/**
  * Role Mapping Tab
  * @global ilToolbarGUI $ilToolbar 
  */
 public function roleMapping()
 {
     global $ilToolbar;
     $this->setSubTabs();
     $this->tabs_gui->setSubTabActive('ldap_role_mapping');
     $ilToolbar->addButton($this->lng->txt("ldap_new_role_assignment"), $this->ctrl->getLinkTarget($this, 'addRoleMapping'));
     include_once "./Services/Form/classes/class.ilPropertyFormGUI.php";
     //Set propertyform for synchronization settings
     include_once "./Services/Form/classes/class.ilCombinationInputGUI.php";
     $propertie_form = new ilPropertyFormGUI();
     $propertie_form->setTitle($this->lng->txt('ldap_role_settings'));
     $propertie_form->setFormAction($this->ctrl->getFormAction($this, "saveSyncronizationSettings"));
     $propertie_form->addCommandButton("saveSyncronizationSettings", $this->lng->txt('save'));
     $role_active = new ilCheckboxInputGUI($this->lng->txt('ldap_role_active'));
     $role_active->setPostVar('role_sync_active');
     $role_active->setChecked($this->server->enabledRoleSynchronization() ? true : false);
     $propertie_form->addItem($role_active);
     $binding = new ilCombinationInputGUI($this->lng->txt('ldap_server_binding'));
     $binding->setInfo($this->lng->txt('ldap_role_bind_user_info'));
     $user = new ilTextInputGUI("");
     $user->setPostVar("role_bind_user");
     $user->setValue($this->server->getRoleBindDN());
     $user->setSize(50);
     $user->setMaxLength(255);
     $binding->addCombinationItem(0, $user, $this->lng->txt('ldap_role_bind_user'));
     $pass = new ilPasswordInputGUI("");
     $pass->setPostVar("role_bind_pass");
     $pass->setValue($this->server->getRoleBindPassword());
     $pass->setSize(12);
     $pass->setMaxLength(36);
     $pass->setRetype(false);
     $binding->addCombinationItem(1, $pass, $this->lng->txt('ldap_role_bind_pass'));
     $propertie_form->addItem($binding);
     $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.ldap_role_mappings.html', 'Services/LDAP');
     $this->tpl->setVariable("NEW_ASSIGNMENT_TBL", $propertie_form->getHTML());
     //Set Group Assignments Table if mappings exist
     include_once 'Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
     $mapping_instance = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId($this->server->getServerId());
     $mappings = $mapping_instance->getMappings();
     if (count($mappings)) {
         include_once "./Services/LDAP/classes/class.ilLDAPRoleMappingTableGUI.php";
         $table_gui = new ilLDAPRoleMappingTableGUI($this, $this->server->getServerId(), "roleMapping");
         $table_gui->setTitle($this->lng->txt('ldap_role_group_assignments'));
         $table_gui->setData($mappings);
         $this->tpl->setVariable("RULES_TBL", $table_gui->getHTML());
     }
 }
示例#2
0
 /**
  * delete role and all related data
  *
  * @access	public
  * @return	boolean	true if all object data were removed; false if only a references were removed
  */
 function delete()
 {
     global $rbacadmin, $rbacreview, $ilDB;
     $role_folders = $rbacreview->getFoldersAssignedToRole($this->getId());
     // Temporary bugfix
     if ($rbacreview->hasMultipleAssignments($this->getId())) {
         $GLOBALS['ilLog']->write(__METHOD__ . ': Found role with multiple assignments: ' . $this->getId());
         return false;
     }
     if ($rbacreview->isAssignable($this->getId(), $this->getParent())) {
         // do not delete a global role, if the role is the last
         // role a user is assigned to.
         //
         // Performance improvement: In the code section below, we
         // only need to consider _global_ roles. We don't need
         // to check for _local_ roles, because a user who has
         // a local role _always_ has a global role too.
         $last_role_user_ids = array();
         if ($this->getParent() == ROLE_FOLDER_ID) {
             // The role is a global role: check if
             // we find users who aren't assigned to any
             // other global role than this one.
             $user_ids = $rbacreview->assignedUsers($this->getId());
             foreach ($user_ids as $user_id) {
                 // get all roles each user has
                 $role_ids = $rbacreview->assignedRoles($user_id);
                 // is last role?
                 if (count($role_ids) == 1) {
                     $last_role_user_ids[] = $user_id;
                 }
             }
         }
         // users with last role found?
         if (count($last_role_user_ids) > 0) {
             foreach ($last_role_user_ids as $user_id) {
                 //echo "<br>last role for user id:".$user_id.":";
                 // GET OBJECT TITLE
                 $tmp_obj = $this->ilias->obj_factory->getInstanceByObjId($user_id);
                 $user_names[] = $tmp_obj->getFullname();
                 unset($tmp_obj);
             }
             // TODO: This check must be done in rolefolder object because if multiple
             // roles were selected the other roles are still deleted and the system does not
             // give any feedback about this.
             $users = implode(', ', $user_names);
             $this->ilias->raiseError($this->lng->txt("msg_user_last_role1") . " " . $users . "<br/>" . $this->lng->txt("msg_user_last_role2"), $this->ilias->error_obj->WARNING);
         } else {
             // IT'S A BASE ROLE
             $rbacadmin->deleteRole($this->getId(), $this->getParent());
             // Delete ldap role group mappings
             include_once './Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
             ilLDAPRoleGroupMappingSettings::_deleteByRole($this->getId());
             // delete object_data entry
             parent::delete();
             // delete role_data entry
             $query = "DELETE FROM role_data WHERE role_id = " . $ilDB->quote($this->getId(), 'integer');
             $res = $ilDB->manipulate($query);
             include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
             $role_desk_item_obj = new ilRoleDesktopItem($this->getId());
             $role_desk_item_obj->deleteAll();
         }
     } else {
         // linked local role: INHERITANCE WAS STOPPED, SO DELETE ONLY THIS LOCAL ROLE
         $rbacadmin->deleteLocalRole($this->getId(), $this->getParent());
     }
     //  purge empty rolefolders
     //
     // Performance improvement: We filter out all role folders
     // which still contain roles, _before_ we attempt to purge them.
     // This is faster than attempting to purge all role folders,
     // and let function purge() of the role folder find out, if
     // purging is possible.
     $non_empty_role_folders = $rbacreview->filterEmptyRoleFolders($role_folders);
     $role_folders = array_diff($role_folders, $non_empty_role_folders);
     // Attempt to purge the role folders
     foreach ($role_folders as $rolf) {
         if (ilObject::_exists($rolf, true)) {
             $rolfObj = $this->ilias->obj_factory->getInstanceByRefId($rolf);
             $rolfObj->purge();
             unset($rolfObj);
         }
     }
     return true;
 }
 private function initRoleMapping()
 {
     include_once './Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
     $this->role_mapping = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId((int) $_GET['ldap_server_id']);
 }
 /**
  * Check if there is any active server with 
  *
  * @access private
  * @param
  * 
  */
 private function initServers()
 {
     $server_ids = ilLDAPServer::_getRoleSyncServerIds();
     if (!count($server_ids)) {
         return false;
     }
     // Init servers
     include_once 'Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
     $this->active_servers = true;
     $this->mappings = array();
     foreach ($server_ids as $server_id) {
         $this->servers[$server_id] = new ilLDAPServer($server_id);
         $this->mappings = ilLDAPRoleGroupMappingSettings::_getAllActiveMappings();
     }
     $this->mapping_info = array();
     $this->mapping_info_strict = array();
     foreach ($this->mappings as $mapping) {
         foreach ($mapping as $key => $data) {
             if (strlen($data['info']) and $data['object_id']) {
                 $this->mapping_info[$data['object_id']][] = $data['info'];
             }
             if (strlen($data['info']) && $data['info_type'] == ilLDAPRoleGroupMappingSettings::MAPPING_INFO_ALL) {
                 $this->mapping_info_strict[$data['object_id']][] = $data['info'];
             }
         }
     }
     $this->users = ilObjUser::_getExternalAccountsByAuthMode('ldap', true);
     return true;
 }
 /**
  * get items from db 
  */
 function getItems()
 {
     include_once 'Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
     $mapping_instance = ilLDAPRoleGroupMappingSettings::_getInstanceByServerId($this->server_id);
     $this->setData($mapping_instance->getMappings());
 }