checkbox_form->setOptionTitle($this->lng->txt('ldap_update_field_info'));
1388  $propertie_form->addItem($checkbox_form);
1389  }
1390 
1391  return $propertie_form;
1392  }
1393 
1397  public function roleMapping(): void
1398  {
1399  $this->setSubTabs();
1400  $this->tabs_gui->setTabActive('role_mapping');
1401  $this->toolbar->addButton(
1402  $this->lng->txt("ldap_new_role_assignment"),
1403  $this->ctrl->getLinkTarget($this, 'addRoleMapping')
1404  );
1405 
1406  //Set propertyform for synchronization settings
1407  $propertie_form = new ilPropertyFormGUI();
1408  $propertie_form->setTitle($this->lng->txt('ldap_role_settings'));
1409  $propertie_form->setFormAction($this->ctrl->getFormAction($this, "saveSyncronizationSettings"));
1410  $propertie_form->addCommandButton("saveSyncronizationSettings", $this->lng->txt('save'));
1411  $role_active = new ilCheckboxInputGUI($this->lng->txt('ldap_role_active'));
1412  $role_active->setPostVar('role_sync_active');
1413  $role_active->setChecked($this->server->enabledRoleSynchronization());
1414  $propertie_form->addItem($role_active);
1415  $binding = new ilCombinationInputGUI($this->lng->txt('ldap_server_binding'));
1416  $binding->setInfo($this->lng->txt('ldap_role_bind_user_info'));
1417  $user = new ilTextInputGUI("");
1418  $user->setPostVar("role_bind_user");
1419  $user->setValue($this->server->getRoleBindDN());
1420  $user->setSize(50);
1421  $user->setMaxLength(255);
1422  $binding->addCombinationItem("0", $user, $this->lng->txt('ldap_role_bind_user'));
1423 
1424  $pass = new ilPasswordInputGUI("");
1425  $pass->setPostVar("role_bind_pass");
1426  $pass->setValue($this->server->getRoleBindPassword());
1427  $pass->setSize(12);
1428  $pass->setMaxLength(100);
1429  $pass->setRetype(false);
1430  $binding->addCombinationItem("1", $pass, $this->lng->txt('ldap_role_bind_pass'));
1431 
1432  $propertie_form->addItem($binding);
1433 
1434  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_mappings.html', 'components/ILIAS/LDAP');
1435  $this->tpl->setVariable("NEW_ASSIGNMENT_TBL", $propertie_form->getHTML());
1436 
1437  //Set Group Assignments Table if mappings exist
1438  $mapping_instance = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId($this->server->getServerId());
1439  $mappings = $mapping_instance->getMappings();
1440  if (count($mappings)) {
1441  $table_gui = new ilLDAPRoleMappingTableGUI($this, $this->server->getServerId());
1442  $table_gui->setTitle($this->lng->txt('ldap_role_group_assignments'));
1443  $table_gui->setData($mappings);
1444  $this->tpl->setVariable("RULES_TBL", $table_gui->getHTML());
1445  }
1446  }
1447 
1451  public function editRoleMapping(): void
1452  {
1453  $mapping = new ilLDAPRoleGroupMappingSetting($this->mapping_id);
1454  $mapping->read();
1455 
1456  $propertie_form = $this->initRoleMappingForm("updateRoleMapping");
1457  $propertie_form->setTitle($this->lng->txt('ldap_edit_role_assignment'));
1458  if ($propertie_form->getItemByPostVar("url")) {
1459  $propertie_form->getItemByPostVar("url")->setValue($mapping->getURL());
1460  }
1461  if ($propertie_form->getItemByPostVar("dn")) {
1462  $propertie_form->getItemByPostVar("dn")->setValue($mapping->getDN());
1463  }
1464  if ($propertie_form->getItemByPostVar("member")) {
1465  $propertie_form->getItemByPostVar("member")->setValue($mapping->getMemberAttribute());
1466  }
1467  if ($propertie_form->getItemByPostVar("memberisdn")) {
1468  $propertie_form->getItemByPostVar("memberisdn")->setChecked($mapping->getMemberISDN());
1469  }
1470  if ($propertie_form->getItemByPostVar("role")) {
1471  $propertie_form->getItemByPostVar("role")->setValue($mapping->getRoleName());
1472  }
1473  if ($propertie_form->getItemByPostVar("info")) {
1474  $propertie_form->getItemByPostVar("info")->setValue($mapping->getMappingInfo());
1475  }
1476  if ($propertie_form->getItemByPostVar("info_type")) {
1477  $propertie_form->getItemByPostVar("info_type")->setChecked($mapping->getMappingInfoType());
1478  }
1479 
1480  $this->tpl->setContent($propertie_form->getHTML());
1481  }
1482 
1483 
1484 
1488  public function createRoleMapping(): void
1489  {
1490  $propertie_form = $this->initRoleMappingForm("createRoleMapping");
1491 
1492  if ($propertie_form->checkInput() && $this->rbacReview->roleExists($propertie_form->getInput("role"))) {
1493  $mapping = new ilLDAPRoleGroupMappingSetting(0);
1494  $mapping->setServerId($this->server->getServerId());
1495  $mapping->setURL($propertie_form->getInput("url"));
1496  $mapping->setDN($propertie_form->getInput("dn"));
1497  $mapping->setMemberAttribute($propertie_form->getInput("member"));
1498  $mapping->setMemberISDN((bool) $propertie_form->getInput("memberisdn"));
1499  $mapping->setRoleByName($propertie_form->getInput("role"));
1500  $mapping->setMappingInfo($propertie_form->getInput("info"));
1501  $mapping->setMappingInfoType((bool) $propertie_form->getInput("info_type"));
1502  $mapping->save();
1503 
1504  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'), true);
1505  $this->ctrl->redirect($this, "roleMapping");
1506  } else {
1507  if (!$this->rbacReview->roleExists($propertie_form->getInput("role"))) {
1508  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt("ldap_role_not_exists") . " " .
1509  $propertie_form->getInput("role"));
1510  }
1511  $propertie_form->setValuesByPost();
1512  $this->tpl->setContent($propertie_form->getHTML());
1513  }
1514  }
1515 
1519  public function confirmDeleteRoleMapping(): void
1520  {
1521  if (!$this->mappings) {
1522  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'), true);
1523  $this->ctrl->redirect($this, "roleMapping");
1524  return;
1525  }
1526 
1527  $c_gui = new ilConfirmationGUI();
1528 
1529  // set confirm/cancel commands
1530  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRoleMapping"));
1531  $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass"));
1532  $c_gui->setCancel($this->lng->txt("cancel"), "roleMapping");
1533  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRoleMapping");
1534 
1535  foreach ($this->mappings as $id) {
1536  $mapping = new ilLDAPRoleGroupMappingSetting($id);
1537  $mapping->read();
1538  $txt = $this->lng->txt('obj_role') . ": " . $mapping->getRoleName() . ", ";
1539  $txt .= $this->lng->txt('ldap_group_dn') . ": " . $mapping->getDN() . ", ";
1540  $txt .= $this->lng->txt('ldap_server_short') . " " . $mapping->getURL() . ", ";
1541  $txt .= $this->lng->txt('ldap_group_member_short') . " " . $mapping->getMemberAttribute();
1542 
1543  $c_gui->addItem("mappings[]", (string) $id, $txt);
1544  }
1545  $this->tpl->setContent($c_gui->getHTML());
1546  }
1547 
1548  public function addServerSettings(): void
1549  {
1550  $this->checkAccess("write");
1551 
1552  $this->ctrl->clearParameters($this);
1553 
1554  $this->initForm();
1555  $this->tpl->setContent($this->form_gui->getHTML());
1556  }
1557 
1558  public function editServerSettings(): void
1559  {
1560  $this->checkAccess("write");
1561 
1562  $this->setSubTabs();
1563  $this->tabs_gui->setTabActive('settings');
1564 
1565  $this->initForm();
1566  $this->setServerFormValues();
1567  $this->tpl->setContent($this->form_gui->getHTML());
1568  }
1569 
1570 
1574  public function confirmDeleteServerSettings(): void
1575  {
1576  $this->checkAccess("write");
1577 
1578  if (!$this->ldap_server_id) {
1579  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
1580  $this->serverList();
1581  return;
1582  }
1583 
1584  $c_gui = new ilConfirmationGUI();
1585 
1586  // set confirm/cancel commands
1587  $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteServerSettings"));
1588  $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_server_settings"));
1589  $c_gui->setCancel($this->lng->txt("cancel"), "serverList");
1590  $c_gui->setConfirm($this->lng->txt("confirm"), "deleteServerSettings");
1591 
1592  // add items to delete
1593  $setting = new ilLDAPServer($this->ldap_server_id);
1594  $c_gui->addItem('server_ids[]', (string) $setting->getServerId(), $setting->getName());
1595 
1596  $this->tpl->setContent($c_gui->getHTML());
1597  }
1598 
1602  public function deleteServerSettings(): void
1603  {
1604  if (!$this->server_ids) {
1605  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'));
1606  $this->serverList();
1607  return;
1608  }
1609 
1610  foreach ($this->server_ids as $server_id) {
1611  $setting = new ilLDAPServer($server_id);
1612  $setting->delete();
1613  }
1614  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('deleted'));
1615  $this->ctrl->redirect($this, "serverlist");
1616  }
1617 
1621  public function userMapping(): void
1622  {
1623  $this->initAttributeMapping();
1624 
1625  $this->setSubTabs();
1626  $this->tabs_gui->activateTab('user_mapping');
1627  $this->userMappingToolbar();
1628 
1629  $propertie_form = $this->initUserMappingForm();
1630 
1631  $this->tpl->setContent($propertie_form->getHTML());
1632  }
1633 
1634 
1635 
1636  public function activateServer(): void
1637  {
1638  $this->checkAccess("write");
1639 
1640  $this->server->toggleActive(true);
1641  $this->server->update();
1642  $this->serverList();
1643  }
1644 
1645  public function deactivateServer(): void
1646  {
1647  $this->checkAccess("write");
1648 
1649  $this->server->toggleActive(false);
1650  $this->server->update();
1651  $this->serverList();
1652  }
1653 
1654 
1655 
1656 
1661  private function initRoleMappingForm(string $command): ilPropertyFormGUI
1662  {
1663  $this->setSubTabs();
1664  $this->tabs_gui->activateTab('role_mapping');
1665 
1666  if ($this->mapping_id) {
1667  $this->ctrl->setParameter($this, 'mapping_id', $this->mapping_id);
1668  }
1669 
1670  $propertie_form = new ilPropertyFormGUI();
1671  $propertie_form->setTitle($this->lng->txt('ldap_mapping_table'));
1672  $propertie_form->setFormAction($this->ctrl->getFormAction($this, $command));
1673  $propertie_form->addCommandButton($command, $this->lng->txt('save'));
1674  $propertie_form->addCommandButton("roleMapping", $this->lng->txt('cancel'));
1675 
1676  $url = new ilTextInputGUI($this->lng->txt('ldap_server'));
1677  $url->setPostVar("url");
1678  $url->setSize(50);
1679  $url->setMaxLength(255);
1680  $url->setRequired(true);
1681 
1682  $group_dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn'));
1683  $group_dn->setPostVar("dn");
1684  $group_dn->setSize(50);
1685  $group_dn->setMaxLength(255);
1686  $group_dn->setInfo($this->lng->txt('ldap_dn_info'));
1687  $group_dn->setRequired(true);
1688 
1689  $member = new ilTextInputGUI($this->lng->txt('ldap_group_member'));
1690  $member->setPostVar("member");
1691  $member->setSize(32);
1692  $member->setMaxLength(255);
1693  $member->setInfo($this->lng->txt('ldap_member_info'));
1694  $member->setRequired(true);
1695 
1696  $member_isdn = new ilCheckboxInputGUI("");
1697  $member_isdn->setPostVar("memberisdn");
1698  $member_isdn->setOptionTitle($this->lng->txt('ldap_memberisdn'));
1699 
1700  $role = new ilTextInputGUI($this->lng->txt('ldap_ilias_role'));
1701  $role->setPostVar("role");
1702  $role->setSize(32);
1703  $role->setMaxLength(255);
1704  $role->setInfo($this->lng->txt('ldap_role_info'));
1705  $role->setRequired(true);
1706 
1707  $info = new ilTextAreaInputGUI($this->lng->txt('ldap_info_text'));
1708  $info->setPostVar("info");
1709  $info->setCols(50);
1710  $info->setRows(3);
1711  $info->setInfo($this->lng->txt('ldap_info_text_info'));
1712 
1713  $info_type = new ilCheckboxInputGUI("");
1714  $info_type->setPostVar("info_type");
1715  $info_type->setOptionTitle($this->lng->txt('ldap_mapping_info_type'));
1716 
1717  $propertie_form->addItem($url);
1718  $propertie_form->addItem($group_dn);
1719  $propertie_form->addItem($member);
1720  $propertie_form->addItem($member_isdn);
1721  $propertie_form->addItem($role);
1722  $propertie_form->addItem($info);
1723  $propertie_form->addItem($info_type);
1724 
1725  return $propertie_form;
1726  }
1727 
1728 
1729 
1733  public function addRoleMapping(): void
1734  {
1735  $propertie_form = $this->initRoleMappingForm("createRoleMapping");
1736  if ($propertie_form->getItemByPostVar("url")) {
1737  $propertie_form->getItemByPostVar("url")->setValue($this->server->getUrl());
1738  }
1739  if ($this->mapping_id) {
1740  $mapping = new ilLDAPRoleGroupMappingSetting($this->mapping_id);
1741  $mapping->read();
1742  if ($propertie_form->getItemByPostVar("url")) {
1743  $propertie_form->getItemByPostVar("url")->setValue($mapping->getURL());
1744  }
1745  if ($propertie_form->getItemByPostVar("dn")) {
1746  $propertie_form->getItemByPostVar("dn")->setValue($mapping->getDN());
1747  }
1748  if ($propertie_form->getItemByPostVar("member")) {
1749  $propertie_form->getItemByPostVar("member")->setValue($mapping->getMemberAttribute());
1750  }
1751  if ($propertie_form->getItemByPostVar("memberisdn")) {
1752  $propertie_form->getItemByPostVar("memberisdn")->setChecked($mapping->getMemberISDN());
1753  }
1754  if ($propertie_form->getItemByPostVar("role")) {
1755  $propertie_form->getItemByPostVar("role")->setValue($mapping->getRoleName());
1756  }
1757  if ($propertie_form->getItemByPostVar("info")) {
1758  $propertie_form->getItemByPostVar("info")->setValue($mapping->getMappingInfo());
1759  }
1760  if ($propertie_form->getItemByPostVar("info_type")) {
1761  $propertie_form->getItemByPostVar("info_type")->setChecked($mapping->getMappingInfoType());
1762  }
1763  }
1764 
1765  $this->tpl->setContent($propertie_form->getHTML());
1766  }
1767 
1768 
1772  public function updateRoleMapping(): void
1773  {
1774  $propertie_form = $this->initRoleMappingForm("updateRoleMapping");
1775 
1776  if ($propertie_form->checkInput() && $this->rbacReview->roleExists($propertie_form->getInput("role"))) {
1777  $mapping = new ilLDAPRoleGroupMappingSetting($this->mapping_id);
1778  $mapping->setServerId($this->server->getServerId());
1779  $mapping->setURL($propertie_form->getInput("url"));
1780  $mapping->setDN($propertie_form->getInput("dn"));
1781  $mapping->setMemberAttribute($propertie_form->getInput("member"));
1782  $mapping->setMemberISDN((bool) $propertie_form->getInput("memberisdn"));
1783  $mapping->setRoleByName($propertie_form->getInput("role"));
1784  $mapping->setMappingInfo($propertie_form->getInput("info"));
1785  $mapping->setMappingInfoType((bool) $propertie_form->getInput("info_type"));
1786  $mapping->update();
1787 
1788  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'), true);
1789  $this->ctrl->redirect($this, "roleMapping");
1790  } else {
1791  if (!$this->rbacReview->roleExists($propertie_form->getInput("role"))) {
1792  $this->main_tpl->setOnScreenMessage('failure', $this->lng->txt("ldap_role_not_exists") . " " .
1793  $propertie_form->getInput("role"));
1794  }
1795  $propertie_form->setValuesByPost();
1796  $this->tpl->setContent($propertie_form->getHTML());
1797  }
1798  }
1799 
1803  public function saveSyncronizationSettings(): void
1804  {
1805  $this->server->setRoleBindDN($this->role_bind_user);
1806  $this->server->setRoleBindPassword($this->role_bind_pass);
1807  $this->server->enableRoleSynchronization($this->role_sync_active);
1808 
1809  // Update or create
1810  if ($this->server->getServerId()) {
1811  $this->server->update();
1812  }
1813  $this->main_tpl->setOnScreenMessage('success', $this->lng->txt('settings_saved'), true);
1814  $this->ctrl->redirect($this, "roleMapping");
1815  }
1816 }
ilLDAPServer\checkLDAPLib
static checkLDAPLib()
Check if ldap module is installed.
Definition: class.ilLDAPServer.php:129
ilLDAPSettingsGUI\confirmDeleteRules
confirmDeleteRules()
Confirm delete rules.
Definition: class.ilLDAPSettingsGUI.php:378
ilLDAPSettingsGUI\userMappingToolbar
userMappingToolbar()
Create Toolbar.
Definition: class.ilLDAPSettingsGUI.php:1332
ilSession\get
static get(string $a_var)
Definition: class.ilSession.php:401
ilLDAPSettingsGUI\checkRoleAssignmentInput
checkRoleAssignmentInput(int $a_rule_id=0)
Check role assignment input.
Definition: class.ilLDAPSettingsGUI.php:553
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:26
$res
$res
Definition: ltiservices.php:66
ilComponentRepository
Readable part of repository interface to ilComponentDataDB.
Definition: class.ilComponentRepository.php:24
ilLDAPSettingsGUI\createRoleMapping
createRoleMapping()
Check add screen input and save to db.
Definition: class.ilLDAPSettingsGUI.php:1488
ilLDAPSettingsGUI\loadRoleAssignmentRule
loadRoleAssignmentRule(int $a_rule_id, bool $load_from_form=true)
Load input from form.
Definition: class.ilLDAPSettingsGUI.php:580
ilLDAPSettingsGUI\$role_mapping
ilLDAPRoleGroupMappingSettings $role_mapping
Definition: class.ilLDAPSettingsGUI.php:46
ilLDAPSettingsGUI\__construct
__construct(int $a_auth_ref_id)
Definition: class.ilLDAPSettingsGUI.php:72
$version
$version
Definition: plugin.php:24
ilSelectInputGUI
This class represents a selection list property in a property form.
Definition: class.ilSelectInputGUI.php:26
ilTabsGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilTabsGUI.php:25
ilLDAPSettingsGUI\initFormRoleAssignments
initFormRoleAssignments(string $a_mode)
Init form table for new role assignments.
Definition: class.ilLDAPSettingsGUI.php:1197
ilLDAPSettingsGUI\saveSyncronizationSettings
saveSyncronizationSettings()
save Syncronization Settings on Role Mapping screen
Definition: class.ilLDAPSettingsGUI.php:1803
ilLDAPServer\_getServerList
static _getServerList()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:227
ilLDAPSettingsGUI\$ui_factory
readonly ILIAS UI Factory $ui_factory
Definition: class.ilLDAPSettingsGUI.php:64
ilUserDefinedFields
Additional user data fields definition.
Definition: class.ilUserDefinedFields.php:29
ilRadioOption\setInfo
setInfo(string $a_info)
Definition: class.ilRadioOption.php:54
ilUtil\stripSlashes
static stripSlashes(string $a_str, bool $a_strip_html=true, string $a_allow="")
Definition: class.ilUtil.php:390
ilLDAPServer\_getAllServer
static _getAllServer()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:269
ilLDAPSettingsGUI\$refinery
readonly ILIAS Refinery Factory $refinery
Definition: class.ilLDAPSettingsGUI.php:67
ilLDAPSettingsGUI\prepareGlobalRoleSelection
prepareGlobalRoleSelection()
New implementation for InputForm.
Definition: class.ilLDAPSettingsGUI.php:1133
ilLDAPSettingsGUI\getServer
getServer()
Get server settings.
Definition: class.ilLDAPSettingsGUI.php:255
ilLDAPSettingsGUI\updateRoleMapping
updateRoleMapping()
Check edit screen input and save to db.
Definition: class.ilLDAPSettingsGUI.php:1772
ilLegacyFormElementsUtil\formSelect
static formSelect( $selected, string $varname, array $options, bool $multiple=false, bool $direct_text=false, int $size=0, string $style_class="", array $attribs=[], bool $disabled=false)
Builds a select form field with options and shows the selected option first.
Definition: class.ilLegacyFormElementsUtil.php:316
ilLDAPSettingsGUI\setSubTabs
setSubTabs()
Set sub tabs for ldap section.
Definition: class.ilLDAPSettingsGUI.php:1068
ilLDAPSettingsGUI\editRoleAssignment
editRoleAssignment()
Edit role assignment.
Definition: class.ilLDAPSettingsGUI.php:289
ilLDAPAttributeMappingUtils\_getMappingRulesByClass
static _getMappingRulesByClass(string $a_class)
Get mapping rule by objectClass.
Definition: class.ilLDAPAttributeMappingUtils.php:33
$url
$url
Definition: shib_logout.php:66
ilSelectInputGUI\setOptions
setOptions(array $a_options)
Definition: class.ilSelectInputGUI.php:48
ILIAS\UI\examples\Progress\Bar\server
server()
description: > This example shows how a Progress Bar can be rendered and updated by the server...
Definition: server.php:43
ilLDAPSettingsGUI\setValuesByArray
setValuesByArray()
set values of form array
Definition: class.ilLDAPSettingsGUI.php:312
ilLDAPSettingsGUI\$main_tpl
ilGlobalTemplateInterface $main_tpl
Definition: class.ilLDAPSettingsGUI.php:41
ilLDAPSettingsGUI\showRoleSelection
showRoleSelection()
show role selection
Definition: class.ilLDAPSettingsGUI.php:491
ilLDAPSettingsGUI\$tpl
ilGlobalTemplateInterface $tpl
Definition: class.ilLDAPSettingsGUI.php:35
ilLDAPSettingsGUI\confirmDeleteRoleMapping
confirmDeleteRoleMapping()
confirm delete role mappings
Definition: class.ilLDAPSettingsGUI.php:1519
ilLDAPRoleAssignmentRule\_getRules
static _getRules($a_server_id)
Get all rules.
Definition: class.ilLDAPRoleAssignmentRule.php:196
ilFormPropertyGUI\setPostVar
setPostVar(string $a_postvar)
Definition: class.ilFormPropertyGUI.php:118
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:142
ilQueryParser\setMinWordLength
setMinWordLength(int $a_length)
Definition: class.ilQueryParser.php:77
ilLDAPSettingsGUI\$form_gui
ilPropertyFormGUI $form_gui
Definition: class.ilLDAPSettingsGUI.php:29
ilLDAPSettingsGUI\checkAccess
checkAccess(string $a_permission)
Definition: class.ilLDAPSettingsGUI.php:228
ilLDAPSettingsGUI\addRoleMapping
addRoleMapping()
Add Assigments for role mapping.
Definition: class.ilLDAPSettingsGUI.php:1733
ilLDAPSettingsGUI\$component_repository
ilComponentRepository $component_repository
Definition: class.ilLDAPSettingsGUI.php:42
ilLDAPSettingsGUI\confirmDeleteServerSettings
confirmDeleteServerSettings()
Confirm delete rules.
Definition: class.ilLDAPSettingsGUI.php:1574
ILIAS\FileDelivery\http
static http()
Fetches the global http state from ILIAS.
Definition: HttpServiceAware.php:55
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:26
ilLDAPSettingsGUI\$http
readonly ILIAS HTTP GlobalHttpState $http
Definition: class.ilLDAPSettingsGUI.php:66
ilRoleAutoCompleteInputGUI\echoAutoCompleteList
static echoAutoCompleteList()
Static asynchronous default auto complete function.
Definition: class.ilRoleAutoCompleteInputGUI.php:57
ilObject\_lookupTitle
static _lookupTitle(int $obj_id)
Definition: class.ilObject.php:830
ilLDAPSettingsGUI\deleteRules
deleteRules()
delete role assignment rule
Definition: class.ilLDAPSettingsGUI.php:409
ilLDAPSettingsGUI\$mapping
ilLDAPAttributeMapping $mapping
Definition: class.ilLDAPSettingsGUI.php:28
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:26
ilLDAPSettingsGUI\addRoleAutoCompleteObject
addRoleAutoCompleteObject()
Add Member for autoComplete.
Definition: class.ilLDAPSettingsGUI.php:1324
ilLDAPSettingsGUI\addRoleAssignment
addRoleAssignment()
add new role assignment
Definition: class.ilLDAPSettingsGUI.php:427
$DIC
global $DIC
Definition: shib_login.php:22
ilLDAPAttributeMapping\_lookupGlobalRole
static _lookupGlobalRole(int $a_server_id)
Definition: class.ilLDAPAttributeMapping.php:65
ilLDAPSettingsGUI\userMapping
userMapping()
Ldap User Mapping.
Definition: class.ilLDAPSettingsGUI.php:1621
ilLDAPSettingsGUI\$udf
ilUserDefinedFields $udf
Definition: class.ilLDAPSettingsGUI.php:43
ilPasswordInputGUI
This class represents a password property in a property form.
Definition: class.ilPasswordInputGUI.php:26
ilLDAPSettingsGUI\roleAssignments
roleAssignments()
Edit role assignments.
Definition: class.ilLDAPSettingsGUI.php:263
ilLDAPSettingsGUI\roleMapping
roleMapping()
Role Mapping Tab.
Definition: class.ilLDAPSettingsGUI.php:1397
ilLDAPSettingsGUI\updateRoleAssignment
updateRoleAssignment()
update role assignment
Definition: class.ilLDAPSettingsGUI.php:338
$txt
$txt
Definition: error.php:31
ilFormPropertyGUI\setRequired
setRequired(bool $a_required)
Definition: class.ilFormPropertyGUI.php:155
ilRoleAutoCompleteInputGUI
This class represents a role + autocomplete feature form input.
Definition: class.ilRoleAutoCompleteInputGUI.php:26
ilTable2GUI\setTitle
setTitle(string $a_title, string $a_icon="", string $a_icon_alt="")
Definition: class.ilTable2GUI.php:438
ilLDAPAttributeMapping
This class stores the settings that define the mapping between LDAP attribute and user profile fields...
Definition: class.ilLDAPAttributeMapping.php:26
ilUtil\_sortIds
static _sortIds(array $a_ids, string $a_table, string $a_field, string $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,7),&#39;usr_data&#39;,&#39;lastname&#39;,&#39;usr_id&#39;) => sorts by lastname.
Definition: class.ilUtil.php:1212
$lang
$lang
Definition: xapiexit.php:25
ilLDAPSettingsGUI\initUserMappingForm
initUserMappingForm()
Create Property Form GUI for User Mapping.
Definition: class.ilLDAPSettingsGUI.php:1353
ilLDAPSettingsGUI\saveRoleSelection
saveRoleSelection()
Save role selection.
Definition: class.ilLDAPSettingsGUI.php:521
ilLDAPRoleAssignmentRule\_getInstanceByRuleId
static _getInstanceByRuleId(int $a_rule_id)
Definition: class.ilLDAPRoleAssignmentRule.php:64
ilCombinationInputGUI
This class represents a number property in a property form.
Definition: class.ilCombinationInputGUI.php:26
ILIAS\Repository\form
form( $class_path, string $cmd, string $submit_caption="")
Definition: trait.GlobalDICGUIServices.php:132
ilLDAPRoleGroupMappingSettings\_getInstanceByServerId
static _getInstanceByServerId(int $a_server_id)
Get instance of class.
Definition: class.ilLDAPRoleGroupMappingSettings.php:59
ilLDAPSettingsGUI\$ui_renderer
readonly ILIAS UI Renderer $ui_renderer
Definition: class.ilLDAPSettingsGUI.php:65
ilLDAPAttributeMapping\read
read()
Read mapping settings from db.
Definition: class.ilLDAPAttributeMapping.php:233
ilLDAPSettingsGUI\getAttributeMappingKeys
getAttributeMappingKeys()
Get all possible attribute keys for mapping ldap attribute to ilias user attributes.
Definition: class.ilLDAPSettingsGUI.php:239
$id
$id
plugin.php for ilComponentBuildPluginInfoObjectiveTest::testAddPlugins
Definition: plugin.php:23
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:26
ilAdministrationSettingsFormHandler\addFieldsToForm
static addFieldsToForm(int $a_form_id, ilPropertyFormGUI $a_form, ilObjectGUI $a_parent_gui)
Definition: class.ilAdministrationSettingsFormHandler.php:116
ilLDAPAttributeMapping\save
save()
Save mapping rules to db.
Definition: class.ilLDAPAttributeMapping.php:177
ilLDAPSettingsGUI\$rule
ilLDAPRoleAssignmentRule $rule
Definition: class.ilLDAPSettingsGUI.php:45
ilLDAPSettingsGUI\initRoleMappingForm
initRoleMappingForm(string $command)
init propertyformgui for Assignment of LDAP Attributes to ILIAS User Profile
Definition: class.ilLDAPSettingsGUI.php:1661
ilSession\set
static set(string $a_var, $a_val)
Set a value.
Definition: class.ilSession.php:393
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId(int $a_server_id)
Definition: class.ilLDAPAttributeMapping.php:45
ilLDAPSettingsGUI\$role_mapping_rule
ilLDAPRoleAssignmentRule $role_mapping_rule
Definition: class.ilLDAPSettingsGUI.php:44
ilLDAPSettingsGUI\getRoleAssignmentTable
getRoleAssignmentTable()
Show active role assignments.
Definition: class.ilLDAPSettingsGUI.php:563
ilLDAPSettingsGUI\editRoleMapping
editRoleMapping()
Edit Assigments for role mapping.
Definition: class.ilLDAPSettingsGUI.php:1451