<?php declare(strict_types = 0);
class CUserDirectory extends CApiService {
public const ACCESS_RULES = [
'get' => ['min_user_type' => USER_TYPE_SUPER_ADMIN],
'create' => ['min_user_type' => USER_TYPE_SUPER_ADMIN],
'update' => ['min_user_type' => USER_TYPE_SUPER_ADMIN],
'delete' => ['min_user_type' => USER_TYPE_SUPER_ADMIN],
'test' => ['min_user_type' => USER_TYPE_SUPER_ADMIN]
protected $tableName = 'userdirectory';
protected $tableAlias = 'ud';
protected $sortColumns = ['name'];
public const COMMON_OUTPUT_FIELDS = ['userdirectoryid', 'name', 'idp_type', 'provision_status', 'description'];
public const LDAP_OUTPUT_FIELDS = [
'host', 'port', 'base_dn', 'search_attribute', 'bind_dn', 'start_tls', 'search_filter', 'group_basedn',
'group_name', 'group_member', 'group_filter', 'group_membership', 'user_username', 'user_lastname',
public const SAML_OUTPUT_FIELDS = [
'idp_entityid', 'sso_url', 'slo_url', 'username_attribute', 'sp_entityid', 'nameid_format', 'sign_messages',
'sign_assertions', 'sign_authn_requests', 'sign_logout_requests', 'sign_logout_responses', 'encrypt_nameid',
'encrypt_assertions', 'group_name', 'user_username', 'user_lastname', 'scim_status'
public const OUTPUT_FIELDS = [
'userdirectoryid', 'name', 'idp_type', 'provision_status', 'description',
'group_name', 'user_username', 'user_lastname',
'host', 'port', 'base_dn', 'search_attribute', 'bind_dn', 'start_tls', 'search_filter', 'group_basedn',
'group_member', 'group_filter', 'group_membership', 'user_ref_attr',
'idp_entityid', 'sso_url', 'slo_url', 'username_attribute', 'sp_entityid', 'nameid_format', 'sign_messages',
'sign_assertions', 'sign_authn_requests', 'sign_logout_requests', 'sign_logout_responses', 'encrypt_nameid',
'encrypt_assertions', 'scim_status'
public const MEDIA_OUTPUT_FIELDS = [
'userdirectory_mediaid', 'mediatypeid', 'name', 'attribute', 'active', 'severity', 'period'
public function get(array $options) {
$this->validateGet($options);
if (!$options['countOutput']) {
if ($options['output'] === API_OUTPUT_EXTEND) {
$options['output'] = self::OUTPUT_FIELDS;
$request_output = $options['output'];
$db_userdirectories_by_type = [IDP_TYPE_LDAP => [], IDP_TYPE_SAML => []];
$db_userdirectories = [];
array_merge(['idp_type'], array_intersect($request_output, self::COMMON_OUTPUT_FIELDS));
$ldap_output = array_intersect($request_output, self::LDAP_OUTPUT_FIELDS);
$saml_output = array_intersect($request_output, self::SAML_OUTPUT_FIELDS);
$result = DBselect($this->createSelectQuery($this->tableName, $options), $options['limit']);