Merge branch 'MDL-58774-master' of git://github.com/damyon/moodle

2025-01-18 22:08:20 +01:00 · 2017-05-10 10:43:58 +08:00 · 2017-05-10 10:43:58 +08:00 · 396ae85082
commit 396ae85082
parent 675ffb4d05 4f705f5d0d
5 changed files with 63 additions and 6 deletions
--- a/auth/oauth2/classes/api.php
+++ b/auth/oauth2/classes/api.php
@ -105,6 +105,10 @@ class api {
            $userid = $USER->id;
        }

+        if (linked_login::count_records(['username' => $userinfo['username']]) > 0) {
+            throw new moodle_exception('alreadylinked', 'auth_oauth2');
+        }
+
        if (\core\session\manager::is_loggedinas()) {
            throw new moodle_exception('notwhileloggedinas', 'auth_oauth2');
        }
@ -144,9 +148,8 @@ class api {
        $record->issuerid = $issuer->get('id');
        $record->username = $userinfo['username'];
        $record->userid = $userid;
-        $existing = linked_login::get_record((array)$record);
-        if ($existing) {
-            return false;
+        if (linked_login::count_records(['username' => $userinfo['username']]) > 0) {
+            throw new moodle_exception('alreadylinked', 'auth_oauth2');
        }
        $record->email = $userinfo['email'];
        $record->confirmtoken = random_string(32);
@ -239,6 +242,10 @@ class api {
        require_once($CFG->dirroot.'/user/profile/lib.php');
        require_once($CFG->dirroot.'/user/lib.php');

+        if (linked_login::count_records(['username' => $userinfo['username']]) > 0) {
+            throw new moodle_exception('alreadylinked', 'auth_oauth2');
+        }
+
        $user = new stdClass();
        $user->username = $userinfo['username'];
        $user->email = $userinfo['email'];
@ -319,4 +326,18 @@ class api {

        $login->delete();
    }
+
+    /**
+     * Delete linked logins for a user.
+     *
+     * @param \core\event\user_deleted $event
+     * @return boolean
+     */
+    public static function user_deleted(\core\event\user_deleted $event) {
+        global $DB;
+
+        $userid = $event->objectid;
+
+        return $DB->delete_records(linked_login::TABLE, ['userid' => $userid]);
+    }
 }
--- a/auth/oauth2/db/events.php
+++ b/auth/oauth2/db/events.php
@ -0,0 +1,31 @@
+<?php
+// This file is part of Moodle - http://moodle.org/
+//
+// Moodle is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Moodle is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
+
+/**
+ * This file definies observers needed by the plugin.
+ *
+ * @package    auth_oauth2
+ * @copyright  2017 Damyon Wiese
+ * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+
+// List of observers.
+$observers = [
+    [
+        'eventname'   => '\core\event\user_deleted',
+        'callback'    => '\auth_oauth2\api::user_deleted',
+    ],
+];
--- a/auth/oauth2/lang/en/auth_oauth2.php
+++ b/auth/oauth2/lang/en/auth_oauth2.php
@ -83,3 +83,4 @@ $string['notwhileloggedinas'] = 'Linked logins cannot be managed while logged in
 $string['oauth2:managelinkedlogins'] = 'Manage own linked login accounts';
 $string['plugindescription'] = 'This authentication plugin displays a list of the configured identity providers on the login page. Selecting an identity provider allows users to login with their credentials from an OAuth 2 provider.';
 $string['pluginname'] = 'OAuth 2';
+$string['alreadylinked'] = 'This external account is already linked to an account on this site';
--- a/auth/oauth2/linkedlogins.php
+++ b/auth/oauth2/linkedlogins.php
@ -58,8 +58,12 @@ if ($action == 'new') {
    $userinfo = $client->get_userinfo();

    if (!empty($userinfo)) {
-        \auth_oauth2\api::link_login($userinfo, $issuer);
-        redirect($PAGE->url, get_string('changessaved'), null, \core\output\notification::NOTIFY_SUCCESS);
+        try {
+            \auth_oauth2\api::link_login($userinfo, $issuer);
+            redirect($PAGE->url, get_string('changessaved'), null, \core\output\notification::NOTIFY_SUCCESS);
+        } catch (Exception $e) {
+            redirect($PAGE->url, $e->getMessage(), null, \core\output\notification::NOTIFY_ERROR);
+        }
    } else {
        redirect($PAGE->url, get_string('notloggedin', 'auth_oauth2'), null, \core\output\notification::NOTIFY_ERROR);
    }
--- a/auth/oauth2/version.php
+++ b/auth/oauth2/version.php
@ -24,6 +24,6 @@

 defined('MOODLE_INTERNAL') || die();

-$plugin->version   = 2017051500;        // The current plugin version (Date: YYYYMMDDXX).
+$plugin->version   = 2017051501;        // The current plugin version (Date: YYYYMMDDXX).
 $plugin->requires  = 2017050500;        // Requires this Moodle version.
 $plugin->component = 'auth_oauth2';       // Full name of the plugin (used for diagnostics).