+ Raise a warning if the auth_ldap_get_entries for one user record
returns more than one record (!?)
+ Resolved some subtle bugs when updating a remote LDAP repo from user
updates. The logic is now simpler too.
+ Simplified the code that compares old/new values
Merged from MOODLE_15_STABLE
* Extended set_config()
* Implemented get_config() which takes over $CFG loading in setup.php
* admin/auth.php has special handling if post vars starting in pluginconfig_
* admin/auth.php print_auth_lock_options() prints a form fragment -- being called from most plugins now
* user/edit.php follows the new convention when locking down fields, both javascript UI and on POST.
* admin/auth: More solid checking for auth GET/POST var.
* admin/auth: print_auth_lock_options() now handles user field mapping options for LDAP and similar modules
* admin/auth: user mapping options have moved to config_plugins table
* auth/ldap module has migrated to using new field mapping vars -- simplified config.html a lot
* auth settings migration to config_plugins
Bugfix - value truncation to fit Moodle database
- Added truncate_userinfo() to cleanup data coming from external auth
- Fixed auth_user_create() to truncate user info as appropriate
Auth_ldap_user_sync
- created external script that calls the function
- much faster update strategy on postgres and mysql: auth_sync_users now to uses bulk inserts into a temp table, and then use LEFT JOINs and plain old SELECTs to determine what users it has to insert.
- we now loop over smaller sets of data -- we are still memory-bound, but (a) it'll be easy to use LIMIT to manage that and (b) memory use is much lower now in all cases.
- postgres: phased commits in auth_user_sync() for the batch user upload phase
- Several feature and performance enhancements:
- if a value is removed from ldap, it will be cleared from moodle
- no-op updates (where the data does not change) are skipped
- if a user disappears and then reappears in LDAP in two separate calls to auth_user_sync(),the account will be marked deleted and then be revived. before, the account would have been deleted and created anew.
Multi-source ldap values:
The LDAP auth module now accepts a comma separated set of LDAP field names. When creating or updating a user record, auth/ldap will retrieve all the relevant fields. The right-most values overwrites all the others.
This is particularly useful when updating the user's email address from an LDAP source, which may contain the email address in one of several fields (traditionally: mail, mailForwardingAddress, mailAlternateAddress).
If a value is updated and is set to update external auth and this field is using this multi-source ldap configuration, the auth/ldap module will retrieve the old value, find which field it was sourced from, and update that field in LDAP. If it fails to find the original source of the value, it will log it in error_log.
Log of patchsets applied:
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-131
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-137
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-139
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-172
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-173
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-189
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-190
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-208
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-212
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-216
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-279
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-282
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-287
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-294
