mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-18 22:08:20 +01:00
Code Issues Projects Releases Wiki Activity
84,942 Commits 36 Branches 519 Tags
Commit Graph

54 Commits

Author SHA1 Message Date
Simey Lameze
92c8cb9d98 MDL-59275 auth: prevent user login failed coding error 2017-06-27 13:04:02 +08:00
Jun Pataleta
e037a6a126 Merge branch 'MDL-59012-master-linkurl' of git://github.com/mudrd8mz/moodle 2017-06-14 12:32:03 +01:00
Jun Pataleta
1ff50be21f Merge branch 'MDL-58908-master' of git://github.com/damyon/moodle 2017-06-06 17:15:41 +08:00
David Mudrák
97cc7e0969 MDL-59012 auth_oauth2: Do not escape URL in plain text emails 2017-05-23 13:28:27 +02:00
Eloy Lafuente (stronk7)
5e27228335 MDL-58933 upgrade: add 3.3.0 separation line to all upgrade scripts 2017-05-19 19:22:07 +02:00
David Monllao
56fb39316f MDL-58905 auth_oauth2: Return if no issuers allow login 2017-05-12 14:52:07 +08:00
David Monllao
ac8a0c4077 MDL-58905 auth_oauth2: Add plugin enabled checkings 2017-05-12 14:36:01 +08:00
David Monllao
011591a148 MDL-58905 auth_oauth2: No linked accounts if the plugin is not enabled 2017-05-12 14:36:01 +08:00
Andrew Nicols
2c69d24037 Merge branch 'MDL-58898-master' of https://github.com/xow/moodle 2017-05-12 12:32:23 +08:00
John Okely
081aad9986 MDL-58898 oauth: Cover orphaned linked logins in unit tests 2017-05-12 12:26:39 +08:00
John Okely
4c8727bad6 MDL-58898 oauth: Remove orphaned linked logins 2017-05-12 12:18:17 +08:00
Jun Pataleta
0e01f68e3c Merge branch 'MDL-58899-master' of https://github.com/snake/moodle 2017-05-12 12:00:52 +08:00
Jake Dallimore
5ffe41b6c5 MDL-58899 auth: improve lang strings for confirmation failures in oauth 2017-05-12 11:45:36 +08:00
Damyon Wiese
95e13556df MDL-58908 auth_oauth2: Don't kill gravatar 
If gravatar is enabled, don't update profile pictures.
 2017-05-12 11:43:47 +08:00
Andrew Nicols
95dd5e3bd6 MDL-58774 auth_oauth2: Only check unexpired accounts for same issuer 
It shoudl be possible to link multiple OAuth2 sources which have the
same e-mail address to an account.

This patch makes the check for an existing linked account stricter so
that it only checks for linked account records which match the same
issuer, and which do not have expired confirmation tokens.
 2017-05-12 09:44:48 +08:00
Dan Poltawski
e838654b4e Merge branch 'MDL-58877-master-enfix' of git://github.com/mudrd8mz/moodle 2017-05-10 12:01:08 +01:00
Helen Foster
0d86195e8d MDL-58877 lang: Merge English strings from the en_fix language pack 
Significant string changes:

* loginerror_cannotcreateaccounts in auth_oauth2 - more understandable
  error message
* config_keep_groups_and_groupings and config_keep_roles_and_enrolments
  in core_backup - switch fix
 2017-05-10 12:24:36 +02:00
David Monllao
396ae85082 Merge branch 'MDL-58774-master' of git://github.com/damyon/moodle 2017-05-10 10:43:58 +08:00
Damyon Wiese
4f705f5d0d MDL-58774 auth_oauth2: Prevent duplicate linked logins 2017-05-10 10:17:56 +08:00
Eloy Lafuente (stronk7)
d989ee1e03 MDL-58853 versions: bump all versions and requires near release 
version = 2017051500 release version
requires= 2017050500 current rc1 version
 2017-05-09 02:58:28 +02:00
David Mudrák
9f29e45e15 MDL-58793 auth: Fix invalid access to $this in settings.php files 
It has never been guaranteed that settings.php would always be included
from inside the core\plugininfo\auth::load_settings() scope only.
Alternative fix would be to use $plugininfo->name but I think it is
better to be explicit here (same as we are explicit with setting names,
strings etc).
 2017-05-08 11:47:29 +02:00
Damyon Wiese
e0abc2e405 MDL-58774 auth_oauth2: Cleanup on user delete. 2017-05-08 14:26:44 +08:00
Helen Foster
06d0aa4432 MDL-58749 lang: Merge English strings from the en_fix language pack 
Significant string changes:

* errorinvalidbyhour,core_calendar - correcting number from 59 to 23
* cron_help,core_admin - updated recommendation to run cron every minute
* tour1_content_end, tour1_content_welcome, tour2_content_end,
  tour2_content_welcome all in tool_usertours - removing reference to
  3.2
* invalidsesskey,core_error and invalidsesskey,mod_wiki - more
  understandable error message
* pluginname_help and pluginnamesummary in qtype_essay - explaining that
  the question type can be used for file uploads
* formatnoinline, mustattach and mustrequire in qtype_essay - changing
  the word 'inline' to 'online'
 2017-05-03 22:05:51 +02:00
David Mudrák
1cb5c7b31f MDL-58631 auth: Clarify documentation of changes in loginpage_idp_list() 
This should clarify the new 'iconurl' key returned by the auth plugin's
loginpage_idp_list() method.
 2017-04-18 17:00:40 +02:00
David Monllao
bb17eafab0 Merge branch 'MDL-58478-master' of git://github.com/damyon/moodle 2017-04-17 14:44:39 +02:00
Jun Pataleta
7e4a4d30df NOBUG: Fixed file access permissions 2017-04-07 12:45:45 +08:00
Damyon Wiese
340659cc29 MDL-58220 auth_oauth2: Linked logins only 4U 
You can only manage your own linked logins - never anyone elses.
 2017-04-06 16:06:12 +08:00
Damyon Wiese
427fa27cf4 MDL-58220 auth_oauth2: Fix login domains 
The login domains were checking the email of the moodle account, not the returned
email from oauth. Also after a failure, it was not killing the oauth session, which
prevents you trying again with a different account.
 2017-04-06 11:35:02 +08:00
Damyon Wiese
0eb4c06645 MDL-58220 oauth2: Fix account linking 
The username passed to the confirm account link request is the oauth username,
which may be different to the moodle username so can't be used to look up the user record.
 2017-04-06 10:41:46 +08:00
Damyon Wiese
f331513347 MDL-58220 auth_oauth2: Fix for login via linked login 
This was broken by the refactoring to always link logins. Some of the static
variables could also be removed but I'll do that in a later issue to keep this patch small.
 2017-04-05 15:55:53 +08:00
Damyon Wiese
a647e7d762 MDL-58220 oauth2: missing param confirmtokenexpires 2017-04-05 14:42:22 +08:00
Damyon Wiese
6cee96c8af MDL-58220 oauth2: obey $CFG->authpreventaccountcreation 2017-04-05 12:52:32 +08:00
Damyon Wiese
46d5582ec9 MDL-58478 oauth2: Use real admin settings 
This is an upgrade to real admin settings to comply with MDL-12689
 2017-04-04 14:37:13 +08:00
Damyon Wiese
7b9f5b9986 MDL-58220 oauth2: Cleanup on user delete 
Delete the linked logins for this user account when it is deleted.
 2017-04-03 13:43:27 +08:00
Damyon Wiese
512e681a3b MDL-58220 oauth2: Don't login as deleted users 
Also prevent sesskey error on first page of new logins.
 2017-04-03 13:43:27 +08:00
Damyon Wiese
7f15866006 MDL-58220 oauth2: Use email as default username 
And give better error messages.
 2017-04-03 13:43:27 +08:00
Damyon Wiese
c45d4b6a73 MDL-58220 oauth2: Change $OUTPUT to $this 2017-04-03 13:43:26 +08:00
Damyon Wiese
5b0b35c096 MDL-58220 oauth2: Add is_configured to issuer 
Saves repeated checks for clientid and clientsecret.
 2017-04-03 13:43:25 +08:00
Damyon Wiese
5aa0f0ae48 MDl-58220 auth_oauth2: Skip upgrade for new plugin 2017-04-03 13:43:25 +08:00
Damyon Wiese
ae596d4a54 MDL-58220 auth_oauth2: Remove allow linked logins 
This was already removed - I just missed some spots.
 2017-04-03 13:43:25 +08:00
Damyon Wiese
bfc60d386d MDL-58220 auth_oauth: return false for non-oauth 
Always return false for non-oauth logins.
 2017-04-03 13:43:25 +08:00
Damyon Wiese
13b449f4a5 MDL-58220 oauth2: cibot cleanups 2017-04-03 13:43:25 +08:00
Damyon Wiese
28b592d5a6 MDL-58338 oauth2: Force email confirmation 
New accounts and linking a login to an existing account MUST go through email verification.
We cannot trust the emails we get from oauth providers have been confirmed.

Part of MDL-58220
 2017-04-03 13:43:25 +08:00
Damyon Wiese
c21a66e40a MDL-58220 auth_oauth2: Restrict logins to a set of domains 
This is set on the issuer, so you can have different lists for each oauth2 provider.
 2017-04-03 13:43:25 +08:00
Damyon Wiese
979d1f66dd MDL-58220 auth_oauth2: Fix new account creation 
This was not allowing new accounts to be registered.
 2017-04-03 13:41:19 +08:00
Damyon Wiese
eca128bf47 MDL-58220 oauth2: Global enable/disable for issuers. 2017-04-03 13:41:19 +08:00
Damyon Wiese
72fd103add MDL-58219 cibot: Fixes 
Fixes for cibot warnings.

Part of MDL-58220
 2017-04-03 13:41:19 +08:00
Damyon Wiese
28dddbc129 MDL-58219 oauth2: Show connected system account info 
Show the username and email of the connected system account (if it ever requires refreshing - this will help identity the account
to re-authorise).

Part of MDL-58220
 2017-04-03 13:41:18 +08:00
Damyon Wiese
1dca8d1a1d MDL-58168 auth_oauth2: Allow linking other accounts 
Part of MDL-58220
 2017-04-03 13:40:13 +08:00
Damyon Wiese
0e59638bdb MDL-58126 googledocs: Re-implement the google docs repo 
Use latest REST API (v3) - but avoid the google client libraries
(too big, too much to update, not integrated with auth).

Part of MDL-58220
 2017-04-03 13:40:13 +08:00