From 8c2b696bf75b6c64434a15be0054b5b14f456c33 Mon Sep 17 00:00:00 2001
From: Cameron Ball <cameron@moodle.com>
Date: Tue, 31 May 2016 17:56:33 +0800
Subject: [PATCH] MDL-35104 auth: Don't allow modification of username

Presently it is either unreliable, or not possible to change
the username of a user created with an authentication plugin.
In some cases it is even hard coded to fail. Ideally we would
sync the username, and the issue MDL-21928 exists to address
that. However, in the mean time we should not allow the
username of an external user to be modified.
---
 lang/en/auth.php           |  2 ++
 user/editadvanced_form.php | 16 ++++++++++++----
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/lang/en/auth.php b/lang/en/auth.php
index 0acd0b37db7..f540be787c2 100644
--- a/lang/en/auth.php
+++ b/lang/en/auth.php
@@ -155,3 +155,5 @@ $string['update_onlogin'] = 'On every login';
 $string['update_onupdate'] = 'On update';
 $string['user_activatenotsupportusertype'] = 'auth: ldap user_activate() does not support selected usertype: {$a}';
 $string['user_disablenotsupportusertype'] = 'auth: ldap user_disable() does not support selected usertype (..yet)';
+$string['username'] = 'Username';
+$string['username_help'] = 'Please be aware that some authentication plugins will not allow you to change the username.';
diff --git a/user/editadvanced_form.php b/user/editadvanced_form.php
index e12b7fdb157..69a9e255a76 100644
--- a/user/editadvanced_form.php
+++ b/user/editadvanced_form.php
@@ -67,17 +67,19 @@ class user_editadvanced_form extends moodleform {
         // Print the required moodle fields first.
         $mform->addElement('header', 'moodle', $strgeneral);
 
-        $mform->addElement('text', 'username', get_string('username'), 'size="20"');
-        $mform->addRule('username', $strrequired, 'required', null, 'client');
-        $mform->setType('username', core_user::get_property_type('username'));
-
         $auths = core_component::get_plugin_list('auth');
         $enabled = get_string('pluginenabled', 'core_plugin');
         $disabled = get_string('plugindisabled', 'core_plugin');
         $authoptions = array($enabled => array(), $disabled => array());
         $cannotchangepass = array();
+        $cannotchangeusername = array();
         foreach ($auths as $auth => $unused) {
             $authinst = get_auth_plugin($auth);
+
+            if (!$authinst->is_internal()) {
+                $cannotchangeusername[] = $auth;
+            }
+
             $passwordurl = $authinst->change_password_url();
             if (!($authinst->can_change_password() && empty($passwordurl))) {
                 if ($userid < 1 and $authinst->is_internal()) {
@@ -93,6 +95,12 @@ class user_editadvanced_form extends moodleform {
                 $authoptions[$disabled][$auth] = get_string('pluginname', "auth_{$auth}");
             }
         }
+
+        $mform->addElement('text', 'username', get_string('username'), 'size="20"');
+        $mform->addHelpButton('username', 'username', 'auth');
+        $mform->setType('username', core_user::get_property_type('username'));
+        $mform->disabledIf('username', 'auth', 'in', $cannotchangeusername);
+
         $mform->addElement('selectgroups', 'auth', get_string('chooseauthmethod', 'auth'), $authoptions);
         $mform->addHelpButton('auth', 'chooseauthmethod', 'auth');