/**
* @static
* @param array $usr_ids
*/
public static function preloadUserObjects(array $usr_ids)
{
/**
* @var $ilDB ilDB
*/
global $ilDB;
$usr_ids_to_request = array_diff($usr_ids, self::$requested_usr_ids);
self::$requested_usr_ids = array_merge(self::$requested_usr_ids, $usr_ids_to_request);
self::$requested_usr_ids_key_map = array_flip(self::$requested_usr_ids);
if ($usr_ids_to_request) {
$in = $ilDB->in('ud.usr_id', $usr_ids_to_request, false, 'integer');
$query = "\n\t\t\t\tSELECT ud.usr_id, login, firstname, lastname, title, gender, pprof.value public_profile,pup.value public_upload, pupgen.value public_gender\n\t\t\t\tFROM usr_data ud\n\t\t\t\tLEFT JOIN usr_pref pprof ON pprof.usr_id = ud.usr_id AND pprof.keyword = %s\n\t\t\t\tLEFT JOIN usr_pref pupgen ON pupgen.usr_id = ud.usr_id AND pupgen.keyword = %s\n\t\t\t\tLEFT JOIN usr_pref pup ON pup.usr_id = ud.usr_id AND pup.keyword = %s\n\t\t\t\tWHERE {$in}\n\t\t\t";
$res = $ilDB->queryF($query, array('text', 'text', 'text'), array('public_profile', 'public_gender', 'public_upload'));
while ($row = $ilDB->fetchAssoc($res)) {
$user = new ilObjUser();
$user->setId($row['usr_id']);
$user->setLogin($row['login']);
$user->setGender($row['gender']);
$user->setTitle($row['title']);
$user->setFirstname($row['firstname']);
$user->setLastname($row['lastname']);
$user->setPref('public_profile', $row['public_profile']);
$user->setPref('public_upload', $row['public_upload']);
$user->setPref('public_gender', $row['public_gender']);
self::$user_instances[$row['usr_id']] = $user;
}
}
}
/**
*/
protected function initUserInstance()
{
if (is_numeric($this->display_id) && $this->display_id > 0) {
// Try to read user instance from preloaded cache array
$this->author = ilForumAuthorInformationCache::getUserObjectById($this->display_id);
if (!$this->author) {
// Get a user instance from forum module's cache method
$this->author = ilObjForumAccess::getCachedUserInstance($this->display_id);
}
}
if (!$this->author) {
$this->author = new ilObjUser();
$this->author->setId(0);
$this->author->setPref('public_profile', 'n');
$this->author->setGender('');
}
}
public static function _createRandomUserAccount($keyarray)
{
global $ilDB, $ilUser, $ilSetting, $rbacadmin;
if ($_SESSION['create_user_account'] != NULL) {
$obj_user = new ilObjUser($_SESSION['create_user_account']);
return $obj_user;
} else {
$userLogin = array();
$res = $ilDB->query('SELECT sequence FROM object_data_seq');
$row = $ilDB->fetchAssoc($res);
$temp_user_id = (int) $row['sequence'] + 1;
$userLogin['login'] = '******' . $temp_user_id;
$userLogin['passwd'] = ilUtil::generatePasswords(1);
require_once 'Services/User/classes/class.ilObjUser.php';
include_once "Services/Mail/classes/class.ilAccountMail.php";
$obj_user = new ilObjUser();
$obj_user->setId($temp_user_id);
$obj_user->setLogin($userLogin['login']);
$obj_user->setPasswd((string) $userLogin['passwd'][0], IL_PASSWD_PLAIN);
$_SESSION['tmp_user_account']['login'] = $userLogin['login'];
$_SESSION['tmp_user_account']['passwd'] = $userLogin['passwd'];
$obj_user->setFirstname($keyarray['first_name']);
$obj_user->setLastname($keyarray['last_name']);
$obj_user->setEmail($keyarray['payer_email']);
# $obj_user->setEmail('*****@*****.**');
$obj_user->setGender('f');
$obj_user->setLanguage($ilSetting->get("language"));
$obj_user->setActive(true);
$obj_user->setTimeLimitUnlimited(true);
$obj_user->setTitle($obj_user->getFullname());
$obj_user->setDescription($obj_user->getEmail());
$obj_user->setTimeLimitOwner(7);
$obj_user->setTimeLimitUnlimited(1);
$obj_user->setTimeLimitMessage(0);
$obj_user->setApproveDate(date("Y-m-d H:i:s"));
// Set default prefs
$obj_user->setPref('hits_per_page', $ilSetting->get('hits_per_page', 30));
$obj_user->setPref('show_users_online', $ilSetting->get('show_users_online', 'y'));
$obj_user->writePrefs();
// at the first login the user must complete profile
$obj_user->setProfileIncomplete(true);
$obj_user->create();
$obj_user->saveAsNew();
$user_role = ilObject::_exists(4, false);
if (!$user_role) {
include_once "./Services/AccessControl/classes/class.ilObjRole.php";
$reg_allowed = ilObjRole::_lookupRegisterAllowed();
$user_role = $reg_allowed[0]['id'];
} else {
$user_role = 4;
}
$rbacadmin->assignUser((int) $user_role, $obj_user->getId(), true);
include_once "Services/Mail/classes/class.ilMimeMail.php";
global $ilias, $lng;
$settings = $ilias->getAllSettings();
$mmail = new ilMimeMail();
$mmail->autoCheck(false);
$mmail->From($settings["admin_email"]);
$mmail->To($obj_user->getEmail());
// mail subject
$subject = $lng->txt("reg_mail_subject");
// mail body
$body = $lng->txt("reg_mail_body_salutation") . " " . $obj_user->getFullname() . ",\n\n" . $lng->txt("reg_mail_body_text1") . "\n\n" . $lng->txt("reg_mail_body_text2") . "\n" . ILIAS_HTTP_PATH . "/login.php?client_id=" . $ilias->client_id . "\n";
$body .= $lng->txt("login") . ": " . $obj_user->getLogin() . "\n";
$body .= $lng->txt("passwd") . ": " . $userLogin['passwd'][0] . "\n";
$body .= "\n";
$body .= $lng->txt("reg_mail_body_text3") . "\n\r";
$body .= $obj_user->getProfileAsString($lng);
$mmail->Subject($subject);
$mmail->Body($body);
$mmail->Send();
$_SESSION['create_user_account'] = $obj_user->getId();
return $obj_user;
}
}
private function fetchUserInformation($usr_ids)
{
global $ilDB;
$usr_id__IN__usrIds = $ilDB->in('usr_id', $usr_ids, false, 'integer');
$query = "\n\t\t\tSELECT usr_id, title, firstname, lastname FROM usr_data WHERE {$usr_id__IN__usrIds}\n\t\t";
$res = $ilDB->query($query);
$users = array();
while ($row = $ilDB->fetchAssoc($res)) {
$user = new ilObjUser();
$user->setId($row['usr_id']);
$user->setUTitle($row['title']);
$user->setFirstname($row['firstname']);
$user->setLastname($row['lastname']);
$user->setFullname();
if (!empty($this->filter['flt_participant_name'])) {
$name = strtolower($user->getFullName());
$filter = strtolower($this->filter['flt_participant_name']);
/* Simulate MySQL LIKE operator */
if (false === strstr($name, $filter)) {
/* User should be skipped. (Does not match filter) */
continue;
}
}
$users[$row['usr_id']] = $user;
}
return $users;
}
/**
* Login function
*
* @access private
* @return void
*/
function login()
{
global $ilias, $rbacadmin, $ilSetting;
if (!empty($_SERVER[$ilias->getSetting('shib_login')])) {
// Store user's Shibboleth sessionID for logout
$this->session['shibboleth_session_id'] = $_SERVER['Shib-Session-ID'];
// Get loginname of user, new login name is generated if user is new
$username = $this->generateLogin();
// Authorize this user
$this->setAuth($username);
$userObj = new ilObjUser();
// Check wether this account exists already, if not create it
if (!ilObjUser::getUserIdByLogin($username)) {
$newUser["firstname"] = $this->getFirstString($_SERVER[$ilias->getSetting('shib_firstname')]);
$newUser["lastname"] = $this->getFirstString($_SERVER[$ilias->getSetting('shib_lastname')]);
$newUser["login"] = $username;
// Password must be random to prevent users from manually log in using the login data from Shibboleth users
$newUser["passwd"] = md5(end(ilUtil::generatePasswords(1)));
$newUser["passwd_type"] = IL_PASSWD_MD5;
if ($ilias->getSetting('shib_update_gender') && ($_SERVER[$ilias->getSetting('shib_gender')] == 'm' || $_SERVER[$ilias->getSetting('shib_gender')] == 'f')) {
$newUser["gender"] = $_SERVER[$ilias->getSetting('shib_gender')];
}
// Save mapping between ILIAS user and Shibboleth uniqueID
$newUser["ext_account"] = $_SERVER[$ilias->getSetting('shib_login')];
// other data
$newUser["title"] = $_SERVER[$ilias->getSetting('shib_title')];
$newUser["institution"] = $_SERVER[$ilias->getSetting('shib_institution')];
$newUser["department"] = $_SERVER[$ilias->getSetting('shib_department')];
$newUser["street"] = $_SERVER[$ilias->getSetting('shib_street')];
$newUser["city"] = $_SERVER[$ilias->getSetting('shib_city')];
$newUser["zipcode"] = $_SERVER[$ilias->getSetting('shib_zipcode')];
$newUser["country"] = $_SERVER[$ilias->getSetting('shib_country')];
$newUser["phone_office"] = $this->getFirstString($_SERVER[$ilias->getSetting('shib_phone_office')]);
$newUser["phone_home"] = $this->getFirstString($_SERVER[$ilias->getSetting('shib_phone_home')]);
$newUser["phone_mobile"] = $this->getFirstString($_SERVER[$ilias->getSetting('shib_phone_mobile')]);
$newUser["fax"] = $this->getFirstString($_SERVER[$ilias->getSetting('shib_fax')]);
$newUser["matriculation"] = $_SERVER[$ilias->getSetting('shib_matriculation')];
$newUser["email"] = $this->getFirstString($_SERVER[$ilias->getSetting('shib_email')]);
$newUser["hobby"] = $_SERVER[$ilias->getSetting('shib_hobby')];
$newUser["auth_mode"] = "shibboleth";
// system data
$userObj->assignData($newUser);
$userObj->setTitle($userObj->getFullname());
$userObj->setDescription($userObj->getEmail());
$userObj->setLanguage($this->getFirstString($_SERVER[$ilias->getSetting('shib_language')]));
// Time limit
$userObj->setTimeLimitOwner(7);
$userObj->setTimeLimitUnlimited(1);
$userObj->setTimeLimitFrom(time());
$userObj->setTimeLimitUntil(time());
// Modify user data before creating the user
// Include custom code that can be used to further modify
// certain Shibboleth user attributes
if ($ilias->getSetting('shib_data_conv') && $ilias->getSetting('shib_data_conv') != '' && is_readable($ilias->getSetting('shib_data_conv'))) {
include $ilias->getSetting('shib_data_conv');
}
// Create use in DB
$userObj->create();
$userObj->setActive(1);
$userObj->updateOwner();
//insert user data in table user_data
$userObj->saveAsNew();
// store acceptance of user agreement
//$userObj->writeAccepted();
// Default prefs
$userObj->setPref('hits_per_page', $ilSetting->get('hits_per_page', 30));
$userObj->setPref('show_users_online', $ilSetting->get('show_users_online', 'y'));
// setup user preferences
$userObj->writePrefs();
//set role entries
#$rbacadmin->assignUser($ilias->getSetting('shib_user_default_role'), $userObj->getId(),true);
// New role assignment
include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php';
ilShibbolethRoleAssignmentRules::doAssignments($userObj->getId(), $_SERVER);
// Authorize this user
$this->setAuth($userObj->getLogin());
} else {
// Update user account
$uid = $userObj->checkUserId();
$userObj->setId($uid);
$userObj->read($uid);
if ($ilias->getSetting('shib_update_gender') && ($_SERVER[$ilias->getSetting('shib_gender')] == 'm' || $_SERVER[$ilias->getSetting('shib_gender')] == 'f')) {
$userObj->setGender($_SERVER[$ilias->getSetting('shib_gender')]);
}
if ($ilias->getSetting('shib_update_title')) {
$userObj->setTitle($_SERVER[$ilias->getSetting('shib_title')]);
}
$userObj->setFirstname($this->getFirstString($_SERVER[$ilias->getSetting('shib_firstname')]));
$userObj->setLastname($this->getFirstString($_SERVER[$ilias->getSetting('shib_lastname')]));
$userObj->setFullname();
if ($ilias->getSetting('shib_update_institution')) {
$userObj->setInstitution($_SERVER[$ilias->getSetting('shib_institution')]);
}
if ($ilias->getSetting('shib_update_department')) {
$userObj->setDepartment($_SERVER[$ilias->getSetting('shib_department')]);
}
if ($ilias->getSetting('shib_update_street')) {
$userObj->setStreet($_SERVER[$ilias->getSetting('shib_street')]);
}
if ($ilias->getSetting('shib_update_city')) {
$userObj->setCity($_SERVER[$ilias->getSetting('shib_city')]);
}
if ($ilias->getSetting('shib_update_zipcode')) {
$userObj->setZipcode($_SERVER[$ilias->getSetting('shib_zipcode')]);
}
if ($ilias->getSetting('shib_update_country')) {
$userObj->setCountry($_SERVER[$ilias->getSetting('shib_country')]);
}
if ($ilias->getSetting('shib_update_phone_office')) {
$userObj->setPhoneOffice($this->getFirstString($_SERVER[$ilias->getSetting('shib_phone_office')]));
}
if ($ilias->getSetting('shib_update_phone_home')) {
$userObj->setPhoneHome($this->getFirstString($_SERVER[$ilias->getSetting('shib_phone_home')]));
}
if ($ilias->getSetting('shib_update_phone_mobile')) {
$userObj->setPhoneMobile($this->getFirstString($_SERVER[$ilias->getSetting('shib_phone_mobile')]));
}
if ($ilias->getSetting('shib_update_fax')) {
$userObj->setFax($_SERVER[$ilias->getSetting('shib_fax')]);
}
if ($ilias->getSetting('shib_update_matriculation')) {
$userObj->setMatriculation($_SERVER[$ilias->getSetting('shib_matriculation')]);
}
if ($ilias->getSetting('shib_update_email')) {
$userObj->setEmail($this->getFirstString($_SERVER[$ilias->getSetting('shib_email')]));
}
if ($ilias->getSetting('shib_update_hobby')) {
$userObj->setHobby($_SERVER[$ilias->getSetting('shib_hobby')]);
}
if ($ilias->getSetting('shib_update_language')) {
$userObj->setLanguage($_SERVER[$ilias->getSetting('shib_language')]);
}
// Include custom code that can be used to further modify
// certain Shibboleth user attributes
if ($ilias->getSetting('shib_data_conv') && $ilias->getSetting('shib_data_conv') != '' && is_readable($ilias->getSetting('shib_data_conv'))) {
include $ilias->getSetting('shib_data_conv');
}
$userObj->update();
// Update role assignments
include_once './Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php';
ilShibbolethRoleAssignmentRules::updateAssignments($userObj->getId(), $_SERVER);
}
// we are authenticated: redirect, if possible
if ($_GET["target"] != "") {
ilUtil::redirect("goto.php?target=" . $_GET["target"] . "&client_id=" . CLIENT_ID);
}
} else {
// This should never occur unless Shibboleth is not configured properly
$this->status = AUTH_WRONG_LOGIN;
}
}
