コード例 #1
0
 /**
  * Create new ILIAS account
  *
  * @access public
  * 
  * @param string external username
  */
 public function create($a_username)
 {
     $this->writer->xmlStartTag('Users');
     // Single users
     // Required fields
     // Create user
     $this->writer->xmlStartTag('User', array('Action' => 'Insert'));
     $this->writer->xmlElement('Login', array(), $new_name = ilAuthUtils::_generateLogin($a_username));
     // Assign to role only for new users
     $this->writer->xmlElement('Role', array('Id' => $this->rad_settings->getDefaultRole(), 'Type' => 'Global', 'Action' => 'Assign'), '');
     $this->writer->xmlElement('Active', array(), "true");
     $this->writer->xmlElement('TimeLimitOwner', array(), 7);
     $this->writer->xmlElement('TimeLimitUnlimited', array(), 1);
     $this->writer->xmlElement('TimeLimitFrom', array(), time());
     $this->writer->xmlElement('TimeLimitUntil', array(), time());
     $this->writer->xmlElement('AuthMode', array('type' => 'radius'), 'radius');
     $this->writer->xmlElement('ExternalAccount', array(), $a_username);
     $this->writer->xmlEndTag('User');
     $this->writer->xmlEndTag('Users');
     $this->log->write('Radius: Started creation of user: '******'./Services/User/classes/class.ilUserImportParser.php';
     $importParser = new ilUserImportParser();
     $importParser->setXMLContent($this->writer->xmlDumpMem(false));
     $importParser->setRoleAssignment(array($this->rad_settings->getDefaultRole() => $this->rad_settings->getDefaultRole()));
     $importParser->setFolderId(7);
     $importParser->startParsing();
     return $new_name;
 }
コード例 #2
0
 /**
  * Create new ILIAS account
  *
  * @access public
  * 
  * @param string external username
  */
 public function create($a_username, $a_userdata = array())
 {
     $a_userdata = $this->parseFullname($a_userdata);
     $this->writer->xmlStartTag('Users');
     // Single users
     // Required fields
     // Create user
     $this->writer->xmlStartTag('User', array('Action' => 'Insert'));
     $this->writer->xmlElement('Login', array(), $new_name = ilAuthUtils::_generateLogin($a_username));
     // Assign to role only for new users
     $this->writer->xmlElement('Role', array('Id' => $this->settings->getDefaultRole(), 'Type' => 'Global', 'Action' => 'Assign'), '');
     if (isset($a_userdata['email'])) {
         $this->writer->xmlElement('Email', array(), $a_userdata['email']);
     }
     if (isset($a_userdata['postcode'])) {
         $this->writer->xmlElement('PostalCode', array(), $a_userdata['postcode']);
     }
     if (isset($a_userdata['dob']) and $a_userdata['dob']) {
         $this->writer->xmlElement('Birthday', array(), $a_userdata['dob']);
     }
     if (isset($a_userdata['gender'])) {
         $this->writer->xmlElement('Gender', array(), strtolower($a_userdata['gender']));
     }
     if (isset($a_userdata['title'])) {
         $this->writer->xmlElement('Title', array(), $a_userdata['title']);
     }
     if (isset($a_userdata['firstname'])) {
         $this->writer->xmlElement('Firstname', array(), $a_userdata['firstname']);
     }
     if (isset($a_userdata['lastname'])) {
         $this->writer->xmlElement('Lastname', array(), $a_userdata['lastname']);
     }
     $this->writer->xmlElement('Active', array(), "true");
     $this->writer->xmlElement('TimeLimitOwner', array(), 7);
     $this->writer->xmlElement('TimeLimitUnlimited', array(), 1);
     $this->writer->xmlElement('TimeLimitFrom', array(), time());
     $this->writer->xmlElement('TimeLimitUntil', array(), time());
     $this->writer->xmlElement('AuthMode', array('type' => 'openid'), 'openid');
     $this->writer->xmlElement('ExternalAccount', array(), $a_username);
     $this->writer->xmlEndTag('User');
     $this->writer->xmlEndTag('Users');
     $this->log->write('OpenId: Started creation of user: '******'./Services/User/classes/class.ilUserImportParser.php';
     $importParser = new ilUserImportParser();
     $importParser->setXMLContent($this->writer->xmlDumpMem(false));
     $importParser->setRoleAssignment(array($this->settings->getDefaultRole() => $this->settings->getDefaultRole()));
     $importParser->setFolderId(7);
     $importParser->startParsing();
     // Assign timezone
     if (isset($a_userdata['timezone'])) {
         include_once './Services/Calendar/classes/class.ilCalendarUtil.php';
         $tzs = ilCalendarUtil::_getShortTimeZoneList();
         if (isset($tzs[$a_userdata['timezone']])) {
             $usr_id = ilObjUser::_lookupId($new_name);
             ilObjUser::_writePref($usr_id, 'user_tz', $a_userdata['timezone']);
         }
     }
     return $new_name;
 }
コード例 #3
0
 /**
  * import users
  */
 function importUsersObject()
 {
     global $rbacreview, $ilUser;
     // Blind out tabs for local user import
     if ($_GET["baseClass"] == 'ilRepositoryGUI') {
         $this->tabs_gui->clearTargets();
     }
     include_once './Services/AccessControl/classes/class.ilObjRole.php';
     include_once './Services/User/classes/class.ilUserImportParser.php';
     global $rbacreview, $rbacsystem, $tree, $lng;
     switch ($_POST["conflict_handling_choice"]) {
         case "update_on_conflict":
             $rule = IL_UPDATE_ON_CONFLICT;
             break;
         case "ignore_on_conflict":
         default:
             $rule = IL_IGNORE_ON_CONFLICT;
             break;
     }
     $importParser = new ilUserImportParser($_POST["xml_file"], IL_USER_IMPORT, $rule);
     $importParser->setFolderId($this->getUserOwnerId());
     $import_dir = $this->getImportDir();
     // Catch hack attempts
     // We check here again, if the role folders are in the tree, and if the
     // user has permission on the roles.
     if ($_POST["role_assign"]) {
         $global_roles = $rbacreview->getGlobalRoles();
         $roles_of_user = $rbacreview->assignedRoles($ilUser->getId());
         foreach ($_POST["role_assign"] as $role_id) {
             if ($role_id != "") {
                 if (in_array($role_id, $global_roles)) {
                     if (!in_array(SYSTEM_ROLE_ID, $roles_of_user)) {
                         if ($role_id == SYSTEM_ROLE_ID && !in_array(SYSTEM_ROLE_ID, $roles_of_user) || $this->object->getRefId() != USER_FOLDER_ID && !ilObjRole::_getAssignUsersStatus($role_id)) {
                             ilUtil::delDir($import_dir);
                             $this->ilias->raiseError($this->lng->txt("usrimport_with_specified_role_not_permitted"), $this->ilias->error_obj->MESSAGE);
                         }
                     }
                 } else {
                     $rolf = $rbacreview->getFoldersAssignedToRole($role_id, true);
                     if ($rbacreview->isDeleted($rolf[0]) || !$rbacsystem->checkAccess('write', $tree->getParentId($rolf[0]))) {
                         ilUtil::delDir($import_dir);
                         $this->ilias->raiseError($this->lng->txt("usrimport_with_specified_role_not_permitted"), $this->ilias->error_obj->MESSAGE);
                         return;
                     }
                 }
             }
         }
     }
     $importParser->setRoleAssignment($_POST["role_assign"]);
     $importParser->startParsing();
     // purge user import directory
     ilUtil::delDir($import_dir);
     switch ($importParser->getErrorLevel()) {
         case IL_IMPORT_SUCCESS:
             ilUtil::sendSuccess($this->lng->txt("user_imported"), true);
             break;
         case IL_IMPORT_WARNING:
             ilUtil::sendInfo($this->lng->txt("user_imported_with_warnings") . $importParser->getProtocolAsHTML($lng->txt("import_warning_log")), true);
             break;
         case IL_IMPORT_FAILURE:
             $this->ilias->raiseError($this->lng->txt("user_import_failed") . $importParser->getProtocolAsHTML($lng->txt("import_failure_log")), $this->ilias->error_obj->MESSAGE);
             break;
     }
     if (strtolower($_GET["baseClass"]) == "iladministrationgui") {
         $this->ctrl->redirect($this, "view");
         //ilUtil::redirect($this->ctrl->getLinkTarget($this));
     } else {
         $this->ctrl->redirectByClass('ilobjcategorygui', 'listUsers');
     }
 }
コード例 #4
0
 /**
  * Create/Update non existing users
  *
  * @access public
  * 
  */
 public function refresh()
 {
     global $rbacadmin;
     $this->usersToXML();
     include_once './Services/User/classes/class.ilUserImportParser.php';
     include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
     $importParser = new ilUserImportParser();
     $importParser->setXMLContent($this->writer->xmlDumpMem(false));
     $importParser->setRoleAssignment(ilLDAPRoleAssignmentRules::getAllPossibleRoles());
     $importParser->setFolderId(7);
     $importParser->startParsing();
     $debug = $importParser->getProtocol();
     #var_dump("<pre>",$this->writer->xmlDumpMem(),"</pre>");
     #print_r($this->writer->xmlDumpMem($format));
     return true;
 }
コード例 #5
0
 /**
  *
  * define ("IL_FAIL_ON_CONFLICT", 1);
  * define ("IL_UPDATE_ON_CONFLICT", 2);
  * define ("IL_IGNORE_ON_CONFLICT", 3);
  */
 function importUsers($sid, $folder_id, $usr_xml, $conflict_rule, $send_account_mail)
 {
     $this->initAuth($sid);
     $this->initIlias();
     if (!$this->__checkSession($sid)) {
         return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
     }
     include_once './Services/User/classes/class.ilUserImportParser.php';
     include_once './Services/AccessControl/classes/class.ilObjRole.php';
     include_once './Services/Object/classes/class.ilObjectFactory.php';
     global $rbacreview, $rbacsystem, $tree, $lng, $ilUser, $ilLog;
     // this takes time but is nescessary
     $error = false;
     // validate to prevent wrong XMLs
     $this->dom = @domxml_open_mem($usr_xml, DOMXML_LOAD_VALIDATING, $error);
     if ($error) {
         $msg = array();
         if (is_array($error)) {
             foreach ($error as $err) {
                 $msg[] = "(" . $err["line"] . "," . $err["col"] . "): " . $err["errormessage"];
             }
         } else {
             $msg[] = $error;
         }
         $msg = join("\n", $msg);
         return $this->__raiseError($msg, "Client");
     }
     switch ($conflict_rule) {
         case 2:
             $conflict_rule = IL_UPDATE_ON_CONFLICT;
             break;
         case 3:
             $conflict_rule = IL_IGNORE_ON_CONFLICT;
             break;
         default:
             $conflict_rule = IL_FAIL_ON_CONFLICT;
     }
     // folder id 0, means to check permission on user basis!
     // must have create user right in time_limit_owner property (which is ref_id of container)
     if ($folder_id != 0) {
         // determine where to import
         if ($folder_id == -1) {
             $folder_id = USER_FOLDER_ID;
         }
         // get folder
         $import_folder = ilObjectFactory::getInstanceByRefId($folder_id, false);
         // id does not exist
         if (!$import_folder) {
             return $this->__raiseError('Wrong reference id.', 'Server');
         }
         // folder is not a folder, can also be a category
         if ($import_folder->getType() != "usrf" && $import_folder->getType() != "cat") {
             return $this->__raiseError('Folder must be a usr folder or a category.', 'Server');
         }
         // check access to folder
         if (!$rbacsystem->checkAccess('create_usr', $folder_id)) {
             return $this->__raiseError('Missing permission for creating users within ' . $import_folder->getTitle(), 'Server');
         }
     }
     // first verify
     $importParser = new ilUserImportParser("", IL_VERIFY, $conflict_rule);
     $importParser->setUserMappingMode(IL_USER_MAPPING_ID);
     $importParser->setXMLContent($usr_xml);
     $importParser->startParsing();
     switch ($importParser->getErrorLevel()) {
         case IL_IMPORT_SUCCESS:
             break;
         case IL_IMPORT_WARNING:
             return $this->__getImportProtocolAsXML($importParser->getProtocol("User Import Log - Warning"));
             break;
         case IL_IMPORT_FAILURE:
             return $this->__getImportProtocolAsXML($importParser->getProtocol("User Import Log - Failure"));
     }
     // verify is ok, so get role assignments
     $importParser = new ilUserImportParser("", IL_EXTRACT_ROLES, $conflict_rule);
     $importParser->setXMLContent($usr_xml);
     $importParser->setUserMappingMode(IL_USER_MAPPING_ID);
     $importParser->startParsing();
     $roles = $importParser->getCollectedRoles();
     //print_r($roles);
     // roles to be assigned, skip if one is not allowed!
     $permitted_roles = array();
     foreach ($roles as $role_id => $role) {
         if (!is_numeric($role_id)) {
             // check if internal id
             $internalId = ilUtil::__extractId($role_id, IL_INST_ID);
             if (is_numeric($internalId)) {
                 $role_id = $internalId;
                 $role_name = $role_id;
             }
             /*				else // perhaps it is a rolename
             				{
             					$role  = ilSoapUserAdministration::__getRoleForRolename ($role_id);
             					$role_name = $role->title;
             					$role_id = $role->role_id;
             				}*/
         }
         if ($this->isPermittedRole($folder_id, $role_id)) {
             $permitted_roles[$role_id] = $role_id;
         } else {
             $role_name = ilObject::_lookupTitle($role_id);
             return $this->__raiseError("Could not find role " . $role_name . ". Either you use an invalid/deleted role " . "or you try to assign a local role into the non-standard user folder and this role is not in its subtree.", 'Server');
         }
     }
     $global_roles = $rbacreview->getGlobalRoles();
     //print_r ($global_roles);
     foreach ($permitted_roles as $role_id => $role_name) {
         if ($role_id != "") {
             if (in_array($role_id, $global_roles)) {
                 if ($role_id == SYSTEM_ROLE_ID && !in_array(SYSTEM_ROLE_ID, $rbacreview->assignedRoles($ilUser->getId())) || $folder_id != USER_FOLDER_ID && $folder_id != 0 && !ilObjRole::_getAssignUsersStatus($role_id)) {
                     return $this->__raiseError($lng->txt("usrimport_with_specified_role_not_permitted") . " {$role_name} ({$role_id})", 'Server');
                 }
             } else {
                 $rolf = $rbacreview->getFoldersAssignedToRole($role_id, true);
                 if ($rbacreview->isDeleted($rolf[0]) || !$rbacsystem->checkAccess('write', $tree->getParentId($rolf[0]))) {
                     return $this->__raiseError($lng->txt("usrimport_with_specified_role_not_permitted") . " {$role_name} ({$role_id})", "Server");
                 }
             }
         }
     }
     //print_r ($permitted_roles);
     $importParser = new ilUserImportParser("", IL_USER_IMPORT, $conflict_rule);
     $importParser->setSendMail($send_account_mail);
     $importParser->setUserMappingMode(IL_USER_MAPPING_ID);
     $importParser->setFolderId($folder_id);
     $importParser->setXMLContent($usr_xml);
     $importParser->setRoleAssignment($permitted_roles);
     $importParser->startParsing();
     if ($importParser->getErrorLevel() != IL_IMPORT_FAILURE) {
         return $this->__getUserMappingAsXML($importParser->getUserMapping());
     }
     return $this->__getImportProtocolAsXML($importParser->getProtocol());
 }