/** * Check if an update is required * @return * @param string $a_username */ protected function updateRequired($a_username) { if (!ilObjUser::_checkExternalAuthAccount("apache", $a_username)) { return true; } // Check attribute mapping on login include_once './Services/LDAP/classes/class.ilLDAPAttributeMapping.php'; if (ilLDAPAttributeMapping::hasRulesForUpdate($this->server->getServerId())) { #$GLOBALS['ilLog']->write(__METHOD__.': Required 2'); return true; } include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php'; if (ilLDAPRoleAssignmentRule::hasRulesForUpdate()) { #$GLOBALS['ilLog']->write(__METHOD__.': Required 3'); return true; } return false; }
/** * Check if an update is required * @return bool */ protected function isUpdateRequired() { if (!$this->getInternalAccount()) { return true; } // Check attribute mapping on login include_once './Services/LDAP/classes/class.ilLDAPAttributeMapping.php'; if (ilLDAPAttributeMapping::hasRulesForUpdate($this->getServer()->getServerId())) { return true; } // Check if there is any change in role assignments include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php'; if (ilLDAPRoleAssignmentRule::hasRulesForUpdate()) { return true; } return false; }
/** * Load input from form * @return * @param object $a_rule_id */ protected function loadRoleAssignmentRule($a_rule_id, $a_from_form = true) { if (is_object($this->rule)) { return true; } include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php'; $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id); if ($a_from_form) { if ($this->form->getInput('role_name') == 0) { $this->rule->setRoleId($this->form->getInput('role_id')); } elseif ($this->form->getInput('role_search')) { // Search role include_once './Services/Search/classes/class.ilQueryParser.php'; $parser = new ilQueryParser($this->form->getInput('role_search')); // TODO: Handle minWordLength $parser->setMinWordLength(1, true); $parser->setCombination(QP_COMBINATION_AND); $parser->parse(); include_once 'Services/Search/classes/Like/class.ilLikeObjectSearch.php'; $object_search = new ilLikeObjectSearch($parser); $object_search->setFilter(array('role')); $res = $object_search->performSearch(); $entries = $res->getEntries(); if (count($entries) == 1) { $role = current($entries); $this->rule->setRoleId($role['obj_id']); } elseif (count($entries) > 1) { $this->rule->setRoleId(-1); } } $this->rule->setAttributeName($this->form->getInput('name')); $this->rule->setAttributeValue($this->form->getInput('value')); $this->rule->setDN($this->form->getInput('dn')); $this->rule->setMemberAttribute($this->form->getInput('at')); $this->rule->setMemberIsDN($this->form->getInput('isdn')); $this->rule->enableAddOnUpdate($this->form->getInput('add_missing')); $this->rule->enableRemoveOnUpdate($this->form->getInput('remove_deprecated')); $this->rule->setPluginId($this->form->getInput('plugin_id')); $this->rule->setType($this->form->getInput('type')); return true; } // LOAD from session $this->rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($a_rule_id); $this->rule->setServerId(0); $this->rule->enableAddOnUpdate((int) $_SESSION['ldap_role_ass']['add_missing']); $this->rule->enableRemoveOnUpdate((int) $_SESSION['ldap_role_ass']['remove_deprecated']); $this->rule->setType(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['type'])); $this->rule->setDN(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['dn'])); $this->rule->setMemberAttribute(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['at'])); $this->rule->setMemberIsDN(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['isdn'])); $this->rule->setAttributeName(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['name'])); $this->rule->setAttributeValue(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['value'])); $this->rule->setPluginId(ilUtil::stripSlashes($_SESSION['ldap_role_ass']['plugin_id'])); return true; }
/** * * @return array role data * @param object $a_usr_id * @param object $a_usr_data * * @access public * @static */ public static function getAssignmentsForCreation($a_usr_name, $a_usr_data) { global $ilDB, $ilLog; $query = "SELECT rule_id FROM ldap_role_assignments "; $res = $ilDB->query($query); $num_matches = 0; $roles = array(); while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT)) { include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php'; $rule = ilLDAPRoleAssignmentRule::_getInstanceByRuleId($row->rule_id); if ($rule->matches($a_usr_data)) { $num_matches++; $ilLog->write(__METHOD__ . ': Assigned to role: ' . $a_usr_name . ' => ' . ilObject::_lookupTitle($rule->getRoleId())); $roles[] = self::parseRole($rule->getRoleId(), self::ROLE_ACTION_ASSIGN); } } // DONE: check for global role $found_global = false; foreach ($roles as $role_data) { if ($role_data['type'] == 'Global') { $found_global = true; break; } } if (!$found_global) { $ilLog->write(__METHOD__ . ': No matching rule found. Assigning to default role.'); $roles[] = self::parseRole(self::getDefaultRole(), self::ROLE_ACTION_ASSIGN); } return $roles ? $roles : array(); }