ILIAS  trunk Revision v12.0_alpha-377-g3641b37b9db
Static Public Member Functions
ilShibbolethRoleAssignmentRules Class Reference

This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Learning e.V. More...

+ Collaboration diagram for ilShibbolethRoleAssignmentRules:

Static Public Member Functions

static getCountRules ()
 
static updateAssignments (int $a_usr_id, array $a_data)
 
static doAssignments (int $a_usr_id, array $a_data)
 
static callPlugin (string $a_plugin_id, array $a_user_data)
 

Detailed Description

This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Learning e.V.

ILIAS is licensed with the GPL-3.0, see https://www.gnu.org/licenses/gpl-3.0.en.html You should have received a copy of said license along with the source code, too.

If this is not the case or you just want to try ILIAS, you'll find us at: https://www.ilias.de https://github.com/ILIAS-eLearning Shibboleth role assignment rules

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Fabian Schmid fabia.nosp@m.n.sc.nosp@m.hmid@.nosp@m.ilub.nosp@m..unib.nosp@m.e.ch
Version
$Id$

Definition at line 29 of file class.ilShibbolethRoleAssignmentRules.php.

Member Function Documentation

◆ callPlugin()

static ilShibbolethRoleAssignmentRules::callPlugin ( string  $a_plugin_id,
array  $a_user_data 
)
static

Definition at line 121 of file class.ilShibbolethRoleAssignmentRules.php.

121 : bool
122 {
123 global $DIC;
124 foreach ($DIC['component.factory']->getActivePluginsInSlot('shibhk') as $plugin) {
125 if ($plugin->checkRoleAssignment($a_plugin_id, $a_user_data)) {
126 return true;
127 }
128 }
129 return false;
130 }
$DIC
global $DIC
Definition: shib_login.php:26

References $DIC, and XapiProxy\$plugin.

Referenced by ilShibbolethRoleAssignmentRule\doesMatch(), and ilShibbolethRoleAssignmentRule\matches().

+ Here is the caller graph for this function:

◆ doAssignments()

static ilShibbolethRoleAssignmentRules::doAssignments ( int  $a_usr_id,
array  $a_data 
)
static

Definition at line 93 of file class.ilShibbolethRoleAssignmentRules.php.

93 : bool
94 {
95 global $DIC;
96 $db = $DIC->database();
97 $rbac_admin = $DIC->rbac()->admin();
98 $logger = $DIC->logger()->root();
99 $query = "SELECT rule_id,add_on_update FROM shib_role_assignment WHERE add_on_update = 1";
100 $num_matches = 0;
101 $res = $db->query($query);
102 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
103 $rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
104 if ($rule->doesMatch($a_data)) {
105 $num_matches++;
106 $logger->write(__METHOD__ . ': Assigned to role ' . ilObject::_lookupTitle($rule->getRoleId()));
107 $rbac_admin->assignUser($rule->getRoleId(), $a_usr_id);
108 }
109 }
110 // Assign to default if no matching found
111 if ($num_matches === 0) {
112 $settings = new ilShibbolethSettings();
113 $default_role = $settings->getDefaultRole();
114 $logger->write(__METHOD__ . ': Assigned to default role ' . ilObject::_lookupTitle($default_role));
115 $rbac_admin->assignUser($default_role, $a_usr_id);
116 }
117
118 return true;
119 }
ilObject\_lookupTitle
static _lookupTitle(int $obj_id)
Definition: class.ilObject.php:847
ilShibbolethRoleAssignmentRule
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilShibbolethRoleAssignmentRule.php:30
ilShibbolethSettings
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilShibbolethSettings.php:25
$res
$res
Definition: ltiservices.php:69

References $DIC, $res, ilObject\_lookupTitle(), and ilDBConstants\FETCHMODE_OBJECT.

Referenced by ilAuthProviderShibboleth\doAuthentication().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getCountRules()

static ilShibbolethRoleAssignmentRules::getCountRules ( )
static

Definition at line 51 of file class.ilShibbolethRoleAssignmentRules.php.

51 : int
52 {
53 global $DIC;
54 $db = $DIC->database();
55 $query = "SELECT COUNT(*) num FROM shib_role_assignment ";
56 $res = $db->query($query);
57 $row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
58 return (int) ($row->num ?? 0);
59 }

References $DIC, $res, and ilDBConstants\FETCHMODE_OBJECT.

Referenced by ilAuthShibbolethSettingsGUI\parseRulesTable().

+ Here is the caller graph for this function:

◆ updateAssignments()

static ilShibbolethRoleAssignmentRules::updateAssignments ( int  $a_usr_id,
array  $a_data 
)
static

Definition at line 61 of file class.ilShibbolethRoleAssignmentRules.php.

61 : bool
62 {
63 global $DIC;
64 $db = $DIC->database();
65 $rbac_admin = $DIC->rbac()->admin();
66 $rbac_review = $DIC->rbac()->review();
67 $logger = $DIC->logger()->root();
68 $query = "SELECT rule_id,add_on_update,remove_on_update FROM shib_role_assignment " . "WHERE add_on_update = 1 OR remove_on_update = 1";
69 $res = $db->query($query);
70 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
71 $rule = new ilShibbolethRoleAssignmentRule($row->rule_id);
72 // $matches = $rule->matches($a_data);
73 if ($row->add_on_update && $rule->doesMatch($a_data)) {
74 $logger->write(__METHOD__ . ': Assigned to role ' . ilObject::_lookupTitle($rule->getRoleId()));
75 $rbac_admin->assignUser($rule->getRoleId(), $a_usr_id);
76 }
77 if ($row->remove_on_update && !$rule->doesMatch($a_data)) {
78 $logger->write(__METHOD__ . ': Deassigned from role ' . ilObject::_lookupTitle($rule->getRoleId()));
79 $rbac_admin->deassignUser($rule->getRoleId(), $a_usr_id);
80 }
81 }
82 // check if is assigned to minimum one global role
83 if (!array_intersect($rbac_review->assignedRoles($a_usr_id), $rbac_review->getGlobalRoles())) {
84 $settings = new ilShibbolethSettings();
85 $default_role = $settings->getDefaultRole();
86 $logger->write(__METHOD__ . ': Assigned to default role ' . ilObject::_lookupTitle($default_role));
87 $rbac_admin->assignUser($default_role, $a_usr_id);
88 }
89
90 return true;
91 }

References $DIC, $res, ilObject\_lookupTitle(), and ilDBConstants\FETCHMODE_OBJECT.

Referenced by ilAuthProviderShibboleth\doAuthentication().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:
The documentation for this class was generated from the following file: