1<?php 2/* 3 +-----------------------------------------------------------------------------+ 4 | ILIAS open source | 5 +-----------------------------------------------------------------------------+ 6 | Copyright (c) 1998-2006 ILIAS open source, University of Cologne | 7 | | 8 | This program is free software; you can redistribute it and/or | 9 | modify it under the terms of the GNU General Public License | 10 | as published by the Free Software Foundation; either version 2 | 11 | of the License, or (at your option) any later version. | 12 | | 13 | This program is distributed in the hope that it will be useful, | 14 | but WITHOUT ANY WARRANTY; without even the implied warranty of | 15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 16 | GNU General Public License for more details. | 17 | | 18 | You should have received a copy of the GNU General Public License | 19 | along with this program; if not, write to the Free Software | 20 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | 21 +-----------------------------------------------------------------------------+ 22*/ 23 24/** 25* 26* @author Stefan Meyer <meyer@leifos.com> 27* @version $Id$ 28* 29* 30* @ilCtrl_Calls ilLDAPSettingsGUI: 31* @ingroup ServicesLDAP 32*/ 33class ilLDAPSettingsGUI 34{ 35 private $ref_id = null; 36 private $server = null; 37 private $dic; 38 39 public function __construct($a_auth_ref_id) 40 { 41 global $DIC; 42 43 $this->dic = $DIC; 44 $this->ctrl = $this->dic->ctrl(); 45 $this->tabs_gui = $this->dic->tabs(); 46 $this->lng = $this->dic->language(); 47 $this->lng->loadLanguageModule('ldap'); 48 49 $this->tpl = $this->dic['tpl']; 50 51 if ($_GET["cmd"] != "addServerSettings") { 52 $this->ctrl->saveParameter($this, 'ldap_server_id'); 53 } 54 55 56 $this->ref_id = $a_auth_ref_id; 57 58 59 $this->initServer(); 60 } 61 62 public function executeCommand() 63 { 64 $next_class = $this->ctrl->getNextClass($this); 65 $cmd = $this->ctrl->getCmd(); 66 67 if (!$this->dic->rbac()->system()->checkAccess("visible,read", $this->ref_id) && $cmd != "serverList") { 68 ilUtil::sendFailure($this->lng->txt('msg_no_perm_write'), true); 69 $this->ctrl->redirect($this, "serverList"); 70 } 71 72 73 switch ($next_class) { 74 default: 75 if (!$cmd) { 76 $cmd = "serverList"; 77 } 78 $this->$cmd(); 79 break; 80 } 81 return true; 82 } 83 84 /** 85 * @param string $a_permission 86 */ 87 protected function checkAccess($a_permission) 88 { 89 global $DIC; 90 91 $ilErr = $DIC['ilErr']; 92 93 if (!$this->checkAccessBool($a_permission)) { 94 $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING); 95 } 96 } 97 98 /** 99 * @param string $a_permission 100 * @return bool 101 */ 102 protected function checkAccessBool($a_permission) 103 { 104 global $DIC; 105 106 $access = $DIC->access(); 107 108 return $access->checkAccess($a_permission, '', $this->ref_id); 109 } 110 111 /** 112 * Get server settings 113 * @return ilLDAPServer 114 */ 115 public function getServer() 116 { 117 return $this->server; 118 } 119 120 /** 121 * Edit role assignments 122 * 123 * @access public 124 * 125 */ 126 public function roleAssignments() 127 { 128 global $DIC; 129 130 $rbacreview = $DIC['rbacreview']; 131 132 $this->setSubTabs(); 133 $this->tabs_gui->setTabActive('role_assignments'); 134 135 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP'); 136 137 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php'); 138 $this->initFormRoleAssignments('create', $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId(0)); 139 $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML()); 140 141 142 if (count($rules = ilLDAPRoleAssignmentRule::_getRules($this->server->getServerId()))) { 143 include_once("./Services/LDAP/classes/class.ilLDAPRoleAssignmentTableGUI.php"); 144 $table_gui = new ilLDAPRoleAssignmentTableGUI($this, 'roleAssignments'); 145 $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass")); 146 $table_gui->parse($rules); 147 $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete")); 148 $table_gui->setSelectAllCheckbox("rule_id"); 149 $this->tpl->setVariable('RULES_TBL', $table_gui->getHTML()); 150 } 151 } 152 153 /** 154 * Edit role assignment 155 * 156 * @access public 157 * 158 */ 159 public function editRoleAssignment() 160 { 161 if (!(int) $_GET['rule_id']) { 162 ilUtil::sendFailure($this->lng->txt('select_one')); 163 $this->roleAssignments(); 164 return false; 165 } 166 $this->setSubTabs(); 167 $this->tabs_gui->setTabActive('role_assignments'); 168 169 $this->ctrl->saveParameter($this, 'rule_id', (int) $_GET['rule_id']); 170 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php'); 171 $this->initFormRoleAssignments( 172 'edit', 173 $this->role_mapping_rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId((int) $_GET['rule_id']) 174 ); 175 $this->setValuesByArray(); 176 $this->tpl->setContent($this->form->getHTML()); 177 } 178 179 180 /** 181 * set values of form array 182 * @return 183 */ 184 protected function setValuesByArray() 185 { 186 global $DIC; 187 188 $rbacreview = $DIC['rbacreview']; 189 190 $role_id = $this->role_mapping_rule->getRoleId(); 191 if ($rbacreview->isGlobalRole($role_id)) { 192 $val['role_name'] = 0; 193 $val['role_id'] = $role_id; 194 } else { 195 $val['role_name'] = 1; 196 $val['role_search'] = ilObject::_lookupTitle($role_id); 197 } 198 $val['add_missing'] = (int) $this->role_mapping_rule->isAddOnUpdateEnabled(); 199 $val['remove_deprecated'] = (int) $this->role_mapping_rule->isRemoveOnUpdateEnabled(); 200 $val['type'] = (int) $this->role_mapping_rule->getType(); 201 $val['dn'] = $this->role_mapping_rule->getDN(); 202 $val['at'] = $this->role_mapping_rule->getMemberAttribute(); 203 $val['isdn'] = $this->role_mapping_rule->isMemberAttributeDN(); 204 $val['name'] = $this->role_mapping_rule->getAttributeName(); 205 $val['value'] = $this->role_mapping_rule->getAttributeValue(); 206 $val['plugin_id'] = $this->role_mapping_rule->getPluginId(); 207 208 $this->form->setValuesByArray($val); 209 } 210 211 /** 212 * update role assignment 213 * 214 * @access public 215 * 216 */ 217 public function updateRoleAssignment() 218 { 219 global $DIC; 220 221 $ilErr = $DIC['ilErr']; 222 $ilAccess = $DIC['ilAccess']; 223 224 if (!$ilAccess->checkAccess('write', '', $this->ref_id)) { 225 ilUtil::sendFailure($this->lng->txt('permission_denied'), true); 226 $this->roleAssignment(); 227 return false; 228 } 229 230 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php'); 231 include_once('Services/LDAP/classes/class.ilLDAPServer.php'); 232 233 $this->initFormRoleAssignments('edit'); 234 if (!$this->form->checkInput() or ($err = $this->checkRoleAssignmentInput((int) $_REQUEST['rule_id']))) { 235 if ($err) { 236 ilUtil::sendFailure($this->lng->txt($err)); 237 } 238 239 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP'); 240 241 // DONE: wrap this 242 $this->form->setValuesByPost(); 243 $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML()); 244 #$this->tpl->setVariable('RULES_TBL',$this->getRoleAssignmentTable()); 245 $this->tabs_gui->setSubTabActive('shib_role_assignment'); 246 return true; 247 } 248 249 // Might redirect 250 $this->roleSelection(); 251 252 $this->rule->update(); 253 ilUtil::sendSuccess($this->lng->txt('settings_saved')); 254 $this->roleAssignments(); 255 return true; 256 } 257 258 /** 259 * Confirm delete rules 260 * 261 * @access public 262 * @param 263 * 264 */ 265 public function confirmDeleteRules() 266 { 267 $this->checkAccess("write"); 268 269 if (!is_array($_POST['rule_ids'])) { 270 ilUtil::sendFailure($this->lng->txt('select_one')); 271 $this->roleAssignments(); 272 return false; 273 } 274 $this->setSubTabs(); 275 $this->tabs_gui->setTabActive('role_assignments'); 276 277 include_once("Services/Utilities/classes/class.ilConfirmationGUI.php"); 278 $c_gui = new ilConfirmationGUI(); 279 280 // set confirm/cancel commands 281 $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRules")); 282 $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass")); 283 $c_gui->setCancel($this->lng->txt("cancel"), "roleAssignments"); 284 $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRules"); 285 286 // add items to delete 287 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php'); 288 foreach ($_POST["rule_ids"] as $rule_id) { 289 $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id); 290 $c_gui->addItem('rule_ids[]', $rule_id, $rule->conditionToString()); 291 } 292 $this->tpl->setContent($c_gui->getHTML()); 293 } 294 295 /** 296 * delete role assignment rule 297 * 298 * @access public 299 * 300 */ 301 public function deleteRules() 302 { 303 if (!is_array($_POST['rule_ids'])) { 304 ilUtil::sendFailure($this->lng->txt('select_once')); 305 $this->roleAssignments(); 306 return false; 307 } 308 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php'); 309 foreach ($_POST["rule_ids"] as $rule_id) { 310 $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($rule_id); 311 $rule->delete(); 312 } 313 ilUtil::sendSuccess($this->lng->txt('ldap_deleted_rule')); 314 $this->roleAssignments(); 315 return true; 316 } 317 318 /** 319 * add new role assignment 320 * 321 * @access public 322 * 323 */ 324 public function addRoleAssignment() 325 { 326 global $DIC; 327 328 $ilErr = $DIC['ilErr']; 329 $ilAccess = $DIC['ilAccess']; 330 331 if (!$ilAccess->checkAccess('write', '', $this->ref_id)) { 332 ilUtil::sendFailure($this->lng->txt('permission_denied'), true); 333 $this->roleAssignment(); 334 return false; 335 } 336 337 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php'); 338 include_once('Services/LDAP/classes/class.ilLDAPServer.php'); 339 340 $this->initFormRoleAssignments('create'); 341 if (!$this->form->checkInput() or ($err = $this->checkRoleAssignmentInput())) { 342 if ($err) { 343 ilUtil::sendFailure($this->lng->txt($err)); 344 } 345 346 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_assignments.html', 'Services/LDAP'); 347 348 // DONE: wrap this 349 $this->form->setValuesByPost(); 350 $this->tpl->setVariable('NEW_ASSIGNMENT_TBL', $this->form->getHTML()); 351 $this->tpl->setVariable('RULES_TBL', $this->getRoleAssignmentTable()); 352 $this->tabs_gui->setSubTabActive('shib_role_assignment'); 353 return true; 354 } 355 356 // Might redirect 357 $this->roleSelection(); 358 359 $this->rule->create(); 360 ilUtil::sendSuccess($this->lng->txt('settings_saved')); 361 unset($_POST); 362 $this->roleAssignments(); 363 return true; 364 } 365 366 /** 367 * 368 * @return 369 */ 370 protected function roleSelection() 371 { 372 if ($this->rule->getRoleId() > 0) { 373 return false; 374 } 375 $_SESSION['ldap_role_ass']['server_id'] = $this->getServer()->getServerId(); 376 $_SESSION['ldap_role_ass']['rule_id'] = $_REQUEST['rule_id'] ? $_REQUEST['rule_id'] : 0; 377 $_SESSION['ldap_role_ass']['role_search'] = $this->form->getInput('role_search'); 378 $_SESSION['ldap_role_ass']['add_on_update'] = $this->form->getInput('add_missing'); 379 $_SESSION['ldap_role_ass']['remove_on_update'] = $this->form->getInput('remove_deprecated'); 380 $_SESSION['ldap_role_ass']['type'] = $this->form->getInput('type'); 381 $_SESSION['ldap_role_ass']['dn'] = $this->form->getInput('dn'); 382 $_SESSION['ldap_role_ass']['at'] = $this->form->getInput('at'); 383 $_SESSION['ldap_role_ass']['isdn'] = $this->form->getInput('isdn'); 384 $_SESSION['ldap_role_ass']['name'] = $this->form->getInput('name'); 385 $_SESSION['ldap_role_ass']['value'] = $this->form->getInput('value'); 386 $_SESSION['ldap_role_ass']['plugin'] = $this->form->getInput('plugin_id'); 387 388 389 $this->ctrl->saveParameter($this, 'rule_id'); 390 $this->ctrl->redirect($this, 'showRoleSelection'); 391 } 392 393 394 395 /** 396 * show role selection 397 * @return 398 */ 399 protected function showRoleSelection() 400 { 401 $this->setSubTabs(); 402 $this->tabs_gui->setTabActive('role_assignment'); 403 $this->ctrl->saveParameter($this, 'rule_id'); 404 405 include_once './Services/Search/classes/class.ilQueryParser.php'; 406 $parser = new ilQueryParser($_SESSION['ldap_role_ass']['role_search']); 407 $parser->setMinWordLength(1, true); 408 $parser->setCombination(QP_COMBINATION_AND); 409 $parser->parse(); 410 411 include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php'; 412 $object_search = new ilLikeObjectSearch($parser); 413 $object_search->setFilter(array('role')); 414 $res = $object_search->performSearch(); 415 416 $entries = $res->getEntries(); 417 418 include_once './Services/AccessControl/classes/class.ilRoleSelectionTableGUI.php'; 419 $table = new ilRoleSelectionTableGUI($this, 'showRoleSelection'); 420 $table->setTitle($this->lng->txt('ldap_role_selection')); 421 $table->addMultiCommand('saveRoleSelection', $this->lng->txt('ldap_choose_role')); 422 #$table->addCommandButton('roleAssignment',$this->lng->txt('cancel')); 423 $table->parse($entries); 424 425 $this->tpl->setContent($table->getHTML()); 426 return true; 427 } 428 429 /** 430 * Save role selection 431 * @return 432 */ 433 protected function saveRoleSelection() 434 { 435 global $DIC; 436 437 $ilErr = $DIC['ilErr']; 438 $ilAccess = $DIC['ilAccess']; 439 440 if (!$ilAccess->checkAccess('write', '', $this->ref_id)) { 441 ilUtil::sendFailure($this->lng->txt('permission_denied'), true); 442 $this->roleAssignment(); 443 return false; 444 } 445 446 if (!(int) $_REQUEST['role_id']) { 447 ilUtil::sendFailure($this->lng->txt('select_one')); 448 $this->showRoleSelection(); 449 return false; 450 } 451 452 $this->loadRoleAssignmentRule((int) $_REQUEST['rule_id'], false); 453 $this->rule->setRoleId((int) $_REQUEST['role_id']); 454 455 if ((int) $_REQUEST['rule_id']) { 456 $this->rule->update(); 457 } else { 458 $this->rule->create(); 459 } 460 461 ilUtil::sendSuccess($this->lng->txt('settings_saved')); 462 $this->roleAssignments(); 463 return true; 464 } 465 466 467 /** 468 * Check role assignment input 469 * @return 470 * @param int $a_rule_id 471 */ 472 protected function checkRoleAssignmentInput($a_rule_id = 0) 473 { 474 global $DIC; 475 476 $ilErr = $DIC['ilErr']; 477 478 $this->loadRoleAssignmentRule($a_rule_id); 479 $this->rule->validate(); 480 return $ilErr->getMessage(); 481 } 482 483 484 /** 485 * Show active role assignments 486 * @return 487 */ 488 protected function getRoleAssignmentTable() 489 { 490 if (count($rules = ilLDAPRoleAssignmentRule::_getRules($this->server->getServerId()))) { 491 include_once("./Services/LDAP/classes/class.ilLDAPRoleAssignmentTableGUI.php"); 492 $table_gui = new ilLDAPRoleAssignmentTableGUI($this, 'roleAssignments'); 493 $table_gui->setTitle($this->lng->txt("ldap_tbl_role_ass")); 494 $table_gui->parse($rules); 495 $table_gui->addMultiCommand("confirmDeleteRules", $this->lng->txt("delete")); 496 $table_gui->setSelectAllCheckbox("rule_id"); 497 return $table_gui->getHTML(); 498 } 499 return ''; 500 } 501 502 503 /** 504 * Load input from form 505 * @return 506 * @param object $a_rule_id 507 */ 508 protected function loadRoleAssignmentRule($a_rule_id, $a_from_form = true) 509 { 510 if (is_object($this->rule)) { 511 return true; 512 } 513 514 include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php'; 515 $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id); 516 517 518 if ($a_from_form) { 519 if ($this->form->getInput('role_name') == 0) { 520 $this->rule->setRoleId($this->form->getInput('role_id')); 521 } elseif ($this->form->getInput('role_search')) { 522 // Search role 523 include_once './Services/Search/classes/class.ilQueryParser.php'; 524 525 $parser = new ilQueryParser('"' . $this->form->getInput('role_search') . '"'); 526 527 // TODO: Handle minWordLength 528 $parser->setMinWordLength(1, true); 529 $parser->setCombination(QP_COMBINATION_AND); 530 $parser->parse(); 531 532 include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php'; 533 $object_search = new ilLikeObjectSearch($parser); 534 $object_search->setFilter(array('role')); 535 $res = $object_search->performSearch(); 536 537 $entries = $res->getEntries(); 538 if (count($entries) == 1) { 539 $role = current($entries); 540 $this->rule->setRoleId($role['obj_id']); 541 } elseif (count($entries) > 1) { 542 $this->rule->setRoleId(-1); 543 } 544 } 545 546 $this->rule->setAttributeName($this->form->getInput('name')); 547 $this->rule->setAttributeValue($this->form->getInput('value')); 548 $this->rule->setDN($this->form->getInput('dn')); 549 $this->rule->setMemberAttribute($this->form->getInput('at')); 550 $this->rule->setMemberIsDN($this->form->getInput('isdn')); 551 $this->rule->enableAddOnUpdate($this->form->getInput('add_missing')); 552 $this->rule->enableRemoveOnUpdate($this->form->getInput('remove_deprecated')); 553 $this->rule->setPluginId($this->form->getInput('plugin_id')); 554 $this->rule->setType($this->form->getInput('type')); 555 $this->rule->setServerId($this->getServer()->getServerId()); 556 return true; 557 } 558 559 // LOAD from session 560 $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id); 561 $this->rule->setServerId($this->getServer()->getServerId()); 562 $this->rule->enableAddOnUpdate((int) $_SESSION['ldap_role_ass']['add_on_update']); 563 $this->rule->enableRemoveOnUpdate((int) $_SESSION['ldap_role_ass']['remove_on_update']); 564 $this->rule->setType(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['type'])); 565 $this->rule->setDN(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['dn'])); 566 $this->rule->setMemberAttribute(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['at'])); 567 $this->rule->setMemberIsDN(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['isdn'])); 568 $this->rule->setAttributeName(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['name'])); 569 $this->rule->setAttributeValue(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['value'])); 570 $this->rule->setPluginId(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['plugin'])); 571 return true; 572 } 573 574 public function deleteRoleMapping() 575 { 576 if (!count($_POST['mappings'])) { 577 ilUtil::sendFailure($this->lng->txt('select_one')); 578 $this->roleMapping(); 579 return false; 580 } 581 582 $this->initRoleMapping(); 583 584 foreach ($_POST['mappings'] as $mapping_id) { 585 $this->role_mapping->delete($mapping_id); 586 } 587 ilUtil::sendSuccess($this->lng->txt('ldap_deleted_role_mapping')); 588 $this->roleMapping(); 589 return true; 590 } 591 592 public function chooseMapping() 593 { 594 if (!$_POST['mapping_template']) { 595 $this->userMapping(); 596 return; 597 } 598 599 $this->initAttributeMapping(); 600 $this->mapping->clearRules(); 601 602 include_once('Services/LDAP/classes/class.ilLDAPAttributeMappingUtils.php'); 603 foreach (ilLDAPAttributeMappingUtils::_getMappingRulesByClass($_POST['mapping_template']) as $key => $value) { 604 $this->mapping->setRule($key, $value, 0); 605 } 606 $this->userMapping(); 607 return true; 608 } 609 610 public function saveMapping() 611 { 612 $this->initAttributeMapping(); 613 $this->tabs_gui->setTabActive('role_mapping'); 614 615 foreach ($this->getMappingFields() as $key => $mapping) { 616 $this->mapping->setRule($key, ilUtil::stripSlashes($_POST[$key . '_value']), (int) $_POST[$key . '_update']); 617 } 618 $this->initUserDefinedFields(); 619 foreach ($this->udf->getDefinitions() as $definition) { 620 $key = 'udf_' . $definition['field_id']; 621 $this->mapping->setRule($key, ilUtil::stripSlashes($_POST[$key . '_value']), (int) $_POST[$key . '_update']); 622 } 623 624 $this->mapping->save(); 625 $this->userMapping(); 626 627 ilUtil::sendSuccess($this->lng->txt('settings_saved')); 628 unset($_POST['mapping_template']); 629 return; 630 } 631 632 public function serverList() 633 { 634 global $DIC; 635 636 if (!$this->dic->rbac()->system()->checkAccess("visible,read", $this->ref_id) && $cmd != "serverList") { 637 $DIC['ilErr']->raiseError($this->lng->txt('msg_no_perm_read'), $DIC['ilErr']->WARNING); 638 } 639 640 if (!ilLDAPServer::checkLDAPLib() and $this->server->isActive()) { 641 ilUtil::sendFailure('Missing LDAP libraries. Please ensure that the PHP LDAP module is installed on your server.'); 642 } 643 644 if ($this->dic->rbac()->system()->checkAccess("write", $this->ref_id)) { 645 $DIC->toolbar()->addButton( 646 $this->lng->txt("add_ldap_server"), 647 $this->ctrl->getLinkTarget($this, "addServerSettings") 648 ); 649 } 650 651 include_once './Services/LDAP/classes/class.ilLDAPServerTableGUI.php'; 652 653 $table = new ilLDAPServerTableGUI($this, "serverList"); 654 655 656 return $this->tpl->setContent($table->getHTML()); 657 } 658 659 public function setServerFormValues() 660 { 661 $this->form_gui->setValuesByArray(array( 662 'active' => $this->server->isActive(), 663 'ds' => !$this->server->isAuthenticationEnabled(), 664 'server_name' => $this->server->getName(), 665 'server_url' => $this->server->getUrlString(), 666 'version' => $this->server->getVersion(), 667 'base_dn' => $this->server->getBaseDN(), 668 'referrals' => $this->server->isActiveReferrer(), 669 'tls' => $this->server->isActiveTLS(), 670 'binding_type' => $this->server->getBindingType(), 671 'bind_dn' => $this->server->getBindUser(), 672 'bind_pass' => $this->server->getBindPassword(), 673 'bind_pass_retype' => $this->server->getBindPassword(), 674 'search_base' => $this->server->getSearchBase(), 675 'user_scope' => $this->server->getUserScope(), 676 'user_attribute' => $this->server->getUserAttribute(), 677 'filter' => $this->server->getFilter(), 678 'group_dn' => $this->server->getGroupDN(), 679 'group_scope' => $this->server->getGroupScope(), 680 'group_filter' => $this->server->getGroupFilter(), 681 'group_member' => $this->server->getGroupMember(), 682 'memberisdn' => $this->server->enabledGroupMemberIsDN(), 683 'group' => $this->server->getGroupName(), 684 'group_attribute' => $this->server->getGroupAttribute(), 685 'group_optional' => $this->server->isMembershipOptional(), 686 'group_user_filter' => $this->server->getGroupUserFilter(), 687 'sync_on_login' => $this->server->enabledSyncOnLogin(), 688 'sync_per_cron' => $this->server->enabledSyncPerCron(), 689 'global_role' => ilLDAPAttributeMapping::_lookupGlobalRole($this->server->getServerId()), 690 'migration' => (int) $this->server->isAccountMigrationEnabled(), 691 "name_filter" => $this->server->getUsernameFilter(), 692 'escape_dn' => $this->server->enabledEscapeDN() 693 )); 694 } 695 696 private function initForm() 697 { 698 include_once 'Services/Form/classes/class.ilPropertyFormGUI.php'; 699 700 $this->form_gui = new ilPropertyFormGUI(); 701 $this->form_gui->setFormAction($this->ctrl->getFormAction($this, 'save')); 702 $this->form_gui->setTitle($this->lng->txt('ldap_configure')); 703 704 $active = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_enable'), 'active'); 705 $active->setValue(1); 706 $this->form_gui->addItem($active); 707 708 $ds = new ilCheckboxInputGUI($this->lng->txt('ldap_as_ds'), 'ds'); 709 $ds->setValue(1); 710 $ds->setInfo($this->lng->txt('ldap_as_ds_info')); 711 $this->form_gui->addItem($ds); 712 713 $servername = new ilTextInputGUI($this->lng->txt('ldap_server_name'), 'server_name'); 714 $servername->setRequired(true); 715 $servername->setInfo($this->lng->txt('ldap_server_name_info')); 716 $servername->setSize(32); 717 $servername->setMaxLength(32); 718 $this->form_gui->addItem($servername); 719 720 // start Patch Name Filter 721 $namefilter = new ilTextInputGUI($this->lng->txt('ldap_username_filter'), "name_filter");//ADD LANG VAR 722 $namefilter->setInfo($this->lng->txt("ldap_username_filter_info")); 723 $namefilter->setSize(64); 724 $namefilter->setMaxLength(255); 725 $this->form_gui->addItem($namefilter); 726 // end Patch Name Filter 727 728 $serverurl = new ilTextInputGUI($this->lng->txt('ldap_server'), 'server_url'); 729 $serverurl->setRequired(true); 730 $serverurl->setInfo($this->lng->txt('ldap_server_url_info')); 731 $serverurl->setSize(64); 732 $serverurl->setMaxLength(255); 733 $this->form_gui->addItem($serverurl); 734 735 $version = new ilSelectInputGUI($this->lng->txt('ldap_version'), 'version'); 736 $version->setOptions(array(2 => 2, 3 => 3)); 737 $version->setInfo($this->lng->txt('ldap_server_version_info')); 738 $this->form_gui->addItem($version); 739 740 $basedsn = new ilTextInputGUI($this->lng->txt('basedn'), 'base_dn'); 741 $basedsn->setRequired(true); 742 $basedsn->setSize(64); 743 $basedsn->setMaxLength(255); 744 $this->form_gui->addItem($basedsn); 745 746 $referrals = new ilCheckboxInputGUI($this->lng->txt('ldap_referrals'), 'referrals'); 747 $referrals->setValue(1); 748 $referrals->setInfo($this->lng->txt('ldap_referrals_info')); 749 $this->form_gui->addItem($referrals); 750 751 $section_security = new ilFormSectionHeaderGUI(); 752 $section_security->setTitle($this->lng->txt('ldap_server_security_settings')); 753 $this->form_gui->addItem($section_security); 754 755 $tls = new ilCheckboxInputGUI($this->lng->txt('ldap_tls'), 'tls'); 756 $tls->setValue(1); 757 $this->form_gui->addItem($tls); 758 759 $binding = new ilRadioGroupInputGUI($this->lng->txt('ldap_server_binding'), 'binding_type'); 760 $anonymous = new ilRadioOption($this->lng->txt('ldap_bind_anonymous'), IL_LDAP_BIND_ANONYMOUS); 761 $binding->addOption($anonymous); 762 $user = new ilRadioOption($this->lng->txt('ldap_bind_user'), IL_LDAP_BIND_USER); 763 $dn = new ilTextInputGUI($this->lng->txt('ldap_server_bind_dn'), 'bind_dn'); 764 $dn->setSize(64); 765 $dn->setMaxLength(255); 766 $user->addSubItem($dn); 767 $pass = new ilPasswordInputGUI($this->lng->txt('ldap_server_bind_pass'), 'bind_pass'); 768 $pass->setSkipSyntaxCheck(true); 769 $pass->setSize(12); 770 $pass->setMaxLength(36); 771 $user->addSubItem($pass); 772 $binding->addOption($user); 773 $this->form_gui->addItem($binding); 774 775 $section_auth = new ilFormSectionHeaderGUI(); 776 $section_auth->setTitle($this->lng->txt('ldap_authentication_settings')); 777 $this->form_gui->addItem($section_auth); 778 779 $search_base = new ilTextInputGUI($this->lng->txt('ldap_user_dn'), 'search_base'); 780 $search_base->setInfo($this->lng->txt('ldap_search_base_info')); 781 $search_base->setSize(64); 782 $search_base->setMaxLength(255); 783 $this->form_gui->addItem($search_base); 784 785 $user_scope = new ilSelectInputGUI($this->lng->txt('ldap_user_scope'), 'user_scope'); 786 $user_scope->setOptions(array(IL_LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'), 787 IL_LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub'))); 788 $user_scope->setInfo($this->lng->txt('ldap_user_scope_info')); 789 $this->form_gui->addItem($user_scope); 790 791 $user_attribute = new ilTextInputGUI($this->lng->txt('ldap_user_attribute'), 'user_attribute'); 792 $user_attribute->setSize(16); 793 $user_attribute->setMaxLength(64); 794 $user_attribute->setRequired(true); 795 $this->form_gui->addItem($user_attribute); 796 797 $filter = new ilTextInputGUI($this->lng->txt('ldap_search_filter'), 'filter'); 798 $filter->setInfo($this->lng->txt('ldap_filter_info')); 799 $filter->setSize(64); 800 $filter->setMaxLength(512); 801 $this->form_gui->addItem($filter); 802 803 $section_restrictions = new ilFormSectionHeaderGUI(); 804 $section_restrictions->setTitle($this->lng->txt('ldap_group_restrictions')); 805 $this->form_gui->addItem($section_restrictions); 806 807 $group_dn = new ilTextInputGUI($this->lng->txt('ldap_group_search_base'), 'group_dn'); 808 $group_dn->setInfo($this->lng->txt('ldap_group_dn_info')); 809 $group_dn->setSize(64); 810 $group_dn->setMaxLength(255); 811 $this->form_gui->addItem($group_dn); 812 813 $group_scope = new ilSelectInputGUI($this->lng->txt('ldap_group_scope'), 'group_scope'); 814 $group_scope->setOptions(array(IL_LDAP_SCOPE_ONE => $this->lng->txt('ldap_scope_one'), 815 IL_LDAP_SCOPE_SUB => $this->lng->txt('ldap_scope_sub'))); 816 $group_scope->setInfo($this->lng->txt('ldap_group_scope_info')); 817 $this->form_gui->addItem($group_scope); 818 819 $group_filter = new ilTextInputGUI($this->lng->txt('ldap_group_filter'), 'group_filter'); 820 $group_filter->setInfo($this->lng->txt('ldap_group_filter_info')); 821 $group_filter->setSize(64); 822 $group_filter->setMaxLength(255); 823 $this->form_gui->addItem($group_filter); 824 825 $group_member = new ilTextInputGUI($this->lng->txt('ldap_group_member'), 'group_member'); 826 $group_member->setInfo($this->lng->txt('ldap_group_member_info')); 827 $group_member->setSize(32); 828 $group_member->setMaxLength(255); 829 $this->form_gui->addItem($group_member); 830 831 832 $group_member_isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_memberisdn'), 'memberisdn'); 833 #$group_member_isdn->setInfo($this->lng->txt('ldap_group_member_info')); 834 $this->form_gui->addItem($group_member_isdn); 835 #$group_member->addSubItem($group_member_isdn); 836 837 $escapedn = new ilCheckboxInputGUI($this->lng->txt('ldap_escapedn'), 'escape_dn'); 838 $escapedn->setValue(1); 839 $escapedn->setInfo($this->lng->txt('ldap_escapedn_info')); 840 $this->form_gui->addItem($escapedn); 841 842 $group = new ilTextInputGUI($this->lng->txt('ldap_group_name'), 'group'); 843 $group->setInfo($this->lng->txt('ldap_group_name_info')); 844 $group->setSize(32); 845 $group->setMaxLength(255); 846 $this->form_gui->addItem($group); 847 848 $group_atrr = new ilTextInputGUI($this->lng->txt('ldap_group_attribute'), 'group_attribute'); 849 $group_atrr->setInfo($this->lng->txt('ldap_group_attribute_info')); 850 $group_atrr->setSize(16); 851 $group_atrr->setMaxLength(64); 852 $this->form_gui->addItem($group_atrr); 853 854 $group_optional = new ilCheckboxInputGUI($this->lng->txt('ldap_group_membership'), 'group_optional'); 855 $group_optional->setOptionTitle($this->lng->txt('ldap_group_member_optional')); 856 $group_optional->setInfo($this->lng->txt('ldap_group_optional_info')); 857 $group_optional->setValue(1); 858 $group_user_filter = new ilTextInputGUI($this->lng->txt('ldap_group_user_filter'), 'group_user_filter'); 859 $group_user_filter->setSize(64); 860 $group_user_filter->setMaxLength(255); 861 $group_optional->addSubItem($group_user_filter); 862 $this->form_gui->addItem($group_optional); 863 864 $section_sync = new ilFormSectionHeaderGUI(); 865 $section_sync->setTitle($this->lng->txt('ldap_user_sync')); 866 $this->form_gui->addItem($section_sync); 867 868 $ci_gui = new ilCustomInputGUI($this->lng->txt('ldap_moment_sync')); 869 $sync_on_login = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_login'), 'sync_on_login'); 870 $sync_on_login->setValue(1); 871 $ci_gui->addSubItem($sync_on_login); 872 $sync_per_cron = new ilCheckboxInputGUI($this->lng->txt('ldap_sync_cron'), 'sync_per_cron'); 873 $sync_per_cron->setValue(1); 874 $ci_gui->addSubItem($sync_per_cron); 875 $ci_gui->setInfo($this->lng->txt('ldap_user_sync_info')); 876 $this->form_gui->addItem($ci_gui); 877 878 $global_role = new ilSelectInputGUI($this->lng->txt('ldap_global_role_assignment'), 'global_role'); 879 $global_role->setOptions($this->prepareRoleSelect(false)); 880 $global_role->setInfo($this->lng->txt('ldap_global_role_info')); 881 $this->form_gui->addItem($global_role); 882 883 $migr = new ilCheckboxInputGUI($this->lng->txt('auth_ldap_migration'), 'migration'); 884 $migr->setInfo($this->lng->txt('auth_ldap_migration_info')); 885 $migr->setValue(1); 886 $this->form_gui->addItem($migr); 887 888 889 include_once "Services/Administration/classes/class.ilAdministrationSettingsFormHandler.php"; 890 ilAdministrationSettingsFormHandler::addFieldsToForm( 891 ilAdministrationSettingsFormHandler::FORM_LDAP, 892 $this->form_gui, 893 ilAdministrationSettingsFormHandler::getSettingsGUIInstance("auth") 894 ); 895 896 897 $this->form_gui->addCommandButton('save', $this->lng->txt('save')); 898 if ($_GET["cmd"] == "addServerSettings") { 899 $this->form_gui->addCommandButton('serverList', $this->lng->txt('cancel')); 900 } 901 } 902 903 /* 904 * Update Settings 905 */ 906 public function save() 907 { 908 global $DIC; 909 910 $ilErr = $DIC['ilErr']; 911 912 $this->setSubTabs(); 913 $this->tabs_gui->setTabActive('settings'); 914 915 $this->initForm(); 916 if ($this->form_gui->checkInput()) { 917 $this->server->toggleActive((int) $this->form_gui->getInput('active')); 918 $this->server->enableAuthentication(!$this->form_gui->getInput('ds')); 919 $this->server->setName($this->form_gui->getInput('server_name')); 920 $this->server->setUrl($this->form_gui->getInput('server_url')); 921 $this->server->setVersion($this->form_gui->getInput('version')); 922 $this->server->setBaseDN($this->form_gui->getInput('base_dn')); 923 $this->server->toggleReferrer($this->form_gui->getInput('referrals')); 924 $this->server->toggleTLS($this->form_gui->getInput('tls')); 925 $this->server->setBindingType((int) $this->form_gui->getInput('binding_type')); 926 $this->server->setBindUser($this->form_gui->getInput('bind_dn')); 927 $this->server->setBindPassword($this->form_gui->getInput('bind_pass')); 928 $this->server->setSearchBase($this->form_gui->getInput('search_base')); 929 $this->server->setUserScope($this->form_gui->getInput('user_scope')); 930 $this->server->setUserAttribute($this->form_gui->getInput('user_attribute')); 931 $this->server->setFilter($this->form_gui->getInput('filter')); 932 $this->server->setGroupDN($this->form_gui->getInput('group_dn')); 933 $this->server->setGroupScope((int) $this->form_gui->getInput('group_scope')); 934 $this->server->setGroupFilter($this->form_gui->getInput('group_filter')); 935 $this->server->setGroupMember($this->form_gui->getInput('group_member')); 936 $this->server->enableGroupMemberIsDN((int) $this->form_gui->getInput('memberisdn')); 937 $this->server->setGroupName($this->form_gui->getInput('group')); 938 $this->server->setGroupAttribute($this->form_gui->getInput('group_attribute')); 939 $this->server->setGroupUserFilter($this->form_gui->getInput('group_user_filter')); 940 $this->server->toggleMembershipOptional((int) $this->form_gui->getInput('group_optional')); 941 $this->server->enableSyncOnLogin((int) $this->form_gui->getInput('sync_on_login')); 942 $this->server->enableSyncPerCron((int) $this->form_gui->getInput('sync_per_cron')); 943 $this->server->setGlobalRole((int) $this->form_gui->getInput('global_role')); 944 $this->server->enableAccountMigration((int) $this->form_gui->getInput('migration')); 945 $this->server->setUsernameFilter($this->form_gui->getInput("name_filter")); 946 $this->server->enableEscapeDN((bool) $this->form_gui->getInput('escape_dn')); 947 if (!$this->server->validate()) { 948 ilUtil::sendFailure($ilErr->getMessage()); 949 $this->form_gui->setValuesByPost(); 950 return $this->tpl->setContent($this->form_gui->getHtml()); 951 } 952 953 // Update or create 954 if ($this->server->getServerId()) { 955 $this->server->update(); 956 } else { 957 $this->server->create(); 958 } 959 960 // Now server_id exists => update LDAP attribute mapping 961 $this->initAttributeMapping(); 962 $this->mapping->setRule('global_role', (int) $this->form_gui->getInput('global_role'), false); 963 $this->mapping->save(); 964 965 ilUtil::sendSuccess($this->lng->txt('settings_saved'), true); 966 $this->ctrl->redirect($this, 'serverList'); 967 return true; 968 } 969 970 $this->form_gui->setValuesByPost(); 971 return $this->tpl->setContent($this->form_gui->getHtml()); 972 } 973 974 975 976 /** 977 * Set sub tabs for ldap section 978 * 979 * @access private 980 */ 981 private function setSubTabs() 982 { 983 $this->tabs_gui->clearTargets(); 984 985 $this->tabs_gui->setBackTarget( 986 $this->lng->txt("back"), 987 $this->ctrl->getLinkTarget($this, 'serverList') 988 ); 989 990 /*$this->tabs_gui->addSubTabTarget("ldap_settings", 991 $this->ctrl->getLinkTarget($this,'serverList'), 992 "serverList",get_class($this));*/ 993 994 $this->tabs_gui->addTab( 995 "settings", 996 $this->lng->txt("ldap_settings"), 997 $this->ctrl->getLinkTarget($this, 'editServerSettings') 998 ); 999 1000 // Disable all other tabs, if server hasn't been configured. 1001 include_once('Services/LDAP/classes/class.ilLDAPServer.php'); 1002 if (!count(ilLDAPServer::_getServerList())) { 1003 return true; 1004 } 1005 1006 /*$this->tabs_gui->addSubTabTarget("ldap_user_mapping", 1007 $this->ctrl->getLinkTarget($this,'userMapping'), 1008 "userMapping",get_class($this));*/ 1009 1010 $this->tabs_gui->addTab( 1011 "user_mapping", 1012 $this->lng->txt("ldap_user_mapping"), 1013 $this->ctrl->getLinkTarget($this, 'userMapping') 1014 ); 1015 1016 /*$this->tabs_gui->addSubTabTarget('ldap_role_assignments', 1017 $this->ctrl->getLinkTarget($this,'roleAssignments'), 1018 "roleAssignments",get_class($this));*/ 1019 1020 $this->tabs_gui->addTab( 1021 "role_assignments", 1022 $this->lng->txt('ldap_role_assignments'), 1023 $this->ctrl->getLinkTarget($this, 'roleAssignments') 1024 ); 1025 1026 /*$this->tabs_gui->addSubTabTarget("ldap_role_mapping", 1027 $this->ctrl->getLinkTarget($this,'roleMapping'), 1028 "roleMapping",get_class($this)); 1029 "roleMapping",get_class($this));*/ 1030 $this->tabs_gui->addTab( 1031 "role_mapping", 1032 $this->lng->txt("ldap_role_mapping"), 1033 $this->ctrl->getLinkTarget($this, 'roleMapping') 1034 ); 1035 } 1036 1037 1038 private function initServer() 1039 { 1040 include_once './Services/LDAP/classes/class.ilLDAPServer.php'; 1041 if (!$_REQUEST['ldap_server_id']) { 1042 $_REQUEST['ldap_server_id'] = 0; 1043 } 1044 $this->server = new ilLDAPServer((int) $_REQUEST['ldap_server_id']); 1045 } 1046 1047 private function initAttributeMapping() 1048 { 1049 include_once './Services/LDAP/classes/class.ilLDAPAttributeMapping.php'; 1050 $this->mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->getServer()->getServerId()); 1051 } 1052 1053 private function initRoleMapping() 1054 { 1055 include_once './Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php'; 1056 $this->role_mapping = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId($this->getServer()->getServerId()); 1057 } 1058 1059 /** 1060 * New implementation for InputForm 1061 * @return 1062 * @param object $a_as_select[optional] 1063 */ 1064 private function prepareGlobalRoleSelection($a_as_select = true) 1065 { 1066 global $DIC; 1067 1068 $rbacreview = $DIC['rbacreview']; 1069 $ilObjDataCache = $DIC['ilObjDataCache']; 1070 1071 $global_roles = ilUtil::_sortIds( 1072 $rbacreview->getGlobalRoles(), 1073 'object_data', 1074 'title', 1075 'obj_id' 1076 ); 1077 1078 $select[0] = $this->lng->txt('links_select_one'); 1079 foreach ($global_roles as $role_id) { 1080 $select[$role_id] = ilObject::_lookupTitle($role_id); 1081 } 1082 return $select; 1083 } 1084 1085 1086 /** 1087 * Used for old style table. 1088 * @deprecated 1089 * @return 1090 * @param object $a_as_select[optional] 1091 */ 1092 private function prepareRoleSelect($a_as_select = true) 1093 { 1094 global $DIC; 1095 1096 $rbacreview = $DIC['rbacreview']; 1097 $ilObjDataCache = $DIC['ilObjDataCache']; 1098 1099 include_once('./Services/LDAP/classes/class.ilLDAPAttributeMapping.php'); 1100 1101 $global_roles = ilUtil::_sortIds( 1102 $rbacreview->getGlobalRoles(), 1103 'object_data', 1104 'title', 1105 'obj_id' 1106 ); 1107 1108 $select[0] = $this->lng->txt('links_select_one'); 1109 foreach ($global_roles as $role_id) { 1110 $select[$role_id] = ilObject::_lookupTitle($role_id); 1111 } 1112 1113 if ($a_as_select) { 1114 return ilUtil::formSelect( 1115 ilLDAPAttributeMapping::_lookupGlobalRole($this->server->getServerId()), 1116 'global_role', 1117 $select, 1118 false, 1119 true 1120 ); 1121 } else { 1122 return $select; 1123 } 1124 } 1125 1126 1127 private function getMappingFields() 1128 { 1129 return array('gender' => $this->lng->txt('gender'), 1130 'firstname' => $this->lng->txt('firstname'), 1131 'lastname' => $this->lng->txt('lastname'), 1132 'title' => $this->lng->txt('person_title'), 1133 'institution' => $this->lng->txt('institution'), 1134 'department' => $this->lng->txt('department'), 1135 'street' => $this->lng->txt('street'), 1136 'city' => $this->lng->txt('city'), 1137 'zipcode' => $this->lng->txt('zipcode'), 1138 'country' => $this->lng->txt('country'), 1139 'phone_office' => $this->lng->txt('phone_office'), 1140 'phone_home' => $this->lng->txt('phone_home'), 1141 'phone_mobile' => $this->lng->txt('phone_mobile'), 1142 'fax' => $this->lng->txt('fax'), 1143 'email' => $this->lng->txt('email'), 1144 'hobby' => $this->lng->txt('hobby'), 1145 'matriculation' => $this->lng->txt('matriculation')); 1146 #'photo' => $this->lng->txt('photo')); 1147 } 1148 1149 private function initUserDefinedFields() 1150 { 1151 include_once("./Services/User/classes/class.ilUserDefinedFields.php"); 1152 $this->udf = ilUserDefinedFields::_getInstance(); 1153 } 1154 1155 private function prepareMappingSelect() 1156 { 1157 return ilUtil::formSelect($_POST['mapping_template'], 'mapping_template', array(0 => $this->lng->txt('ldap_mapping_template'), 1158 "inetOrgPerson" => 'inetOrgPerson', 1159 "organizationalPerson" => 'organizationalPerson', 1160 "person" => 'person', 1161 "ad_2003" => 'Active Directory (Win 2003)'), false, true); 1162 } 1163 1164 /** 1165 * Load info about hide/show details 1166 * 1167 * @access private 1168 * 1169 */ 1170 private function loadMappingDetails() 1171 { 1172 if (!isset($_SESSION['ldap_mapping_details'])) { 1173 $_SESSION['ldap_mapping_details'] = array(); 1174 } 1175 if (isset($_GET['details_show'])) { 1176 $_SESSION['ldap_mapping_details'][$_GET['details_show']] = $_GET['details_show']; 1177 } 1178 if (isset($_GET['details_hide'])) { 1179 unset($_SESSION['ldap_mapping_details'][$_GET['details_hide']]); 1180 } 1181 } 1182 1183 /** 1184 * Init form table for new role assignments 1185 * 1186 * @param string mode edit | create 1187 * @param object object of ilLDAPRoleAsssignmentRule 1188 * @access protected 1189 * 1190 */ 1191 protected function initFormRoleAssignments($a_mode) 1192 { 1193 include_once('Services/Form/classes/class.ilPropertyFormGUI.php'); 1194 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php'); 1195 1196 $this->form = new ilPropertyFormGUI(); 1197 $this->form->setFormAction($this->ctrl->getFormAction($this)); 1198 1199 switch ($a_mode) { 1200 case 'edit': 1201 $this->form->setTitle($this->lng->txt('ldap_edit_role_ass_rule')); 1202 $this->form->addCommandButton('updateRoleAssignment', $this->lng->txt('save')); 1203 //$this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel')); 1204 break; 1205 case 'create': 1206 $this->form->setTitle($this->lng->txt('ldap_add_role_ass_rule')); 1207 $this->form->addCommandButton('addRoleAssignment', $this->lng->txt('ldap_btn_add_role_ass')); 1208 //$this->form->addCommandButton('roleAssignments',$this->lng->txt('cancel')); 1209 break; 1210 } 1211 1212 // Role Selection 1213 $role = new ilRadioGroupInputGUI($this->lng->txt('ldap_ilias_role'), 'role_name'); 1214 $role->setRequired(true); 1215 1216 $global = new ilRadioOption($this->lng->txt('ldap_global_role'), 0); 1217 $role->addOption($global); 1218 1219 $role_select = new ilSelectInputGUI('', 'role_id'); 1220 $role_select->setOptions($this->prepareGlobalRoleSelection()); 1221 $global->addSubItem($role_select); 1222 1223 $local = new ilRadioOption($this->lng->txt('ldap_local_role'), 1); 1224 $role->addOption($local); 1225 1226 include_once './Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php'; 1227 $role_search = new ilRoleAutoCompleteInputGUI('', 'role_search', $this, 'addRoleAutoCompleteObject'); 1228 $role_search->setSize(40); 1229 $local->addSubItem($role_search); 1230 1231 $role->setInfo($this->lng->txt('ldap_role_name_info')); 1232 $this->form->addItem($role); 1233 1234 // Update options 1235 $update = new ilNonEditableValueGUI($this->lng->txt('ldap_update_roles'), 'update_roles'); 1236 $update->setValue($this->lng->txt('ldap_check_role_assignment')); 1237 1238 $add = new ilCheckboxInputGUI('', 'add_missing'); 1239 $add->setOptionTitle($this->lng->txt('ldap_add_missing')); 1240 $update->addSubItem($add); 1241 1242 $remove = new ilCheckboxInputGUI('', 'remove_deprecated'); 1243 $remove->setOptionTitle($this->lng->txt('ldap_remove_deprecated')); 1244 $update->addSubItem($remove); 1245 1246 $this->form->addItem($update); 1247 1248 1249 1250 // Assignment Type 1251 $group = new ilRadioGroupInputGUI($this->lng->txt('ldap_assignment_type'), 'type'); 1252 #$group->setValue($current_rule->getType()); 1253 $group->setRequired(true); 1254 1255 // Option by group 1256 $radio_group = new ilRadioOption($this->lng->txt('ldap_role_by_group'), ilLDAPRoleAssignmentRule::TYPE_GROUP); 1257 1258 $dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn'), 'dn'); 1259 #$dn->setValue($current_rule->getDN()); 1260 $dn->setSize(32); 1261 $dn->setMaxLength(512); 1262 $dn->setInfo($this->lng->txt('ldap_role_grp_dn_info')); 1263 $radio_group->addSubItem($dn); 1264 $at = new ilTextInputGUI($this->lng->txt('ldap_role_grp_at'), 'at'); 1265 #$at->setValue($current_rule->getMemberAttribute()); 1266 $at->setSize(16); 1267 $at->setMaxLength(128); 1268 $radio_group->addSubItem($at); 1269 $isdn = new ilCheckboxInputGUI($this->lng->txt('ldap_role_grp_isdn'), 'isdn'); 1270 #$isdn->setChecked($current_rule->isMemberAttributeDN()); 1271 $isdn->setInfo($this->lng->txt('ldap_group_member_info')); 1272 $radio_group->addSubItem($isdn); 1273 $radio_group->setInfo($this->lng->txt('ldap_role_grp_info')); 1274 1275 $group->addOption($radio_group); 1276 1277 // Option by Attribute 1278 $radio_attribute = new ilRadioOption($this->lng->txt('ldap_role_by_attribute'), ilLDAPRoleAssignmentRule::TYPE_ATTRIBUTE); 1279 $name = new ilTextInputGUI($this->lng->txt('ldap_role_at_name'), 'name'); 1280 #$name->setValue($current_rule->getAttributeName()); 1281 $name->setSize(32); 1282 $name->setMaxLength(128); 1283 #$name->setInfo($this->lng->txt('ldap_role_at_name_info')); 1284 $radio_attribute->addSubItem($name); 1285 1286 // Radio Attribute 1287 $val = new ilTextInputGUI($this->lng->txt('ldap_role_at_value'), 'value'); 1288 #$val->setValue($current_rule->getAttributeValue()); 1289 $val->setSize(32); 1290 $val->setMaxLength(128); 1291 #$val->setInfo($this->lng->txt('ldap_role_at_value_info')); 1292 $radio_attribute->addSubItem($val); 1293 $radio_attribute->setInfo($this->lng->txt('ldap_role_at_info')); 1294 1295 $group->addOption($radio_attribute); 1296 1297 // Option by Plugin 1298 $pl_active = (bool) $this->hasActiveRoleAssignmentPlugins(); 1299 $pl = new ilRadioOption($this->lng->txt('ldap_plugin'), 3); 1300 $pl->setInfo($this->lng->txt('ldap_plugin_info')); 1301 $pl->setDisabled(!$pl_active); 1302 1303 $id = new ilNumberInputGUI($this->lng->txt('ldap_plugin_id'), 'plugin_id'); 1304 $id->setDisabled(!$pl_active); 1305 $id->setSize(3); 1306 $id->setMaxLength(3); 1307 $id->setMaxValue(999); 1308 $id->setMinValue(1); 1309 $pl->addSubItem($id); 1310 1311 $group->addOption($pl); 1312 $this->form->addItem($group); 1313 } 1314 1315 /** 1316 * Check if the plugin is active 1317 * @return 1318 */ 1319 private function hasActiveRoleAssignmentPlugins() 1320 { 1321 global $DIC; 1322 1323 $ilPluginAdmin = $DIC['ilPluginAdmin']; 1324 1325 return count($ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, 'LDAP', 'ldaphk')) ? true : false; 1326 } 1327 1328 1329 /** 1330 * Add Member for autoComplete 1331 */ 1332 public function addRoleAutoCompleteObject() 1333 { 1334 include_once("./Services/Form/classes/class.ilRoleAutoCompleteInputGUI.php"); 1335 ilRoleAutoCompleteInputGUI::echoAutoCompleteList(); 1336 } 1337 1338 1339 1340 1341 /** 1342 * Create Toolbar 1343 * @global ilToolbarGUI $ilToolbar 1344 */ 1345 private function userMappingToolbar() 1346 { 1347 global $DIC; 1348 1349 $ilToolbar = $DIC['ilToolbar']; 1350 include_once("./Services/Form/classes/class.ilSelectInputGUI.php"); 1351 1352 $select_form = new ilSelectInputGUI("mapping_template"); 1353 $select_form->setPostVar("mapping_template"); 1354 $options = array( 1355 "" => $this->lng->txt('ldap_mapping_template'), 1356 "inetOrgPerson" => 'inetOrgPerson', 1357 "organizationalPerson" => 'organizationalPerson', 1358 "person" => 'person', 1359 "ad_2003" => 'Active Directory (Win 2003)'); 1360 $select_form->setOptions($options); 1361 $select_form->setValue($_POST['mapping_template']); 1362 1363 $ilToolbar->addInputItem($select_form); 1364 $ilToolbar->addFormButton($this->lng->txt('show'), "chooseMapping"); 1365 $ilToolbar->setFormAction($this->ctrl->getFormAction($this, "chooseMapping")); 1366 } 1367 1368 /** 1369 * Create Property Form GUI for User Mapping 1370 * @return \ilPropertyFormGUI 1371 */ 1372 private function initUserMappingForm() 1373 { 1374 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php"); 1375 $propertie_form = new ilPropertyFormGUI(); 1376 $propertie_form->setTitle($this->lng->txt('ldap_mapping_table')); 1377 $propertie_form->setFormAction($this->ctrl->getFormAction($this, 'saveMapping')); 1378 $propertie_form->addCommandButton('saveMapping', $this->lng->txt('save')); 1379 1380 foreach ($this->getMappingFields() as $mapping => $lang) { 1381 $text_form = new ilTextInputGUI($lang); 1382 $text_form->setPostVar($mapping . "_value"); 1383 $text_form->setValue($this->mapping->getValue($mapping)); 1384 $text_form->setSize(32); 1385 $text_form->setMaxLength(255); 1386 $propertie_form->addItem($text_form); 1387 1388 $checkbox_form = new ilCheckboxInputGUI(""); 1389 $checkbox_form->setPostVar($mapping . "_update"); 1390 $checkbox_form->setChecked($this->mapping->enabledUpdate($mapping)); 1391 $checkbox_form->setOptionTitle($this->lng->txt('ldap_update_field_info')); 1392 $propertie_form->addItem($checkbox_form); 1393 } 1394 1395 $this->initUserDefinedFields(); 1396 foreach ($this->udf->getDefinitions() as $definition) { 1397 $text_form = new ilTextInputGUI($definition['field_name']); 1398 $text_form->setPostVar('udf_' . $definition['field_id'] . '_value'); 1399 $text_form->setValue($this->mapping->getValue('udf_' . $definition['field_id'])); 1400 $text_form->setSize(32); 1401 $text_form->setMaxLength(255); 1402 $propertie_form->addItem($text_form); 1403 1404 $checkbox_form = new ilCheckboxInputGUI(""); 1405 $checkbox_form->setPostVar('udf_' . $definition['field_id'] . '_update'); 1406 $checkbox_form->setChecked($this->mapping->enabledUpdate('udf_' . $definition['field_id'])); 1407 $checkbox_form->setOptionTitle($this->lng->txt('ldap_update_field_info')); 1408 $propertie_form->addItem($checkbox_form); 1409 } 1410 1411 return $propertie_form; 1412 } 1413 1414 /** 1415 * Role Mapping Tab 1416 * @global ilToolbarGUI $ilToolbar 1417 */ 1418 public function roleMapping() 1419 { 1420 global $DIC; 1421 1422 $ilToolbar = $DIC['ilToolbar']; 1423 $this->setSubTabs(); 1424 $this->tabs_gui->setTabActive('role_mapping'); 1425 $ilToolbar->addButton( 1426 $this->lng->txt("ldap_new_role_assignment"), 1427 $this->ctrl->getLinkTarget($this, 'addRoleMapping') 1428 ); 1429 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php"); 1430 1431 //Set propertyform for synchronization settings 1432 include_once("./Services/Form/classes/class.ilCombinationInputGUI.php"); 1433 $propertie_form = new ilPropertyFormGUI(); 1434 $propertie_form->setTitle($this->lng->txt('ldap_role_settings')); 1435 $propertie_form->setFormAction($this->ctrl->getFormAction($this, "saveSyncronizationSettings")); 1436 $propertie_form->addCommandButton("saveSyncronizationSettings", $this->lng->txt('save')); 1437 $role_active = new ilCheckboxInputGUI($this->lng->txt('ldap_role_active')); 1438 $role_active->setPostVar('role_sync_active'); 1439 $role_active->setChecked($this->server->enabledRoleSynchronization() ? true : false); 1440 $propertie_form->addItem($role_active); 1441 $binding = new ilCombinationInputGUI($this->lng->txt('ldap_server_binding')); 1442 $binding->setInfo($this->lng->txt('ldap_role_bind_user_info')); 1443 $user = new ilTextInputGUI(""); 1444 $user->setPostVar("role_bind_user"); 1445 $user->setValue($this->server->getRoleBindDN()); 1446 $user->setSize(50); 1447 $user->setMaxLength(255); 1448 $binding->addCombinationItem(0, $user, $this->lng->txt('ldap_role_bind_user')); 1449 $pass = new ilPasswordInputGUI(""); 1450 $pass->setPostVar("role_bind_pass"); 1451 $pass->setValue($this->server->getRoleBindPassword()); 1452 $pass->setSize(12); 1453 $pass->setMaxLength(36); 1454 $pass->setRetype(false); 1455 $binding->addCombinationItem(1, $pass, $this->lng->txt('ldap_role_bind_pass')); 1456 $propertie_form->addItem($binding); 1457 1458 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_mappings.html', 'Services/LDAP'); 1459 $this->tpl->setVariable("NEW_ASSIGNMENT_TBL", $propertie_form->getHTML()); 1460 1461 //Set Group Assignments Table if mappings exist 1462 include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php'); 1463 $mapping_instance = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId($this->server->getServerId()); 1464 $mappings = $mapping_instance->getMappings(); 1465 if (count($mappings)) { 1466 include_once("./Services/LDAP/classes/class.ilLDAPRoleMappingTableGUI.php"); 1467 $table_gui = new ilLDAPRoleMappingTableGUI($this, $this->server->getServerId()); 1468 $table_gui->setTitle($this->lng->txt('ldap_role_group_assignments')); 1469 $table_gui->setData($mappings); 1470 $this->tpl->setVariable("RULES_TBL", $table_gui->getHTML()); 1471 } 1472 } 1473 1474 /** 1475 * Edit Assigments for role mapping 1476 */ 1477 public function editRoleMapping() 1478 { 1479 include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php'); 1480 $mapping = new ilLDAPRoleGroupMappingSetting($_GET["mapping_id"]); 1481 $mapping->read(); 1482 1483 $propertie_form = $this->initRoleMappingForm("updateRoleMapping"); 1484 $propertie_form->setTitle($this->lng->txt('ldap_edit_role_assignment')); 1485 $propertie_form->getItemByPostVar("url")->setValue($mapping->getURL()); 1486 $propertie_form->getItemByPostVar("dn")->setValue($mapping->getDN()); 1487 $propertie_form->getItemByPostVar("member")->setValue($mapping->getMemberAttribute()); 1488 $propertie_form->getItemByPostVar("memberisdn")->setChecked($mapping->getMemberISDN()); 1489 $propertie_form->getItemByPostVar("role")->setValue($mapping->getRoleName()); 1490 $propertie_form->getItemByPostVar("info")->setValue($mapping->getMappingInfo()); 1491 $propertie_form->getItemByPostVar("info_type")->setChecked($mapping->getMappingInfoType()); 1492 1493 $this->tpl->setContent($propertie_form->getHTML()); 1494 } 1495 1496 1497 1498 /** 1499 * Check add screen input and save to db 1500 * @global ilRbacReview $rbacreview 1501 */ 1502 public function createRoleMapping() 1503 { 1504 global $DIC; 1505 1506 $rbacreview = $DIC['rbacreview']; 1507 $propertie_form = $this->initRoleMappingForm("createRoleMapping"); 1508 1509 if ($propertie_form->checkInput() && $rbacreview->roleExists($propertie_form->getInput("role"))) { 1510 include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php'); 1511 $mapping = new ilLDAPRoleGroupMappingSetting(0); 1512 $mapping->setServerId($this->server->getServerId()); 1513 $mapping->setURL($propertie_form->getInput("url")); 1514 $mapping->setDN($propertie_form->getInput("dn")); 1515 $mapping->setMemberAttribute($propertie_form->getInput("member")); 1516 $mapping->setMemberISDN($propertie_form->getInput("memberisdn")); 1517 $mapping->setRoleByName($propertie_form->getInput("role")); 1518 $mapping->setMappingInfo($propertie_form->getInput("info")); 1519 $mapping->setMappingInfoType($propertie_form->getInput("info_type")); 1520 $mapping->save(); 1521 1522 ilUtil::sendSuccess($this->lng->txt('settings_saved'), true); 1523 $this->ctrl->redirect($this, "roleMapping"); 1524 } else { 1525 if (!$rbacreview->roleExists($propertie_form->getInput("role"))) { 1526 ilUtil::sendFailure($this->lng->txt("ldap_role_not_exists") . " " . 1527 $propertie_form->getInput("role")); 1528 } 1529 $propertie_form->setValuesByPost(); 1530 $this->tpl->setContent($propertie_form->getHTML()); 1531 } 1532 } 1533 1534 /** 1535 * confirm delete role mappings 1536 */ 1537 public function confirmDeleteRoleMapping() 1538 { 1539 if (!is_array($_POST['mappings'])) { 1540 ilUtil::sendFailure($this->lng->txt('select_one'), true); 1541 $this->ctrl->redirect($this, "roleMapping"); 1542 return false; 1543 } 1544 1545 include_once("Services/Utilities/classes/class.ilConfirmationGUI.php"); 1546 $c_gui = new ilConfirmationGUI(); 1547 1548 // set confirm/cancel commands 1549 $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteRoleMapping")); 1550 $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_role_ass")); 1551 $c_gui->setCancel($this->lng->txt("cancel"), "roleMapping"); 1552 $c_gui->setConfirm($this->lng->txt("confirm"), "deleteRoleMapping"); 1553 1554 foreach ($_POST['mappings'] as $id) { 1555 include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php'); 1556 $mapping = new ilLDAPRoleGroupMappingSetting($id); 1557 $mapping->read(); 1558 $txt = $this->lng->txt('obj_role') . ": " . $mapping->getRoleName() . ", "; 1559 $txt .= $this->lng->txt('ldap_group_dn') . ": " . $mapping->getDN() . ", "; 1560 $txt .= $this->lng->txt('ldap_server_short') . " " . $mapping->getURL() . ", "; 1561 $txt .= $this->lng->txt('ldap_group_member_short') . " " . $mapping->getMemberAttribute(); 1562 1563 $c_gui->addItem("mappings[]", $id, $txt); 1564 } 1565 $this->tpl->setContent($c_gui->getHTML()); 1566 } 1567 1568 public function addServerSettings() 1569 { 1570 $this->checkAccess("write"); 1571 1572 $this->ctrl->clearParameters($this); 1573 1574 $this->initForm(); 1575 return $this->tpl->setContent($this->form_gui->getHtml()); 1576 } 1577 1578 public function editServerSettings() 1579 { 1580 $this->checkAccess("write"); 1581 1582 $this->setSubTabs(); 1583 $this->tabs_gui->setTabActive('settings'); 1584 1585 $this->initForm(); 1586 $this->setServerFormValues(); 1587 return $this->tpl->setContent($this->form_gui->getHtml()); 1588 } 1589 1590 1591 /** 1592 * Confirm delete rules 1593 * 1594 * @access public 1595 * @param 1596 * 1597 */ 1598 public function confirmDeleteServerSettings() 1599 { 1600 $this->checkAccess("write"); 1601 1602 if (!isset($_GET["ldap_server_id"])) { 1603 ilUtil::sendFailure($this->lng->txt('select_one')); 1604 $this->serverList(); 1605 return false; 1606 } 1607 1608 include_once("Services/Utilities/classes/class.ilConfirmationGUI.php"); 1609 $c_gui = new ilConfirmationGUI(); 1610 1611 // set confirm/cancel commands 1612 $c_gui->setFormAction($this->ctrl->getFormAction($this, "deleteServerSettings")); 1613 $c_gui->setHeaderText($this->lng->txt("ldap_confirm_del_server_settings")); 1614 $c_gui->setCancel($this->lng->txt("cancel"), "serverList"); 1615 $c_gui->setConfirm($this->lng->txt("confirm"), "deleteServerSettings"); 1616 1617 // add items to delete 1618 include_once('Services/LDAP/classes/class.ilLDAPServer.php'); 1619 foreach ((array) $_GET["ldap_server_id"] as $server_id) { 1620 $setting = new ilLDAPServer($server_id); 1621 $c_gui->addItem('server_ids[]', $server_id, $setting->getName()); 1622 } 1623 $this->tpl->setContent($c_gui->getHTML()); 1624 } 1625 1626 /** 1627 * 1628 */ 1629 public function deleteServerSettings() 1630 { 1631 if (!is_array($_POST["server_ids"])) { 1632 ilUtil::sendFailure($this->lng->txt('select_one')); 1633 $this->serverList(); 1634 return false; 1635 } 1636 1637 foreach ((array) $_POST["server_ids"] as $server_id) { 1638 $setting = new ilLDAPServer($server_id); 1639 $setting->delete(); 1640 } 1641 ilUtil::sendSuccess($this->lng->txt('deleted')); 1642 1643 $this->serverList(); 1644 } 1645 1646 /** 1647 * Ldap User Mapping 1648 */ 1649 public function userMapping() 1650 { 1651 $this->initAttributeMapping(); 1652 1653 $this->setSubTabs(); 1654 $this->tabs_gui->setTabActive('user_mapping'); 1655 $this->userMappingToolbar(); 1656 1657 $propertie_form = $this->initUserMappingForm(); 1658 1659 $this->tpl->setContent($propertie_form->getHTML()); 1660 } 1661 1662 1663 1664 public function activateServer() 1665 { 1666 $this->checkAccess("write"); 1667 1668 $this->server->toggleActive(1); 1669 $this->server->update(); 1670 $this->serverList(); 1671 } 1672 1673 public function deactivateServer() 1674 { 1675 $this->checkAccess("write"); 1676 1677 $this->server->toggleActive(0); 1678 $this->server->update(); 1679 $this->serverList(); 1680 } 1681 1682 1683 1684 1685 /** 1686 * init propertyformgui for Assignment of LDAP Attributes to ILIAS User Profile 1687 * @param string $command command methode 1688 * @return \ilPropertyFormGUI 1689 */ 1690 private function initRoleMappingForm($command) 1691 { 1692 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php"); 1693 $this->setSubTabs(); 1694 $this->tabs_gui->setTabActive('role_mapping'); 1695 1696 if (isset($_GET["mapping_id"])) { 1697 $this->ctrl->setParameter($this, 'mapping_id', $_GET["mapping_id"]); 1698 } 1699 1700 $propertie_form = new ilPropertyFormGUI(); 1701 $propertie_form->setTitle($this->lng->txt('ldap_mapping_table')); 1702 $propertie_form->setFormAction($this->ctrl->getFormAction($this, $command)); 1703 $propertie_form->addCommandButton($command, $this->lng->txt('save')); 1704 $propertie_form->addCommandButton("roleMapping", $this->lng->txt('cancel')); 1705 1706 $url = new ilTextInputGUI($this->lng->txt('ldap_server')); 1707 $url->setPostVar("url"); 1708 $url->setSize(50); 1709 $url->setMaxLength(255); 1710 $url->setRequired(true); 1711 1712 $group_dn = new ilTextInputGUI($this->lng->txt('ldap_group_dn')); 1713 $group_dn->setPostVar("dn"); 1714 $group_dn->setSize(50); 1715 $group_dn->setMaxLength(255); 1716 $group_dn->setInfo($this->lng->txt('ldap_dn_info')); 1717 $group_dn->setRequired(true); 1718 1719 $member = new ilTextInputGUI($this->lng->txt('ldap_group_member')); 1720 $member->setPostVar("member"); 1721 $member->setSize(32); 1722 $member->setMaxLength(255); 1723 $member->setInfo($this->lng->txt('ldap_member_info')); 1724 $member->setRequired(true); 1725 1726 $member_isdn = new ilCheckboxInputGUI(""); 1727 $member_isdn->setPostVar("memberisdn"); 1728 $member_isdn->setOptionTitle($this->lng->txt('ldap_memberisdn')); 1729 1730 $role = new ilTextInputGUI($this->lng->txt('ldap_ilias_role')); 1731 $role->setPostVar("role"); 1732 $role->setSize(32); 1733 $role->setMaxLength(255); 1734 $role->setInfo($this->lng->txt('ldap_role_info')); 1735 $role->setRequired(true); 1736 1737 $info = new ilTextAreaInputGUI($this->lng->txt('ldap_info_text')); 1738 $info->setPostVar("info"); 1739 $info->setCols(50); 1740 $info->setRows(3); 1741 $info->setInfo($this->lng->txt('ldap_info_text_info')); 1742 1743 $info_type = new ilCheckboxInputGUI(""); 1744 $info_type->setPostVar("info_type"); 1745 $info_type->setOptionTitle($this->lng->txt('ldap_mapping_info_type')); 1746 1747 $propertie_form->addItem($url); 1748 $propertie_form->addItem($group_dn); 1749 $propertie_form->addItem($member); 1750 $propertie_form->addItem($member_isdn); 1751 $propertie_form->addItem($role); 1752 $propertie_form->addItem($info); 1753 $propertie_form->addItem($info_type); 1754 1755 return $propertie_form; 1756 } 1757 1758 1759 1760 /** 1761 * Add Assigments for role mapping 1762 */ 1763 public function addRoleMapping() 1764 { 1765 $propertie_form = $this->initRoleMappingForm("createRoleMapping"); 1766 $propertie_form->getItemByPostVar("url")->setValue($this->server->getUrl()); 1767 1768 if (isset($_GET["mapping_id"])) { 1769 include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php'); 1770 $mapping = new ilLDAPRoleGroupMappingSetting($_GET["mapping_id"]); 1771 $mapping->read(); 1772 1773 $propertie_form->getItemByPostVar("url")->setValue($mapping->getURL()); 1774 $propertie_form->getItemByPostVar("dn")->setValue($mapping->getDN()); 1775 $propertie_form->getItemByPostVar("member")->setValue($mapping->getMemberAttribute()); 1776 $propertie_form->getItemByPostVar("memberisdn")->setChecked($mapping->getMemberISDN()); 1777 $propertie_form->getItemByPostVar("role")->setValue($mapping->getRoleName()); 1778 $propertie_form->getItemByPostVar("info")->setValue($mapping->getMappingInfo()); 1779 $propertie_form->getItemByPostVar("info_type")->setChecked($mapping->getMappingInfoType()); 1780 } 1781 1782 $this->tpl->setContent($propertie_form->getHTML()); 1783 } 1784 1785 1786 /** 1787 * Check edit screen input and save to db 1788 * @global ilRbacReview $rbacreview 1789 */ 1790 public function updateRoleMapping() 1791 { 1792 global $DIC; 1793 1794 $rbacreview = $DIC['rbacreview']; 1795 $propertie_form = $this->initRoleMappingForm("updateRoleMapping"); 1796 1797 if ($propertie_form->checkInput() && $rbacreview->roleExists($propertie_form->getInput("role"))) { 1798 include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMappingSetting.php'); 1799 $mapping = new ilLDAPRoleGroupMappingSetting($_GET["mapping_id"]); 1800 $mapping->setServerId($this->server->getServerId()); 1801 $mapping->setURL($propertie_form->getInput("url")); 1802 $mapping->setDN($propertie_form->getInput("dn")); 1803 $mapping->setMemberAttribute($propertie_form->getInput("member")); 1804 $mapping->setMemberISDN($propertie_form->getInput("memberisdn")); 1805 $mapping->setRoleByName($propertie_form->getInput("role")); 1806 $mapping->setMappingInfo($propertie_form->getInput("info")); 1807 $mapping->setMappingInfoType($propertie_form->getInput("info_type")); 1808 $mapping->update(); 1809 1810 ilUtil::sendSuccess($this->lng->txt('settings_saved'), true); 1811 $this->ctrl->redirect($this, "roleMapping"); 1812 } else { 1813 if (!$rbacreview->roleExists($propertie_form->getInput("role"))) { 1814 ilUtil::sendFailure($this->lng->txt("ldap_role_not_exists") . " " . 1815 $propertie_form->getInput("role")); 1816 } 1817 $propertie_form->setValuesByPost(); 1818 $this->tpl->setContent($propertie_form->getHTML()); 1819 } 1820 } 1821 1822 /** 1823 * save Syncronization Settings on Role Mapping screen 1824 */ 1825 public function saveSyncronizationSettings() 1826 { 1827 $this->server->setRoleBindDN(ilUtil::stripSlashes($_POST['role_bind_user'])); 1828 $this->server->setRoleBindPassword(ilUtil::stripSlashes($_POST['role_bind_pass'])); 1829 $this->server->enableRoleSynchronization((int) $_POST['role_sync_active']); 1830 1831 // Update or create 1832 if ($this->server->getServerId()) { 1833 $this->server->update(); 1834 } 1835 ilUtil::sendSuccess($this->lng->txt('settings_saved'), true); 1836 $this->ctrl->redirect($this, "roleMapping"); 1837 } 1838} 1839