diff options
| author | Arne Schröder, M. A. <schroeder@data-quest.de> | 2024-12-19 13:38:22 +0000 |
|---|---|---|
| committer | Rasmus Fuhse <fuhse@data-quest.de> | 2024-12-19 13:38:22 +0000 |
| commit | 7cbba1ec8a0de90e02632fe06beebb2e672a07a2 (patch) | |
| tree | 07c203bcfa1f022b105940b34191c797251ae7fd | |
| parent | 147a30d22cad9f074a2f2a968a156e021ae59f33 (diff) | |
Resolve "Accountmanagement für verknüpfte ILIAS-Accounts in Stud.IP"
Closes #4263
Merge request studip/studip!3368
| -rw-r--r-- | app/controllers/admin/ilias_interface.php | 2 | ||||
| -rw-r--r-- | app/controllers/admin/user.php | 12 | ||||
| -rw-r--r-- | app/controllers/my_ilias_accounts.php | 64 | ||||
| -rw-r--r-- | app/views/admin/ilias_interface/edit_content.php | 4 | ||||
| -rw-r--r-- | app/views/admin/user/edit.php | 37 | ||||
| -rw-r--r-- | app/views/my_ilias_accounts/administrate_account.php | 65 | ||||
| -rw-r--r-- | lib/ilias_interface/ConnectedIlias.php | 17 | ||||
| -rw-r--r-- | lib/ilias_interface/IliasUser.php | 3 |
8 files changed, 197 insertions, 7 deletions
diff --git a/app/controllers/admin/ilias_interface.php b/app/controllers/admin/ilias_interface.php index d0e59ea..750e33d 100644 --- a/app/controllers/admin/ilias_interface.php +++ b/app/controllers/admin/ilias_interface.php @@ -129,6 +129,7 @@ class Admin_IliasInterfaceController extends AuthenticatedController 'url' => _('https://<URL zur ILIAS-Installation>'), 'client' => '', 'ldap_enable' => '', + 'reconnect_accounts' => false, 'no_account_updates' => false, 'admin' => 'ilias_soap_admin', 'admin_pw' => '', @@ -351,6 +352,7 @@ class Admin_IliasInterfaceController extends AuthenticatedController $this->ilias_configs[$index]['course_veranstaltungsnummer'] = Request::get('ilias_course_veranstaltungsnummer'); } $this->ilias_configs[$index]['delete_ilias_users'] = Request::get('ilias_delete_ilias_users'); + $this->ilias_configs[$index]['reconnect_accounts'] = Request::bool('ilias_reconnect_accounts', false); $this->ilias_configs[$index]['delete_ilias_courses'] = Request::get('ilias_delete_ilias_courses'); $this->ilias_configs[$index]['category_create_on_add_module'] = Request::get('ilias_category_create_on_add_module'); $this->ilias_configs[$index]['category_to_desktop'] = Request::get('ilias_category_to_desktop'); diff --git a/app/controllers/admin/user.php b/app/controllers/admin/user.php index 4af6b42..9a61059 100644 --- a/app/controllers/admin/user.php +++ b/app/controllers/admin/user.php @@ -415,6 +415,18 @@ class Admin_UserController extends AuthenticatedController $this->user_roles = $this->user->getRoles(); + // get ilias account data + if ($GLOBALS['perm']->have_perm('root') && Config::get()->ILIAS_INTERFACE_ENABLE) { + $this->ilias_list = []; + foreach (Config::get()->ILIAS_INTERFACE_SETTINGS as $ilias_index => $ilias_config) { + if ($ilias_config['is_active']) { + $this->ilias_list[$ilias_index] = new ConnectedIlias($ilias_index); + $this->ilias_list[$ilias_index]->soap_client->clearCache(); + $this->ilias_user[$ilias_index] = new IliasUser($ilias_index, $ilias_config['version'], $user_id); + } + } + } + // Änderungen speichern if (Request::submitted('edit')) { CSRFProtection::verifyUnsafeRequest(); diff --git a/app/controllers/my_ilias_accounts.php b/app/controllers/my_ilias_accounts.php index b82ec7d..84060ac 100644 --- a/app/controllers/my_ilias_accounts.php +++ b/app/controllers/my_ilias_accounts.php @@ -162,6 +162,70 @@ class MyIliasAccountsController extends AuthenticatedController } /** + * Administrate account for ILIAS installation + * @param $user_id studip user id + * @param $index Index of ILIAS installation + * @param $mode action type + */ + public function administrate_account_action($user_id, $index) + { + if (!$GLOBALS['perm']->have_perm('root')) { + throw new AccessDeniedException(); + } + + $ilias_configs = Config::get()->ILIAS_INTERFACE_SETTINGS; + if ($ilias_configs[$index]['is_active']) { + $this->ilias = new ConnectedIlias($index); + $this->ilias_index = $index; + $this->ilias_login = ''; + $this->matched_user = false; + $this->external_account_login = ''; + $this->external_account_id = false; + $this->user_exists = false; + $this->user = new IliasUser($index, $ilias_configs[$index]['version'], $user_id); + + if (Request::submitted('lookup_account')) { + $this->ilias_login = trim(Request::option('ilias_login')); + $this->matched_user = $this->ilias->soap_client->lookupUser($this->ilias_login); + if (empty($this->matched_user)) { + PageLayout::postError(sprintf(_('Es wurde kein Account mit dem Loginnamen "%s" gefunden.'), htmlReady($this->ilias_login))); + } else { + PageLayout::postInfo(sprintf(_('Account "%s" wurde gefunden.'), htmlReady($this->ilias_login))); + } + } elseif (Request::submitted('connect_account')) { + $new_user = $this->ilias->soap_client->getUser(Request::option('ilias_user_id')); + if ($new_user['usr_id'] && $new_user['login']) { + $this->user->id = $new_user['usr_id']; + $this->user->login = $new_user['login']; + $this->user->setConnection(IliasUser::USER_TYPE_ORIGINAL); + PageLayout::postSuccess(_('Account zugeordnet.')); + } + } elseif (Request::submitted('disconnect_account')) { + if ($this->user->unsetConnection(true)) { + PageLayout::postSuccess(_('Account-Zuordnung entfernt.')); + } + } elseif (Request::submitted('new_account')) { + $this->ilias->user = new IliasUser($index, $ilias_configs[$index]['version'], $user_id); + $this->ilias->soap_client->setCachingStatus(false); + $this->ilias->soap_client->clearCache(); + $this->ilias->newUser(); + PageLayout::postSuccess(_('Account angelegt.')); + } + + // check if connection is valid / available + if ($this->user->isConnected()) { + $existing_user = $this->ilias->soap_client->getUser($this->user->id); + if ($existing_user && $existing_user['usr_id'] === $this->user->id) { + $this->user_exists = true; + } + } else { + $this->external_account_login = $ilias_configs[$index]['user_prefix'] . $this->user->studip_login; + $this->external_account_id = $this->ilias->soap_client->lookupUser($this->external_account_login); + } + } + } + + /** * Redirect to ILIAS installation * @param $index Index of ILIAS installation */ diff --git a/app/views/admin/ilias_interface/edit_content.php b/app/views/admin/ilias_interface/edit_content.php index d0eb47e..77c76eb 100644 --- a/app/views/admin/ilias_interface/edit_content.php +++ b/app/views/admin/ilias_interface/edit_content.php @@ -39,6 +39,10 @@ <span><?= _('Beim Löschen von Stud.IP-Accounts ILIAS-Accounts ebenfalls löschen (alle zugehörigen Objekte werden gelöscht!)') ?></span> </label> <label> + <input type="checkbox" name="ilias_reconnect_accounts" value="1" <?= $ilias_config['reconnect_accounts'] ? 'checked' : '' ?>> + <span><?= _('Externe User-Accounts automatisch verbinden, wenn sie den passenden Loginnamen haben') ?></span> + </label> + <label> <span><?= _('Prefix für automatisch angelegte Usernamen') ?></span> <? if ($ilias_config['is_active']) : ?> <div><?=$ilias_config['user_prefix'] ? htmlReady($ilias_config['user_prefix']) : _('Kein Präfix')?></div> diff --git a/app/views/admin/user/edit.php b/app/views/admin/user/edit.php index 47596a9..3313e6a 100644 --- a/app/views/admin/user/edit.php +++ b/app/views/admin/user/edit.php @@ -232,8 +232,6 @@ use Studip\Button, Studip\LinkButton; <? endif ?> </fieldset> - - <fieldset> <legend> <?= _('Registrierungsdaten') ?> @@ -368,6 +366,41 @@ use Studip\Button, Studip\LinkButton; </section> </fieldset> + <? if ($GLOBALS['perm']->have_perm('root') && Config::get()->ILIAS_INTERFACE_ENABLE) : ?> + <? foreach ($ilias_list as $ilias_index => $ilias) : ?> + <fieldset> + <legend> + <?= htmlReady(sprintf(_('Account in %s'), htmlReady($ilias->getName()))) ?> + </legend> + + <? if ($ilias_user[$ilias_index]->isConnected()) : ?> + <label> + <?= _('Loginname des verknüpften Accounts:') ?> + <?= htmlReady($ilias_user[$ilias_index]->getUsername()) ?> + </label> + <label> + <?= LinkButton::create( + _('Verknüpfung bearbeiten'), + $controller->url_for('my_ilias_accounts/administrate_account/' . $ilias_user[$ilias_index]->studip_id . '/' . $ilias_index . '/edit'), + ['data-dialog' => 'reload-on-close'] + ) ?> + </label> + <? else : ?> + <label> + <?= _('Kein Account verknüpft') ?> + </label> + <label> + <?= LinkButton::create( + _('Verknüpfung erstellen'), + $controller->url_for('my_ilias_accounts/administrate_account/' . $ilias_user[$ilias_index]->studip_id . '/' . $ilias_index . '/edit'), + ['data-dialog' => 'reload-on-close'] + ) ?> + </label> + <? endif ?> + </fieldset> + <? endforeach ?> + <? endif ?> + <? if (in_array($user->perms, ['autor', 'tutor', 'dozent'])): ?> <fieldset> <legend> diff --git a/app/views/my_ilias_accounts/administrate_account.php b/app/views/my_ilias_accounts/administrate_account.php new file mode 100644 index 0000000..6b86fd8 --- /dev/null +++ b/app/views/my_ilias_accounts/administrate_account.php @@ -0,0 +1,65 @@ +<form class="default" action="<?= $controller->link_for('my_ilias_accounts/administrate_account/' . $user->studip_id . '/' . $ilias_index) ?>" method="post" data-dialog="reload-on-close"> + <?= CSRFProtection::tokenTag() ?> + <fieldset> + <legend> + <?= _('Bestehenden Account zuordnen') ?> + </legend> + <? if (!$matched_user) : ?> + <label> + <span><?= _('Loginname') ?></span> + <input type="text" name="ilias_login" size="50" maxlength="50" value="<?= htmlReady($ilias_login) ?>"> + <?= Studip\Button::createAccept(_('Account Suchen'), 'lookup_account') ?> + </label> + <? else : ?> + <label> + <span><?= htmlReady(sprintf(_('ILIAS Account %s (ID %s)'), $ilias_login, $matched_user)) ?></span> + </label> + <input type="hidden" name="ilias_user_id" value="<?= htmlReady($matched_user) ?>"> + <?= Studip\Button::createAccept(_('Account zuordnen'), 'connect_account') ?> + <? endif ?> + </fieldset> + <? if ($user->isConnected()) : ?> + <fieldset> + <legend> + <?= _('Verknüpfter Account') ?> + </legend> + <table class="default nohover"> + <tr> + <td><?= _('Loginname des verknüpften Accounts:') ?></td> + <td> + <?= htmlReady($user->getUsername()) ?> + <? if (!$user_exists): ?> + - <?= _('Der verknüpfte Account wurde im angebundenen ILIAS-System nicht gefunden!') ?> + <? endif; ?> + </td> + </tr> + <tr> + <td><?= _('Eigene Kategorie:') ?></td> + <td><?= !empty($user->getCategory()) ? _('ID') . ' ' . htmlReady($user->getCategory()) : _('nicht vorhanden') ?></td> + </tr> + <tr> + <td><?= _('Account-Typ:') ?></td> + <td><?= $user->getUserType() == IliasUser::USER_TYPE_ORIGINAL ? _('Lokaler ILIAS-Account') : _('Automatisch erstellter Account') ?></td> + </tr> + </table> + <?= Studip\Button::createCancel(_('Verknüpfung aufheben'), 'disconnect_account') ?> + </fieldset> + <? else : ?> + <fieldset> + <legend> + <?= _('Kein Account verknüpft') ?> + </legend> + <? if ($external_account_id) : ?> + <label> + <?= sprintf(_('Es existiert bereits ein ILIAS-Account mit dem Loginnamen %s.'), htmlReady($external_account_login)) ?> + <input type="hidden" name="ilias_user_id" value="<?= htmlReady($external_account_id) ?>"> + <?= Studip\Button::createAccept(_('Mit externem Account verknüpfen'), 'connect_account') ?> + </label> + <? else : ?> + <label> + <?= Studip\Button::createAccept(_('Neuen Account anlegen'), 'new_account') ?> + </label> + <? endif ?> + </fieldset> + <? endif ?> +</form>
\ No newline at end of file diff --git a/lib/ilias_interface/ConnectedIlias.php b/lib/ilias_interface/ConnectedIlias.php index 94c6ad8..e90f75b 100644 --- a/lib/ilias_interface/ConnectedIlias.php +++ b/lib/ilias_interface/ConnectedIlias.php @@ -336,8 +336,17 @@ class ConnectedIlias ($this->user->auth_plugin == $this->ilias_config['ldap_enable'])) { $this->user->id = $user_exists; $this->user->login = $user_data["login"]; - $this->user->setConnection($this->user->getUserType(), true); - PageLayout::postSuccess(sprintf(_("Verbindung mit Nutzer ID %s wiederhergestellt."), $this->user->id)); + $this->user->setConnection($this->user->getUserType()); + PageLayout::postSuccess(sprintf( + _('Verbindung mit Account ID %s wiederhergestellt.'), + htmlReady($this->user->id) + )); + return true; + } elseif ($user_exists && $this->ilias_config['reconnect_accounts']) { + $this->user->id = $user_exists; + $this->user->login = $user_data["login"]; + $this->user->setConnection($this->user->getUserType()); + PageLayout::postSuccess(sprintf(_('Verbindung mit Account ID %s wiederhergestellt.'), htmlReady($this->user->id))); return true; } elseif ($user_exists) { $this->error[] = sprintf(_('Externer Account konnte nicht angelegt werden. Es existiert bereits ein User mit dem Login %s in %s'), $user_data["login"], $this->ilias_config['name']); @@ -361,7 +370,7 @@ class ConnectedIlias } // set role according to Stud.IP perm - if (User::findCurrent()->perms === 'root') { + if (User::find($this->user->studip_id)->perms === 'root') { $role_id = 2; } else { $role_id = 4; @@ -519,7 +528,7 @@ class ConnectedIlias // data for user category in ILIAS $object_data["title"] = sprintf(_("Eigene Daten von %s (%s)."), $this->user->getName(), $this->user->getId()); - $object_data["description"] = sprintf(_("Hier befinden sich die persönlichen Lernmodule des Benutzers %s."), $this->user->getName()); + $object_data['description'] = sprintf(_('Hier befinden sich die persönlichen Lernmodule von %s.'), $this->user->getName()); $object_data["type"] = "cat"; $object_data["owner"] = $this->user->getId(); diff --git a/lib/ilias_interface/IliasUser.php b/lib/ilias_interface/IliasUser.php index c9233df..fbd15ce 100644 --- a/lib/ilias_interface/IliasUser.php +++ b/lib/ilias_interface/IliasUser.php @@ -502,7 +502,7 @@ class IliasUser function unsetConnection($ignore_usertype = false) { if (!$ignore_usertype && ($this->getUserType() != self::USER_TYPE_ORIGINAL)) { - return; + return false; } $query = "DELETE FROM auth_extern WHERE studip_user_id = ? AND external_user_system_type = ? AND external_user_type = ?"; @@ -515,6 +515,7 @@ class IliasUser $this->is_connected = false; $this->readData(); + return true; } /** |