Bugfix - value truncation to fit Moodle database
- Added truncate_userinfo() to cleanup data coming from external auth
- Fixed auth_user_create() to truncate user info as appropriate
Auth_ldap_user_sync
- created external script that calls the function
- much faster update strategy on postgres and mysql: auth_sync_users now to uses bulk inserts into a temp table, and then use LEFT JOINs and plain old SELECTs to determine what users it has to insert.
- we now loop over smaller sets of data -- we are still memory-bound, but (a) it'll be easy to use LIMIT to manage that and (b) memory use is much lower now in all cases.
- postgres: phased commits in auth_user_sync() for the batch user upload phase
- Several feature and performance enhancements:
- if a value is removed from ldap, it will be cleared from moodle
- no-op updates (where the data does not change) are skipped
- if a user disappears and then reappears in LDAP in two separate calls to auth_user_sync(),the account will be marked deleted and then be revived. before, the account would have been deleted and created anew.
Multi-source ldap values:
The LDAP auth module now accepts a comma separated set of LDAP field names. When creating or updating a user record, auth/ldap will retrieve all the relevant fields. The right-most values overwrites all the others.
This is particularly useful when updating the user's email address from an LDAP source, which may contain the email address in one of several fields (traditionally: mail, mailForwardingAddress, mailAlternateAddress).
If a value is updated and is set to update external auth and this field is using this multi-source ldap configuration, the auth/ldap module will retrieve the old value, find which field it was sourced from, and update that field in LDAP. If it fails to find the original source of the value, it will log it in error_log.
Log of patchsets applied:
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-131
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-137
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-139
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-172
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-173
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-189
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-190
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-208
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-212
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-216
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-279
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-282
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-287
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-294
for user field locking and forcing of password changing
- Locked user fields always apply (for any authentication method).
Currently these can only be defined in the LDAP auth screen
but later these can be brought out as part of the generic
interface for defining user fields and their behaviour.
- Fields are now locked using Javascript and will work for any
user fields that exist (list is not hard coded anymore).
- Admins can always edit locked fields.
- Admins can always force a password change. The checkbox reflects
the current status of this, and the admin can UNSET the checkbox
if they want. It is no longer necessary for the admin to change
the old password for this to take effect, either.
These patches are maintained in an publicly accessible Arch repository, see: http://lists.eduforge.org/cgi-bin/archzoom.cgi/arch-eduforge@catalyst.net.nz--2004-MIRROR/moodle--eduforge--1.3.3
Index of arch patches in this commit:
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-66
2004-09-16 00:03:41 GMT
Penny Leach <penny@catalyst.net.nz>
changes to upload class to be silent if we want it to be, integration with editing user profile and group profile (which meant changes in lib/gdlib.php as well as course/group-edit and group.php and user/edit.html and edit.php
Full logs:
Revision: moodle--eduforge--1.3.3--patch-66
Archive: arch-eduforge@catalyst.net.nz--2004
Creator: Penny Leach <penny@catalyst.net.nz>
Date: Thu Sep 16 12:03:41 NZST 2004
Standard-date: 2004-09-16 00:03:41 GMT
Modified-files: course/group-edit.html course/group.php
lib/gdlib.php lib/uploadlib.php user/edit.html
user/edit.php
New-patches: arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-66
Summary: changes to upload class to be silent if we want it to be, integration with editing user profile and group profile (which meant changes in lib/gdlib.php as well as course/group-edit and group.php and user/edit.html and edit.php
Keywords:
so it can be translated.
There is now a new function get_list_of_countries() which will return a
sorted array of countries in the best current language.
get_string("AU", "countries") will also work if needed
This includes some significant cleanups to the new course categories
system. The basic idea is that the categories/course browser is now
unified under one system, and admin features related to that have
all been moved into the browser (as little icons).
I'm much happier with this as a foundation that can scale and be
built upon.
Still to go:
- searching
- paging
- polishing
Also in here are a lot of little cleanups around the place, such as
the initial setup process.
Hopefully this is also the end of the occasional errors we keep
hearing about to do with never getting to setup the admin user.
(I think admin/site.php had a redirect that didn't always work).
The setup process is now much better at "trapping" you until it's all done.
- they could break accounts in existing installations
- strtolower can corrupt strings in multibyte languages
Is it really a problem that usernames are case sensitive on PostgreSQL?
When using authentication module (ldap, smb, pop etc...) and postgres-database multiple moodle
users were created for usernames like 'Username' 'username' 'userName'
