mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-06-02 14:15:11 +02:00
Code Issues Projects Releases Wiki Activity

MDL-8590 auth cleanup - part 2

Browse Source
This commit is contained in:
skodak 2007-02-20 17:09:20 +00:00
parent 139ebfdb3b
commit 16ce6c0dcc
7 changed files with 177 additions and 129 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

212
admin/auth.php
View File

@ -7,117 +7,128 @@
*
*/
require_once dirname(dirname(__FILE__)) . '/config.php';
require_once $CFG->libdir . '/tablelib.php';
require_once('../config.php');
require_once($CFG->libdir.'/adminlib.php');
require_once($CFG->libdir.'/tablelib.php');
$adminroot = admin_get_root();
admin_externalpage_setup('userauthentication', $adminroot);
$action = optional_param('action', '', PARAM_ACTION);
$auth = optional_param('auth', '', PARAM_SAFEDIR);
// get currently installed and enabled auth plugins
$authsavailable = get_list_of_plugins('auth');
if (empty($CFG->auth_plugins_enabled)) {
set_config('auth_plugins_enabled', $CFG->auth);
$CFG->auth_plugins_enabled = $CFG->auth;
}
$authsenabled = explode(',', $CFG->auth_plugins_enabled);
// save form
if ($form = data_submitted()) {
if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
}
if (! isset($form->guestloginbutton)) {
$form->guestloginbutton = 1;
}
if (empty($form->alternateloginurl)) {
$form->alternateloginurl = '';
}
if (empty($form->register)) {
$form->register = 'manual';
}
set_config('guestloginbutton', $form->guestloginbutton);
set_config('alternateloginurl', $form->alternateloginurl);
set_config('auth', $form->register);
// add $CFG->auth to auth_plugins_enabled list
if (!array_search($form->register, $authsenabled)) {
$authsenabled[] = $form->register;
$authsenabled = array_unique($authsenabled);
set_config('auth_plugins_enabled', implode(',', $authsenabled));
}
//revert auth_plugins_enabled
if (isset($CFG->auth_plugins_enabled)) {
set_config('auth', $CFG->auth_plugins_enabled);
delete_records('config', 'name', 'auth_plugins_enabled');
unset($CFG->auth_plugins_enabled);
}
if (empty($CFG->auth)) {
$authsenabled = array();
} else {
$authsenabled = explode(',', $CFG->auth);
$authsenabled = array_unique($authsenabled);
}
$key = array_search('manual', $authsenabled);
if ($key !== false) {
unset($authsenabled[$key]); // manual is always enabled anyway
set_config('auth', implode(',', $authsenabled));
}
if (!isset($CFG->registerauth)) {
set_config('registerauth', '');
}
if (!isset($CFG->auth_instructions)) {
set_config('auth_instructions', '');
}
if (!empty($auth) and !exists_auth_plugin($auth)) {
error(get_string('pluginnotinstalled', 'auth', $auth), $url);
}
// grab GET/POST parameters
$params = new object();
$params->action = optional_param('action', '', PARAM_ACTION);
$params->auth = optional_param('auth', $CFG->auth, PARAM_ALPHANUM);
////////////////////////////////////////////////////////////////////////////////
// process actions
switch ($params->action) {
$status = '';
switch ($action) {
case 'save':
if (data_submitted() and confirm_sesskey()) {
// save settings
set_config('guestloginbutton', required_param('guestloginbutton', PARAM_BOOL));
set_config('alternateloginurl', stripslashes(trim(required_param('alternateloginurl', PARAM_RAW))));
set_config('registerauth', required_param('register', PARAM_SAFEDIR));
set_config('auth_instructions', stripslashes(trim(required_param('auth_instructions', PARAM_RAW))));
// enable registerauth in $CFG->auth if needed
if (!empty($CFG->registerauth) and !in_array($CFG->registerauth, $authsenabled)) {
$authsenabled[] = $CFG->registerauth;
set_config('auth', implode(',', $authsenabled));
}
$status = get_string('changessaved');
}
break;
case 'disable':
// remove from enabled list
$key = array_search($params->auth, $authsenabled);
if ($key !== false and $params->auth != $CFG->auth) {
// remove from enabled list
$key = array_search($auth, $authsenabled);
if ($key !== false) {
unset($authsenabled[$key]);
set_config('auth_plugins_enabled', implode(',', $authsenabled));
set_config('auth', implode(',', $authsenabled));
}
if ($auth == $CFG->registerauth) {
set_config('registerauth', '');
}
break;
case 'enable':
// check auth plugin is valid first
if (!exists_auth_plugin($params->auth)) {
error(get_string('pluginnotinstalled', 'auth', $params->auth), $url);
}
// add to enabled list
if (!array_search($params->auth, $authsenabled)) {
$authsenabled[] = $params->auth;
if (!in_array($auth, $authsenabled)) {
$authsenabled[] = $auth;
$authsenabled = array_unique($authsenabled);
set_config('auth_plugins_enabled', implode(',', $authsenabled));
set_config('auth', implode(',', $authsenabled));
}
break;
case 'down':
$key = array_search($params->auth, $authsenabled);
$key = array_search($auth, $authsenabled);
// check auth plugin is valid
if ($key === false) {
error(get_string('pluginnotenabled', 'auth', $params->auth), $url);
error(get_string('pluginnotenabled', 'auth', $auth), $url);
}
// move down the list
if ($key < (count($authsenabled) - 1)) {
$fsave = $authsenabled[$key];
$authsenabled[$key] = $authsenabled[$key + 1];
$authsenabled[$key + 1] = $fsave;
set_config('auth_plugins_enabled', implode(',', $authsenabled));
set_config('auth', implode(',', $authsenabled));
}
break;
case 'up':
$key = array_search($params->auth, $authsenabled);
$key = array_search($auth, $authsenabled);
// check auth is valid
if ($key === false) {
error(get_string('pluginnotenabled', 'auth', $params->auth), $url);
error(get_string('pluginnotenabled', 'auth', $auth), $url);
}
// move up the list
if ($key >= 1) {
$fsave = $authsenabled[$key];
$authsenabled[$key] = $authsenabled[$key - 1];
$authsenabled[$key - 1] = $fsave;
set_config('auth_plugins_enabled', implode(',', $authsenabled));
set_config('auth', implode(',', $authsenabled));
}
break;
case 'save':
// save settings
set_config('auth_plugins_enabled', implode(',', $authsenabled));
set_config('auth', $authsenabled[0]);
redirect("auth.php?sesskey=$USER->sesskey", get_string('changessaved'), 1);
break;
default:
break;
@ -132,22 +143,24 @@ $txt->updown = "$txt->up/$txt->down";
// construct the display array, with enabled auth plugins at the top, in order
$displayauths = array();
$registrationauths = array();
$registrationauths['manual'] = $txt->disable;
$registrationauths[''] = $txt->disable;
foreach ($authsenabled as $auth) {
$displayauths[$auth] = get_string("auth_{$auth}title", 'auth');
$authplugin = get_auth_plugin($auth);
$displayauths[$auth] = get_string("auth_{$auth}title", 'auth');
if (method_exists($authplugin, 'user_signup')) {
$registrationauths[$auth] = get_string("auth_{$auth}title", 'auth');
}
}
}
foreach ($authsavailable as $auth) {
if (!array_key_exists($auth, $displayauths)) {
$displayauths[$auth] = get_string("auth_{$auth}title", 'auth');
if (array_key_exists($auth, $displayauths)) {
continue; //already in the list
}
$authplugin = get_auth_plugin($auth);
$displayauths[$auth] = get_string("auth_{$auth}title", 'auth');
if (method_exists($authplugin, 'user_signup')) {
$registrationauths[$auth] = get_string("auth_{$auth}title", 'auth');
}
}
}
// build the display table
@ -164,11 +177,23 @@ $table->set_attribute('style', 'margin:auto;');
$table->set_attribute('cellpadding', '5');
$table->setup();
//add always enabled plugins first
$displayname = "<span>".$displayauths['manual']."</span>";
$settings = "<a href=\"auth_config.php?sesskey={$USER->sesskey}&amp;auth=manual\">{$txt->settings}</a>";
$table->add_data(array($displayname, '', '', $settings));
$displayname = "<span>".$displayauths['nologin']."</span>";
$settings = "<a href=\"auth_config.php?sesskey={$USER->sesskey}&amp;auth=nologin\">{$txt->settings}</a>";
$table->add_data(array($displayname, '', '', $settings));
// iterate through auth plugins and add to the display table
$updowncount = 1;
$authcount = count($authsenabled);
$url = "auth.php?sesskey=" . sesskey();
foreach ($displayauths as $auth => $name) {
if ($auth == 'manual' or $auth == 'nologin') {
continue;
}
// hide/show link
if (in_array($auth, $authsenabled)) {
$hideshow = "<a href=\"$url&amp;action=disable&amp;auth=$auth\">";
@ -204,7 +229,7 @@ foreach ($displayauths as $auth => $name) {
}
++ $updowncount;
}
// settings link
$settings = "<a href=\"auth_config.php?sesskey={$USER->sesskey}&amp;auth=$auth\">{$txt->settings}</a>";
@ -214,28 +239,38 @@ foreach ($displayauths as $auth => $name) {
// output form
admin_externalpage_print_header($adminroot);
//print stus messages
if ($status !== '') {
notify($status, 'notifysuccess');
}
print_simple_box(get_string('configauthenticationplugins', 'admin'), 'center', '700');
echo "<form $CFG->frametarget id=\"authmenu\" method=\"post\" action=\"auth.php\">";
echo "<fieldset class=\"invisiblefieldset\"><input type=\"hidden\" name=\"sesskey\" value=\"".$USER->sesskey."\" /></fieldset>";
print_table($table);
////////////////////////////////////////////////////////////////////////////////
$guestoptions = array();
$guestoptions[0] = get_string("hide");
$guestoptions[1] = get_string("show");
echo '<hr />';
print_heading(get_string('auth_common_settings', 'auth'));
echo '<form '.$CFG->frametarget.' id="authmenu" method="post" action="auth.php">';
echo '<fieldset class="invisiblefieldset"><input type="hidden" name="sesskey" value="'.sesskey().'" />';
echo '<input type="hidden" name="action" value="save" /></fieldset>';
echo '<table cellspacing="0" cellpadding="5" border="0" style="margin-left:auto;margin-right:auto">';
// User self registration
echo "<tr valign=\"top\">\n";
echo "<td align=\"right\" style=\"white-space:nowrap\">\n";
echo "<td align=\"right\" style=\"white-space:nowrap\">\n<label for=\"menuregister\">";
print_string("selfregistration", "auth");
echo ":</td>\n";
echo "</label></td>\n";
echo "<td>\n";
choose_from_menu($registrationauths, "register", $CFG->auth, "");
choose_from_menu($registrationauths, "register", $CFG->registerauth, "");
echo "</td>\n";
echo "<td>\n";
print_string("selfregistration_help", "auth");
@ -243,9 +278,9 @@ echo "</td></tr>\n";
// Login as guest button enabled
echo "<tr valign=\"top\">\n";
echo "<td style=\"white-space:nowrap;text-align:right\">\n";
echo "<td style=\"white-space:nowrap;text-align:right\">\n<label for=\"menuguestloginbutton\">";
print_string("guestloginbutton", "auth");
echo ":</td>\n";
echo "</label></td>\n";
echo "<td>\n";
choose_from_menu($guestoptions, "guestloginbutton", $CFG->guestloginbutton, "");
echo "</td>\n";
@ -256,22 +291,33 @@ echo "</td></tr>\n";
/// An alternate url for the login form. It means we can use login forms that are integrated
/// into non-moodle pages
echo "<tr valign=\"top\">\n";
echo "<td align=\"right\" style=\"white-space:nowrap\">\n";
echo "<td align=\"right\" style=\"white-space:nowrap\">\n<label for=\"alternateloginurl\">";
print_string('alternateloginurl', 'auth');
echo "</td>\n";
echo "</label></td>\n";
echo "<td>\n";
echo '<input type="text" size="40" name="alternateloginurl" alt="'.get_string('alternateloginurl', 'auth').'" value="'.$CFG->alternateloginurl."\" />\n";
echo '<input type="text" size="40" name="alternateloginurl" id="alternateloginurl" value="'.$CFG->alternateloginurl."\" />\n";
echo "</td>\n";
echo "<td>\n";
print_string('alternatelogin', 'auth', htmlspecialchars($CFG->wwwroot.'/login/index.php'));
echo "</td>\n";
echo "</tr>\n";
echo "<tr valign=\"top\">\n";
echo "<td align=\"right\" style=\"white-space:nowrap\">\n<label for=\"auth_instructions\">";
print_string('instructions', 'auth');
echo "</label></td>\n";
echo "<td>\n";
echo '<textarea cols="30" rows="4" name="auth_instructions" id="auth_instructions">'.s($CFG->auth_instructions)."</textarea>\n";
echo "</td>\n";
echo "<td>\n";
print_string('authinstructions', 'auth');
echo "</td>\n";
echo "</tr>\n";
echo "</table>\n";
////////////////////////////////////////////////////////////////////////////////
echo '<div style="text-align:center"><input type="submit" value="'.get_string('savechanges').'" /></div>';
echo '</form>';
admin_externalpage_print_footer($adminroot);

38
admin/auth_config.php
View File

@ -2,13 +2,13 @@
/**
* Edit configuration for an individual auth plugin
*/
require_once '../config.php';
require_once $CFG->libdir.'/adminlib.php';
$adminroot = admin_get_root();
admin_externalpage_setup('userauthentication', $adminroot);
$auth = optional_param('auth', '', PARAM_SAFEDIR);
$auth = required_param('auth', PARAM_SAFEDIR);
$authplugin = get_auth_plugin($auth);
$err = array();
@ -33,19 +33,19 @@ if ($frm = data_submitted()) {
if (preg_match('/^lockconfig_(.+?)$/', $name, $matches)) {
$plugin = "auth/$auth";
$name = $matches[1];
if (!set_config($name, $value, $plugin)) {
notify("Problem saving config $name as $value for plugin $plugin");
if (!set_config($name, $value, $plugin)) {
error("Problem saving config $name as $value for plugin $plugin");
}
}
}
redirect("auth.php?sesskey=$USER->sesskey", get_string("changessaved"), 1);
redirect("auth.php?sesskey=$USER->sesskey");
exit;
}
} else {
foreach ($err as $key => $value) {
$focus = "form.$key";
}
}
}
} else {
$frm = get_config("auth/$auth");
}
@ -73,7 +73,7 @@ print_simple_box_start('center', '60%', '', 5, 'informationbox');
print_string("auth_{$auth}description", 'auth');
print_simple_box_end();
echo "<hr />\n";
$authplugin->config_form($frm, $err);
$authplugin->config_form($frm, $err, $user_fields);
print_simple_box_end();
echo '<center><p><input type="submit" value="' . get_string("savechanges") . "\" /></p></center>\n";
echo "</form>\n";
@ -86,7 +86,7 @@ exit;
// Good enough for most auth plugins
// but some may want a custom one if they are offering
// other options
// Note: lockconfig_ fields have special handling.
// Note: lockconfig_ fields have special handling.
function print_auth_lock_options ($auth, $user_fields, $helptext, $retrieveopts, $updateopts) {
echo '<tr><td colspan="3">';
@ -104,7 +104,7 @@ function print_auth_lock_options ($auth, $user_fields, $helptext, $retrieveopts,
'onlogin' => get_string('update_onlogin', 'auth'));
$updateextoptions = array('0' => get_string('update_never', 'auth'),
'1' => get_string('update_onupdate', 'auth'));
$pluginconfig = get_config("auth/$auth");
// helptext is on a field with rowspan
@ -138,30 +138,32 @@ function print_auth_lock_options ($auth, $user_fields, $helptext, $retrieveopts,
$fieldname = get_string($fieldname);
}
echo '<tr valign="top"><td align="right">';
echo $fieldname;
echo '</td><td>';
if ($retrieveopts) {
$varname = 'field_map_' . $field;
echo "<input name=\"lockconfig_{$varname}\" type=\"text\" size=\"30\" value=\"{$pluginconfig->$varname}\" />";
echo '<tr valign="top"><td align="right">';
echo '<label for="lockconfig_'.$varname.'">'.$fieldname.'</label>';
echo '</td><td>';
echo "<input id=\"lockconfig_{$varname}\" name=\"lockconfig_{$varname}\" type=\"text\" size=\"30\" value=\"{$pluginconfig->$varname}\" />";
echo '<div align="right">';
echo get_string('auth_updatelocal', 'auth') . '&nbsp;&nbsp;';
echo '<label for="menulockconfig_field_updatelocal_'.$field.'">'.get_string('auth_updatelocal', 'auth') . '</label>&nbsp;';
choose_from_menu($updatelocaloptions, "lockconfig_field_updatelocal_{$field}", $pluginconfig->{"field_updatelocal_$field"}, "");
echo '<br />';
if ($updateopts) {
echo get_string('auth_updateremote', 'auth') . '&nbsp;&nbsp;';
'&nbsp;&nbsp;';
echo '<label for="menulockconfig_field_updateremote_'.$field.'">'.get_string('auth_updateremote', 'auth') . '</label>&nbsp;';
choose_from_menu($updateextoptions, "lockconfig_field_updateremote_{$field}", $pluginconfig->{"field_updateremote_$field"}, "");
echo '<br />';
}
echo get_string('auth_fieldlock', 'auth') . '&nbsp;&nbsp;';
echo '<label for="menulockconfig_field_lock_'.$field.'">'.get_string('auth_fieldlock', 'auth') . '</label>&nbsp;';
choose_from_menu($lockoptions, "lockconfig_field_lock_{$field}", $pluginconfig->{"field_lock_$field"}, "");
echo '</div>';
} else {
echo '<tr valign="top"><td align="right">';
echo '<label for="menulockconfig_field_lock_'.$field.'">'.$fieldname.'</label>';
echo '</td><td>';
choose_from_menu($lockoptions, "lockconfig_field_lock_{$field}", $pluginconfig->{"field_lock_$field"}, "");
}
echo '</td>';

6
admin/cron.php
View File

@ -307,8 +307,10 @@
}
/// Run the auth cron, if any
if (!($auths = explode(',', $CFG->auth_plugins_enabled))) {
$auths = array($user->auth);
if (empty($CFG->auth)) {
$auths = array();
} else {
$auths = explode(',', $CFG->auth); // only for enabled ones (without manual and nologin)
}
mtrace("Running auth crons if required...");
foreach ($auths as $auth) {

10
admin/mnet/access_control.php
View File

@ -127,15 +127,11 @@ $warn = '';
if (empty($CFG->mnet_dispatcher_mode) || $CFG->mnet_dispatcher_mode !== 'strict') {
$warn = '<p>' . get_string('mnetdisabled','mnet') .'</p>';
}
if (empty($CFG->auth_plugins_enabled)) {
if (!is_enabled_auth('mnet')) {
$warn .= '<p>' . get_string('authmnetdisabled','mnet').'</p>';
} else {
$auths = explode(',', $CFG->auth_plugins_enabled);
if (!in_array('mnet', $auths)) {
$warn .= '<p>' . get_string('authmnetdisabled','mnet').'</p>';
}
unset($auths);
}
if (get_config('auth/mnet', 'auto_add_remote_users') != true) {
$warn .= '<p>' . get_string('authmnetautoadddisabled','mnet').'</p>';
}

11
admin/user.php
View File

@ -104,12 +104,13 @@
admin_externalpage_print_footer($adminroot);
die;
} else if (data_submitted() and !$user->deleted) {
//following code is also used in auth sync scripts
$updateuser = new object();
$updateuser->id = $user->id;
$updateuser->deleted = 1;
$updateuser->username = addslashes("$user->email.".time()); // Remember it just in case
$updateuser->email = ''; // Clear this field to free it up
$updateuser->idnumber = ''; // Clear this field to free it up
$updateuser->id = $user->id;
$updateuser->deleted = 1;
$updateuser->username = addslashes("$user->email.".time()); // Remember it just in case
$updateuser->email = ''; // Clear this field to free it up
$updateuser->idnumber = ''; // Clear this field to free it up
$updateuser->timemodified = time();
if (update_record('user', $updateuser)) {
// not sure if this is needed. unenrol_student($user->id); // From all courses

14
backup/restorelib.php
View File

@ -1561,14 +1561,14 @@
//We need to analyse the AUTH field to recode it:
// - if the field isn't set, we are in a pre 1.4 backup and we'll
// use $CFG->auth
// - if the destination site has any kind of INTERNAL authentication,
// then apply it to the new user.
// - if the destination site has any kind of EXTERNAL authentication,
// then leave the original authentication of the user.
// use manual
if ((! isset($user->auth)) || is_internal_auth($CFG->auth)) {
$user->auth = $CFG->auth;
if (empty($user->auth)) {
if ($CFG->registerauth == 'email') {
$user->auth = 'email';
} else {
$user->auth = 'manual';
}
}
//We need to process the POLICYAGREED field to recalculate it:

15
blocks/login/block_login.php
View File

@ -26,14 +26,15 @@ class block_login extends block_base {
// in unencrypted connection...
$wwwroot = str_replace("http://", "https://", $CFG->wwwroot);
}
$authplugin = get_auth_plugin($CFG->auth);
if (method_exists($authplugin, 'user_signup')) {
$signup = $wwwroot . '/login/signup.php';
}
if ($authplugin->can_change_password()) {
$forgot = $wwwroot . '/login/forgot_password.php';
if (!empty($CFG->registerauth)) {
$authplugin = get_auth_plugin($CFG->registerauth);
if (method_exists($authplugin, 'user_signup')) {
$signup = $wwwroot . '/login/signup.php';
}
}
// TODO: now that we have multiauth it is hard to find out if there is a way to change password
$forgot = $wwwroot . '/login/forgot_password.php';
$username = get_moodle_cookie() === 'nobody' ? '' : get_moodle_cookie();