Skip to content
Snippets Groups Projects
Commit 7cbba1ec authored by Arne Schröder, M. A.'s avatar Arne Schröder, M. A. Committed by Rasmus Fuhse
Browse files

Resolve "Accountmanagement für verknüpfte ILIAS-Accounts in Stud.IP"

Closes #4263

Merge request studip/studip!3368
parent 147a30d2
No related branches found
No related tags found
No related merge requests found
...@@ -129,6 +129,7 @@ class Admin_IliasInterfaceController extends AuthenticatedController ...@@ -129,6 +129,7 @@ class Admin_IliasInterfaceController extends AuthenticatedController
'url' => _('https://<URL zur ILIAS-Installation>'), 'url' => _('https://<URL zur ILIAS-Installation>'),
'client' => '', 'client' => '',
'ldap_enable' => '', 'ldap_enable' => '',
'reconnect_accounts' => false,
'no_account_updates' => false, 'no_account_updates' => false,
'admin' => 'ilias_soap_admin', 'admin' => 'ilias_soap_admin',
'admin_pw' => '', 'admin_pw' => '',
...@@ -351,6 +352,7 @@ class Admin_IliasInterfaceController extends AuthenticatedController ...@@ -351,6 +352,7 @@ class Admin_IliasInterfaceController extends AuthenticatedController
$this->ilias_configs[$index]['course_veranstaltungsnummer'] = Request::get('ilias_course_veranstaltungsnummer'); $this->ilias_configs[$index]['course_veranstaltungsnummer'] = Request::get('ilias_course_veranstaltungsnummer');
} }
$this->ilias_configs[$index]['delete_ilias_users'] = Request::get('ilias_delete_ilias_users'); $this->ilias_configs[$index]['delete_ilias_users'] = Request::get('ilias_delete_ilias_users');
$this->ilias_configs[$index]['reconnect_accounts'] = Request::bool('ilias_reconnect_accounts', false);
$this->ilias_configs[$index]['delete_ilias_courses'] = Request::get('ilias_delete_ilias_courses'); $this->ilias_configs[$index]['delete_ilias_courses'] = Request::get('ilias_delete_ilias_courses');
$this->ilias_configs[$index]['category_create_on_add_module'] = Request::get('ilias_category_create_on_add_module'); $this->ilias_configs[$index]['category_create_on_add_module'] = Request::get('ilias_category_create_on_add_module');
$this->ilias_configs[$index]['category_to_desktop'] = Request::get('ilias_category_to_desktop'); $this->ilias_configs[$index]['category_to_desktop'] = Request::get('ilias_category_to_desktop');
......
...@@ -415,6 +415,18 @@ class Admin_UserController extends AuthenticatedController ...@@ -415,6 +415,18 @@ class Admin_UserController extends AuthenticatedController
$this->user_roles = $this->user->getRoles(); $this->user_roles = $this->user->getRoles();
// get ilias account data
if ($GLOBALS['perm']->have_perm('root') && Config::get()->ILIAS_INTERFACE_ENABLE) {
$this->ilias_list = [];
foreach (Config::get()->ILIAS_INTERFACE_SETTINGS as $ilias_index => $ilias_config) {
if ($ilias_config['is_active']) {
$this->ilias_list[$ilias_index] = new ConnectedIlias($ilias_index);
$this->ilias_list[$ilias_index]->soap_client->clearCache();
$this->ilias_user[$ilias_index] = new IliasUser($ilias_index, $ilias_config['version'], $user_id);
}
}
}
// Änderungen speichern // Änderungen speichern
if (Request::submitted('edit')) { if (Request::submitted('edit')) {
CSRFProtection::verifyUnsafeRequest(); CSRFProtection::verifyUnsafeRequest();
......
...@@ -161,6 +161,70 @@ class MyIliasAccountsController extends AuthenticatedController ...@@ -161,6 +161,70 @@ class MyIliasAccountsController extends AuthenticatedController
$this->redirect($this->url_for('my_ilias_accounts/index')); $this->redirect($this->url_for('my_ilias_accounts/index'));
} }
/**
* Administrate account for ILIAS installation
* @param $user_id studip user id
* @param $index Index of ILIAS installation
* @param $mode action type
*/
public function administrate_account_action($user_id, $index)
{
if (!$GLOBALS['perm']->have_perm('root')) {
throw new AccessDeniedException();
}
$ilias_configs = Config::get()->ILIAS_INTERFACE_SETTINGS;
if ($ilias_configs[$index]['is_active']) {
$this->ilias = new ConnectedIlias($index);
$this->ilias_index = $index;
$this->ilias_login = '';
$this->matched_user = false;
$this->external_account_login = '';
$this->external_account_id = false;
$this->user_exists = false;
$this->user = new IliasUser($index, $ilias_configs[$index]['version'], $user_id);
if (Request::submitted('lookup_account')) {
$this->ilias_login = trim(Request::option('ilias_login'));
$this->matched_user = $this->ilias->soap_client->lookupUser($this->ilias_login);
if (empty($this->matched_user)) {
PageLayout::postError(sprintf(_('Es wurde kein Account mit dem Loginnamen "%s" gefunden.'), htmlReady($this->ilias_login)));
} else {
PageLayout::postInfo(sprintf(_('Account "%s" wurde gefunden.'), htmlReady($this->ilias_login)));
}
} elseif (Request::submitted('connect_account')) {
$new_user = $this->ilias->soap_client->getUser(Request::option('ilias_user_id'));
if ($new_user['usr_id'] && $new_user['login']) {
$this->user->id = $new_user['usr_id'];
$this->user->login = $new_user['login'];
$this->user->setConnection(IliasUser::USER_TYPE_ORIGINAL);
PageLayout::postSuccess(_('Account zugeordnet.'));
}
} elseif (Request::submitted('disconnect_account')) {
if ($this->user->unsetConnection(true)) {
PageLayout::postSuccess(_('Account-Zuordnung entfernt.'));
}
} elseif (Request::submitted('new_account')) {
$this->ilias->user = new IliasUser($index, $ilias_configs[$index]['version'], $user_id);
$this->ilias->soap_client->setCachingStatus(false);
$this->ilias->soap_client->clearCache();
$this->ilias->newUser();
PageLayout::postSuccess(_('Account angelegt.'));
}
// check if connection is valid / available
if ($this->user->isConnected()) {
$existing_user = $this->ilias->soap_client->getUser($this->user->id);
if ($existing_user && $existing_user['usr_id'] === $this->user->id) {
$this->user_exists = true;
}
} else {
$this->external_account_login = $ilias_configs[$index]['user_prefix'] . $this->user->studip_login;
$this->external_account_id = $this->ilias->soap_client->lookupUser($this->external_account_login);
}
}
}
/** /**
* Redirect to ILIAS installation * Redirect to ILIAS installation
* @param $index Index of ILIAS installation * @param $index Index of ILIAS installation
......
...@@ -38,6 +38,10 @@ ...@@ -38,6 +38,10 @@
<input type="checkbox" name="ilias_delete_ilias_users" value="1" <?= $ilias_config['delete_ilias_users'] ? 'checked' : '' ?>> <input type="checkbox" name="ilias_delete_ilias_users" value="1" <?= $ilias_config['delete_ilias_users'] ? 'checked' : '' ?>>
<span><?= _('Beim Löschen von Stud.IP-Accounts ILIAS-Accounts ebenfalls löschen (alle zugehörigen Objekte werden gelöscht!)') ?></span> <span><?= _('Beim Löschen von Stud.IP-Accounts ILIAS-Accounts ebenfalls löschen (alle zugehörigen Objekte werden gelöscht!)') ?></span>
</label> </label>
<label>
<input type="checkbox" name="ilias_reconnect_accounts" value="1" <?= $ilias_config['reconnect_accounts'] ? 'checked' : '' ?>>
<span><?= _('Externe User-Accounts automatisch verbinden, wenn sie den passenden Loginnamen haben') ?></span>
</label>
<label> <label>
<span><?= _('Prefix für automatisch angelegte Usernamen') ?></span> <span><?= _('Prefix für automatisch angelegte Usernamen') ?></span>
<? if ($ilias_config['is_active']) : ?> <? if ($ilias_config['is_active']) : ?>
......
...@@ -232,8 +232,6 @@ use Studip\Button, Studip\LinkButton; ...@@ -232,8 +232,6 @@ use Studip\Button, Studip\LinkButton;
<? endif ?> <? endif ?>
</fieldset> </fieldset>
<fieldset> <fieldset>
<legend> <legend>
<?= _('Registrierungsdaten') ?> <?= _('Registrierungsdaten') ?>
...@@ -368,6 +366,41 @@ use Studip\Button, Studip\LinkButton; ...@@ -368,6 +366,41 @@ use Studip\Button, Studip\LinkButton;
</section> </section>
</fieldset> </fieldset>
<? if ($GLOBALS['perm']->have_perm('root') && Config::get()->ILIAS_INTERFACE_ENABLE) : ?>
<? foreach ($ilias_list as $ilias_index => $ilias) : ?>
<fieldset>
<legend>
<?= htmlReady(sprintf(_('Account in %s'), htmlReady($ilias->getName()))) ?>
</legend>
<? if ($ilias_user[$ilias_index]->isConnected()) : ?>
<label>
<?= _('Loginname des verknüpften Accounts:') ?>
<?= htmlReady($ilias_user[$ilias_index]->getUsername()) ?>
</label>
<label>
<?= LinkButton::create(
_('Verknüpfung bearbeiten'),
$controller->url_for('my_ilias_accounts/administrate_account/' . $ilias_user[$ilias_index]->studip_id . '/' . $ilias_index . '/edit'),
['data-dialog' => 'reload-on-close']
) ?>
</label>
<? else : ?>
<label>
<?= _('Kein Account verknüpft') ?>
</label>
<label>
<?= LinkButton::create(
_('Verknüpfung erstellen'),
$controller->url_for('my_ilias_accounts/administrate_account/' . $ilias_user[$ilias_index]->studip_id . '/' . $ilias_index . '/edit'),
['data-dialog' => 'reload-on-close']
) ?>
</label>
<? endif ?>
</fieldset>
<? endforeach ?>
<? endif ?>
<? if (in_array($user->perms, ['autor', 'tutor', 'dozent'])): ?> <? if (in_array($user->perms, ['autor', 'tutor', 'dozent'])): ?>
<fieldset> <fieldset>
<legend> <legend>
......
<form class="default" action="<?= $controller->link_for('my_ilias_accounts/administrate_account/' . $user->studip_id . '/' . $ilias_index) ?>" method="post" data-dialog="reload-on-close">
<?= CSRFProtection::tokenTag() ?>
<fieldset>
<legend>
<?= _('Bestehenden Account zuordnen') ?>
</legend>
<? if (!$matched_user) : ?>
<label>
<span><?= _('Loginname') ?></span>
<input type="text" name="ilias_login" size="50" maxlength="50" value="<?= htmlReady($ilias_login) ?>">
<?= Studip\Button::createAccept(_('Account Suchen'), 'lookup_account') ?>
</label>
<? else : ?>
<label>
<span><?= htmlReady(sprintf(_('ILIAS Account %s (ID %s)'), $ilias_login, $matched_user)) ?></span>
</label>
<input type="hidden" name="ilias_user_id" value="<?= htmlReady($matched_user) ?>">
<?= Studip\Button::createAccept(_('Account zuordnen'), 'connect_account') ?>
<? endif ?>
</fieldset>
<? if ($user->isConnected()) : ?>
<fieldset>
<legend>
<?= _('Verknüpfter Account') ?>
</legend>
<table class="default nohover">
<tr>
<td><?= _('Loginname des verknüpften Accounts:') ?></td>
<td>
<?= htmlReady($user->getUsername()) ?>
<? if (!$user_exists): ?>
- <?= _('Der verknüpfte Account wurde im angebundenen ILIAS-System nicht gefunden!') ?>
<? endif; ?>
</td>
</tr>
<tr>
<td><?= _('Eigene Kategorie:') ?></td>
<td><?= !empty($user->getCategory()) ? _('ID') . ' ' . htmlReady($user->getCategory()) : _('nicht vorhanden') ?></td>
</tr>
<tr>
<td><?= _('Account-Typ:') ?></td>
<td><?= $user->getUserType() == IliasUser::USER_TYPE_ORIGINAL ? _('Lokaler ILIAS-Account') : _('Automatisch erstellter Account') ?></td>
</tr>
</table>
<?= Studip\Button::createCancel(_('Verknüpfung aufheben'), 'disconnect_account') ?>
</fieldset>
<? else : ?>
<fieldset>
<legend>
<?= _('Kein Account verknüpft') ?>
</legend>
<? if ($external_account_id) : ?>
<label>
<?= sprintf(_('Es existiert bereits ein ILIAS-Account mit dem Loginnamen %s.'), htmlReady($external_account_login)) ?>
<input type="hidden" name="ilias_user_id" value="<?= htmlReady($external_account_id) ?>">
<?= Studip\Button::createAccept(_('Mit externem Account verknüpfen'), 'connect_account') ?>
</label>
<? else : ?>
<label>
<?= Studip\Button::createAccept(_('Neuen Account anlegen'), 'new_account') ?>
</label>
<? endif ?>
</fieldset>
<? endif ?>
</form>
\ No newline at end of file
...@@ -336,8 +336,17 @@ class ConnectedIlias ...@@ -336,8 +336,17 @@ class ConnectedIlias
($this->user->auth_plugin == $this->ilias_config['ldap_enable'])) { ($this->user->auth_plugin == $this->ilias_config['ldap_enable'])) {
$this->user->id = $user_exists; $this->user->id = $user_exists;
$this->user->login = $user_data["login"]; $this->user->login = $user_data["login"];
$this->user->setConnection($this->user->getUserType(), true); $this->user->setConnection($this->user->getUserType());
PageLayout::postSuccess(sprintf(_("Verbindung mit Nutzer ID %s wiederhergestellt."), $this->user->id)); PageLayout::postSuccess(sprintf(
_('Verbindung mit Account ID %s wiederhergestellt.'),
htmlReady($this->user->id)
));
return true;
} elseif ($user_exists && $this->ilias_config['reconnect_accounts']) {
$this->user->id = $user_exists;
$this->user->login = $user_data["login"];
$this->user->setConnection($this->user->getUserType());
PageLayout::postSuccess(sprintf(_('Verbindung mit Account ID %s wiederhergestellt.'), htmlReady($this->user->id)));
return true; return true;
} elseif ($user_exists) { } elseif ($user_exists) {
$this->error[] = sprintf(_('Externer Account konnte nicht angelegt werden. Es existiert bereits ein User mit dem Login %s in %s'), $user_data["login"], $this->ilias_config['name']); $this->error[] = sprintf(_('Externer Account konnte nicht angelegt werden. Es existiert bereits ein User mit dem Login %s in %s'), $user_data["login"], $this->ilias_config['name']);
...@@ -361,7 +370,7 @@ class ConnectedIlias ...@@ -361,7 +370,7 @@ class ConnectedIlias
} }
// set role according to Stud.IP perm // set role according to Stud.IP perm
if (User::findCurrent()->perms === 'root') { if (User::find($this->user->studip_id)->perms === 'root') {
$role_id = 2; $role_id = 2;
} else { } else {
$role_id = 4; $role_id = 4;
...@@ -519,7 +528,7 @@ class ConnectedIlias ...@@ -519,7 +528,7 @@ class ConnectedIlias
// data for user category in ILIAS // data for user category in ILIAS
$object_data["title"] = sprintf(_("Eigene Daten von %s (%s)."), $this->user->getName(), $this->user->getId()); $object_data["title"] = sprintf(_("Eigene Daten von %s (%s)."), $this->user->getName(), $this->user->getId());
$object_data["description"] = sprintf(_("Hier befinden sich die persönlichen Lernmodule des Benutzers %s."), $this->user->getName()); $object_data['description'] = sprintf(_('Hier befinden sich die persönlichen Lernmodule von %s.'), $this->user->getName());
$object_data["type"] = "cat"; $object_data["type"] = "cat";
$object_data["owner"] = $this->user->getId(); $object_data["owner"] = $this->user->getId();
......
...@@ -502,7 +502,7 @@ class IliasUser ...@@ -502,7 +502,7 @@ class IliasUser
function unsetConnection($ignore_usertype = false) function unsetConnection($ignore_usertype = false)
{ {
if (!$ignore_usertype && ($this->getUserType() != self::USER_TYPE_ORIGINAL)) { if (!$ignore_usertype && ($this->getUserType() != self::USER_TYPE_ORIGINAL)) {
return; return false;
} }
$query = "DELETE FROM auth_extern WHERE studip_user_id = ? AND external_user_system_type = ? AND external_user_type = ?"; $query = "DELETE FROM auth_extern WHERE studip_user_id = ? AND external_user_system_type = ? AND external_user_type = ?";
...@@ -515,6 +515,7 @@ class IliasUser ...@@ -515,6 +515,7 @@ class IliasUser
$this->is_connected = false; $this->is_connected = false;
$this->readData(); $this->readData();
return true;
} }
/** /**
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment