/**
* Check if an update is required
* @return
* @param string $a_username
*/
protected function updateRequired($a_username)
{
if (!ilObjUser::_checkExternalAuthAccount("apache", $a_username)) {
return true;
}
// Check attribute mapping on login
include_once './Services/LDAP/classes/class.ilLDAPAttributeMapping.php';
if (ilLDAPAttributeMapping::hasRulesForUpdate($this->server->getServerId())) {
#$GLOBALS['ilLog']->write(__METHOD__.': Required 2');
return true;
}
include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
if (ilLDAPRoleAssignmentRule::hasRulesForUpdate()) {
#$GLOBALS['ilLog']->write(__METHOD__.': Required 3');
return true;
}
return false;
}
/**
* Check if an update is required
* @return bool
*/
protected function isUpdateRequired()
{
if (!$this->getInternalAccount()) {
return true;
}
// Check attribute mapping on login
include_once './Services/LDAP/classes/class.ilLDAPAttributeMapping.php';
if (ilLDAPAttributeMapping::hasRulesForUpdate($this->getServer()->getServerId())) {
return true;
}
// Check if there is any change in role assignments
include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
if (ilLDAPRoleAssignmentRule::hasRulesForUpdate()) {
return true;
}
return false;
}
/**
* Load input from form
* @return
* @param object $a_rule_id
*/
protected function loadRoleAssignmentRule($a_rule_id, $a_from_form = true)
{
if (is_object($this->rule)) {
return true;
}
include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
$this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id);
if ($a_from_form) {
if ($this->form->getInput('role_name') == 0) {
$this->rule->setRoleId($this->form->getInput('role_id'));
} elseif ($this->form->getInput('role_search')) {
// Search role
include_once './Services/Search/classes/class.ilQueryParser.php';
$parser = new ilQueryParser($this->form->getInput('role_search'));
// TODO: Handle minWordLength
$parser->setMinWordLength(1, true);
$parser->setCombination(QP_COMBINATION_AND);
$parser->parse();
include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php';
$object_search = new ilLikeObjectSearch($parser);
$object_search->setFilter(array('role'));
$res = $object_search->performSearch();
$entries = $res->getEntries();
if (count($entries) == 1) {
$role = current($entries);
$this->rule->setRoleId($role['obj_id']);
} elseif (count($entries) > 1) {
$this->rule->setRoleId(-1);
}
}
$this->rule->setAttributeName($this->form->getInput('name'));
$this->rule->setAttributeValue($this->form->getInput('value'));
$this->rule->setDN($this->form->getInput('dn'));
$this->rule->setMemberAttribute($this->form->getInput('at'));
$this->rule->setMemberIsDN($this->form->getInput('isdn'));
$this->rule->enableAddOnUpdate($this->form->getInput('add_missing'));
$this->rule->enableRemoveOnUpdate($this->form->getInput('remove_deprecated'));
$this->rule->setPluginId($this->form->getInput('plugin_id'));
$this->rule->setType($this->form->getInput('type'));
return true;
}
// LOAD from session
$this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id);
$this->rule->setServerId(0);
$this->rule->enableAddOnUpdate((int) $_SESSION['ldap_role_ass']['add_missing']);
$this->rule->enableRemoveOnUpdate((int) $_SESSION['ldap_role_ass']['remove_deprecated']);
$this->rule->setType(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['type']));
$this->rule->setDN(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['dn']));
$this->rule->setMemberAttribute(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['at']));
$this->rule->setMemberIsDN(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['isdn']));
$this->rule->setAttributeName(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['name']));
$this->rule->setAttributeValue(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['value']));
$this->rule->setPluginId(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['plugin_id']));
return true;
}
/**
*
* @return array role data
* @param object $a_usr_id
* @param object $a_usr_data
*
* @access public
* @static
*/
public static function getAssignmentsForCreation($a_usr_name, $a_usr_data)
{
global $ilDB, $ilLog;
$query = "SELECT rule_id FROM ldap_role_assignments ";
$res = $ilDB->query($query);
$num_matches = 0;
$roles = array();
while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT)) {
include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
$rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($row->rule_id);
if ($rule->matches($a_usr_data)) {
$num_matches++;
$ilLog->write(__METHOD__ . ': Assigned to role: ' . $a_usr_name . ' => ' . ilObject::_lookupTitle($rule->getRoleId()));
$roles[] = self::parseRole($rule->getRoleId(), self::ROLE_ACTION_ASSIGN);
}
}
// DONE: check for global role
$found_global = false;
foreach ($roles as $role_data) {
if ($role_data['type'] == 'Global') {
$found_global = true;
break;
}
}
if (!$found_global) {
$ilLog->write(__METHOD__ . ': No matching rule found. Assigning to default role.');
$roles[] = self::parseRole(self::getDefaultRole(), self::ROLE_ACTION_ASSIGN);
}
return $roles ? $roles : array();
}
