diff --git a/admin/auth_config.php b/admin/auth_config.php index b307cd7d5d9ec..0f9c7a0e8a4be 100644 --- a/admin/auth_config.php +++ b/admin/auth_config.php @@ -16,6 +16,9 @@ $returnurl = "$CFG->wwwroot/$CFG->admin/settings.php?section=manageauths"; +debugging("Use of config.html files in authentication plugins have been depreciated. " . + " Please migrate your plugin to use the admin settings API", DEBUG_DEVELOPER); + // save configuration changes if ($frm = data_submitted() and confirm_sesskey()) { @@ -86,12 +89,28 @@ /// Functions ///////////////////////////////////////////////////////////////// -// Good enough for most auth plugins -// but some may want a custom one if they are offering -// other options -// Note: lockconfig_ fields have special handling. + +/** + * auth field locking + * Good enough for most auth plugins + * but some may want a custom one if they are offering + * other options + * Note: lockconfig_ fields have special handling. + * + * @param string $auth authentication plugin shortname + * @param array $user_fields user profile fields + * @param string $helptext help text to be displayed at top of form + * @param boolean $retrieveopts Map fields or lock only. + * @param boolean $updateopts Allow remote updates + * @param array $customfields list of custom profile fields + * @deprecated since Moodle 3.3 + */ function print_auth_lock_options($auth, $user_fields, $helptext, $retrieveopts, $updateopts, $customfields = array()) { global $DB, $OUTPUT; + debugging("The function 'print_auth_lock_options' has been depreciated, " . + "Please migrate your code to use the admin settings API and use the function 'display_auth_lock_options' instead. ", + DEBUG_DEVELOPER); + echo ''; if ($retrieveopts) { echo $OUTPUT->heading(get_string('auth_data_mapping', 'auth')); diff --git a/auth/cas/auth.php b/auth/cas/auth.php index 4439bcb6bdaf2..d94c3965ba683 100644 --- a/auth/cas/auth.php +++ b/auth/cas/auth.php @@ -230,47 +230,6 @@ function connectCAS() { } } - /** - * Prints a form for configuring this authentication plugin. - * - * This function is called from admin/auth.php, and outputs a full page with - * a form for configuring this plugin. - * - * @param array $page An object containing all the data for this page. - */ - function config_form($config, $err, $user_fields) { - global $CFG, $OUTPUT; - - if (!function_exists('ldap_connect')) { // Is php-ldap really there? - echo $OUTPUT->notification(get_string('auth_ldap_noextension', 'auth_ldap')); - - // Don't return here, like we do in auth/ldap. We cas use CAS without LDAP. - // So just warn the user (done above) and define the LDAP constants we use - // in config.html, to silence the warnings. - if (!defined('LDAP_DEREF_NEVER')) { - define ('LDAP_DEREF_NEVER', 0); - } - if (!defined('LDAP_DEREF_ALWAYS')) { - define ('LDAP_DEREF_ALWAYS', 3); - } - } - - include($CFG->dirroot.'/auth/cas/config.html'); - } - - /** - * A chance to validate form data, and last chance to - * do stuff before it is inserted in config_plugin - * @param object object with submitted configuration settings (without system magic quotes) - * @param array $err array of error messages - */ - function validate_form($form, &$err) { - $certificate_path = trim($form->certificate_path); - if ($form->certificate_check && empty($certificate_path)) { - $err['certificate_path'] = get_string('auth_cas_certificate_path_empty', 'auth_cas'); - } - } - /** * Returns the URL for changing the user's pw, or empty if the default can * be used. @@ -281,143 +240,6 @@ function change_password_url() { return null; } - /** - * Processes and stores configuration data for this authentication plugin. - */ - function process_config($config) { - - // CAS settings - if (!isset($config->hostname)) { - $config->hostname = ''; - } - if (!isset($config->port)) { - $config->port = ''; - } - if (!isset($config->casversion)) { - $config->casversion = ''; - } - if (!isset($config->baseuri)) { - $config->baseuri = ''; - } - if (!isset($config->language)) { - $config->language = ''; - } - if (!isset($config->proxycas)) { - $config->proxycas = ''; - } - if (!isset($config->logoutcas)) { - $config->logoutcas = ''; - } - if (!isset($config->multiauth)) { - $config->multiauth = ''; - } - if (!isset($config->certificate_check)) { - $config->certificate_check = ''; - } - if (!isset($config->certificate_path)) { - $config->certificate_path = ''; - } - if (!isset($config->curl_ssl_version)) { - $config->curl_ssl_version = ''; - } - if (!isset($config->logout_return_url)) { - $config->logout_return_url = ''; - } - - // LDAP settings - if (!isset($config->host_url)) { - $config->host_url = ''; - } - if (!isset($config->start_tls)) { - $config->start_tls = false; - } - if (empty($config->ldapencoding)) { - $config->ldapencoding = 'utf-8'; - } - if (!isset($config->pagesize)) { - $config->pagesize = LDAP_DEFAULT_PAGESIZE; - } - if (!isset($config->contexts)) { - $config->contexts = ''; - } - if (!isset($config->user_type)) { - $config->user_type = 'default'; - } - if (!isset($config->user_attribute)) { - $config->user_attribute = ''; - } - if (!isset($config->search_sub)) { - $config->search_sub = ''; - } - if (!isset($config->opt_deref)) { - $config->opt_deref = LDAP_DEREF_NEVER; - } - if (!isset($config->bind_dn)) { - $config->bind_dn = ''; - } - if (!isset($config->bind_pw)) { - $config->bind_pw = ''; - } - if (!isset($config->ldap_version)) { - $config->ldap_version = '3'; - } - if (!isset($config->objectclass)) { - $config->objectclass = ''; - } - if (!isset($config->memberattribute)) { - $config->memberattribute = ''; - } - - if (!isset($config->memberattribute_isdn)) { - $config->memberattribute_isdn = ''; - } - if (!isset($config->attrcreators)) { - $config->attrcreators = ''; - } - if (!isset($config->groupecreators)) { - $config->groupecreators = ''; - } - if (!isset($config->removeuser)) { - $config->removeuser = AUTH_REMOVEUSER_KEEP; - } - - // save CAS settings - set_config('hostname', trim($config->hostname), $this->pluginconfig); - set_config('port', trim($config->port), $this->pluginconfig); - set_config('casversion', $config->casversion, $this->pluginconfig); - set_config('baseuri', trim($config->baseuri), $this->pluginconfig); - set_config('language', $config->language, $this->pluginconfig); - set_config('proxycas', $config->proxycas, $this->pluginconfig); - set_config('logoutcas', $config->logoutcas, $this->pluginconfig); - set_config('multiauth', $config->multiauth, $this->pluginconfig); - set_config('certificate_check', $config->certificate_check, $this->pluginconfig); - set_config('certificate_path', $config->certificate_path, $this->pluginconfig); - set_config('curl_ssl_version', $config->curl_ssl_version, $this->pluginconfig); - set_config('logout_return_url', $config->logout_return_url, $this->pluginconfig); - - // save LDAP settings - set_config('host_url', trim($config->host_url), $this->pluginconfig); - set_config('start_tls', $config->start_tls, $this->pluginconfig); - set_config('ldapencoding', trim($config->ldapencoding), $this->pluginconfig); - set_config('pagesize', (int)trim($config->pagesize), $this->pluginconfig); - set_config('contexts', trim($config->contexts), $this->pluginconfig); - set_config('user_type', core_text::strtolower(trim($config->user_type)), $this->pluginconfig); - set_config('user_attribute', core_text::strtolower(trim($config->user_attribute)), $this->pluginconfig); - set_config('search_sub', $config->search_sub, $this->pluginconfig); - set_config('opt_deref', $config->opt_deref, $this->pluginconfig); - set_config('bind_dn', trim($config->bind_dn), $this->pluginconfig); - set_config('bind_pw', $config->bind_pw, $this->pluginconfig); - set_config('ldap_version', $config->ldap_version, $this->pluginconfig); - set_config('objectclass', trim($config->objectclass), $this->pluginconfig); - set_config('memberattribute', core_text::strtolower(trim($config->memberattribute)), $this->pluginconfig); - set_config('memberattribute_isdn', $config->memberattribute_isdn, $this->pluginconfig); - set_config('attrcreators', trim($config->attrcreators), $this->pluginconfig); - set_config('groupecreators', trim($config->groupecreators), $this->pluginconfig); - set_config('removeuser', $config->removeuser, $this->pluginconfig); - - return true; - } - /** * Returns true if user should be coursecreator. * diff --git a/auth/cas/config.html b/auth/cas/config.html deleted file mode 100644 index 6279950861215..0000000000000 --- a/auth/cas/config.html +++ /dev/null @@ -1,553 +0,0 @@ -dirroot.'/auth/cas/languages.php'); - -// set to defaults if undefined (CAS) -if (!isset ($config->hostname)) { - $config->hostname = ''; -} -if (!isset ($config->port)) { - $config->port = ''; -} -if (!isset ($config->casversion)) { - $config->casversion = CAS_VERSION_2_0; -} -if (!isset ($config->baseuri)) { - $config->baseuri = ''; -} -if (!isset ($config->language)) { - $config->language = ''; -} -if (!isset ($config->proxycas)) { - $config->proxycas = ''; -} -if (!isset ($config->logoutcas)) { - $config->logoutcas = ''; -} -if (!isset ($config->multiauth)) { - $config->multiauth = ''; -} -if (!isset ($config->certificate_check)) { - $config->certificate_check = ''; -} -if (!isset ($config->certificate_path)) { - $config->certificate_path = ''; -} -if (!isset($config->curl_ssl_version)) { - $config->curl_ssl_version = ''; -} -if (!isset($config->logout_return_url)) { - $config->logout_return_url = ''; -} - -// set to defaults if undefined (LDAP) -if (!isset($config->host_url)) { - $config->host_url = ''; -} -if (!isset($config->start_tls)) { - $config->start_tls = false; -} -if (empty($config->ldapencoding)) { - $config->ldapencoding = 'utf-8'; -} -if (!isset($config->pagesize)) { - $config->pagesize = LDAP_DEFAULT_PAGESIZE; -} -if (!isset($config->contexts)) { - $config->contexts = ''; -} -if (!isset($config->user_type)) { - $config->user_type = 'default'; -} -if (!isset($config->user_attribute)) { - $config->user_attribute = ''; -} -if (!isset($config->search_sub)) { - $config->search_sub = ''; -} -if (!isset($config->opt_deref)) { - $config->opt_deref = LDAP_DEREF_NEVER; -} -if (!isset($config->bind_dn)) { - $config->bind_dn = ''; -} -if (!isset($config->bind_pw)) { - $config->bind_pw = ''; -} -if (!isset($config->ldap_version)) { - $config->ldap_version = '3'; -} -if (!isset($config->objectclass)) { - $config->objectclass = ''; -} -if (!isset($config->memberattribute)) { - $config->memberattribute = ''; -} -if (!isset($config->memberattribute_isdn)) { - $config->memberattribute_isdn = ''; -} -if (!isset($config->groupecreators)) { - $config->groupecreators = ''; -} -if (!isset($config->attrcreators)) { - $config->attrcreators = ''; -} -if (!isset($config->removeuser)) { - $config->removeuser = AUTH_REMOVEUSER_KEEP; -} - -$yesno = array( get_string('no'), get_string('yes') ); - -$disabled = ''; -$pagedresultssupported = false; -if ($config->host_url !== '') { - /** - * We try to connect each and every time we open the config, because we want to set the Page - * Size setting as enabled or disabled depending on the configured LDAP server supporting - * pagination or not, and to notify the user about it. If the user changed the LDAP server (or - * the LDAP protocol version) last time, it might happen that paged results are no longer - * available and we want to show that to the user the next time she goes to the settings page. - */ - try { - $ldapconn = $this->ldap_connect(); - $pagedresultssupported = ldap_paged_results_supported($config->ldap_version, $ldapconn); - } catch (Exception $e) { - // If we couldn't connect and get the supported options, we can only assume we don't support paged results. - $pagedresultssupported = false; - } -} -/* Make sure we only disable the paged result size setting and show the notification about it if - * there is a configured server that we tried to contact. Othersiwe, if someone's LDAP server does - * support paged results, they won't be able to turn it on the first time they set it up (because - * the field will be disabled). - */ -if (($config->host_url !== '') && (!$pagedresultssupported)) { - $disabled = ' disabled="disabled"'; - echo $OUTPUT->notification(get_string('pagedresultsnotsupp', 'auth_ldap'), \core\output\notification::NOTIFY_INFO); -} - -?> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -'; -$help .= get_string('auth_updateremote_ldap', 'auth'); - -print_auth_lock_options($this->authtype, $user_fields, $help, true, true, $this->get_custom_user_profile_fields()); -?> -
-

-
- - error_text($err['hostname']); } ?> - - -
- - - - error_text($err['baseuri']); } ?> - - -
- - - - error_text($err['port']); } ?> - - -
- : - - casversion, false); - if (isset($err['casversion'])) { echo $OUTPUT->error_text($err['casversion']); } - ?> - - -
: - language, false); ?> - - -
- : - - proxycas, false); ?> - - -
: - logoutcas, false); ?> - - -
: - multiauth, false); ?> - - -
: - certificate_check, false); ?> - - -
- - error_text($err['certificate_path']); ?> - - -
- curl_ssl_version, false); - if (isset($err['curl_ssl_version'])) echo $OUTPUT->error_text($err['curl_ssl_version']); - ?> - - -
: - - error_text($err['logout_return_url']); } ?> - - -
-

-
- - - - error_text($err['host_url']); } ?> - - -
- ldap_version, false); - if (isset($err['ldap_version'])) { echo $OUTPUT->error_text($err['ldap_version']); } - ?> - - -
- - - start_tls, false); ?> - - -
- - - - error_text($err['ldapencoding']); } ?> - - -
- - - /> - error_text($err['pagesize']); } - if ($disabled) { - // Don't loose the page size value (disabled fields are not submitted!) - ?> - - - - -
-

-
- - - - error_text($err['bind_dn']); } ?> - - -
- - - - error_text($err['bind_pw']); } ?> - - -
-

-
- - - user_type, false); - if (isset($err['user_type'])) { echo $OUTPUT->error_text($err['user_type']); } - ?> - - -
- - - - error_text($err['contexts']); } ?> - - -
- - search_sub, false); ?> - - -
- opt_deref, false); - if (isset($err['opt_deref'])) { echo $OUTPUT->error_text($err['opt_deref']); } - ?> - - -
- - - - error_text($err['user_attribute']); } ?> - - -
- - - - error_text($err['memberattribute']); } ?> - - -
- - - - error_text($err['memberattribute_isdn']); } ?> - - -
- - - - error_text($err['objectclass']); } ?> - - -
-

-
- - - - error_text($err['attrcreators']); } ?> - - -
- - - - error_text($err['groupecreators']); } ?> - - -
-

-
- - - removeuser, false); - ?> - - -
diff --git a/auth/cas/db/upgrade.php b/auth/cas/db/upgrade.php index 81eefd028b701..9de65154b42a1 100644 --- a/auth/cas/db/upgrade.php +++ b/auth/cas/db/upgrade.php @@ -25,6 +25,7 @@ defined('MOODLE_INTERNAL') || die(); /** + * Function to upgrade auth_cas. * @param int $oldversion the version we are upgrading from * @return bool result */ @@ -58,5 +59,11 @@ function xmldb_auth_cas_upgrade($oldversion) { // Automatically generated Moodle v3.2.0 release upgrade line. // Put any upgrade step following this. + if ($oldversion < 2017020700) { + // Convert info in config plugins from auth/cas to auth_cas. + $DB->set_field('config_plugins', 'plugin', 'auth_cas', array('plugin' => 'auth/cas')); + upgrade_plugin_savepoint(true, 2017020700, 'auth', 'cas'); + } + return true; } diff --git a/auth/cas/settings.php b/auth/cas/settings.php new file mode 100644 index 0000000000000..2e8c19755d3ba --- /dev/null +++ b/auth/cas/settings.php @@ -0,0 +1,273 @@ +. + +/** + * Admin settings and defaults. + * + * @package auth_cas + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die; + +if ($ADMIN->fulltree) { + + // We use a couple of custom admin settings since we need to massage the data before it is inserted into the DB. + require_once($CFG->dirroot.'/auth/ldap/classes/admin_setting_special_lowercase_configtext.php'); + require_once($CFG->dirroot.'/auth/ldap/classes/admin_setting_special_contexts_configtext.php'); + + // Include needed files. + require_once($CFG->dirroot.'/auth/cas/auth.php'); + require_once($CFG->dirroot.'/auth/cas/languages.php'); + + // Introductory explanation. + $settings->add(new admin_setting_heading('auth_cas/pluginname', '', + new lang_string('auth_casdescription', 'auth_cas'))); + + // CAS server configuration label. + $settings->add(new admin_setting_heading('auth_cas/casserversettings', + new lang_string('auth_cas_server_settings', 'auth_cas'), '')); + + // Hostname. + $settings->add(new admin_setting_configtext('auth_cas/hostname', + get_string('auth_cas_hostname_key', 'auth_cas'), + get_string('auth_cas_hostname', 'auth_cas'), '', PARAM_RAW_TRIMMED)); + + // Base URI. + $settings->add(new admin_setting_configtext('auth_cas/baseuri', + get_string('auth_cas_baseuri_key', 'auth_cas'), + get_string('auth_cas_baseuri', 'auth_cas'), '', PARAM_RAW_TRIMMED)); + + // Port. + $settings->add(new admin_setting_configtext('auth_cas/port', + get_string('auth_cas_port_key', 'auth_cas'), + get_string('auth_cas_port', 'auth_cas'), '', PARAM_INT)); + + // CAS Version. + $casversions = array(); + $casversions[CAS_VERSION_1_0] = 'CAS 1.0'; + $casversions[CAS_VERSION_2_0] = 'CAS 2.0'; + $settings->add(new admin_setting_configselect('auth_cas/casversion', + new lang_string('auth_cas_casversion', 'auth_cas'), + new lang_string('auth_cas_version', 'auth_cas'), CAS_VERSION_2_0, $casversions)); + + // Language. + if (!isset($CASLANGUAGES) || empty($CASLANGUAGES)) { + // Prevent warnings on other admin pages. + // $CASLANGUAGES is defined in /auth/cas/languages.php. + $CASLANGUAGES = array(); + $CASLANGUAGES[PHPCAS_LANG_ENGLISH] = 'English'; + $CASLANGUAGES[PHPCAS_LANG_FRENCH] = 'French'; + } + $settings->add(new admin_setting_configselect('auth_cas/language', + new lang_string('auth_cas_language_key', 'auth_cas'), + new lang_string('auth_cas_language', 'auth_cas'), '', $CASLANGUAGES)); + + // Proxy. + $yesno = array( + new lang_string('no'), + new lang_string('yes'), + ); + $settings->add(new admin_setting_configselect('auth_cas/proxycas', + new lang_string('auth_cas_proxycas_key', 'auth_cas'), + new lang_string('auth_cas_proxycas', 'auth_cas'), 0 , $yesno)); + + // Logout option. + $settings->add(new admin_setting_configselect('auth_cas/logoutcas', + new lang_string('auth_cas_logoutcas_key', 'auth_cas'), + new lang_string('auth_cas_logoutcas', 'auth_cas'), 0 , $yesno)); + + // Multi-auth. + $settings->add(new admin_setting_configselect('auth_cas/multiauth', + new lang_string('auth_cas_multiauth_key', 'auth_cas'), + new lang_string('auth_cas_multiauth', 'auth_cas'), 0 , $yesno)); + + // Server validation. + $settings->add(new admin_setting_configselect('auth_cas/certificate_check', + new lang_string('auth_cas_certificate_check_key', 'auth_cas'), + new lang_string('auth_cas_certificate_check', 'auth_cas'), 0 , $yesno)); + + // Certificate path. + $settings->add(new admin_setting_configfile('auth_cas/certificate_path', + get_string('auth_cas_certificate_path_key', 'auth_cas'), + get_string('auth_cas_certificate_path', 'auth_cas'), '')); + + // CURL SSL version. + $sslversions = array(); + $sslversions[''] = get_string('auth_cas_curl_ssl_version_default', 'auth_cas'); + if (defined('CURL_SSLVERSION_TLSv1')) { + $sslversions[CURL_SSLVERSION_TLSv1] = get_string('auth_cas_curl_ssl_version_TLSv1x', 'auth_cas'); + } + if (defined('CURL_SSLVERSION_TLSv1_0')) { + $sslversions[CURL_SSLVERSION_TLSv1_0] = get_string('auth_cas_curl_ssl_version_TLSv10', 'auth_cas'); + } + if (defined('CURL_SSLVERSION_TLSv1_1')) { + $sslversions[CURL_SSLVERSION_TLSv1_1] = get_string('auth_cas_curl_ssl_version_TLSv11', 'auth_cas'); + } + if (defined('CURL_SSLVERSION_TLSv1_2')) { + $sslversions[CURL_SSLVERSION_TLSv1_2] = get_string('auth_cas_curl_ssl_version_TLSv12', 'auth_cas'); + } + if (defined('CURL_SSLVERSION_SSLv2')) { + $sslversions[CURL_SSLVERSION_SSLv2] = get_string('auth_cas_curl_ssl_version_SSLv2', 'auth_cas'); + } + if (defined('CURL_SSLVERSION_SSLv3')) { + $sslversions[CURL_SSLVERSION_SSLv3] = get_string('auth_cas_curl_ssl_version_SSLv3', 'auth_cas'); + } + $settings->add(new admin_setting_configselect('auth_cas/curl_ssl_version', + new lang_string('auth_cas_curl_ssl_version_key', 'auth_cas'), + new lang_string('auth_cas_curl_ssl_version', 'auth_cas'), '' , $sslversions)); + + // Alt Logout URL. + $settings->add(new admin_setting_configtext('auth_cas/logout_return_url', + get_string('auth_cas_logout_return_url_key', 'auth_cas'), + get_string('auth_cas_logout_return_url', 'auth_cas'), '', PARAM_URL)); + + // LDAP server settings. + $settings->add(new admin_setting_heading('auth_cas/ldapserversettings', + new lang_string('auth_ldap_server_settings', 'auth_ldap'), '')); + + // Host. + $settings->add(new admin_setting_configtext('auth_cas/host_url', + get_string('auth_ldap_host_url_key', 'auth_ldap'), + get_string('auth_ldap_host_url', 'auth_ldap'), '', PARAM_RAW_TRIMMED)); + + // Version. + $versions = array(); + $versions[2] = '2'; + $versions[3] = '3'; + $settings->add(new admin_setting_configselect('auth_cas/ldap_version', + new lang_string('auth_ldap_version_key', 'auth_ldap'), + new lang_string('auth_ldap_version', 'auth_ldap'), 3, $versions)); + + // Start TLS. + $settings->add(new admin_setting_configselect('auth_cas/start_tls', + new lang_string('start_tls_key', 'auth_ldap'), + new lang_string('start_tls', 'auth_ldap'), 0 , $yesno)); + + + // Encoding. + $settings->add(new admin_setting_configtext('auth_cas/ldapencoding', + get_string('auth_ldap_ldap_encoding_key', 'auth_ldap'), + get_string('auth_ldap_ldap_encoding', 'auth_ldap'), 'utf-8', PARAM_RAW_TRIMMED)); + + // Page Size. (Hide if not available). + $settings->add(new admin_setting_configtext('auth_cas/pagesize', + get_string('pagesize_key', 'auth_ldap'), + get_string('pagesize', 'auth_ldap'), '250', PARAM_INT)); + + // Bind settings. + $settings->add(new admin_setting_heading('auth_cas/ldapbindsettings', + new lang_string('auth_ldap_bind_settings', 'auth_ldap'), '')); + + // User ID. + $settings->add(new admin_setting_configtext('auth_cas/bind_dn', + get_string('auth_ldap_bind_dn_key', 'auth_ldap'), + get_string('auth_ldap_bind_dn', 'auth_ldap'), '', PARAM_RAW_TRIMMED)); + + // Password. + $settings->add(new admin_setting_configpasswordunmask('auth_cas/bind_pw', + get_string('auth_ldap_bind_pw_key', 'auth_ldap'), + get_string('auth_ldap_bind_pw', 'auth_ldap'), '')); + + // User Lookup settings. + $settings->add(new admin_setting_heading('auth_cas/ldapuserlookup', + new lang_string('auth_ldap_user_settings', 'auth_ldap'), '')); + + // User Type. + $settings->add(new admin_setting_configselect('auth_cas/user_type', + new lang_string('auth_ldap_user_type_key', 'auth_ldap'), + new lang_string('auth_ldap_user_type', 'auth_ldap'), 'default', ldap_supported_usertypes())); + + // Contexts. + $settings->add(new auth_ldap_admin_setting_special_contexts_configtext('auth_cas/contexts', + get_string('auth_ldap_contexts_key', 'auth_ldap'), + get_string('auth_ldap_contexts', 'auth_ldap'), '', PARAM_RAW_TRIMMED)); + + // Search subcontexts. + $settings->add(new admin_setting_configselect('auth_cas/search_sub', + new lang_string('auth_ldap_search_sub_key', 'auth_ldap'), + new lang_string('auth_ldap_search_sub', 'auth_ldap'), 0 , $yesno)); + + // Dereference aliases. + $optderef = array(); + $optderef[LDAP_DEREF_NEVER] = get_string('no'); + $optderef[LDAP_DEREF_ALWAYS] = get_string('yes'); + + $settings->add(new admin_setting_configselect('auth_cas/opt_deref', + new lang_string('auth_ldap_opt_deref_key', 'auth_ldap'), + new lang_string('auth_ldap_opt_deref', 'auth_ldap'), LDAP_DEREF_NEVER , $optderef)); + + // User attribute. + $settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_cas/user_attribute', + get_string('auth_ldap_user_attribute_key', 'auth_ldap'), + get_string('auth_ldap_user_attribute', 'auth_ldap'), '', PARAM_RAW)); + + // Member attribute. + $settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_cas/memberattribute', + get_string('auth_ldap_memberattribute_key', 'auth_ldap'), + get_string('auth_ldap_memberattribute', 'auth_ldap'), '', PARAM_RAW)); + + // Member attribute uses dn. + $settings->add(new admin_setting_configtext('auth_cas/memberattribute_isdn', + get_string('auth_ldap_memberattribute_isdn_key', 'auth_ldap'), + get_string('auth_ldap_memberattribute_isdn', 'auth_ldap'), '', PARAM_RAW)); + + // Object class. + $settings->add(new admin_setting_configtext('auth_cas/objectclass', + get_string('auth_ldap_objectclass_key', 'auth_ldap'), + get_string('auth_ldap_objectclass', 'auth_ldap'), '', PARAM_RAW_TRIMMED)); + + // Course Creators Header. + $settings->add(new admin_setting_heading('auth_cas/coursecreators', + new lang_string('coursecreators'), '')); + + // Course creators attribute field mapping. + $settings->add(new admin_setting_configtext('auth_cas/attrcreators', + get_string('auth_ldap_attrcreators_key', 'auth_ldap'), + get_string('auth_ldap_attrcreators', 'auth_ldap'), '', PARAM_RAW_TRIMMED)); + + // Course creator group field mapping. + $settings->add(new admin_setting_configtext('auth_cas/groupecreators', + get_string('auth_ldap_groupecreators_key', 'auth_ldap'), + get_string('auth_ldap_groupecreators', 'auth_ldap'), '', PARAM_RAW_TRIMMED)); + + // User Account Sync. + $settings->add(new admin_setting_heading('auth_cas/syncusers', + new lang_string('auth_sync_script', 'auth'), '')); + + // Remove external user. + $deleteopt = array(); + $deleteopt[AUTH_REMOVEUSER_KEEP] = get_string('auth_remove_keep', 'auth'); + $deleteopt[AUTH_REMOVEUSER_SUSPEND] = get_string('auth_remove_suspend', 'auth'); + $deleteopt[AUTH_REMOVEUSER_FULLDELETE] = get_string('auth_remove_delete', 'auth'); + + $settings->add(new admin_setting_configselect('auth_cas/removeuser', + new lang_string('auth_remove_user_key', 'auth'), + new lang_string('auth_remove_user', 'auth'), AUTH_REMOVEUSER_KEEP, $deleteopt)); + + // Display locking / mapping of profile fields. + $authplugin = get_auth_plugin($this->name); + $help = get_string('auth_ldapextrafields', 'auth_ldap'); + $help .= get_string('auth_updatelocal_expl', 'auth'); + $help .= get_string('auth_fieldlock_expl', 'auth'); + $help .= get_string('auth_updateremote_expl', 'auth'); + $help .= '
'; + $help .= get_string('auth_updateremote_ldap', 'auth'); + display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields, $help, true, true, + $authplugin->get_custom_user_profile_fields()); + +} diff --git a/auth/cas/upgrade.txt b/auth/cas/upgrade.txt new file mode 100644 index 0000000000000..25e03925b112d --- /dev/null +++ b/auth/cas/upgrade.txt @@ -0,0 +1,7 @@ +This files describes API changes in /auth/cas/*, +information provided here is intended especially for developers. + +=== 3.3 === + +* The config.html file was migrated to use the admin settings API. + The identifier for configuration data stored in config_plugins table was converted from 'auth/cas' to 'auth_cas'. diff --git a/auth/cas/version.php b/auth/cas/version.php index 6ccab587688dc..26f3bc57481f8 100644 --- a/auth/cas/version.php +++ b/auth/cas/version.php @@ -26,8 +26,8 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2016120500; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2017020700; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2016112900; // Requires this Moodle version $plugin->component = 'auth_cas'; // Full name of the plugin (used for diagnostics) -$plugin->dependencies = array('auth_ldap' => 2016112900); +$plugin->dependencies = array('auth_ldap' => 2017020700); diff --git a/auth/db/auth.php b/auth/db/auth.php index 5660978f4a5ac..90e0fa98b8b4a 100644 --- a/auth/db/auth.php +++ b/auth/db/auth.php @@ -41,7 +41,7 @@ function __construct() { require_once($CFG->libdir.'/adodb/adodb.inc.php'); $this->authtype = 'db'; - $this->config = get_config('auth/db'); + $this->config = get_config('auth_db'); if (empty($this->config->extencoding)) { $this->config->extencoding = 'utf-8'; } @@ -661,21 +661,6 @@ function user_update($olduser, $newuser) { return true; } - /** - * A chance to validate form data, and last chance to - * do stuff before it is inserted in config_plugin - * - * @param stfdClass $form - * @param array $err errors - * @return void - */ - function validate_form($form, &$err) { - if ($form->passtype === 'internal') { - $this->config->changepasswordurl = ''; - set_config('changepasswordurl', '', 'auth/db'); - } - } - function prevent_local_passwords() { return !$this->is_internal(); } @@ -752,95 +737,6 @@ function can_reset_password() { return $this->is_internal(); } - /** - * Prints a form for configuring this authentication plugin. - * - * This function is called from admin/auth.php, and outputs a full page with - * a form for configuring this plugin. - * - * @param stdClass $config - * @param array $err errors - * @param array $user_fields - * @return void - */ - function config_form($config, $err, $user_fields) { - include 'config.html'; - } - - /** - * Processes and stores configuration data for this authentication plugin. - * - * @param srdClass $config - * @return bool always true or exception - */ - function process_config($config) { - // set to defaults if undefined - if (!isset($config->host)) { - $config->host = 'localhost'; - } - if (!isset($config->type)) { - $config->type = 'mysql'; - } - if (!isset($config->sybasequoting)) { - $config->sybasequoting = 0; - } - if (!isset($config->name)) { - $config->name = ''; - } - if (!isset($config->user)) { - $config->user = ''; - } - if (!isset($config->pass)) { - $config->pass = ''; - } - if (!isset($config->table)) { - $config->table = ''; - } - if (!isset($config->fielduser)) { - $config->fielduser = ''; - } - if (!isset($config->fieldpass)) { - $config->fieldpass = ''; - } - if (!isset($config->passtype)) { - $config->passtype = 'plaintext'; - } - if (!isset($config->extencoding)) { - $config->extencoding = 'utf-8'; - } - if (!isset($config->setupsql)) { - $config->setupsql = ''; - } - if (!isset($config->debugauthdb)) { - $config->debugauthdb = 0; - } - if (!isset($config->removeuser)) { - $config->removeuser = AUTH_REMOVEUSER_KEEP; - } - if (!isset($config->changepasswordurl)) { - $config->changepasswordurl = ''; - } - - // Save settings. - set_config('host', $config->host, 'auth/db'); - set_config('type', $config->type, 'auth/db'); - set_config('sybasequoting', $config->sybasequoting, 'auth/db'); - set_config('name', $config->name, 'auth/db'); - set_config('user', $config->user, 'auth/db'); - set_config('pass', $config->pass, 'auth/db'); - set_config('table', $config->table, 'auth/db'); - set_config('fielduser', $config->fielduser, 'auth/db'); - set_config('fieldpass', $config->fieldpass, 'auth/db'); - set_config('passtype', $config->passtype, 'auth/db'); - set_config('extencoding', trim($config->extencoding), 'auth/db'); - set_config('setupsql', trim($config->setupsql),'auth/db'); - set_config('debugauthdb', $config->debugauthdb, 'auth/db'); - set_config('removeuser', $config->removeuser, 'auth/db'); - set_config('changepasswordurl', trim($config->changepasswordurl), 'auth/db'); - - return true; - } - /** * Add slashes, we can not use placeholders or system functions. * diff --git a/auth/db/classes/admin_setting_special_auth_configtext.php b/auth/db/classes/admin_setting_special_auth_configtext.php new file mode 100644 index 0000000000000..50cd89a81d878 --- /dev/null +++ b/auth/db/classes/admin_setting_special_auth_configtext.php @@ -0,0 +1,51 @@ +. + +/** + * Special settings for auth_db password_link. + * + * @package auth_db + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die(); + +/** + * Special settings for auth_db password_link. + * + * @package auth_db + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ +class auth_db_admin_setting_special_auth_configtext extends admin_setting_configtext { + + /** + * We need to overwrite the global "alternate login url" setting if wayf is enabled. + * + * @param string $data Form data. + * @return string Empty when no errors. + */ + public function write_setting($data) { + + if (get_config('auth_db', 'passtype') === 'internal') { + // We need to clear the auth_db change password link. + $data = ''; + } + + return parent::write_setting($data); + } +} diff --git a/auth/db/classes/task/sync_users.php b/auth/db/classes/task/sync_users.php index 59b7bc1ea974f..a7ac128425eee 100644 --- a/auth/db/classes/task/sync_users.php +++ b/auth/db/classes/task/sync_users.php @@ -54,7 +54,7 @@ public function execute() { } $dbauth = get_auth_plugin('db'); - $config = get_config('auth/db'); + $config = get_config('auth_db'); $trace = new \text_progress_trace(); $update = !empty($config->updateusers); $dbauth->sync_users($trace, $update); diff --git a/auth/db/config.html b/auth/db/config.html deleted file mode 100644 index fb751d0325cd9..0000000000000 --- a/auth/db/config.html +++ /dev/null @@ -1,289 +0,0 @@ -host)) { - $config->host = 'localhost'; - } - if (!isset($config->type)) { - $config->type = 'mysql'; - } - if (!isset($config->sybasequoting)) { - $config->sybasequoting = 0; - } - if (!isset($config->name)) { - $config->name = ''; - } - if (!isset($config->user)) { - $config->user = ''; - } - if (!isset($config->pass)) { - $config->pass = ''; - } - if (!isset($config->table)) { - $config->table = ''; - } - if (!isset($config->fielduser)) { - $config->fielduser = ''; - } - if (!isset($config->fieldpass)) { - $config->fieldpass = ''; - } - if (!isset($config->passtype)) { - $config->passtype = 'plaintext'; - } - if (!isset($config->changepasswordurl)) { - $config->changepasswordurl = ''; - } - if (empty($config->extencoding)) { - $config->extencoding = 'utf-8'; - } - if (empty($config->debugauthdb)) { - $config->debugauthdb = 0; - } - if (!isset($config->setupsql)) { - $config->setupsql = ''; - } - if (!isset($config->removeuser)) { - $config->removeuser = AUTH_REMOVEUSER_KEEP; - } - if (!isset($config->updateusers)) { - $config->updateusers = 0; - } - - $yesno = array( get_string('no'), get_string('yes') ); - -?> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -authtype, $user_fields, get_string('auth_dbextrafields', 'auth_db'), true, true, $this->get_custom_user_profile_fields()); - -?> -
- - error_text($err["host"]); - } - - ?> -
- type, false); - ?> - - - -
- sybasequoting, false); ?> -
- - error_text($err["name"]); - } - - ?> -
- - error_text($err["user"]); - } - - ?> -
- - error_text($err["pass"]); - } - - ?> - - -
- - error_text($err["table"]); - } - - ?> -
- - error_text($err["fielduser"]); - } - - ?> -
- - error_text($err["fieldpass"]); - } - - ?> -
- passtype, false); - - ?> -
- - error_text($err['extencoding']); - } - - ?> -
- -
- debugauthdb, false); ?> -
- - error_text($err['changepasswordurl']); - } - - ?> -
-

-
- removeuser, false); - ?> - - -
- updateusers, false); ?> - - -
diff --git a/auth/db/db/upgrade.php b/auth/db/db/upgrade.php new file mode 100644 index 0000000000000..08db7272f7d1d --- /dev/null +++ b/auth/db/db/upgrade.php @@ -0,0 +1,45 @@ +. + +/** + * DB authentication plugin upgrade code + * + * @package auth_db + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die(); + +/** + * Function to upgrade auth_db. + * @param int $oldversion the version we are upgrading from + * @return bool result + */ +function xmldb_auth_db_upgrade($oldversion) { + global $CFG, $DB; + + // Automatically generated Moodle v3.2.0 release upgrade line. + // Put any upgrade step following this. + + if ($oldversion < 2017032800) { + // Convert info in config plugins from auth/db to auth_db + $DB->set_field('config_plugins', 'plugin', 'auth_db', array('plugin' => 'auth/db')); + upgrade_plugin_savepoint(true, 2017032800, 'auth', 'db'); + } + + return true; +} diff --git a/auth/db/settings.php b/auth/db/settings.php new file mode 100644 index 0000000000000..64479d114b842 --- /dev/null +++ b/auth/db/settings.php @@ -0,0 +1,143 @@ +. + +/** + * Admin settings and defaults. + * + * @package auth_db + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die; + +if ($ADMIN->fulltree) { + + // We use a couple of custom admin settings since we need to massage the data before it is inserted into the DB. + require_once($CFG->dirroot.'/auth/db/classes/admin_setting_special_auth_configtext.php'); + + // Needed for constants. + require_once($CFG->libdir.'/authlib.php'); + + // Introductory explanation. + $settings->add(new admin_setting_heading('auth_db/pluginname', '', new lang_string('auth_dbdescription', 'auth_db'))); + + // Host. + $settings->add(new admin_setting_configtext('auth_db/host', get_string('auth_dbhost_key', 'auth_db'), + get_string('auth_dbhost', 'auth_db') . ' ' .get_string('auth_multiplehosts', 'auth'), + '127.0.0.1', PARAM_RAW)); + + // Type. + $dboptions = array(); + $dbtypes = array("access", "ado_access", "ado", "ado_mssql", "borland_ibase", "csv", "db2", + "fbsql", "firebird", "ibase", "informix72", "informix", "mssql", "mssql_n", "mssqlnative", + "mysql", "mysqli", "mysqlt", "oci805", "oci8", "oci8po", "odbc", "odbc_mssql", "odbc_oracle", + "oracle", "postgres64", "postgres7", "postgres", "proxy", "sqlanywhere", "sybase", "vfp"); + foreach ($dbtypes as $dbtype) { + $dboptions[$dbtype] = $dbtype; + } + + $settings->add(new admin_setting_configselect('auth_db/type', + new lang_string('auth_dbtype_key', 'auth_db'), + new lang_string('auth_dbtype', 'auth_db'), 'mysqli', $dboptions)); + + // Sybase quotes. + $yesno = array( + new lang_string('no'), + new lang_string('yes'), + ); + + $settings->add(new admin_setting_configselect('auth_db/sybasequoting', + new lang_string('auth_dbsybasequoting', 'auth_db'), new lang_string('auth_dbsybasequotinghelp', 'auth_db'), 0, $yesno)); + + // DB Name. + $settings->add(new admin_setting_configtext('auth_db/name', get_string('auth_dbname_key', 'auth_db'), + get_string('auth_dbname', 'auth_db'), '', PARAM_RAW_TRIMMED)); + + // DB Username. + $settings->add(new admin_setting_configtext('auth_db/user', get_string('auth_dbuser_key', 'auth_db'), + get_string('auth_dbuser', 'auth_db'), '', PARAM_RAW_TRIMMED)); + + // Password. + $settings->add(new admin_setting_configpasswordunmask('auth_db/pass', get_string('auth_dbpass_key', 'auth_db'), + get_string('auth_dbpass', 'auth_db'), '')); + + // DB Table. + $settings->add(new admin_setting_configtext('auth_db/table', get_string('auth_dbtable_key', 'auth_db'), + get_string('auth_dbtable', 'auth_db'), '', PARAM_RAW_TRIMMED)); + + // DB User field. + $settings->add(new admin_setting_configtext('auth_db/fielduser', get_string('auth_dbfielduser_key', 'auth_db'), + get_string('auth_dbfielduser', 'auth_db'), '', PARAM_RAW_TRIMMED)); + + // DB User password. + $settings->add(new admin_setting_configtext('auth_db/fieldpass', get_string('auth_dbfieldpass_key', 'auth_db'), + get_string('auth_dbfieldpass', 'auth_db'), '', PARAM_RAW_TRIMMED)); + + + // DB Password Type. + $passtype = array(); + $passtype["plaintext"] = get_string("plaintext", "auth"); + $passtype["md5"] = get_string("md5", "auth"); + $passtype["sha1"] = get_string("sha1", "auth"); + $passtype["saltedcrypt"] = get_string("auth_dbsaltedcrypt", "auth_db"); + $passtype["internal"] = get_string("internal", "auth"); + + $settings->add(new admin_setting_configselect('auth_db/passtype', + new lang_string('auth_dbpasstype_key', 'auth_db'), new lang_string('auth_dbpasstype', 'auth_db'), 'plaintext', $passtype)); + + // Encoding. + $settings->add(new admin_setting_configtext('auth_db/extencoding', get_string('auth_dbextencoding', 'auth_db'), + get_string('auth_dbextencodinghelp', 'auth_db'), 'utf-8', PARAM_RAW_TRIMMED)); + + // DB SQL SETUP. + $settings->add(new admin_setting_configtext('auth_db/setupsql', get_string('auth_dbsetupsql', 'auth_db'), + get_string('auth_dbsetupsqlhelp', 'auth_db'), '', PARAM_RAW_TRIMMED)); + + // Debug ADOOB. + $settings->add(new admin_setting_configselect('auth_db/debugauthdb', + new lang_string('auth_dbdebugauthdb', 'auth_db'), new lang_string('auth_dbdebugauthdbhelp', 'auth_db'), 0, $yesno)); + + // Password change URL. + $settings->add(new auth_db_admin_setting_special_auth_configtext('auth_db/changepasswordurl', + get_string('auth_dbchangepasswordurl_key', 'auth_db'), + get_string('changepasswordhelp', 'auth'), '', PARAM_URL)); + + // Label and Sync Options. + $settings->add(new admin_setting_heading('auth_db/usersync', new lang_string('auth_sync_script', 'auth'), '')); + + // Sync Options. + $deleteopt = array(); + $deleteopt[AUTH_REMOVEUSER_KEEP] = get_string('auth_remove_keep', 'auth'); + $deleteopt[AUTH_REMOVEUSER_SUSPEND] = get_string('auth_remove_suspend', 'auth'); + $deleteopt[AUTH_REMOVEUSER_FULLDELETE] = get_string('auth_remove_delete', 'auth'); + + $settings->add(new admin_setting_configselect('auth_db/removeuser', + new lang_string('auth_remove_user_key', 'auth'), + new lang_string('auth_remove_user', 'auth'), AUTH_REMOVEUSER_KEEP, $deleteopt)); + + // Update users. + $settings->add(new admin_setting_configselect('auth_db/updateusers', + new lang_string('auth_dbupdateusers', 'auth_db'), + new lang_string('auth_dbupdateusers_description', 'auth_db'), 0, $yesno)); + + // Display locking / mapping of profile fields. + $authplugin = get_auth_plugin($this->name); + display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields, + get_string('auth_dbextrafields', 'auth_db'), + true, true, $authplugin->get_custom_user_profile_fields()); + +} diff --git a/auth/db/tests/db_test.php b/auth/db/tests/db_test.php index 1c9e6deda61f2..2900719fdea22 100644 --- a/auth/db/tests/db_test.php +++ b/auth/db/tests/db_test.php @@ -44,65 +44,65 @@ protected function init_auth_database() { $dbman = $DB->get_manager(); - set_config('extencoding', 'utf-8', 'auth/db'); + set_config('extencoding', 'utf-8', 'auth_db'); - set_config('host', $CFG->dbhost, 'auth/db'); - set_config('user', $CFG->dbuser, 'auth/db'); - set_config('pass', $CFG->dbpass, 'auth/db'); - set_config('name', $CFG->dbname, 'auth/db'); + set_config('host', $CFG->dbhost, 'auth_db'); + set_config('user', $CFG->dbuser, 'auth_db'); + set_config('pass', $CFG->dbpass, 'auth_db'); + set_config('name', $CFG->dbname, 'auth_db'); if (!empty($CFG->dboptions['dbport'])) { - set_config('host', $CFG->dbhost.':'.$CFG->dboptions['dbport'], 'auth/db'); + set_config('host', $CFG->dbhost.':'.$CFG->dboptions['dbport'], 'auth_db'); } switch ($DB->get_dbfamily()) { case 'mysql': - set_config('type', 'mysqli', 'auth/db'); - set_config('setupsql', "SET NAMES 'UTF-8'", 'auth/db'); - set_config('sybasequoting', '0', 'auth/db'); + set_config('type', 'mysqli', 'auth_db'); + set_config('setupsql', "SET NAMES 'UTF-8'", 'auth_db'); + set_config('sybasequoting', '0', 'auth_db'); if (!empty($CFG->dboptions['dbsocket'])) { $dbsocket = $CFG->dboptions['dbsocket']; if ((strpos($dbsocket, '/') === false and strpos($dbsocket, '\\') === false)) { $dbsocket = ini_get('mysqli.default_socket'); } - set_config('type', 'mysqli://'.rawurlencode($CFG->dbuser).':'.rawurlencode($CFG->dbpass).'@'.rawurlencode($CFG->dbhost).'/'.rawurlencode($CFG->dbname).'?socket='.rawurlencode($dbsocket), 'auth/db'); + set_config('type', 'mysqli://'.rawurlencode($CFG->dbuser).':'.rawurlencode($CFG->dbpass).'@'.rawurlencode($CFG->dbhost).'/'.rawurlencode($CFG->dbname).'?socket='.rawurlencode($dbsocket), 'auth_db'); } break; case 'oracle': - set_config('type', 'oci8po', 'auth/db'); - set_config('sybasequoting', '1', 'auth/db'); + set_config('type', 'oci8po', 'auth_db'); + set_config('sybasequoting', '1', 'auth_db'); break; case 'postgres': - set_config('type', 'postgres7', 'auth/db'); + set_config('type', 'postgres7', 'auth_db'); $setupsql = "SET NAMES 'UTF-8'"; if (!empty($CFG->dboptions['dbschema'])) { $setupsql .= "; SET search_path = '".$CFG->dboptions['dbschema']."'"; } - set_config('setupsql', $setupsql, 'auth/db'); - set_config('sybasequoting', '0', 'auth/db'); + set_config('setupsql', $setupsql, 'auth_db'); + set_config('sybasequoting', '0', 'auth_db'); if (!empty($CFG->dboptions['dbsocket']) and ($CFG->dbhost === 'localhost' or $CFG->dbhost === '127.0.0.1')) { if (strpos($CFG->dboptions['dbsocket'], '/') !== false) { $socket = $CFG->dboptions['dbsocket']; if (!empty($CFG->dboptions['dbport'])) { $socket .= ':' . $CFG->dboptions['dbport']; } - set_config('host', $socket, 'auth/db'); + set_config('host', $socket, 'auth_db'); } else { - set_config('host', '', 'auth/db'); + set_config('host', '', 'auth_db'); } } break; case 'mssql': if (get_class($DB) == 'mssql_native_moodle_database') { - set_config('type', 'mssql_n', 'auth/db'); + set_config('type', 'mssql_n', 'auth_db'); } else { - set_config('type', 'mssqlnative', 'auth/db'); + set_config('type', 'mssqlnative', 'auth_db'); } - set_config('sybasequoting', '1', 'auth/db'); + set_config('sybasequoting', '1', 'auth_db'); break; default: @@ -121,24 +121,24 @@ protected function init_auth_database() { $dbman->drop_table($table); } $dbman->create_table($table); - set_config('table', $CFG->prefix.'auth_db_users', 'auth/db'); - set_config('fielduser', 'name', 'auth/db'); - set_config('fieldpass', 'pass', 'auth/db'); - set_config('field_map_lastname', 'lastname', 'auth/db'); - set_config('field_updatelocal_lastname', 'oncreate', 'auth/db'); - set_config('field_lock_lastname', 'unlocked', 'auth/db'); + set_config('table', $CFG->prefix.'auth_db_users', 'auth_db'); + set_config('fielduser', 'name', 'auth_db'); + set_config('fieldpass', 'pass', 'auth_db'); + set_config('field_map_lastname', 'lastname', 'auth_db'); + set_config('field_updatelocal_lastname', 'oncreate', 'auth_db'); + set_config('field_lock_lastname', 'unlocked', 'auth_db'); // Setu up field mappings. - set_config('field_map_email', 'email', 'auth/db'); - set_config('field_updatelocal_email', 'oncreate', 'auth/db'); - set_config('field_updateremote_email', '0', 'auth/db'); - set_config('field_lock_email', 'unlocked', 'auth/db'); + set_config('field_map_email', 'email', 'auth_db'); + set_config('field_updatelocal_email', 'oncreate', 'auth_db'); + set_config('field_updateremote_email', '0', 'auth_db'); + set_config('field_lock_email', 'unlocked', 'auth_db'); // Init the rest of settings. - set_config('passtype', 'plaintext', 'auth/db'); - set_config('changepasswordurl', '', 'auth/db'); - set_config('debugauthdb', 0, 'auth/db'); - set_config('removeuser', AUTH_REMOVEUSER_KEEP, 'auth/db'); + set_config('passtype', 'plaintext', 'auth_db'); + set_config('changepasswordurl', '', 'auth_db'); + set_config('debugauthdb', 0, 'auth_db'); + set_config('removeuser', AUTH_REMOVEUSER_KEEP, 'auth_db'); } protected function cleanup_auth_database() { @@ -226,7 +226,7 @@ public function test_plugin() { $u2 = $DB->get_record('user', array('username'=>$user2->name)); $this->assertSame($user2->email, $u2->email); - set_config('field_updatelocal_email', 'onlogin', 'auth/db'); + set_config('field_updatelocal_email', 'onlogin', 'auth_db'); $auth->config->field_updatelocal_email = 'onlogin'; $auth->sync_users($trace, false); @@ -252,7 +252,7 @@ public function test_plugin() { $this->assertEquals(0, $DB->count_records('user', array('deleted'=>1))); $this->assertEquals(0, $DB->count_records('user', array('suspended'=>1))); - set_config('removeuser', AUTH_REMOVEUSER_SUSPEND, 'auth/db'); + set_config('removeuser', AUTH_REMOVEUSER_SUSPEND, 'auth_db'); $auth->config->removeuser = AUTH_REMOVEUSER_SUSPEND; $auth->sync_users($trace, false); @@ -270,7 +270,7 @@ public function test_plugin() { $DB->delete_records('auth_db_users', array('id'=>$user2->id)); - set_config('removeuser', AUTH_REMOVEUSER_FULLDELETE, 'auth/db'); + set_config('removeuser', AUTH_REMOVEUSER_FULLDELETE, 'auth_db'); $auth->config->removeuser = AUTH_REMOVEUSER_FULLDELETE; $auth->sync_users($trace, false); @@ -299,25 +299,25 @@ public function test_plugin() { $this->assertTrue($auth->user_login('u3', 'heslo')); $this->assertFalse($DB->record_exists('user', array('username'=>'u3', 'auth'=>'db'))); - set_config('passtype', 'md5', 'auth/db'); + set_config('passtype', 'md5', 'auth_db'); $auth->config->passtype = 'md5'; $user3->pass = md5('heslo'); $DB->update_record('auth_db_users', $user3); $this->assertTrue($auth->user_login('u3', 'heslo')); - set_config('passtype', 'sh1', 'auth/db'); + set_config('passtype', 'sh1', 'auth_db'); $auth->config->passtype = 'sha1'; $user3->pass = sha1('heslo'); $DB->update_record('auth_db_users', $user3); $this->assertTrue($auth->user_login('u3', 'heslo')); - set_config('passtype', 'saltedcrypt', 'auth/db'); + set_config('passtype', 'saltedcrypt', 'auth_db'); $auth->config->passtype = 'saltedcrypt'; $user3->pass = password_hash('heslo', PASSWORD_BCRYPT); $DB->update_record('auth_db_users', $user3); $this->assertTrue($auth->user_login('u3', 'heslo')); - set_config('passtype', 'internal', 'auth/db'); + set_config('passtype', 'internal', 'auth_db'); $auth->config->passtype = 'internal'; create_user_record('u3', 'heslo', 'db'); $this->assertTrue($auth->user_login('u3', 'heslo')); @@ -325,19 +325,19 @@ public function test_plugin() { $DB->delete_records('auth_db_users', array('id'=>$user3->id)); - set_config('removeuser', AUTH_REMOVEUSER_KEEP, 'auth/db'); + set_config('removeuser', AUTH_REMOVEUSER_KEEP, 'auth_db'); $auth->config->removeuser = AUTH_REMOVEUSER_KEEP; $this->assertTrue($auth->user_login('u3', 'heslo')); - set_config('removeuser', AUTH_REMOVEUSER_SUSPEND, 'auth/db'); + set_config('removeuser', AUTH_REMOVEUSER_SUSPEND, 'auth_db'); $auth->config->removeuser = AUTH_REMOVEUSER_SUSPEND; $this->assertFalse($auth->user_login('u3', 'heslo')); - set_config('removeuser', AUTH_REMOVEUSER_FULLDELETE, 'auth/db'); + set_config('removeuser', AUTH_REMOVEUSER_FULLDELETE, 'auth_db'); $auth->config->removeuser = AUTH_REMOVEUSER_FULLDELETE; $this->assertFalse($auth->user_login('u3', 'heslo')); - set_config('passtype', 'sh1', 'auth/db'); + set_config('passtype', 'sh1', 'auth_db'); $auth->config->passtype = 'sha1'; $this->assertFalse($auth->user_login('u3', 'heslo')); @@ -347,7 +347,7 @@ public function test_plugin() { $user4 = (object)array('name'=>'u4', 'pass'=>'heslo', 'email'=>'u4@example.com'); $user4->id = $DB->insert_record('auth_db_users', $user4); - set_config('passtype', 'plaintext', 'auth/db'); + set_config('passtype', 'plaintext', 'auth_db'); $auth->config->passtype = 'plaintext'; $iuser4 = create_user_record('u4', 'heslo', 'db'); @@ -361,14 +361,14 @@ public function test_plugin() { $user4b->email = 'u4b@example.com'; $DB->update_record('auth_db_users', $user4b); - set_config('field_updatelocal_email', 'oncreate', 'auth/db'); + set_config('field_updatelocal_email', 'oncreate', 'auth_db'); $auth->config->field_updatelocal_email = 'oncreate'; update_user_record('u4'); $iuser4 = $DB->get_record('user', array('id'=>$iuser4->id)); $this->assertSame($user4->email, $iuser4->email); - set_config('field_updatelocal_email', 'onlogin', 'auth/db'); + set_config('field_updatelocal_email', 'onlogin', 'auth_db'); $auth->config->field_updatelocal_email = 'onlogin'; update_user_record('u4'); @@ -461,7 +461,7 @@ public function test_deleting_with_many_users() { $auth->db_init(); // Set to delete from moodle when missing from DB. - set_config('removeuser', AUTH_REMOVEUSER_FULLDELETE, 'auth/db'); + set_config('removeuser', AUTH_REMOVEUSER_FULLDELETE, 'auth_db'); $auth->config->removeuser = AUTH_REMOVEUSER_FULLDELETE; // Create users. diff --git a/auth/db/upgrade.txt b/auth/db/upgrade.txt index b9475fa523171..c3b98c3b1ad79 100644 --- a/auth/db/upgrade.txt +++ b/auth/db/upgrade.txt @@ -1,6 +1,11 @@ This files describes API changes in /auth/db/*, information provided here is intended especially for developers. +=== 3.3 === + +* The config.html file was migrated to use the admin settings API. + The identifier for configuration data stored in config_plugins table was converted from 'auth/db' to 'auth_db'. + === 3.1 === * The auth_plugin_db::clean_data() has been deprecated and will be removed diff --git a/auth/db/version.php b/auth/db/version.php index ccb61d0a1779e..f291cf821aaa9 100644 --- a/auth/db/version.php +++ b/auth/db/version.php @@ -24,6 +24,6 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2017022200; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2017032800; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2016112900; // Requires this Moodle version $plugin->component = 'auth_db'; // Full name of the plugin (used for diagnostics) diff --git a/auth/email/auth.php b/auth/email/auth.php index e9c1da1820a5c..f1cbc111361f0 100644 --- a/auth/email/auth.php +++ b/auth/email/auth.php @@ -36,7 +36,7 @@ class auth_plugin_email extends auth_plugin_base { */ public function __construct() { $this->authtype = 'email'; - $this->config = get_config('auth/email'); + $this->config = get_config('auth_email'); } /** @@ -236,38 +236,12 @@ function can_be_manually_set() { return true; } - /** - * Prints a form for configuring this authentication plugin. - * - * This function is called from admin/auth.php, and outputs a full page with - * a form for configuring this plugin. - * - * @param array $page An object containing all the data for this page. - */ - function config_form($config, $err, $user_fields) { - include "config.html"; - } - - /** - * Processes and stores configuration data for this authentication plugin. - */ - function process_config($config) { - // set to defaults if undefined - if (!isset($config->recaptcha)) { - $config->recaptcha = false; - } - - // save settings - set_config('recaptcha', $config->recaptcha, 'auth/email'); - return true; - } - /** * Returns whether or not the captcha element is enabled. * @return bool */ function is_captcha_enabled() { - return get_config("auth/{$this->authtype}", 'recaptcha'); + return get_config("auth_{$this->authtype}", 'recaptcha'); } } diff --git a/auth/email/config.html b/auth/email/config.html deleted file mode 100644 index 1b26e3f0cd91d..0000000000000 --- a/auth/email/config.html +++ /dev/null @@ -1,31 +0,0 @@ - -recaptcha)) { - $config->recaptcha = false; - } - - $yesno = array( get_string('no'), get_string('yes') ); - -?> - - - - - - - - - - -authtype, $user_fields, get_string('auth_fieldlocks_help', 'auth'), false, false); - -?> -
-

-
recaptcha, false); - ?>
diff --git a/auth/email/db/upgrade.php b/auth/email/db/upgrade.php new file mode 100644 index 0000000000000..36d6d1f537b51 --- /dev/null +++ b/auth/email/db/upgrade.php @@ -0,0 +1,46 @@ +. + +/** + * No authentication plugin upgrade code + * + * @package auth_email + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die(); + +/** + * Function to upgrade auth_email. + * @param int $oldversion the version we are upgrading from + * @return bool result + */ +function xmldb_auth_email_upgrade($oldversion) { + global $CFG, $DB; + + // Automatically generated Moodle v3.2.0 release upgrade line. + // Put any upgrade step following this. + + if ($oldversion < 2017020700) { + // Convert info in config plugins from auth/email to auth_email. + $DB->set_field('config_plugins', 'plugin', 'auth_email', array('plugin' => 'auth/email')); + upgrade_plugin_savepoint(true, 2017020700, 'auth', 'email'); + } + + return true; +} + diff --git a/auth/email/settings.php b/auth/email/settings.php new file mode 100644 index 0000000000000..88d7bc2707010 --- /dev/null +++ b/auth/email/settings.php @@ -0,0 +1,46 @@ +. + +/** + * Admin settings and defaults. + * + * @package auth_email + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die; + +if ($ADMIN->fulltree) { + + // Introductory explanation. + $settings->add(new admin_setting_heading('auth_email/pluginname', '', + new lang_string('auth_emaildescription', 'auth_email'))); + + $options = array( + new lang_string('no'), + new lang_string('yes'), + ); + + $settings->add(new admin_setting_configselect('auth_email/recaptcha', + new lang_string('auth_emailrecaptcha_key', 'auth_email'), + new lang_string('auth_emailrecaptcha', 'auth_email'), 0, $options)); + + // Display locking / mapping of profile fields. + $authplugin = get_auth_plugin($this->name); + display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields, + get_string('auth_fieldlocks_help', 'auth'), false, false); +} diff --git a/auth/email/upgrade.txt b/auth/email/upgrade.txt new file mode 100644 index 0000000000000..582de46065bb4 --- /dev/null +++ b/auth/email/upgrade.txt @@ -0,0 +1,8 @@ +This files describes API changes in /auth/email/*, +information provided here is intended especially for developers. + +=== 3.3 === + +* The config.html file was migrated to use the admin settings API. + The identifier for configuration data stored in config_plugins table was converted from 'auth/email' to 'auth_email'. + diff --git a/auth/email/version.php b/auth/email/version.php index 4ed6214639658..5787477d4efa3 100644 --- a/auth/email/version.php +++ b/auth/email/version.php @@ -24,6 +24,6 @@ defined('MOODLE_INTERNAL') || die; -$plugin->version = 2016120500; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2017020700; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2016112900; // Requires this Moodle version $plugin->component = 'auth_email'; // Full name of the plugin (used for diagnostics) diff --git a/auth/fc/auth.php b/auth/fc/auth.php index b9879923c7b99..31b1b20b37ae1 100644 --- a/auth/fc/auth.php +++ b/auth/fc/auth.php @@ -39,7 +39,7 @@ class auth_plugin_fc extends auth_plugin_base { */ public function __construct() { $this->authtype = 'fc'; - $this->config = get_config('auth/fc'); + $this->config = get_config('auth_fc'); } /** @@ -211,53 +211,6 @@ function sync_roles($user) { } } - /** - * Prints a form for configuring this authentication plugin. - * - * This function is called from admin/auth.php, and outputs a full page with - * a form for configuring this plugin. - * - * @param array $page An object containing all the data for this page. - */ - function config_form($config, $err, $user_fields) { - include "config.html"; - } - - /** - * Processes and stores configuration data for this authentication plugin. - */ - function process_config($config) { - // set to defaults if undefined - if (!isset($config->host)) { - $config->host = "127.0.0.1"; - } - if (!isset($config->fppport)) { - $config->fppport = "3333"; - } - if (!isset($config->userid)) { - $config->userid = "fcMoodle"; - } - if (!isset($config->passwd)) { - $config->passwd = ""; - } - if (!isset($config->creators)) { - $config->creators = ""; - } - if (!isset($config->changepasswordurl)) { - $config->changepasswordurl = ''; - } - - // save settings - set_config('host', $config->host, 'auth/fc'); - set_config('fppport', $config->fppport, 'auth/fc'); - set_config('userid', $config->userid, 'auth/fc'); - set_config('passwd', $config->passwd, 'auth/fc'); - set_config('creators', $config->creators, 'auth/fc'); - set_config('changepasswordurl', $config->changepasswordurl, 'auth/fc'); - - return true; - } - } diff --git a/auth/fc/config.html b/auth/fc/config.html deleted file mode 100644 index 602941122c609..0000000000000 --- a/auth/fc/config.html +++ /dev/null @@ -1,103 +0,0 @@ -host)) { - $config->host = "127.0.0.1"; - } - if (!isset($config->fppport)) { - $config->fppport = "3333"; - } - if (!isset($config->userid)) { - $config->userid = "fcMoodle"; - } - if (!isset($config->passwd)) { - $config->passwd = ""; - } - if (!isset($config->creators)) { - $config->creators = ""; - } - if (!isset($config->changepasswordurl)) { - $config->changepasswordurl = ''; - } - if (!isset($config->changepasswordurl)) { - $config->changepasswordurl = ''; - } - -?> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -authtype, $user_fields, get_string('auth_fieldlocks_help', 'auth'), false, false); - -?> -
- - error_text($err["host"]); ?> - - -
- - error_text($err["host"]); ?> - - -
- - error_text($err["userid"]); ?> - - -
- - error_text($err["passwd"]); ?> - - -
- - error_text($err["creators"]); ?> - - -
- - error_text($err['changepasswordurl']); - } - - ?> -
diff --git a/auth/fc/db/upgrade.php b/auth/fc/db/upgrade.php new file mode 100644 index 0000000000000..6909e6cc736f6 --- /dev/null +++ b/auth/fc/db/upgrade.php @@ -0,0 +1,45 @@ +. + +/** + * First Class authentication plugin upgrade code + * + * @package auth_fc + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die(); + +/** + * Function to upgrade auth_fc. + * @param int $oldversion the version we are upgrading from + * @return bool result + */ +function xmldb_auth_fc_upgrade($oldversion) { + global $CFG, $DB; + + // Automatically generated Moodle v3.2.0 release upgrade line. + // Put any upgrade step following this. + + if ($oldversion < 2017020700) { + // Convert info in config plugins from auth/fc to auth_fc. + $DB->set_field('config_plugins', 'plugin', 'auth_fc', array('plugin' => 'auth/fc')); + upgrade_plugin_savepoint(true, 2017020700, 'auth', 'fc'); + } + + return true; +} diff --git a/auth/fc/settings.php b/auth/fc/settings.php new file mode 100644 index 0000000000000..6039a64700235 --- /dev/null +++ b/auth/fc/settings.php @@ -0,0 +1,61 @@ +. + +/** + * Admin settings and defaults. + * + * @package auth_fc + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die; + +if ($ADMIN->fulltree) { + + // Introductory explanation. + $settings->add(new admin_setting_heading('auth_fc/pluginname', '', new lang_string('auth_fcdescription', 'auth_fc'))); + + // Host. + $settings->add(new admin_setting_configtext('auth_fc/host', get_string('auth_fchost_key', 'auth_fc'), + get_string('auth_fchost', 'auth_fc'), '127.0.0.1', PARAM_HOST)); + + // Port. + $settings->add(new admin_setting_configtext('auth_fc/fppport', get_string('auth_fcfppport_key', 'auth_fc'), + get_string('auth_fcfppport', 'auth_fc'), '3333', PARAM_INT)); + + // User ID. + $settings->add(new admin_setting_configtext('auth_fc/userid', get_string('auth_fcuserid_key', 'auth_fc'), + get_string('auth_fcuserid', 'auth_fc'), 'fcMoodle', PARAM_RAW)); + + // Password. + $settings->add(new admin_setting_configpasswordunmask('auth_fc/passwd', get_string('auth_fcpasswd_key', 'auth_fc'), + get_string('auth_fcpasswd', 'auth_fc'), '')); + + // Creators. + $settings->add(new admin_setting_configtext('auth_fc/creators', get_string('auth_fccreators_key', 'auth_fc'), + get_string('auth_fccreators', 'auth_fc'), '', PARAM_RAW)); + + // Password change URL. + $settings->add(new admin_setting_configtext('auth_fc/changepasswordurl', + get_string('auth_fcchangepasswordurl', 'auth_fc'), + get_string('changepasswordhelp', 'auth'), '', PARAM_URL)); + + // Display locking / mapping of profile fields. + $authplugin = get_auth_plugin($this->name); + display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields, + get_string('auth_fieldlocks_help', 'auth'), false, false); +} diff --git a/auth/fc/upgrade.txt b/auth/fc/upgrade.txt new file mode 100644 index 0000000000000..bebe5d8c94639 --- /dev/null +++ b/auth/fc/upgrade.txt @@ -0,0 +1,8 @@ +This files describes API changes in /auth/fc/*, +information provided here is intended especially for developers. + +=== 3.3 === + +* The config.html file was migrated to use the admin settings API. + The identifier for configuration data stored in config_plugins table was converted from 'auth/fc' to 'auth_fc'. + diff --git a/auth/fc/version.php b/auth/fc/version.php index a700d9ccde9db..55fc7e586e77b 100644 --- a/auth/fc/version.php +++ b/auth/fc/version.php @@ -24,6 +24,6 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2016120500; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2017020700; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2016112900; // Requires this Moodle version $plugin->component = 'auth_fc'; // Full name of the plugin (used for diagnostics) diff --git a/auth/imap/auth.php b/auth/imap/auth.php index 3e3e2da93964e..6d6590c611ca7 100644 --- a/auth/imap/auth.php +++ b/auth/imap/auth.php @@ -37,7 +37,7 @@ class auth_plugin_imap extends auth_plugin_base { */ public function __construct() { $this->authtype = 'imap'; - $this->config = get_config('auth/imap'); + $this->config = get_config('auth_imap'); } /** @@ -141,47 +141,6 @@ function change_password_url() { } } - /** - * Prints a form for configuring this authentication plugin. - * - * This function is called from admin/auth.php, and outputs a full page with - * a form for configuring this plugin. - * - * @param array $page An object containing all the data for this page. - */ - function config_form($config, $err, $user_fields) { - global $OUTPUT; - - include "config.html"; - } - - /** - * Processes and stores configuration data for this authentication plugin. - */ - function process_config($config) { - // set to defaults if undefined - if (!isset ($config->host)) { - $config->host = '127.0.0.1'; - } - if (!isset ($config->type)) { - $config->type = 'imap'; - } - if (!isset ($config->port)) { - $config->port = '143'; - } - if (!isset($config->changepasswordurl)) { - $config->changepasswordurl = ''; - } - - // save settings - set_config('host', $config->host, 'auth/imap'); - set_config('type', $config->type, 'auth/imap'); - set_config('port', $config->port, 'auth/imap'); - set_config('changepasswordurl', $config->changepasswordurl, 'auth/imap'); - - return true; - } - } diff --git a/auth/imap/config.html b/auth/imap/config.html deleted file mode 100644 index 914d14f691db3..0000000000000 --- a/auth/imap/config.html +++ /dev/null @@ -1,93 +0,0 @@ -host)) { - $config->host = '127.0.0.1'; -} -if (!isset($config->type)) { - $config->type = 'imap'; -} -if (!isset($config->port)) { - $config->port = '143'; -} -if (!isset($config->changepasswordurl)) { - $config->changepasswordurl = ''; -} - -?> - - - - - - - - - - - - - - - - - - - - - - - - - - -authtype, $user_fields, get_string('auth_fieldlocks_help', 'auth'), false, false); - -?> -
- - error_text($err['host']); - } - - ?> - - -
: - type, false); - - ?> -
- - error_text($err['port']); - } - - ?> -
- - error_text($err['changepasswordurl']); - } - - ?> -
diff --git a/auth/imap/db/upgrade.php b/auth/imap/db/upgrade.php new file mode 100644 index 0000000000000..96dc3df4849f3 --- /dev/null +++ b/auth/imap/db/upgrade.php @@ -0,0 +1,46 @@ +. + +/** + * Imap authentication plugin upgrade code + * + * @package auth_imap + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die(); + +/** + * Function to upgrade auth_imap. + * @param int $oldversion the version we are upgrading from + * @return bool result + */ +function xmldb_auth_imap_upgrade($oldversion) { + global $CFG, $DB; + + // Automatically generated Moodle v3.2.0 release upgrade line. + // Put any upgrade step following this. + + if ($oldversion < 2017020700) { + // Convert info in config plugins from auth/imap to auth_imap. + $DB->set_field('config_plugins', 'plugin', 'auth_imap', array('plugin' => 'auth/imap')); + upgrade_plugin_savepoint(true, 2017020700, 'auth', 'imap'); + } + + return true; +} + diff --git a/auth/imap/settings.php b/auth/imap/settings.php new file mode 100644 index 0000000000000..b2478bd5cbfa1 --- /dev/null +++ b/auth/imap/settings.php @@ -0,0 +1,62 @@ +. + +/** + * Admin settings and defaults. + * + * @package auth_imap + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die; + +if ($ADMIN->fulltree) { + + // Introductory explanation. + $settings->add(new admin_setting_heading('auth_imap/pluginname', '', new lang_string('auth_imapdescription', 'auth_imap'))); + + // Host. + $settings->add(new admin_setting_configtext('auth_imap/host', get_string('auth_imaphost_key', 'auth_imap'), + get_string('auth_imaphost', 'auth_imap') . ' ' .get_string('auth_multiplehosts', 'auth'), + '127.0.0.1', PARAM_RAW)); + + // Type. + $imapoptions = array(); + $imaptypes = array('imap', 'imapssl', 'imapcert', 'imapnosslcert', 'imaptls'); + foreach ($imaptypes as $imaptype) { + $imapoptions[$imaptype] = $imaptype; + } + + $settings->add(new admin_setting_configselect('auth_imap/type', + new lang_string('auth_imaptype_key', 'auth_imap'), + new lang_string('auth_imaptype', 'auth_imap'), 'imap', $imapoptions)); + + // Port. + $settings->add(new admin_setting_configtext('auth_imap/port', get_string('auth_imapport_key', 'auth_imap'), + get_string('auth_imapport', 'auth_imap'), '143', PARAM_INT)); + + // Password change URL. + $settings->add(new admin_setting_configtext('auth_imap/changepasswordurl', + get_string('auth_imapchangepasswordurl_key', 'auth_imap'), + get_string('changepasswordhelp', 'auth'), '', PARAM_URL)); + + // Display locking / mapping of profile fields. + $authplugin = get_auth_plugin($this->name); + display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields, + get_string('auth_fieldlocks_help', 'auth'), false, false); + +} diff --git a/auth/imap/upgrade.txt b/auth/imap/upgrade.txt new file mode 100644 index 0000000000000..cbfa00f73a533 --- /dev/null +++ b/auth/imap/upgrade.txt @@ -0,0 +1,7 @@ +This files describes API changes in /auth/imap/*, +information provided here is intended especially for developers. + +=== 3.3 === + +* The config.html file was migrated to use the admin settings API. + The identifier for configuration data stored in config_plugins table was converted from 'auth/imap' to 'auth_imap'. diff --git a/auth/imap/version.php b/auth/imap/version.php index 95fb3df86abeb..5c102b049532f 100644 --- a/auth/imap/version.php +++ b/auth/imap/version.php @@ -24,6 +24,6 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2016120500; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2017020700; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2016112900; // Requires this Moodle version $plugin->component = 'auth_imap'; // Full name of the plugin (used for diagnostics) diff --git a/auth/ldap/auth.php b/auth/ldap/auth.php index b23c9ec99bec2..7e6fd3b324215 100644 --- a/auth/ldap/auth.php +++ b/auth/ldap/auth.php @@ -89,7 +89,7 @@ class auth_plugin_ldap extends auth_plugin_base { * Init plugin config from database settings depending on the plugin auth type. */ function init_plugin($authtype) { - $this->pluginconfig = 'auth/'.$authtype; + $this->pluginconfig = 'auth_'.$authtype; $this->config = get_config($this->pluginconfig); if (empty($this->config->ldapencoding)) { $this->config->ldapencoding = 'utf-8'; @@ -1815,186 +1815,6 @@ function sync_roles($user) { } } - /** - * Prints a form for configuring this authentication plugin. - * - * This function is called from admin/auth.php, and outputs a full page with - * a form for configuring this plugin. - * - * @param array $page An object containing all the data for this page. - */ - function config_form($config, $err, $user_fields) { - global $CFG, $OUTPUT; - - if (!function_exists('ldap_connect')) { // Is php-ldap really there? - echo $OUTPUT->notification(get_string('auth_ldap_noextension', 'auth_ldap')); - return; - } - - include($CFG->dirroot.'/auth/ldap/config.html'); - } - - /** - * Processes and stores configuration data for this authentication plugin. - */ - function process_config($config) { - // Set to defaults if undefined - if (!isset($config->host_url)) { - $config->host_url = ''; - } - if (!isset($config->start_tls)) { - $config->start_tls = false; - } - if (empty($config->ldapencoding)) { - $config->ldapencoding = 'utf-8'; - } - if (!isset($config->pagesize)) { - $config->pagesize = LDAP_DEFAULT_PAGESIZE; - } - if (!isset($config->contexts)) { - $config->contexts = ''; - } - if (!isset($config->user_type)) { - $config->user_type = 'default'; - } - if (!isset($config->user_attribute)) { - $config->user_attribute = ''; - } - if (!isset($config->suspended_attribute)) { - $config->suspended_attribute = ''; - } - if (!isset($config->sync_suspended)) { - $config->sync_suspended = false; - } - if (!isset($config->search_sub)) { - $config->search_sub = ''; - } - if (!isset($config->opt_deref)) { - $config->opt_deref = LDAP_DEREF_NEVER; - } - if (!isset($config->preventpassindb)) { - $config->preventpassindb = 0; - } - if (!isset($config->bind_dn)) { - $config->bind_dn = ''; - } - if (!isset($config->bind_pw)) { - $config->bind_pw = ''; - } - if (!isset($config->ldap_version)) { - $config->ldap_version = '3'; - } - if (!isset($config->objectclass)) { - $config->objectclass = ''; - } - if (!isset($config->memberattribute)) { - $config->memberattribute = ''; - } - if (!isset($config->memberattribute_isdn)) { - $config->memberattribute_isdn = ''; - } - if (!isset($config->creators)) { - $config->creators = ''; - } - if (!isset($config->create_context)) { - $config->create_context = ''; - } - if (!isset($config->expiration)) { - $config->expiration = ''; - } - if (!isset($config->expiration_warning)) { - $config->expiration_warning = '10'; - } - if (!isset($config->expireattr)) { - $config->expireattr = ''; - } - if (!isset($config->gracelogins)) { - $config->gracelogins = ''; - } - if (!isset($config->graceattr)) { - $config->graceattr = ''; - } - if (!isset($config->auth_user_create)) { - $config->auth_user_create = ''; - } - if (!isset($config->forcechangepassword)) { - $config->forcechangepassword = 0; - } - if (!isset($config->stdchangepassword)) { - $config->stdchangepassword = 0; - } - if (!isset($config->passtype)) { - $config->passtype = 'plaintext'; - } - if (!isset($config->changepasswordurl)) { - $config->changepasswordurl = ''; - } - if (!isset($config->removeuser)) { - $config->removeuser = AUTH_REMOVEUSER_KEEP; - } - if (!isset($config->ntlmsso_enabled)) { - $config->ntlmsso_enabled = 0; - } - if (!isset($config->ntlmsso_subnet)) { - $config->ntlmsso_subnet = ''; - } - if (!isset($config->ntlmsso_ie_fastpath)) { - $config->ntlmsso_ie_fastpath = 0; - } - if (!isset($config->ntlmsso_type)) { - $config->ntlmsso_type = 'ntlm'; - } - if (!isset($config->ntlmsso_remoteuserformat)) { - $config->ntlmsso_remoteuserformat = ''; - } - - // Try to remove duplicates before storing the contexts (to avoid problems in sync_users()). - $config->contexts = explode(';', $config->contexts); - $config->contexts = array_map(create_function('$x', 'return core_text::strtolower(trim($x));'), - $config->contexts); - $config->contexts = implode(';', array_unique($config->contexts)); - - // Save settings - set_config('host_url', trim($config->host_url), $this->pluginconfig); - set_config('start_tls', $config->start_tls, $this->pluginconfig); - set_config('ldapencoding', trim($config->ldapencoding), $this->pluginconfig); - set_config('pagesize', (int)trim($config->pagesize), $this->pluginconfig); - set_config('contexts', $config->contexts, $this->pluginconfig); - set_config('user_type', core_text::strtolower(trim($config->user_type)), $this->pluginconfig); - set_config('user_attribute', core_text::strtolower(trim($config->user_attribute)), $this->pluginconfig); - set_config('suspended_attribute', core_text::strtolower(trim($config->suspended_attribute)), $this->pluginconfig); - set_config('sync_suspended', $config->sync_suspended, $this->pluginconfig); - set_config('search_sub', $config->search_sub, $this->pluginconfig); - set_config('opt_deref', $config->opt_deref, $this->pluginconfig); - set_config('preventpassindb', $config->preventpassindb, $this->pluginconfig); - set_config('bind_dn', trim($config->bind_dn), $this->pluginconfig); - set_config('bind_pw', $config->bind_pw, $this->pluginconfig); - set_config('ldap_version', $config->ldap_version, $this->pluginconfig); - set_config('objectclass', trim($config->objectclass), $this->pluginconfig); - set_config('memberattribute', core_text::strtolower(trim($config->memberattribute)), $this->pluginconfig); - set_config('memberattribute_isdn', $config->memberattribute_isdn, $this->pluginconfig); - set_config('creators', trim($config->creators), $this->pluginconfig); - set_config('create_context', trim($config->create_context), $this->pluginconfig); - set_config('expiration', $config->expiration, $this->pluginconfig); - set_config('expiration_warning', trim($config->expiration_warning), $this->pluginconfig); - set_config('expireattr', core_text::strtolower(trim($config->expireattr)), $this->pluginconfig); - set_config('gracelogins', $config->gracelogins, $this->pluginconfig); - set_config('graceattr', core_text::strtolower(trim($config->graceattr)), $this->pluginconfig); - set_config('auth_user_create', $config->auth_user_create, $this->pluginconfig); - set_config('forcechangepassword', $config->forcechangepassword, $this->pluginconfig); - set_config('stdchangepassword', $config->stdchangepassword, $this->pluginconfig); - set_config('passtype', $config->passtype, $this->pluginconfig); - set_config('changepasswordurl', trim($config->changepasswordurl), $this->pluginconfig); - set_config('removeuser', $config->removeuser, $this->pluginconfig); - set_config('ntlmsso_enabled', (int)$config->ntlmsso_enabled, $this->pluginconfig); - set_config('ntlmsso_subnet', trim($config->ntlmsso_subnet), $this->pluginconfig); - set_config('ntlmsso_ie_fastpath', (int)$config->ntlmsso_ie_fastpath, $this->pluginconfig); - set_config('ntlmsso_type', $config->ntlmsso_type, 'auth/ldap'); - set_config('ntlmsso_remoteuserformat', trim($config->ntlmsso_remoteuserformat), 'auth/ldap'); - - return true; - } - /** * Get password expiration time for a given user from Active Directory * @@ -2211,24 +2031,6 @@ function ldap_find_userdn($ldapconnection, $extusername) { $this->config->user_attribute, $this->config->search_sub); } - - /** - * A chance to validate form data, and last chance to do stuff - * before it is inserted in config_plugin - * - * @param object object with submitted configuration settings (without system magic quotes) - * @param array $err array of error messages (passed by reference) - */ - function validate_form($form, &$err) { - if ($form->ntlmsso_type == 'ntlm') { - $format = trim($form->ntlmsso_remoteuserformat); - if (!empty($format) && !preg_match('/%username%/i', $format)) { - $err['ntlmsso_remoteuserformat'] = get_string('auth_ntlmsso_missing_username', 'auth_ldap'); - } - } - } - - /** * When using NTLM SSO, the format of the remote username we get in * $_SERVER['REMOTE_USER'] may vary, depending on where from and how the web @@ -2312,4 +2114,41 @@ protected function is_user_suspended($user) { return (bool)$user->suspended; } + /** + * Test if settings are correct, print info to output. + */ + public function test_settings() { + global $OUTPUT; + + if (!function_exists('ldap_connect')) { // Is php-ldap really there? + echo $OUTPUT->notification(get_string('auth_ldap_noextension', 'auth_ldap')); + return; + } + + // Check to see if this is actually configured. + if ((isset($this->config->host_url)) && ($this->config->host_url !== '')) { + + try { + $ldapconn = $this->ldap_connect(); + // Try to connect to the LDAP server. See if the page size setting is supported on this server. + $pagedresultssupported = ldap_paged_results_supported($this->config->ldap_version, $ldapconn); + } catch (Exception $e) { + + // If we couldn't connect and get the supported options, we can only assume we don't support paged results. + $pagedresultssupported = false; + } + + // Display paged file results. + if ((!$pagedresultssupported)) { + echo $OUTPUT->notification(get_string('pagedresultsnotsupp', 'auth_ldap'), \core\output\notification::NOTIFY_INFO); + } else if ($ldapconn) { + // We were able to connect successfuly. + echo $OUTPUT->notification(get_string('connectingldapsuccess', 'auth_ldap'), \core\output\notification::NOTIFY_SUCCESS); + } + + } else { + // LDAP is not even configured. + echo $OUTPUT->notification(get_string('ldapnotconfigured', 'auth_ldap'), \core\output\notification::NOTIFY_INFO); + } + } } // End of the class diff --git a/auth/ldap/classes/admin_setting_special_contexts_configtext.php b/auth/ldap/classes/admin_setting_special_contexts_configtext.php new file mode 100644 index 0000000000000..6e5bc65138102 --- /dev/null +++ b/auth/ldap/classes/admin_setting_special_contexts_configtext.php @@ -0,0 +1,50 @@ +. + +/** + * Special setting for auth_ldap that cleans up context values on save.. + * + * @package auth_ldap + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die(); + +/** + * Special setting for auth_ldap that cleans up context values on save.. + * + * @package auth_ldap + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ +class auth_ldap_admin_setting_special_contexts_configtext extends admin_setting_configtext { + + /** + * We need to remove duplicates on save to prevent issues in other areas of Moodle. + * + * @param string $data Form data. + * @return string Empty when no errors. + */ + public function write_setting($data) { + // Try to remove duplicates before storing the contexts (to avoid problems in sync_users()). + $data = explode(';', $data); + $data = array_map(create_function('$x', 'return core_text::strtolower(trim($x));'), + $data); + $data = implode(';', array_unique($data)); + return parent::write_setting($data); + } +} diff --git a/auth/ldap/classes/admin_setting_special_lowercase_configtext.php b/auth/ldap/classes/admin_setting_special_lowercase_configtext.php new file mode 100644 index 0000000000000..0dd37cfb5a477 --- /dev/null +++ b/auth/ldap/classes/admin_setting_special_lowercase_configtext.php @@ -0,0 +1,45 @@ +. + +/** + * Special setting for auth_ldap that lowercases values on save.. + * + * @package auth_ldap + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die(); + +/** + * Special setting for auth_ldap that lowercases values on save.. + * + * @package auth_ldap + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ +class auth_ldap_admin_setting_special_lowercase_configtext extends admin_setting_configtext { + + /** + * We need to convert the data to lowercase prior to save. + * + * @param string $data Form data. + * @return string Empty when no errors. + */ + public function write_setting($data) { + return parent::write_setting(core_text::strtolower($data)); + } +} diff --git a/auth/ldap/classes/admin_setting_special_ntlm_configtext.php b/auth/ldap/classes/admin_setting_special_ntlm_configtext.php new file mode 100644 index 0000000000000..fde131d2be582 --- /dev/null +++ b/auth/ldap/classes/admin_setting_special_ntlm_configtext.php @@ -0,0 +1,53 @@ +. + +/** + * Special admin setting for auth_ldap that validates ntlm usernames. + * + * @package auth_ldap + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die(); + +/** + * Special admin setting for auth_ldap that validates ntlm usernames. + * + * @package auth_ldap + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ +class auth_ldap_admin_setting_special_ntlm_configtext extends admin_setting_configtext { + + /** + * We need to validate the username format when using NTLM. + * + * @param string $data Form data. + * @return string Empty when no errors. + */ + public function validate($data) { + + if (get_config('auth_ldap', 'ntlmsso_type') === 'ntlm') { + $format = trim($data); + if (!empty($format) && !preg_match('/%username%/i', $format)) { + return get_string('auth_ntlmsso_missing_username', 'auth_ldap'); + } + } + + return parent::validate($data); + } +} diff --git a/auth/ldap/config.html b/auth/ldap/config.html deleted file mode 100644 index 883eb9d0b5212..0000000000000 --- a/auth/ldap/config.html +++ /dev/null @@ -1,664 +0,0 @@ -host_url)) { - $config->host_url = ''; -} -if (!isset($config->start_tls)) { - $config->start_tls = false; -} -if (empty($config->ldapencoding)) { - $config->ldapencoding = 'utf-8'; -} -if (!isset($config->pagesize)) { - $config->pagesize = LDAP_DEFAULT_PAGESIZE; -} -if (!isset($config->contexts)) { - $config->contexts = ''; -} -if (!isset($config->user_type)) { - $config->user_type = 'default'; -} -if (!isset($config->user_attribute)) { - $config->user_attribute = ''; -} -if (!isset($config->suspended_attribute)) { - $config->suspended_attribute = ''; -} -if (!isset($config->sync_suspended)) { - $config->sync_suspended = ''; -} -if (!isset($config->search_sub)) { - $config->search_sub = ''; -} -if (!isset($config->opt_deref)) { - $config->opt_deref = LDAP_DEREF_NEVER; -} -if (!isset($config->preventpassindb)) { - $config->preventpassindb = 0; -} -if (!isset($config->bind_dn)) { - $config->bind_dn = ''; -} -if (!isset($config->bind_pw)) { - $config->bind_pw = ''; -} -if (!isset($config->ldap_version)) { - $config->ldap_version = '3'; -} -if (!isset($config->objectclass)) { - $config->objectclass = ''; -} -if (!isset($config->memberattribute)) { - $config->memberattribute = ''; -} -if (!isset($config->memberattribute_isdn)) { - $config->memberattribute_isdn = ''; -} -if (!isset($config->creators)) { - $config->creators = ''; -} -if (!isset($config->create_context)) { - $config->create_context = ''; -} -if (!isset($config->expiration)) { - $config->expiration = ''; -} -if (!isset($config->expiration_warning)) { - $config->expiration_warning = '10'; -} -if (!isset($config->expireattr)) { - $config->expireattr = ''; -} -if (!isset($config->gracelogins)) { - $config->gracelogins = ''; -} -if (!isset($config->graceattr)) { - $config->graceattr = ''; -} -if (!isset($config->auth_user_create)) { - $config->auth_user_create = ''; -} -if (!isset($config->forcechangepassword)) { - $config->forcechangepassword = 0; -} -if (!isset($config->stdchangepassword)) { - $config->stdchangepassword = 0; -} -if (!isset($config->passtype)) { - $config->passtype = 'plaintext'; -} -if (!isset($config->changepasswordurl)) { - $config->changepasswordurl = ''; -} -if (!isset($config->removeuser)) { - $config->removeuser = AUTH_REMOVEUSER_KEEP; -} -if (!isset($config->ntlmsso_enabled)) { - $config->ntlmsso_enabled = 0; -} -if (!isset($config->ntlmsso_subnet)) { - $config->ntlmsso_subnet = ''; -} -if (!isset($config->ntlmsso_ie_fastpath)) { - $config->ntlmsso_ie_fastpath = 0; -} -if (!isset($config->ntlmsso_type)) { - $config->ntlmsso_type = 'ntlm'; -} -if (!isset($config->ntlmsso_remoteuserformat)) { - $config->ntlmsso_remoteuserformat = ''; -} - -$yesno = array(get_string('no'), get_string('yes')); - -$fastpathoptions = array(AUTH_NTLM_FASTPATH_YESFORM => get_string('auth_ntlmsso_ie_fastpath_yesform', 'auth_ldap'), - AUTH_NTLM_FASTPATH_YESATTEMPT => get_string('auth_ntlmsso_ie_fastpath_yesattempt', 'auth_ldap'), - AUTH_NTLM_FASTPATH_ATTEMPT => get_string('auth_ntlmsso_ie_fastpath_attempt', 'auth_ldap')); - -$disabled = ''; -$pagedresultssupported = false; -if ($config->host_url !== '') { - /** - * We try to connect each and every time we open the config, because we want to set the Page - * Size setting as enabled or disabled depending on the configured LDAP server supporting - * pagination or not, and to notify the user about it. If the user changed the LDAP server (or - * the LDAP protocol version) last time, it might happen that paged results are no longer - * available and we want to show that to the user the next time she goes to the settings page. - */ - try { - $ldapconn = $this->ldap_connect(); - $pagedresultssupported = ldap_paged_results_supported($config->ldap_version, $ldapconn); - } catch (Exception $e) { - // If we couldn't connect and get the supported options, we can only assume we don't support paged results. - $pagedresultssupported = false; - } -} -/* Make sure we only disable the paged result size setting and show the notification about it if - * there is a configured server that we tried to contact. Othersiwe, if someone's LDAP server does - * support paged results, they won't be able to turn it on the first time they set it up (because - * the field will be disabled). - */ -if (($config->host_url !== '') && (!$pagedresultssupported)) { - $disabled = ' disabled="disabled"'; - echo $OUTPUT->notification(get_string('pagedresultsnotsupp', 'auth_ldap'), \core\output\notification::NOTIFY_INFO); -} - -?> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -'; -$help .= get_string('auth_updateremote_ldap', 'auth'); - -print_auth_lock_options($this->authtype, $user_fields, $help, true, true, $this->get_custom_user_profile_fields()); -?> -
-

-
- - - - error_text($err['host_url']); } ?> - - -
- - - ldap_version, false); - if (isset($err['ldap_version'])) { echo $OUTPUT->error_text($err['ldap_version']); } - ?> - - -
- - - start_tls, false); ?> - - -
- - - - error_text($err['ldapencoding']); } ?> - - -
- - - /> - error_text($err['pagesize']); } - if ($disabled) { - // Don't loose the page size value (disabled fields are not submitted!) - ?> - - - - - -
-

-
- - - preventpassindb, false); ?> - - -
- - - - error_text($err['bind_dn']); } ?> - - -
- - - - error_text($err['bind_pw']); } ?> - - -
-

-
- - - user_type, false); - if (isset($err['user_type'])) { echo $OUTPUT->error_text($err['user_type']); } - ?> - - -
- - - - error_text($err['contexts']); } ?> - - -
- - - search_sub, false); ?> - - -
- - - opt_deref, false); - if (isset($err['opt_deref'])) { echo $OUTPUT->error_text($err['opt_deref']); } - ?> - - -
- - - - error_text($err['user_attribute']); } ?> - - -
- - - - error_text($err['suspended_attribute']); } ?> - - -
- - - - error_text($err['memberattribute']); } ?> - - -
- - - - error_text($err['memberattribute_isdn']); } ?> - - -
- - - - error_text($err['objectclass']); } ?> - - -
-

-
- - - forcechangepassword, false); ?> - -

-
- - - stdchangepassword, false); ?> - -

-

-
- - - passtype, false); - ?> - - -
- - - - error_text($err['changepasswordurl']); } ?> - - -
-

-
- - - expiration, false); - if (isset($err['expiration'])) { echo $OUTPUT->error_text($err['expiration']); } - ?> - - -
- - - - error_text($err['expiration_warning']); } ?> - - -
- - - - error_text($err['expireattr']); } ?> - - -
- - - gracelogins, false); ?> - - -
- - - - error_text($err['graceattr']); } ?> - - -
-

-
- - - auth_user_create, false); ?> - - -
- - - - error_text($err['create_context']); } ?> - - -
-

-
- - - - error_text($err['creators']); } ?> - - -
-

-
- - - removeuser, false); - ?> - - -
- - - sync_suspended, false); ?> - - -
-

-
- - - ntlmsso_enabled, false); ?> - - -
- - - - - -
- - - ntlmsso_ie_fastpath, false); ?> - - -
- - - ntlmsso_type, false); - ?> - - -
- - - - error_text($err['ntlmsso_remoteuserformat']); } ?> - - -
diff --git a/auth/ldap/db/upgrade.php b/auth/ldap/db/upgrade.php index c72b48fe6c9f9..e6c02cdf8941e 100644 --- a/auth/ldap/db/upgrade.php +++ b/auth/ldap/db/upgrade.php @@ -25,6 +25,7 @@ defined('MOODLE_INTERNAL') || die(); /** + * Function to upgrade auth_ldap. * @param int $oldversion the version we are upgrading from * @return bool result */ @@ -58,5 +59,11 @@ function xmldb_auth_ldap_upgrade($oldversion) { // Automatically generated Moodle v3.2.0 release upgrade line. // Put any upgrade step following this. + if ($oldversion < 2017020700) { + // Convert info in config plugins from auth/ldap to auth_ldap. + $DB->set_field('config_plugins', 'plugin', 'auth_ldap', array('plugin' => 'auth/ldap')); + upgrade_plugin_savepoint(true, 2017020700, 'auth', 'ldap'); + } + return true; } diff --git a/auth/ldap/lang/en/auth_ldap.php b/auth/ldap/lang/en/auth_ldap.php index a5285dda7f9b6..c1c828bde5528 100644 --- a/auth/ldap/lang/en/auth_ldap.php +++ b/auth/ldap/lang/en/auth_ldap.php @@ -114,10 +114,12 @@ $string['auth_ntlmsso_type_key'] = 'Authentication type'; $string['auth_ntlmsso_type'] = 'The authentication method configured in the web server to authenticate the users (if in doubt, choose NTLM)'; $string['connectingldap'] = "Connecting to LDAP server...\n"; +$string['connectingldapsuccess'] = "Connecting to your LDAP server was successful"; $string['creatingtemptable'] = "Creating temporary table {\$a}\n"; $string['didntfindexpiretime'] = 'password_expire() didn\'t find expiration time.'; $string['didntgetusersfromldap'] = "Did not get any users from LDAP -- error? -- exiting\n"; $string['gotcountrecordsfromldap'] = "Got {\$a} records from LDAP\n"; +$string['ldapnotconfigured'] = 'The LDAP host url is currently not configured'; $string['morethanoneuser'] = 'Strange! More than one user record found in ldap. Only using the first one.'; $string['needbcmath'] = 'You need the BCMath extension to use grace logins with Active Directory'; $string['needmbstring'] = 'You need the mbstring extension to change passwords in Active Directory'; diff --git a/auth/ldap/settings.php b/auth/ldap/settings.php new file mode 100644 index 0000000000000..c631f31f6c397 --- /dev/null +++ b/auth/ldap/settings.php @@ -0,0 +1,301 @@ +. + +/** + * Admin settings and defaults. + * + * @package auth_ldap + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die; + +if ($ADMIN->fulltree) { + // We use a couple of custom admin settings since we need to massage the data before it is inserted into the DB. + require_once($CFG->dirroot.'/auth/ldap/classes/admin_setting_special_lowercase_configtext.php'); + require_once($CFG->dirroot.'/auth/ldap/classes/admin_setting_special_contexts_configtext.php'); + require_once($CFG->dirroot.'/auth/ldap/classes/admin_setting_special_ntlm_configtext.php'); + + // We need to use some of the Moodle LDAP constants / functions to create the list of options. + require_once($CFG->dirroot.'/auth/ldap/auth.php'); + + // Introductory explanation. + $settings->add(new admin_setting_heading('auth_ldap/pluginname', '', + new lang_string('auth_ldapdescription', 'auth_ldap'))); + + // LDAP server settings. + $settings->add(new admin_setting_heading('auth_ldap/ldapserversettings', + new lang_string('auth_ldap_server_settings', 'auth_ldap'), '')); + + // Host. + $settings->add(new admin_setting_configtext('auth_ldap/host_url', + get_string('auth_ldap_host_url_key', 'auth_ldap'), + get_string('auth_ldap_host_url', 'auth_ldap'), '', PARAM_RAW_TRIMMED)); + + // Version. + $versions = array(); + $versions[2] = '2'; + $versions[3] = '3'; + $settings->add(new admin_setting_configselect('auth_ldap/ldap_version', + new lang_string('auth_ldap_version_key', 'auth_ldap'), + new lang_string('auth_ldap_version', 'auth_ldap'), 3, $versions)); + + // Start TLS. + $yesno = array( + new lang_string('no'), + new lang_string('yes'), + ); + $settings->add(new admin_setting_configselect('auth_ldap/start_tls', + new lang_string('start_tls_key', 'auth_ldap'), + new lang_string('start_tls', 'auth_ldap'), 0 , $yesno)); + + + // Encoding. + $settings->add(new admin_setting_configtext('auth_ldap/ldapencoding', + get_string('auth_ldap_ldap_encoding_key', 'auth_ldap'), + get_string('auth_ldap_ldap_encoding', 'auth_ldap'), 'utf-8', PARAM_RAW_TRIMMED)); + + // Page Size. (Hide if not available). + $settings->add(new admin_setting_configtext('auth_ldap/pagesize', + get_string('pagesize_key', 'auth_ldap'), + get_string('pagesize', 'auth_ldap'), '250', PARAM_INT)); + + // Bind settings. + $settings->add(new admin_setting_heading('auth_ldap/ldapbindsettings', + new lang_string('auth_ldap_bind_settings', 'auth_ldap'), '')); + + // Store Password in DB. + $settings->add(new admin_setting_configselect('auth_ldap/preventpassindb', + new lang_string('auth_ldap_preventpassindb_key', 'auth_ldap'), + new lang_string('auth_ldap_preventpassindb', 'auth_ldap'), 0 , $yesno)); + + // User ID. + $settings->add(new admin_setting_configtext('auth_ldap/bind_dn', + get_string('auth_ldap_bind_dn_key', 'auth_ldap'), + get_string('auth_ldap_bind_dn', 'auth_ldap'), '', PARAM_RAW_TRIMMED)); + + // Password. + $settings->add(new admin_setting_configpasswordunmask('auth_ldap/bind_pw', + get_string('auth_ldap_bind_pw_key', 'auth_ldap'), + get_string('auth_ldap_bind_pw', 'auth_ldap'), '')); + + // User Lookup settings. + $settings->add(new admin_setting_heading('auth_ldap/ldapuserlookup', + new lang_string('auth_ldap_user_settings', 'auth_ldap'), '')); + + // User Type. + $settings->add(new admin_setting_configselect('auth_ldap/user_type', + new lang_string('auth_ldap_user_type_key', 'auth_ldap'), + new lang_string('auth_ldap_user_type', 'auth_ldap'), 'default', ldap_supported_usertypes())); + + // Contexts. + $settings->add(new auth_ldap_admin_setting_special_contexts_configtext('auth_ldap/contexts', + get_string('auth_ldap_contexts_key', 'auth_ldap'), + get_string('auth_ldap_contexts', 'auth_ldap'), '', PARAM_RAW_TRIMMED)); + + // Search subcontexts. + $settings->add(new admin_setting_configselect('auth_ldap/search_sub', + new lang_string('auth_ldap_search_sub_key', 'auth_ldap'), + new lang_string('auth_ldap_search_sub', 'auth_ldap'), 0 , $yesno)); + + // Dereference aliases. + $optderef = array(); + $optderef[LDAP_DEREF_NEVER] = get_string('no'); + $optderef[LDAP_DEREF_ALWAYS] = get_string('yes'); + + $settings->add(new admin_setting_configselect('auth_ldap/opt_deref', + new lang_string('auth_ldap_opt_deref_key', 'auth_ldap'), + new lang_string('auth_ldap_opt_deref', 'auth_ldap'), LDAP_DEREF_NEVER , $optderef)); + + // User attribute. + $settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_ldap/user_attribute', + get_string('auth_ldap_user_attribute_key', 'auth_ldap'), + get_string('auth_ldap_user_attribute', 'auth_ldap'), '', PARAM_RAW)); + + // Suspended attribute. + $settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_ldap/suspended_attribute', + get_string('auth_ldap_suspended_attribute_key', 'auth_ldap'), + get_string('auth_ldap_suspended_attribute', 'auth_ldap'), '', PARAM_RAW)); + + // Member attribute. + $settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_ldap/memberattribute', + get_string('auth_ldap_memberattribute_key', 'auth_ldap'), + get_string('auth_ldap_memberattribute', 'auth_ldap'), '', PARAM_RAW)); + + // Member attribute uses dn. + $settings->add(new admin_setting_configtext('auth_ldap/memberattribute_isdn', + get_string('auth_ldap_memberattribute_isdn_key', 'auth_ldap'), + get_string('auth_ldap_memberattribute_isdn', 'auth_ldap'), '', PARAM_RAW)); + + // Object class. + $settings->add(new admin_setting_configtext('auth_ldap/objectclass', + get_string('auth_ldap_objectclass_key', 'auth_ldap'), + get_string('auth_ldap_objectclass', 'auth_ldap'), '', PARAM_RAW_TRIMMED)); + + // Force Password change Header. + $settings->add(new admin_setting_heading('auth_ldap/ldapforcepasswordchange', + new lang_string('forcechangepassword', 'auth'), '')); + + // Force Password change. + $settings->add(new admin_setting_configselect('auth_ldap/forcechangepassword', + new lang_string('forcechangepassword', 'auth'), + new lang_string('forcechangepasswordfirst_help', 'auth'), 0 , $yesno)); + + // Standard Password Change. + $settings->add(new admin_setting_configselect('auth_ldap/stdchangepassword', + new lang_string('stdchangepassword', 'auth'), new lang_string('stdchangepassword_expl', 'auth') .' '. + get_string('stdchangepassword_explldap', 'auth'), 0 , $yesno)); + + // Password Type. + $passtype = array(); + $passtype['plaintext'] = get_string('plaintext', 'auth'); + $passtype['md5'] = get_string('md5', 'auth'); + $passtype['sha1'] = get_string('sha1', 'auth'); + + $settings->add(new admin_setting_configselect('auth_ldap/passtype', + new lang_string('auth_ldap_passtype_key', 'auth_ldap'), + new lang_string('auth_ldap_passtype', 'auth_ldap'), 'plaintext', $passtype)); + + // Password change URL. + $settings->add(new admin_setting_configtext('auth_ldap/changepasswordurl', + get_string('auth_ldap_changepasswordurl_key', 'auth_ldap'), + get_string('changepasswordhelp', 'auth'), '', PARAM_URL)); + + // Password Expiration Header. + $settings->add(new admin_setting_heading('auth_ldap/passwordexpire', + new lang_string('auth_ldap_passwdexpire_settings', 'auth_ldap'), '')); + + // Password Expiration. + $expiration = array(); + $expiration['0'] = 'no'; + $expiration['1'] = 'LDAP'; + $settings->add(new admin_setting_configselect('auth_ldap/expiration', + new lang_string('auth_ldap_expiration_key', 'auth_ldap'), + new lang_string('auth_ldap_expiration_desc', 'auth_ldap'), 0 , $expiration)); + + // Password Expiration warning. + $settings->add(new admin_setting_configtext('auth_ldap/expiration_warning', + get_string('auth_ldap_expiration_warning_key', 'auth_ldap'), + get_string('auth_ldap_expiration_warning_desc', 'auth_ldap'), '', PARAM_RAW)); + + // Password Expiration attribute. + $settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_ldap/expireattr', + get_string('auth_ldap_expireattr_key', 'auth_ldap'), + get_string('auth_ldap_expireattr_desc', 'auth_ldap'), '', PARAM_RAW)); + + // Grace Logins. + $settings->add(new admin_setting_configselect('auth_ldap/gracelogins', + new lang_string('auth_ldap_gracelogins_key', 'auth_ldap'), + new lang_string('auth_ldap_gracelogins_desc', 'auth_ldap'), 0 , $yesno)); + + // Grace logins attribute. + $settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_ldap/graceattr', + get_string('auth_ldap_gracelogin_key', 'auth_ldap'), + get_string('auth_ldap_graceattr_desc', 'auth_ldap'), '', PARAM_RAW)); + + // User Creation. + $settings->add(new admin_setting_heading('auth_ldap/usercreation', + new lang_string('auth_user_create', 'auth'), '')); + + // Create users externally. + $settings->add(new admin_setting_configselect('auth_ldap/auth_user_create', + new lang_string('auth_ldap_auth_user_create_key', 'auth_ldap'), + new lang_string('auth_user_creation', 'auth'), 0 , $yesno)); + + // Context for new users. + $settings->add(new admin_setting_configtext('auth_ldap/create_context', + get_string('auth_ldap_create_context_key', 'auth_ldap'), + get_string('auth_ldap_create_context', 'auth_ldap'), '', PARAM_RAW_TRIMMED)); + + // Course Creators Header. + $settings->add(new admin_setting_heading('auth_ldap/coursecreators', + new lang_string('coursecreators'), '')); + + // Course creators field mapping. + $settings->add(new admin_setting_configtext('auth_ldap/creators', + get_string('auth_ldap_creators_key', 'auth_ldap'), + get_string('auth_ldap_creators', 'auth_ldap'), '', PARAM_RAW_TRIMMED)); + + // User Account Sync. + $settings->add(new admin_setting_heading('auth_ldap/syncusers', + new lang_string('auth_sync_script', 'auth'), '')); + + // Remove external user. + $deleteopt = array(); + $deleteopt[AUTH_REMOVEUSER_KEEP] = get_string('auth_remove_keep', 'auth'); + $deleteopt[AUTH_REMOVEUSER_SUSPEND] = get_string('auth_remove_suspend', 'auth'); + $deleteopt[AUTH_REMOVEUSER_FULLDELETE] = get_string('auth_remove_delete', 'auth'); + + $settings->add(new admin_setting_configselect('auth_ldap/removeuser', + new lang_string('auth_remove_user_key', 'auth'), + new lang_string('auth_remove_user', 'auth'), AUTH_REMOVEUSER_KEEP, $deleteopt)); + + // Sync Suspension. + $settings->add(new admin_setting_configselect('auth_ldap/sync_suspended', + new lang_string('auth_sync_suspended_key', 'auth'), + new lang_string('auth_sync_suspended', 'auth'), 0 , $yesno)); + + // NTLM SSO Header. + $settings->add(new admin_setting_heading('auth_ldap/ntlm', + new lang_string('auth_ntlmsso', 'auth_ldap'), '')); + + // Enable NTLM. + $settings->add(new admin_setting_configselect('auth_ldap/ntlmsso_enabled', + new lang_string('auth_ntlmsso_enabled_key', 'auth_ldap'), + new lang_string('auth_ntlmsso_enabled', 'auth_ldap'), 0 , $yesno)); + + // Subnet. + $settings->add(new admin_setting_configtext('auth_ldap/ntlmsso_subnet', + get_string('auth_ntlmsso_subnet_key', 'auth_ldap'), + get_string('auth_ntlmsso_subnet', 'auth_ldap'), '', PARAM_RAW_TRIMMED)); + + // NTLM Fast Path. + $fastpathoptions = array(); + $fastpathoptions[AUTH_NTLM_FASTPATH_YESFORM] = get_string('auth_ntlmsso_ie_fastpath_yesform', 'auth_ldap'); + $fastpathoptions[AUTH_NTLM_FASTPATH_YESATTEMPT] = get_string('auth_ntlmsso_ie_fastpath_yesattempt', 'auth_ldap'); + $fastpathoptions[AUTH_NTLM_FASTPATH_ATTEMPT] = get_string('auth_ntlmsso_ie_fastpath_attempt', 'auth_ldap'); + + $settings->add(new admin_setting_configselect('auth_ldap/ntlmsso_ie_fastpath', + new lang_string('auth_ntlmsso_ie_fastpath_key', 'auth_ldap'), + new lang_string('auth_ntlmsso_ie_fastpath', 'auth_ldap'), + AUTH_NTLM_FASTPATH_ATTEMPT, $fastpathoptions)); + + // Authentication type. + $types = array(); + $types['ntlm'] = 'NTLM'; + $types['kerberos'] = 'Kerberos'; + + $settings->add(new admin_setting_configselect('auth_ldap/ntlmsso_type', + new lang_string('auth_ntlmsso_type_key', 'auth_ldap'), + new lang_string('auth_ntlmsso_type', 'auth_ldap'), 'ntlm', $types)); + + // Remote Username format. + $settings->add(new auth_ldap_admin_setting_special_ntlm_configtext('auth_ldap/ntlmsso_remoteuserformat', + get_string('auth_ntlmsso_remoteuserformat_key', 'auth_ldap'), + get_string('auth_ntlmsso_remoteuserformat', 'auth_ldap'), '', PARAM_RAW_TRIMMED)); + + // Display locking / mapping of profile fields. + $authplugin = get_auth_plugin($this->name); + $help = get_string('auth_ldapextrafields', 'auth_ldap'); + $help .= get_string('auth_updatelocal_expl', 'auth'); + $help .= get_string('auth_fieldlock_expl', 'auth'); + $help .= get_string('auth_updateremote_expl', 'auth'); + $help .= '
'; + $help .= get_string('auth_updateremote_ldap', 'auth'); + display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields, + $help, true, true, $authplugin->get_custom_user_profile_fields()); +} diff --git a/auth/ldap/tests/plugin_test.php b/auth/ldap/tests/plugin_test.php index dff14853580ea..d50f67d38e97b 100644 --- a/auth/ldap/tests/plugin_test.php +++ b/auth/ldap/tests/plugin_test.php @@ -96,37 +96,37 @@ public function test_auth_ldap() { // Configure the plugin a bit. - set_config('host_url', TEST_AUTH_LDAP_HOST_URL, 'auth/ldap'); - set_config('start_tls', 0, 'auth/ldap'); - set_config('ldap_version', 3, 'auth/ldap'); - set_config('ldapencoding', 'utf-8', 'auth/ldap'); - set_config('pagesize', '2', 'auth/ldap'); - set_config('bind_dn', TEST_AUTH_LDAP_BIND_DN, 'auth/ldap'); - set_config('bind_pw', TEST_AUTH_LDAP_BIND_PW, 'auth/ldap'); - set_config('user_type', 'rfc2307', 'auth/ldap'); - set_config('contexts', 'ou=users,'.$topdn, 'auth/ldap'); - set_config('search_sub', 0, 'auth/ldap'); - set_config('opt_deref', LDAP_DEREF_NEVER, 'auth/ldap'); - set_config('user_attribute', 'cn', 'auth/ldap'); - set_config('memberattribute', 'memberuid', 'auth/ldap'); - set_config('memberattribute_isdn', 0, 'auth/ldap'); - set_config('creators', 'cn=creators,'.$topdn, 'auth/ldap'); - set_config('removeuser', AUTH_REMOVEUSER_KEEP, 'auth/ldap'); - - set_config('field_map_email', 'mail', 'auth/ldap'); - set_config('field_updatelocal_email', 'oncreate', 'auth/ldap'); - set_config('field_updateremote_email', '0', 'auth/ldap'); - set_config('field_lock_email', 'unlocked', 'auth/ldap'); - - set_config('field_map_firstname', 'givenName', 'auth/ldap'); - set_config('field_updatelocal_firstname', 'oncreate', 'auth/ldap'); - set_config('field_updateremote_firstname', '0', 'auth/ldap'); - set_config('field_lock_firstname', 'unlocked', 'auth/ldap'); - - set_config('field_map_lastname', 'sn', 'auth/ldap'); - set_config('field_updatelocal_lastname', 'oncreate', 'auth/ldap'); - set_config('field_updateremote_lastname', '0', 'auth/ldap'); - set_config('field_lock_lastname', 'unlocked', 'auth/ldap'); + set_config('host_url', TEST_AUTH_LDAP_HOST_URL, 'auth_ldap'); + set_config('start_tls', 0, 'auth_ldap'); + set_config('ldap_version', 3, 'auth_ldap'); + set_config('ldapencoding', 'utf-8', 'auth_ldap'); + set_config('pagesize', '2', 'auth_ldap'); + set_config('bind_dn', TEST_AUTH_LDAP_BIND_DN, 'auth_ldap'); + set_config('bind_pw', TEST_AUTH_LDAP_BIND_PW, 'auth_ldap'); + set_config('user_type', 'rfc2307', 'auth_ldap'); + set_config('contexts', 'ou=users,'.$topdn, 'auth_ldap'); + set_config('search_sub', 0, 'auth_ldap'); + set_config('opt_deref', LDAP_DEREF_NEVER, 'auth_ldap'); + set_config('user_attribute', 'cn', 'auth_ldap'); + set_config('memberattribute', 'memberuid', 'auth_ldap'); + set_config('memberattribute_isdn', 0, 'auth_ldap'); + set_config('creators', 'cn=creators,'.$topdn, 'auth_ldap'); + set_config('removeuser', AUTH_REMOVEUSER_KEEP, 'auth_ldap'); + + set_config('field_map_email', 'mail', 'auth_ldap'); + set_config('field_updatelocal_email', 'oncreate', 'auth_ldap'); + set_config('field_updateremote_email', '0', 'auth_ldap'); + set_config('field_lock_email', 'unlocked', 'auth_ldap'); + + set_config('field_map_firstname', 'givenName', 'auth_ldap'); + set_config('field_updatelocal_firstname', 'oncreate', 'auth_ldap'); + set_config('field_updateremote_firstname', '0', 'auth_ldap'); + set_config('field_lock_firstname', 'unlocked', 'auth_ldap'); + + set_config('field_map_lastname', 'sn', 'auth_ldap'); + set_config('field_updatelocal_lastname', 'oncreate', 'auth_ldap'); + set_config('field_updateremote_lastname', '0', 'auth_ldap'); + set_config('field_lock_lastname', 'unlocked', 'auth_ldap'); $this->assertEquals(2, $DB->count_records('user')); @@ -182,7 +182,7 @@ public function test_auth_ldap() { $this->assertEquals(2, $DB->count_records('role_assignments', array('roleid'=>$creatorrole->id))); - set_config('removeuser', AUTH_REMOVEUSER_SUSPEND, 'auth/ldap'); + set_config('removeuser', AUTH_REMOVEUSER_SUSPEND, 'auth_ldap'); /** @var auth_plugin_ldap $auth */ $auth = get_auth_plugin('ldap'); @@ -246,7 +246,7 @@ public function test_auth_ldap() { $this->assertEquals(2, $DB->count_records('role_assignments')); $this->assertEquals(2, $DB->count_records('role_assignments', array('roleid'=>$creatorrole->id))); - set_config('removeuser', AUTH_REMOVEUSER_FULLDELETE, 'auth/ldap'); + set_config('removeuser', AUTH_REMOVEUSER_FULLDELETE, 'auth_ldap'); /** @var auth_plugin_ldap $auth */ $auth = get_auth_plugin('ldap'); @@ -411,39 +411,39 @@ public function test_ldap_user_signup() { ldap_add($connection, 'ou='.$o['ou'].','.$topdn, $o); // Configure the plugin a bit. - set_config('host_url', TEST_AUTH_LDAP_HOST_URL, 'auth/ldap'); - set_config('start_tls', 0, 'auth/ldap'); - set_config('ldap_version', 3, 'auth/ldap'); - set_config('ldapencoding', 'utf-8', 'auth/ldap'); - set_config('pagesize', '2', 'auth/ldap'); - set_config('bind_dn', TEST_AUTH_LDAP_BIND_DN, 'auth/ldap'); - set_config('bind_pw', TEST_AUTH_LDAP_BIND_PW, 'auth/ldap'); - set_config('user_type', 'rfc2307', 'auth/ldap'); - set_config('contexts', 'ou=users,'.$topdn, 'auth/ldap'); - set_config('search_sub', 0, 'auth/ldap'); - set_config('opt_deref', LDAP_DEREF_NEVER, 'auth/ldap'); - set_config('user_attribute', 'cn', 'auth/ldap'); - set_config('memberattribute', 'memberuid', 'auth/ldap'); - set_config('memberattribute_isdn', 0, 'auth/ldap'); - set_config('creators', 'cn=creators,'.$topdn, 'auth/ldap'); - set_config('removeuser', AUTH_REMOVEUSER_KEEP, 'auth/ldap'); - - set_config('field_map_email', 'mail', 'auth/ldap'); - set_config('field_updatelocal_email', 'oncreate', 'auth/ldap'); - set_config('field_updateremote_email', '0', 'auth/ldap'); - set_config('field_lock_email', 'unlocked', 'auth/ldap'); - - set_config('field_map_firstname', 'givenName', 'auth/ldap'); - set_config('field_updatelocal_firstname', 'oncreate', 'auth/ldap'); - set_config('field_updateremote_firstname', '0', 'auth/ldap'); - set_config('field_lock_firstname', 'unlocked', 'auth/ldap'); - - set_config('field_map_lastname', 'sn', 'auth/ldap'); - set_config('field_updatelocal_lastname', 'oncreate', 'auth/ldap'); - set_config('field_updateremote_lastname', '0', 'auth/ldap'); - set_config('field_lock_lastname', 'unlocked', 'auth/ldap'); - set_config('passtype', 'md5', 'auth/ldap'); - set_config('create_context', 'ou=users,'.$topdn, 'auth/ldap'); + set_config('host_url', TEST_AUTH_LDAP_HOST_URL, 'auth_ldap'); + set_config('start_tls', 0, 'auth_ldap'); + set_config('ldap_version', 3, 'auth_ldap'); + set_config('ldapencoding', 'utf-8', 'auth_ldap'); + set_config('pagesize', '2', 'auth_ldap'); + set_config('bind_dn', TEST_AUTH_LDAP_BIND_DN, 'auth_ldap'); + set_config('bind_pw', TEST_AUTH_LDAP_BIND_PW, 'auth_ldap'); + set_config('user_type', 'rfc2307', 'auth_ldap'); + set_config('contexts', 'ou=users,'.$topdn, 'auth_ldap'); + set_config('search_sub', 0, 'auth_ldap'); + set_config('opt_deref', LDAP_DEREF_NEVER, 'auth_ldap'); + set_config('user_attribute', 'cn', 'auth_ldap'); + set_config('memberattribute', 'memberuid', 'auth_ldap'); + set_config('memberattribute_isdn', 0, 'auth_ldap'); + set_config('creators', 'cn=creators,'.$topdn, 'auth_ldap'); + set_config('removeuser', AUTH_REMOVEUSER_KEEP, 'auth_ldap'); + + set_config('field_map_email', 'mail', 'auth_ldap'); + set_config('field_updatelocal_email', 'oncreate', 'auth_ldap'); + set_config('field_updateremote_email', '0', 'auth_ldap'); + set_config('field_lock_email', 'unlocked', 'auth_ldap'); + + set_config('field_map_firstname', 'givenName', 'auth_ldap'); + set_config('field_updatelocal_firstname', 'oncreate', 'auth_ldap'); + set_config('field_updateremote_firstname', '0', 'auth_ldap'); + set_config('field_lock_firstname', 'unlocked', 'auth_ldap'); + + set_config('field_map_lastname', 'sn', 'auth_ldap'); + set_config('field_updatelocal_lastname', 'oncreate', 'auth_ldap'); + set_config('field_updateremote_lastname', '0', 'auth_ldap'); + set_config('field_lock_lastname', 'unlocked', 'auth_ldap'); + set_config('passtype', 'md5', 'auth_ldap'); + set_config('create_context', 'ou=users,'.$topdn, 'auth_ldap'); $this->assertEquals(2, $DB->count_records('user')); $this->assertEquals(0, $DB->count_records('role_assignments')); diff --git a/auth/ldap/upgrade.txt b/auth/ldap/upgrade.txt index 8ac90734518e1..dc3a87cbdb71f 100644 --- a/auth/ldap/upgrade.txt +++ b/auth/ldap/upgrade.txt @@ -1,4 +1,10 @@ This files describes API changes in the auth_ldap code. + +=== 3.3 === + +* The config.html file was migrated to use the admin settings API. + The identifier for configuration data stored in config_plugins table was converted from 'auth/ldap' to 'auth_ldap'. + === 2.9.1 === * auth_plugin_ldap::update_user_record() accepts an additional (optional) param to trigger update event. diff --git a/auth/ldap/version.php b/auth/ldap/version.php index b3eaaadf4ce62..8afa03a6c370a 100644 --- a/auth/ldap/version.php +++ b/auth/ldap/version.php @@ -25,6 +25,6 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2016120500; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2017020700; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2016112900; // Requires this Moodle version $plugin->component = 'auth_ldap'; // Full name of the plugin (used for diagnostics) diff --git a/auth/manual/auth.php b/auth/manual/auth.php index c6df146b90351..21a34d7509963 100644 --- a/auth/manual/auth.php +++ b/auth/manual/auth.php @@ -157,21 +157,6 @@ function can_be_manually_set() { return true; } - /** - * Prints a form for configuring this authentication plugin. - * - * This function is called from admin/auth.php, and outputs a full page with - * a form for configuring this plugin. - * - * @param array $config An object containing all the data for this page. - * @param string $error - * @param array $user_fields - * @return void - */ - function config_form($config, $err, $user_fields) { - include 'config.html'; - } - /** * Return number of days to user password expires. * @@ -200,31 +185,6 @@ public function password_expire($username) { return $result; } - /** - * Processes and stores configuration data for this authentication plugin. - * - * @param stdClass $config - * @return void - */ - function process_config($config) { - // Set to defaults if undefined. - if (!isset($config->expiration)) { - $config->expiration = ''; - } - if (!isset($config->expiration_warning)) { - $config->expiration_warning = ''; - } - if (!isset($config->expirationtime)) { - $config->expirationtime = ''; - } - - // Save settings. - set_config('expiration', $config->expiration, self::COMPONENT_NAME); - set_config('expiration_warning', $config->expiration_warning, self::COMPONENT_NAME); - set_config('expirationtime', $config->expirationtime, self::COMPONENT_NAME); - return true; - } - /** * Confirm the new user as registered. This should normally not be used, * but it may be necessary if the user auth_method is changed to manual diff --git a/auth/manual/config.html b/auth/manual/config.html deleted file mode 100644 index f622ab1999698..0000000000000 --- a/auth/manual/config.html +++ /dev/null @@ -1,78 +0,0 @@ -expiration)) { - $config->expiration = ''; - } - if (!isset($config->expiration_warning)) { - $config->expiration_warning = ''; - } - if (!isset($config->expirationtime)) { - $config->expirationtime = ''; - } - $expirationoptions = array( - new lang_string('no'), - new lang_string('yes'), - ); - $expirationtimeoptions = array( - '30' => new lang_string('numdays', '', 30), - '60' => new lang_string('numdays', '', 60), - '90' => new lang_string('numdays', '', 90), - '120' => new lang_string('numdays', '', 120), - '150' => new lang_string('numdays', '', 150), - '180' => new lang_string('numdays', '', 180), - '365' => new lang_string('numdays', '', 365), - ); - $expirationwarningoptions = array( - '0' => new lang_string('never'), - '1' => new lang_string('numdays', '', 1), - '2' => new lang_string('numdays', '', 2), - '3' => new lang_string('numdays', '', 3), - '4' => new lang_string('numdays', '', 4), - '5' => new lang_string('numdays', '', 5), - '6' => new lang_string('numdays', '', 6), - '7' => new lang_string('numdays', '', 7), - '10' => new lang_string('numdays', '', 10), - '14' => new lang_string('numdays', '', 14), - ); -?> - - - - - - - - - - - - - - - - - - - - authtype, $user_fields, get_string('auth_fieldlocks_help', 'auth'), false, false) ?> -
-

-
- - - expiration, false) ?> -
- - - expirationtime, false) ?> -
- - - expiration_warning, false) ?> -
diff --git a/auth/manual/db/upgrade.php b/auth/manual/db/upgrade.php index f56e33708e438..d9c6e3c57e0c5 100644 --- a/auth/manual/db/upgrade.php +++ b/auth/manual/db/upgrade.php @@ -25,11 +25,12 @@ defined('MOODLE_INTERNAL') || die(); /** + * Function to upgrade auth_manual. * @param int $oldversion the version we are upgrading from * @return bool result */ function xmldb_auth_manual_upgrade($oldversion) { - global $CFG; + global $CFG, $DB; // Moodle v2.8.0 release upgrade line. // Put any upgrade step following this. @@ -46,5 +47,11 @@ function xmldb_auth_manual_upgrade($oldversion) { // Automatically generated Moodle v3.2.0 release upgrade line. // Put any upgrade step following this. + if ($oldversion < 2017020700) { + // Convert info in config plugins from auth/manual to auth_manual. + $DB->set_field('config_plugins', 'plugin', 'auth_manual', array('plugin' => 'auth/manual')); + upgrade_plugin_savepoint(true, 2017020700, 'auth', 'manual'); + } + return true; } diff --git a/auth/manual/settings.php b/auth/manual/settings.php new file mode 100644 index 0000000000000..cb546e0d45ab0 --- /dev/null +++ b/auth/manual/settings.php @@ -0,0 +1,78 @@ +. + +/** + * Admin settings and defaults + * + * @package auth_manual + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die; + +if ($ADMIN->fulltree) { + + // Introductory explanation. + $settings->add(new admin_setting_heading('auth_manual/pluginname', + new lang_string('passwdexpire_settings', 'auth_manual'), + new lang_string('auth_manualdescription', 'auth_manual'))); + + $expirationoptions = array( + new lang_string('no'), + new lang_string('yes'), + ); + + $settings->add(new admin_setting_configselect('auth_manual/expiration', + new lang_string('expiration', 'auth_manual'), + new lang_string('expiration_desc', 'auth_manual'), 0, $expirationoptions)); + + $expirationtimeoptions = array( + '30' => new lang_string('numdays', '', 30), + '60' => new lang_string('numdays', '', 60), + '90' => new lang_string('numdays', '', 90), + '120' => new lang_string('numdays', '', 120), + '150' => new lang_string('numdays', '', 150), + '180' => new lang_string('numdays', '', 180), + '365' => new lang_string('numdays', '', 365), + ); + + $settings->add(new admin_setting_configselect('auth_manual/expirationtime', + new lang_string('passwdexpiretime', 'auth_manual'), + new lang_string('passwdexpiretime_desc', 'auth_manual'), 30, $expirationtimeoptions)); + + $expirationwarningoptions = array( + '0' => new lang_string('never'), + '1' => new lang_string('numdays', '', 1), + '2' => new lang_string('numdays', '', 2), + '3' => new lang_string('numdays', '', 3), + '4' => new lang_string('numdays', '', 4), + '5' => new lang_string('numdays', '', 5), + '6' => new lang_string('numdays', '', 6), + '7' => new lang_string('numdays', '', 7), + '10' => new lang_string('numdays', '', 10), + '14' => new lang_string('numdays', '', 14), + ); + + $settings->add(new admin_setting_configselect('auth_manual/expiration_warning', + new lang_string('expiration_warning', 'auth_manual'), + new lang_string('expiration_warning_desc', 'auth_manual'), 0, $expirationwarningoptions)); + + // Display locking / mapping of profile fields. + $authplugin = get_auth_plugin($this->name); + display_auth_lock_options($settings, $authplugin->authtype, + $authplugin->userfields, get_string('auth_fieldlocks_help', 'auth'), false, false); +} diff --git a/auth/manual/tests/manual_test.php b/auth/manual/tests/manual_test.php index 087721acd4148..156a997fe942b 100644 --- a/auth/manual/tests/manual_test.php +++ b/auth/manual/tests/manual_test.php @@ -41,20 +41,15 @@ class auth_manual_testcase extends advanced_testcase { /** @var auth_plugin_manual Keeps the authentication plugin. */ protected $authplugin; - /** @var stdClass Keeps authentication plugin config */ - protected $config; - /** * Setup test data. */ protected function setUp() { $this->resetAfterTest(true); $this->authplugin = new auth_plugin_manual(); - $this->config = new stdClass(); - $this->config->expiration = '1'; - $this->config->expiration_warning = '2'; - $this->config->expirationtime = '30'; - $this->authplugin->process_config($this->config); + set_config('expiration', '1', 'auth_manual'); + set_config('expiration_warning', '2', 'auth_manual'); + set_config('expirationtime', '30', 'auth_manual'); $this->authplugin->config = get_config(auth_plugin_manual::COMPONENT_NAME); } @@ -95,14 +90,4 @@ public function test_password_expire() { $this->assertEquals(30, $this->authplugin->password_expire($user1->username)); } - /** - * Test test_process_config method. - */ - public function test_process_config() { - $this->assertTrue($this->authplugin->process_config($this->config)); - $config = get_config(auth_plugin_manual::COMPONENT_NAME); - $this->assertEquals($this->config->expiration, $config->expiration); - $this->assertEquals($this->config->expiration_warning, $config->expiration_warning); - $this->assertEquals($this->config->expirationtime, $config->expirationtime); - } } diff --git a/auth/manual/upgrade.txt b/auth/manual/upgrade.txt new file mode 100644 index 0000000000000..727d0df2372f7 --- /dev/null +++ b/auth/manual/upgrade.txt @@ -0,0 +1,7 @@ +This files describes API changes in /auth/manual/*, +information provided here is intended especially for developers. + +=== 3.3 === + +* The config.html file was migrated to use the admin settings API. + The identifier for configuration data stored in config_plugins table was converted from 'auth/manual' to 'auth_manual'. diff --git a/auth/manual/version.php b/auth/manual/version.php index bc0a7a7055673..794366febe38a 100644 --- a/auth/manual/version.php +++ b/auth/manual/version.php @@ -24,6 +24,6 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2016120500; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2017020700; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2016112900; // Requires this Moodle version $plugin->component = 'auth_manual'; // Full name of the plugin (used for diagnostics) diff --git a/auth/mnet/auth.php b/auth/mnet/auth.php index 6f1cf0f9c5d09..b3187723f103c 100644 --- a/auth/mnet/auth.php +++ b/auth/mnet/auth.php @@ -616,98 +616,6 @@ function change_password_url() { return null; } - /** - * Prints a form for configuring this authentication plugin. - * - * This function is called from admin/auth.php, and outputs a full page with - * a form for configuring this plugin. - * - * @param object $config - * @param object $err - * @param array $user_fields - */ - function config_form($config, $err, $user_fields) { - global $CFG, $DB; - - $query = " - SELECT - h.id, - h.name as hostname, - h.wwwroot, - h2idp.publish as idppublish, - h2idp.subscribe as idpsubscribe, - idp.name as idpname, - h2sp.publish as sppublish, - h2sp.subscribe as spsubscribe, - sp.name as spname - FROM - {mnet_host} h - LEFT JOIN - {mnet_host2service} h2idp - ON - (h.id = h2idp.hostid AND - (h2idp.publish = 1 OR - h2idp.subscribe = 1)) - INNER JOIN - {mnet_service} idp - ON - (h2idp.serviceid = idp.id AND - idp.name = 'sso_idp') - LEFT JOIN - {mnet_host2service} h2sp - ON - (h.id = h2sp.hostid AND - (h2sp.publish = 1 OR - h2sp.subscribe = 1)) - INNER JOIN - {mnet_service} sp - ON - (h2sp.serviceid = sp.id AND - sp.name = 'sso_sp') - WHERE - ((h2idp.publish = 1 AND h2sp.subscribe = 1) OR - (h2sp.publish = 1 AND h2idp.subscribe = 1)) AND - h.id != ? - ORDER BY - h.name ASC"; - - $id_providers = array(); - $service_providers = array(); - if ($resultset = $DB->get_records_sql($query, array($CFG->mnet_localhost_id))) { - foreach($resultset as $hostservice) { - if(!empty($hostservice->idppublish) && !empty($hostservice->spsubscribe)) { - $service_providers[]= array('id' => $hostservice->id, 'name' => $hostservice->hostname, 'wwwroot' => $hostservice->wwwroot); - } - if(!empty($hostservice->idpsubscribe) && !empty($hostservice->sppublish)) { - $id_providers[]= array('id' => $hostservice->id, 'name' => $hostservice->hostname, 'wwwroot' => $hostservice->wwwroot); - } - } - } - - include "config.html"; - } - - /** - * Processes and stores configuration data for this authentication plugin. - */ - function process_config($config) { - // set to defaults if undefined - if (!isset ($config->rpc_negotiation_timeout)) { - $config->rpc_negotiation_timeout = '30'; - } - /* - if (!isset ($config->auto_add_remote_users)) { - $config->auto_add_remote_users = '0'; - } See MDL-21327 for why this is commented out - set_config('auto_add_remote_users', $config->auto_add_remote_users, 'auth_mnet'); - */ - - // save settings - set_config('rpc_negotiation_timeout', $config->rpc_negotiation_timeout, 'auth_mnet'); - - return true; - } - /** * Poll the IdP server to let it know that a user it has authenticated is still * online @@ -1203,4 +1111,120 @@ function loginpage_idp_list($wantsurl) { } return $idps; } + + /** + * Test if settings are correct, print info to output. + */ + public function test_settings() { + global $CFG, $OUTPUT, $DB; + + // Generate warning if MNET is disabled. + if (empty($CFG->mnet_dispatcher_mode) || $CFG->mnet_dispatcher_mode !== 'strict') { + echo $OUTPUT->notification(get_string('mnetdisabled', 'mnet'), 'notifyproblem'); + return; + } + + // Generate full list of ID and service providers. + $query = " + SELECT + h.id, + h.name as hostname, + h.wwwroot, + h2idp.publish as idppublish, + h2idp.subscribe as idpsubscribe, + idp.name as idpname, + h2sp.publish as sppublish, + h2sp.subscribe as spsubscribe, + sp.name as spname + FROM + {mnet_host} h + LEFT JOIN + {mnet_host2service} h2idp + ON + (h.id = h2idp.hostid AND + (h2idp.publish = 1 OR + h2idp.subscribe = 1)) + INNER JOIN + {mnet_service} idp + ON + (h2idp.serviceid = idp.id AND + idp.name = 'sso_idp') + LEFT JOIN + {mnet_host2service} h2sp + ON + (h.id = h2sp.hostid AND + (h2sp.publish = 1 OR + h2sp.subscribe = 1)) + INNER JOIN + {mnet_service} sp + ON + (h2sp.serviceid = sp.id AND + sp.name = 'sso_sp') + WHERE + ((h2idp.publish = 1 AND h2sp.subscribe = 1) OR + (h2sp.publish = 1 AND h2idp.subscribe = 1)) AND + h.id != ? + ORDER BY + h.name ASC"; + + $idproviders = array(); + $serviceproviders = array(); + if ($resultset = $DB->get_records_sql($query, array($CFG->mnet_localhost_id))) { + foreach ($resultset as $hostservice) { + if (!empty($hostservice->idppublish) && !empty($hostservice->spsubscribe)) { + $serviceproviders[] = array('id' => $hostservice->id, + 'name' => $hostservice->hostname, + 'wwwroot' => $hostservice->wwwroot); + } + if (!empty($hostservice->idpsubscribe) && !empty($hostservice->sppublish)) { + $idproviders[] = array('id' => $hostservice->id, + 'name' => $hostservice->hostname, + 'wwwroot' => $hostservice->wwwroot); + } + } + } + + // ID Providers. + $table = html_writer::start_tag('table', array('class' => 'generaltable')); + + $count = 0; + foreach ($idproviders as $host) { + $table .= html_writer::start_tag('tr'); + $table .= html_writer::start_tag('td'); + $table .= $host['name']; + $table .= html_writer::end_tag('td'); + $table .= html_writer::start_tag('td'); + $table .= $host['wwwroot']; + $table .= html_writer::end_tag('td'); + $table .= html_writer::end_tag('tr'); + $count++; + } + $table .= html_writer::end_tag('table'); + + if ($count > 0) { + echo html_writer::tag('h3', get_string('auth_mnet_roamin', 'auth_mnet')); + echo $table; + } + + // Service Providers. + unset($table); + $table = html_writer::start_tag('table', array('class' => 'generaltable')); + $count = 0; + foreach ($serviceproviders as $host) { + $table .= html_writer::start_tag('tr'); + $table .= html_writer::start_tag('td'); + $table .= $host['name']; + $table .= html_writer::end_tag('td'); + $table .= html_writer::start_tag('td'); + $table .= $host['wwwroot']; + $table .= html_writer::end_tag('td'); + $table .= html_writer::end_tag('tr'); + $count++; + } + $table .= html_writer::end_tag('table'); + if ($count > 0) { + echo html_writer::tag('h3', get_string('auth_mnet_roamout', 'auth_mnet')); + echo $table; + } + } } diff --git a/auth/mnet/config.html b/auth/mnet/config.html deleted file mode 100644 index c25b31400afdd..0000000000000 --- a/auth/mnet/config.html +++ /dev/null @@ -1,95 +0,0 @@ -rpc_negotiation_timeout)) { - $config->rpc_negotiation_timeout = '30'; -} -/* - See MDL-21327 for why this is commented out -if (!isset ($config->auto_add_remote_users)) { - $config->auto_add_remote_users = '0'; -} -*/ - -$yesno = array(get_string('no'), get_string('yes')); - -if (empty($CFG->mnet_dispatcher_mode) || $CFG->mnet_dispatcher_mode !== 'strict') { - echo $OUTPUT->box(get_string('mnetdisabled','mnet')); -} - -?> -
- - - - - - - - - - - - - -*/ ?> - - - - - - - - - - - - - - - - - -authtype, $user_fields, get_string('auth_fieldlocks_help', 'auth'), false, false); - -?> -
- - error_text($err['rpc_negotiation_timeout']); - } - - ?> - - -
: - auto_add_remote_users, false); - - ?> - - -
:
:
:
:
-
diff --git a/auth/mnet/db/upgrade.php b/auth/mnet/db/upgrade.php index 3d93aa2eaddb0..5cccdeb220cef 100644 --- a/auth/mnet/db/upgrade.php +++ b/auth/mnet/db/upgrade.php @@ -25,11 +25,12 @@ defined('MOODLE_INTERNAL') || die(); /** + * Function to upgrade auth_mnet. * @param int $oldversion the version we are upgrading from * @return bool result */ function xmldb_auth_mnet_upgrade($oldversion) { - global $CFG; + global $CFG, $DB; // Moodle v2.8.0 release upgrade line. // Put any upgrade step following this. @@ -45,6 +46,11 @@ function xmldb_auth_mnet_upgrade($oldversion) { // Automatically generated Moodle v3.2.0 release upgrade line. // Put any upgrade step following this. + if ($oldversion < 2017020700) { + // Convert info in config plugins from auth/mnet to auth_mnet. + $DB->set_field('config_plugins', 'plugin', 'auth_mnet', array('plugin' => 'auth/mnet')); + upgrade_plugin_savepoint(true, 2017020700, 'auth', 'mnet'); + } return true; } diff --git a/auth/mnet/settings.php b/auth/mnet/settings.php new file mode 100644 index 0000000000000..b7aa4a4b59ae1 --- /dev/null +++ b/auth/mnet/settings.php @@ -0,0 +1,39 @@ +. + +/** + * Admin settings and defaults. + * + * @package auth_mnet + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die; + +if ($ADMIN->fulltree) { + require_once($CFG->dirroot.'/lib/outputlib.php'); + + // Introductory explanation. + $settings->add(new admin_setting_heading('auth_mnet/pluginname', '', + new lang_string('auth_mnetdescription', 'auth_mnet'))); + + // RPC Timeout. + $settings->add(new admin_setting_configtext('auth_mnet/rpc_negotiation_timeout', + get_string('rpc_negotiation_timeout', 'auth_mnet'), + get_string('auth_mnet_rpc_negotiation_timeout', 'auth_mnet'), '30', PARAM_INT)); + +} diff --git a/auth/mnet/upgrade.txt b/auth/mnet/upgrade.txt index 0a3128ea0e62d..370a8d106befb 100644 --- a/auth/mnet/upgrade.txt +++ b/auth/mnet/upgrade.txt @@ -1,5 +1,10 @@ This files describes API changes in auth_mnet code. +=== 3.3 === + +* The config.html file was migrated to use the admin settings API. + The identifier for configuration data stored in config_plugins table was converted from 'auth/mnet' to 'auth_mnet'. + === 3.1 === * Users now are created through user_create_user function which, apart from inserting the user in the database and generating diff --git a/auth/mnet/version.php b/auth/mnet/version.php index 1744d166c0754..6bc7751026b01 100644 --- a/auth/mnet/version.php +++ b/auth/mnet/version.php @@ -24,6 +24,6 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2016120500; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2017020700; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2016112900; // Requires this Moodle version $plugin->component = 'auth_mnet'; // Full name of the plugin (used for diagnostics) diff --git a/auth/nntp/auth.php b/auth/nntp/auth.php index 9e8b24c5fe405..2ee31dccf04a6 100644 --- a/auth/nntp/auth.php +++ b/auth/nntp/auth.php @@ -37,7 +37,7 @@ class auth_plugin_nntp extends auth_plugin_base { */ public function __construct() { $this->authtype = 'nntp'; - $this->config = get_config('auth/nntp'); + $this->config = get_config('auth_nntp'); } /** @@ -106,41 +106,6 @@ function can_change_password() { return false; } - /** - * Prints a form for configuring this authentication plugin. - * - * This function is called from admin/auth.php, and outputs a full page with - * a form for configuring this plugin. - * - * @param array $page An object containing all the data for this page. - */ - function config_form($config, $err, $user_fields) { - include "config.html"; - } - - /** - * Processes and stores configuration data for this authentication plugin. - */ - function process_config($config) { - // set to defaults if undefined - if (!isset ($config->host)) { - $config->host = '127.0.0.1'; - } - if (!isset ($config->port)) { - $config->port = '119'; - } - if (!isset($config->changepasswordurl)) { - $config->changepasswordurl = ''; - } - - // save settings - set_config('host', $config->host, 'auth/nntp'); - set_config('port', $config->port, 'auth/nntp'); - set_config('changepasswordurl', $config->changepasswordurl, 'auth/nntp'); - - return true; - } - } diff --git a/auth/nntp/config.html b/auth/nntp/config.html deleted file mode 100644 index c9ed4c553e6a1..0000000000000 --- a/auth/nntp/config.html +++ /dev/null @@ -1,74 +0,0 @@ -host)) { - $config->host = "127.0.0.1"; -} -if (!isset($config->port)) { - $config->port = "119"; -} -if (!isset($config->changepasswordurl)) { - $config->changepasswordurl = ''; -} - -?> - - - - - - - - - - - - - - - - - - - - -authtype, $user_fields, get_string('auth_fieldlocks_help', 'auth'), false, false); - -?> -
- - error_text($err["host"]); - } - - ?> - - -
- - error_text($err["port"]); - } - - ?> -
- - error_text($err['changepasswordurl']); - } - - ?> -
diff --git a/auth/nntp/db/upgrade.php b/auth/nntp/db/upgrade.php new file mode 100644 index 0000000000000..129d8e94d1d22 --- /dev/null +++ b/auth/nntp/db/upgrade.php @@ -0,0 +1,45 @@ +. + +/** + * NNTP authentication plugin upgrade code + * + * @package auth_nntp + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die(); + +/** + * Function to upgrade auth_nntp. + * @param int $oldversion the version we are upgrading from + * @return bool result + */ +function xmldb_auth_nntp_upgrade($oldversion) { + global $CFG, $DB; + + // Automatically generated Moodle v3.2.0 release upgrade line. + // Put any upgrade step following this. + + if ($oldversion < 2017020700) { + // Convert info in config plugins from auth/nntp to auth_nntp. + $DB->set_field('config_plugins', 'plugin', 'auth_nntp', array('plugin' => 'auth/nntp')); + upgrade_plugin_savepoint(true, 2017020700, 'auth', 'nntp'); + } + + return true; +} diff --git a/auth/nntp/settings.php b/auth/nntp/settings.php new file mode 100644 index 0000000000000..d318c688f2eab --- /dev/null +++ b/auth/nntp/settings.php @@ -0,0 +1,50 @@ +. + +/** + * Admin settings and defaults. + * + * @package auth_nntp + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die; + +if ($ADMIN->fulltree) { + + // Introductory explanation. + $settings->add(new admin_setting_heading('auth_nntp/pluginname', '', new lang_string('auth_nntpdescription', 'auth_nntp'))); + + // Host. + $settings->add(new admin_setting_configtext('auth_nntp/host', get_string('auth_nntphost_key', 'auth_nntp'), + get_string('auth_nntphost', 'auth_nntp') . ' ' .get_string('auth_multiplehosts', 'auth'), + '127.0.0.1', PARAM_RAW)); + + // Port. + $settings->add(new admin_setting_configtext('auth_nntp/port', get_string('auth_nntpport_key', 'auth_nntp'), + get_string('auth_nntpport', 'auth_nntp'), '119', PARAM_INT)); + + // Password change URL. + $settings->add(new admin_setting_configtext('auth_nntp/changepasswordurl', + get_string('auth_nntpchangepasswordurl_key', 'auth_nntp'), + get_string('changepasswordhelp', 'auth'), '', PARAM_URL)); + + // Display locking / mapping of profile fields. + $authplugin = get_auth_plugin($this->name); + display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields, + get_string('auth_fieldlocks_help', 'auth'), false, false); +} diff --git a/auth/nntp/upgrade.txt b/auth/nntp/upgrade.txt new file mode 100644 index 0000000000000..2af9b87fdfb28 --- /dev/null +++ b/auth/nntp/upgrade.txt @@ -0,0 +1,7 @@ +This files describes API changes in /auth/nntp/*, +information provided here is intended especially for developers. + +=== 3.3 === + +* The config.html file was migrated to use the admin settings API. + The identifier for configuration data stored in config_plugins table was converted from 'auth/nntp' to 'auth_nntp'. diff --git a/auth/nntp/version.php b/auth/nntp/version.php index a3eb39605bf2b..b94e05e4f9897 100644 --- a/auth/nntp/version.php +++ b/auth/nntp/version.php @@ -24,6 +24,6 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2016120500; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2017020700; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2016112900; // Requires this Moodle version $plugin->component = 'auth_nntp'; // Full name of the plugin (used for diagnostics) diff --git a/auth/none/auth.php b/auth/none/auth.php index c002930820283..832c88436703d 100644 --- a/auth/none/auth.php +++ b/auth/none/auth.php @@ -36,7 +36,7 @@ class auth_plugin_none extends auth_plugin_base { */ public function __construct() { $this->authtype = 'none'; - $this->config = get_config('auth/none'); + $this->config = get_config('auth_none'); } /** @@ -134,25 +134,6 @@ function can_be_manually_set() { return true; } - /** - * Prints a form for configuring this authentication plugin. - * - * This function is called from admin/auth.php, and outputs a full page with - * a form for configuring this plugin. - * - * @param array $page An object containing all the data for this page. - */ - function config_form($config, $err, $user_fields) { - include "config.html"; - } - - /** - * Processes and stores configuration data for this authentication plugin. - */ - function process_config($config) { - return true; - } - } diff --git a/auth/none/config.html b/auth/none/config.html deleted file mode 100644 index 0068836ecb20f..0000000000000 --- a/auth/none/config.html +++ /dev/null @@ -1,10 +0,0 @@ - -
- - -authtype, $user_fields, get_string('auth_fieldlocks_help', 'auth'), false, false); - -?> -
diff --git a/auth/none/db/upgrade.php b/auth/none/db/upgrade.php new file mode 100644 index 0000000000000..d54035ec4f3f6 --- /dev/null +++ b/auth/none/db/upgrade.php @@ -0,0 +1,46 @@ +. + +/** + * No authentication plugin upgrade code + * + * @package auth_none + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die(); + +/** + * Function to upgrade auth_none. + * @param int $oldversion the version we are upgrading from + * @return bool result + */ +function xmldb_auth_none_upgrade($oldversion) { + global $CFG, $DB; + + // Automatically generated Moodle v3.2.0 release upgrade line. + // Put any upgrade step following this. + + if ($oldversion < 2017020700) { + // Convert info in config plugins from auth/none to auth_none. + $DB->set_field('config_plugins', 'plugin', 'auth_none', array('plugin' => 'auth/none')); + upgrade_plugin_savepoint(true, 2017020700, 'auth', 'none'); + } + + return true; +} + diff --git a/auth/none/settings.php b/auth/none/settings.php new file mode 100644 index 0000000000000..8f7989779eb1d --- /dev/null +++ b/auth/none/settings.php @@ -0,0 +1,37 @@ +. + +/** + * Admin settings and defaults. + * + * @package auth_none + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die; + +if ($ADMIN->fulltree) { + + // Introductory explanation. + $settings->add(new admin_setting_heading('auth_none/pluginname', '', + new lang_string('auth_nonedescription', 'auth_none'))); + + // Display locking / mapping of profile fields. + $authplugin = get_auth_plugin($this->name); + display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields, + get_string('auth_fieldlocks_help', 'auth'), false, false); +} diff --git a/auth/none/upgrade.txt b/auth/none/upgrade.txt new file mode 100644 index 0000000000000..77e361147dd97 --- /dev/null +++ b/auth/none/upgrade.txt @@ -0,0 +1,7 @@ +This files describes API changes in /auth/none/*, +information provided here is intended especially for developers. + +=== 3.3 === + +* The config.html file was migrated to use the admin settings API. + The identifier for configuration data stored in config_plugins table was converted from 'auth/none' to 'auth_none'. diff --git a/auth/none/version.php b/auth/none/version.php index 77a2f5c6445ba..4530356d09912 100644 --- a/auth/none/version.php +++ b/auth/none/version.php @@ -24,6 +24,6 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2016120500; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2017020700; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2016112900; // Requires this Moodle version $plugin->component = 'auth_none'; // Full name of the plugin (used for diagnostics) diff --git a/auth/pam/auth.php b/auth/pam/auth.php index b1e2053f72a58..35e0abf9df8ea 100644 --- a/auth/pam/auth.php +++ b/auth/pam/auth.php @@ -55,7 +55,7 @@ class auth_plugin_pam extends auth_plugin_base { */ public function __construct() { $this->authtype = 'pam'; - $this->config = get_config('auth/pam'); + $this->config = get_config('auth_pam'); $this->errormessage = ''; } @@ -118,25 +118,6 @@ function can_change_password() { return false; } - /** - * Prints a form for configuring this authentication plugin. - * - * This function is called from admin/auth.php, and outputs a full page with - * a form for configuring this plugin. - * - * @param array $page An object containing all the data for this page. - */ - function config_form($config, $err, $user_fields) { - include "config.html"; - } - - /** - * Processes and stores configuration data for this authentication plugin. - */ - function process_config($config) { - return true; - } - } diff --git a/auth/pam/config.html b/auth/pam/config.html deleted file mode 100644 index 0068836ecb20f..0000000000000 --- a/auth/pam/config.html +++ /dev/null @@ -1,10 +0,0 @@ - -
- - -authtype, $user_fields, get_string('auth_fieldlocks_help', 'auth'), false, false); - -?> -
diff --git a/auth/pam/db/upgrade.php b/auth/pam/db/upgrade.php new file mode 100644 index 0000000000000..3bff038cca3c1 --- /dev/null +++ b/auth/pam/db/upgrade.php @@ -0,0 +1,45 @@ +. + +/** + * PAM authentication plugin upgrade code + * + * @package auth_pam + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die(); + +/** + * Function to upgrade auth_pam. + * @param int $oldversion the version we are upgrading from + * @return bool result + */ +function xmldb_auth_pam_upgrade($oldversion) { + global $CFG, $DB; + + // Automatically generated Moodle v3.2.0 release upgrade line. + // Put any upgrade step following this. + + if ($oldversion < 2017020700) { + // Convert info in config plugins from auth/pam to auth_pam. + $DB->set_field('config_plugins', 'plugin', 'auth_pam', array('plugin' => 'auth/pam')); + upgrade_plugin_savepoint(true, 2017020700, 'auth', 'pam'); + } + + return true; +} diff --git a/auth/pam/settings.php b/auth/pam/settings.php new file mode 100644 index 0000000000000..40ef60a7004ac --- /dev/null +++ b/auth/pam/settings.php @@ -0,0 +1,37 @@ +. + +/** + * Admin settings and defaults. + * + * @package auth_pam + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die; + +if ($ADMIN->fulltree) { + + // Introductory explanation. + $settings->add(new admin_setting_heading('auth_pam/pluginname', '', + new lang_string('auth_pamdescription', 'auth_pam'))); + + // Display locking / mapping of profile fields. + $authplugin = get_auth_plugin($this->name); + display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields, + get_string('auth_fieldlocks_help', 'auth'), false, false); +} diff --git a/auth/pam/upgrade.txt b/auth/pam/upgrade.txt new file mode 100644 index 0000000000000..f89e2793e01ee --- /dev/null +++ b/auth/pam/upgrade.txt @@ -0,0 +1,7 @@ +This files describes API changes in /auth/pam/*, +information provided here is intended especially for developers. + +=== 3.3 === + +* The config.html file was migrated to use the admin settings API. + The identifier for configuration data stored in config_plugins table was converted from 'auth/pam' to 'auth_pam'. diff --git a/auth/pam/version.php b/auth/pam/version.php index 46f3992b304fa..8cbc60d662412 100644 --- a/auth/pam/version.php +++ b/auth/pam/version.php @@ -24,6 +24,6 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2016120500; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2017020700; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2016112900; // Requires this Moodle version $plugin->component = 'auth_pam'; // Full name of the plugin (used for diagnostics) diff --git a/auth/pop3/auth.php b/auth/pop3/auth.php index 4bfaa0bd92d03..9434944ccca7d 100644 --- a/auth/pop3/auth.php +++ b/auth/pop3/auth.php @@ -37,7 +37,7 @@ class auth_plugin_pop3 extends auth_plugin_base { */ public function __construct() { $this->authtype = 'pop3'; - $this->config = get_config('auth/pop3'); + $this->config = get_config('auth_pop3'); } /** @@ -137,51 +137,6 @@ function change_password_url() { } } - /** - * Prints a form for configuring this authentication plugin. - * - * This function is called from admin/auth.php, and outputs a full page with - * a form for configuring this plugin. - * - * @param array $page An object containing all the data for this page. - */ - function config_form($config, $err, $user_fields) { - global $OUTPUT; - - include "config.html"; - } - - /** - * Processes and stores configuration data for this authentication plugin. - */ - function process_config($config) { - // set to defaults if undefined - if (!isset ($config->host)) { - $config->host = '127.0.0.1'; - } - if (!isset ($config->type)) { - $config->type = 'pop3notls'; - } - if (!isset ($config->port)) { - $config->port = '143'; - } - if (!isset ($config->mailbox)) { - $config->mailbox = 'INBOX'; - } - if (!isset($config->changepasswordurl)) { - $config->changepasswordurl = ''; - } - - // save settings - set_config('host', $config->host, 'auth/pop3'); - set_config('type', $config->type, 'auth/pop3'); - set_config('port', $config->port, 'auth/pop3'); - set_config('mailbox', $config->mailbox, 'auth/pop3'); - set_config('changepasswordurl', $config->changepasswordurl, 'auth/pop3'); - - return true; - } - } diff --git a/auth/pop3/config.html b/auth/pop3/config.html deleted file mode 100644 index 1f21e67cdb855..0000000000000 --- a/auth/pop3/config.html +++ /dev/null @@ -1,111 +0,0 @@ -host)) { - $config->host = '127.0.0.1'; -} -if (!isset($config->type)) { - $config->type = 'pop3notls'; -} -if (!isset($config->port)) { - $config->port = '110'; -} -if (!isset($config->mailbox)) { - $config->mailbox = 'INBOX'; -} -if (!isset($config->changepasswordurl)) { - $config->changepasswordurl = ''; -} - -?> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -authtype, $user_fields, get_string('auth_fieldlocks_help', 'auth'), false, false); - -?> -
- - error_text($err['host']); - } - - ?> - - -
: - type, false); - - ?> -
- - error_text($err['port']); - } - - ?> -
- - error_text($err['mailbox']); - } - - ?> -
- - error_text($err['changepasswordurl']); - } - - ?> -
diff --git a/auth/pop3/db/upgrade.php b/auth/pop3/db/upgrade.php new file mode 100644 index 0000000000000..702fe518964e3 --- /dev/null +++ b/auth/pop3/db/upgrade.php @@ -0,0 +1,45 @@ +. + +/** + * POP authentication plugin upgrade code + * + * @package auth_pop3 + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die(); + +/** + * Function to upgrade auth_pop3. + * @param int $oldversion the version we are upgrading from + * @return bool result + */ +function xmldb_auth_pop3_upgrade($oldversion) { + global $CFG, $DB; + + // Automatically generated Moodle v3.2.0 release upgrade line. + // Put any upgrade step following this. + + if ($oldversion < 2017020700) { + // Convert info in config plugins from auth/pop3 to auth_pop3. + $DB->set_field('config_plugins', 'plugin', 'auth_pop3', array('plugin' => 'auth/pop3')); + upgrade_plugin_savepoint(true, 2017020700, 'auth', 'pop3'); + } + + return true; +} diff --git a/auth/pop3/settings.php b/auth/pop3/settings.php new file mode 100644 index 0000000000000..5454f9502c55c --- /dev/null +++ b/auth/pop3/settings.php @@ -0,0 +1,65 @@ +. + +/** + * Admin settings and defaults. + * + * @package auth_pop3 + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die; + +if ($ADMIN->fulltree) { + + // Introductory explanation. + $settings->add(new admin_setting_heading('auth_pop3/pluginname', '', new lang_string('auth_pop3description', 'auth_pop3'))); + + // Host. + $settings->add(new admin_setting_configtext('auth_pop3/host', get_string('auth_pop3host_key', 'auth_pop3'), + get_string('auth_pop3host', 'auth_pop3') . ' ' .get_string('auth_multiplehosts', 'auth'), + '127.0.0.1', PARAM_RAW)); + + // Type. + $pop3options = array(); + $pop3types = array('pop3', 'pop3cert', 'pop3notls'); + foreach ($pop3types as $pop3type) { + $pop3options[$pop3type] = $pop3type; + } + + $settings->add(new admin_setting_configselect('auth_pop3/type', + new lang_string('auth_pop3type_key', 'auth_pop3'), + new lang_string('auth_pop3type', 'auth_pop3'), 'pop3', $pop3options)); + + // Port. + $settings->add(new admin_setting_configtext('auth_pop3/port', get_string('auth_pop3port_key', 'auth_pop3'), + get_string('auth_pop3port', 'auth_pop3'), '143', PARAM_INT)); + + // Mailbox. + $settings->add(new admin_setting_configtext('auth_pop3/mailbox', get_string('auth_pop3mailbox_key', 'auth_pop3'), + get_string('auth_pop3mailbox', 'auth_pop3'), 'INBOX', PARAM_ALPHANUMEXT)); + + // Password change URL. + $settings->add(new admin_setting_configtext('auth_pop3/changepasswordurl', + get_string('auth_pop3changepasswordurl_key', 'auth_pop3'), + get_string('changepasswordhelp', 'auth'), '', PARAM_URL)); + + // Display locking / mapping of profile fields. + $authplugin = get_auth_plugin($this->name); + display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields, + get_string('auth_fieldlocks_help', 'auth'), false, false); +} diff --git a/auth/pop3/upgrade.txt b/auth/pop3/upgrade.txt new file mode 100644 index 0000000000000..7b1dbf21509d9 --- /dev/null +++ b/auth/pop3/upgrade.txt @@ -0,0 +1,7 @@ +This files describes API changes in /auth/pop3/*, +information provided here is intended especially for developers. + +=== 3.3 === + +* The config.html file was migrated to use the admin settings API. + The identifier for configuration data stored in config_plugins table was converted from 'auth/pop3' to 'auth_pop3'. diff --git a/auth/pop3/version.php b/auth/pop3/version.php index 31858521f07a1..7218aa2471462 100644 --- a/auth/pop3/version.php +++ b/auth/pop3/version.php @@ -24,6 +24,6 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2016120500; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2017020700; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2016112900; // Requires this Moodle version $plugin->component = 'auth_pop3'; // Full name of the plugin (used for diagnostics) diff --git a/auth/shibboleth/auth.php b/auth/shibboleth/auth.php index 8be8cc97e9392..fe6244c8c8a77 100644 --- a/auth/shibboleth/auth.php +++ b/auth/shibboleth/auth.php @@ -40,7 +40,7 @@ class auth_plugin_shibboleth extends auth_plugin_base { */ public function __construct() { $this->authtype = 'shibboleth'; - $this->config = get_config('auth/shibboleth'); + $this->config = get_config('auth_shibboleth'); } /** @@ -244,112 +244,38 @@ function logoutpage_hook() { } } - - /** - * Prints a form for configuring this authentication plugin. - * - * This function is called from admin/auth.php, and outputs a full page with - * a form for configuring this plugin. + * Cleans and returns first of potential many values (multi-valued attributes) * - * @param array $page An object containing all the data for this page. + * @param string $string Possibly multi-valued attribute from Shibboleth */ - function config_form($config, $err, $user_fields) { - include "config.html"; + function get_first_string($string) { + $list = explode( ';', $string); + $clean_string = rtrim($list[0]); + + return $clean_string; } /** - * Processes and stores configuration data for this authentication plugin. - * - * - * @param object $config Configuration object + * Test if settings are correct, print info to output. */ - function process_config($config) { - global $CFG; - - // set to defaults if undefined - if (!isset($config->auth_instructions) or empty($config->user_attribute)) { - $config->auth_instructions = get_string('auth_shib_instructions', 'auth_shibboleth', $CFG->wwwroot.'/auth/shibboleth/index.php'); - } - if (!isset ($config->user_attribute)) { - $config->user_attribute = ''; - } - if (!isset ($config->convert_data)) { - $config->convert_data = ''; - } - - if (!isset($config->changepasswordurl)) { - $config->changepasswordurl = ''; - } + public function test_settings() { + global $OUTPUT; - if (!isset($config->login_name)) { - $config->login_name = 'Shibboleth Login'; + if (!isset($this->config->user_attribute) || empty($this->config->user_attribute)) { + echo $OUTPUT->notification(get_string("shib_not_set_up_error", "auth_shibboleth"), 'notifyproblem'); + return; } - - // Clean idp list - if (isset($config->organization_selection) && !empty($config->organization_selection) && isset($config->alt_login) && $config->alt_login == 'on') { - $idp_list = get_idp_list($config->organization_selection); - if (count($idp_list) < 1){ - return false; - } - $config->organization_selection = ''; - foreach ($idp_list as $idp => $value){ - $config->organization_selection .= $idp.', '.$value[0].', '.$value[1]."\n"; - } + if ($this->config->convert_data and $this->config->convert_data != '' and !is_readable($this->config->convert_data)) { + echo $OUTPUT->notification(get_string("auth_shib_convert_data_warning", "auth_shibboleth"), 'notifyproblem'); + return; } + if (isset($this->config->organization_selection) && empty($this->config->organization_selection) && + isset($this->config->alt_login) && $this->config->alt_login == 'on') { - - // save settings - set_config('user_attribute', $config->user_attribute, 'auth/shibboleth'); - - if (isset($config->organization_selection) && !empty($config->organization_selection)) { - set_config('organization_selection', $config->organization_selection, 'auth/shibboleth'); + echo $OUTPUT->notification(get_string("auth_shib_no_organizations_warning", "auth_shibboleth"), 'notifyproblem'); + return; } - set_config('logout_handler', $config->logout_handler, 'auth/shibboleth'); - set_config('logout_return_url', $config->logout_return_url, 'auth/shibboleth'); - set_config('login_name', $config->login_name, 'auth/shibboleth'); - set_config('convert_data', $config->convert_data, 'auth/shibboleth'); - set_config('auth_instructions', $config->auth_instructions, 'auth/shibboleth'); - set_config('changepasswordurl', $config->changepasswordurl, 'auth/shibboleth'); - - // Overwrite alternative login URL if integrated WAYF is used - if (isset($config->alt_login) && $config->alt_login == 'on'){ - set_config('alt_login', $config->alt_login, 'auth/shibboleth'); - set_config('alternateloginurl', $CFG->wwwroot.'/auth/shibboleth/login.php'); - } else { - // Check if integrated WAYF was enabled and is now turned off - // If it was and only then, reset the Moodle alternate URL - if (isset($this->config->alt_login) and $this->config->alt_login == 'on'){ - set_config('alt_login', 'off', 'auth/shibboleth'); - set_config('alternateloginurl', ''); - } - $config->alt_login = 'off'; - } - - // Check values and return false if something is wrong - // Patch Anyware Technologies (14/05/07) - if (($config->convert_data != '')&&(!file_exists($config->convert_data) || !is_readable($config->convert_data))){ - return false; - } - - // Check if there is at least one entry in the IdP list - if (isset($config->organization_selection) && empty($config->organization_selection) && isset($config->alt_login) && $config->alt_login == 'on'){ - return false; - } - - return true; - } - - /** - * Cleans and returns first of potential many values (multi-valued attributes) - * - * @param string $string Possibly multi-valued attribute from Shibboleth - */ - function get_first_string($string) { - $list = explode( ';', $string); - $clean_string = rtrim($list[0]); - - return $clean_string; } } @@ -378,7 +304,7 @@ function set_saml_cookie($selectedIDP) { * */ function print_idp_list(){ - $config = get_config('auth/shibboleth'); + $config = get_config('auth_shibboleth'); $IdPs = get_idp_list($config->organization_selection); if (isset($_COOKIE['_saml_idp'])){ diff --git a/auth/shibboleth/classes/admin_setting_special_idp_configtextarea.php b/auth/shibboleth/classes/admin_setting_special_idp_configtextarea.php new file mode 100644 index 0000000000000..4e61d587504e8 --- /dev/null +++ b/auth/shibboleth/classes/admin_setting_special_idp_configtextarea.php @@ -0,0 +1,81 @@ +. + +/** + * Special setting for auth_shibboleth WAYF. + * + * @package auth_shibboleth + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die(); + +/** + * Special setting for auth_shibboleth WAYF. + * + * @package auth_shibboleth + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ +class auth_shibboleth_admin_setting_special_idp_configtextarea extends admin_setting_configtextarea { + + /** + * Calls parent::__construct with specific arguments. + */ + public function __construct() { + $default = $orgdefault = "urn:mace:organization1:providerID, Example Organization 1 + https://another.idp-id.com/shibboleth, Other Example Organization, /Shibboleth.sso/DS/SWITCHaai + urn:mace:organization2:providerID, Example Organization 2, /Shibboleth.sso/WAYF/SWITCHaai"; + + parent::__construct('auth_shibboleth/organization_selection', + get_string('auth_shib_idp_list', 'auth_shibboleth'), + get_string('auth_shib_idp_list_description', 'auth_shibboleth'), $default, PARAM_RAW, '60', '8'); + } + + /** + * We need to overwrite the global "alternate login url" setting if wayf is enabled. + * + * @param string $data Form data. + * @return string Empty when no errors. + */ + public function write_setting($data) { + global $CFG; + + $login = get_config('auth_shibboleth', 'alt_login'); + if (isset($data) && !empty($data) && isset($login) && $login == 'on') { + + // Need to use the get_idp_list() function here. + require_once($CFG->dirroot.'/auth/shibboleth/auth.php'); + + $idplist = get_idp_list($data); + if (count($idplist) < 1) { + return false; + } + $data = ''; + foreach ($idplist as $idp => $value) { + $data .= $idp.', '.$value[0]; + if (isset($value[1])) { + // Value[1] is optional. + $data .= ', '.$value[1] . "\n"; + } else { + $data .= "\n"; + } + } + } + return parent::write_setting($data); + } +} diff --git a/auth/shibboleth/classes/admin_setting_special_wayf_select.php b/auth/shibboleth/classes/admin_setting_special_wayf_select.php new file mode 100644 index 0000000000000..fcac297b60aad --- /dev/null +++ b/auth/shibboleth/classes/admin_setting_special_wayf_select.php @@ -0,0 +1,75 @@ +. + +/** + * Special settings for auth_shibboleth WAYF. + * + * @package auth_shibboleth + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die(); + +/** + * Special settings for auth_shibboleth WAYF. + * + * @package auth_shibboleth + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ +class auth_shibboleth_admin_setting_special_wayf_select extends admin_setting_configselect { + + /** + * Calls parent::__construct with specific arguments. + */ + public function __construct() { + $yesno = array(); + $yesno['off'] = new lang_string('no'); + $yesno['on'] = new lang_string('yes'); + parent::__construct('auth_shibboleth/alt_login', + new lang_string('auth_shib_integrated_wayf', 'auth_shibboleth'), + new lang_string('auth_shib_integrated_wayf_description', 'auth_shibboleth'), + 'off', + $yesno); + } + + /** + * We need to overwrite the global "alternate login url" setting if wayf is enabled. + * + * @param string $data Form data. + * @return string Empty when no errors. + */ + public function write_setting($data) { + global $CFG; + + // Overwrite alternative login URL if integrated WAYF is used. + if (isset($data) && $data == 'on') { + set_config('alt_login', $data, 'auth_shibboleth'); + set_config('alternateloginurl', $CFG->wwwroot.'/auth/shibboleth/login.php'); + } else { + // Check if integrated WAYF was enabled and is now turned off. + // If it was and only then, reset the Moodle alternate URL. + $oldsetting = get_config('auth_shibboleth', 'alt_login'); + if (isset($oldsetting) and $oldsetting == 'on') { + set_config('alt_login', 'off', 'auth_shibboleth'); + set_config('alternateloginurl', ''); + } + $data = 'off'; + } + return parent::write_setting($data); + } +} diff --git a/auth/shibboleth/config.html b/auth/shibboleth/config.html deleted file mode 100644 index 101be915e0b46..0000000000000 --- a/auth/shibboleth/config.html +++ /dev/null @@ -1,144 +0,0 @@ -auth_instructions) or empty($config->user_attribute)) { - $config->auth_instructions = get_string('auth_shib_instructions', 'auth_shibboleth', $CFG->wwwroot.'/auth/shibboleth/index.php'); - } - if (!isset ($config->user_attribute)) { - $config->user_attribute = ''; - } - if (!isset ($config->convert_data)) { - $config->convert_data = ''; - } - if (!isset($config->changepasswordurl)) { - $config->changepasswordurl = ''; - } - -?> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -authtype, $user_fields, '', true, false, $this->get_custom_user_profile_fields()); - -?> -
- -
- - convert_data and $config->convert_data != '' and !is_readable($config->convert_data)) { - echo '
'; - print_string("auth_shib_convert_data_warning", "auth_shibboleth"); - echo ''; - } - - ?> - 		alt_login) ? $config->alt_login : '') ?>
: - alt_login) and $config->alt_login == 'on' ){ - echo 'checked="checked"'; - } - ?> /> -
: - - organization_selection) && empty($config->organization_selection) && isset($config->alt_login) && $config->alt_login == 'on') { - echo '
'; - print_string("auth_shib_no_organizations_warning", "auth_shibboleth"); - echo ''; - } - ?> -
- -
- -
- -
- - error_text($err['changepasswordurl']); - } - - ?> -
diff --git a/auth/shibboleth/db/upgrade.php b/auth/shibboleth/db/upgrade.php new file mode 100644 index 0000000000000..8b951511794b5 --- /dev/null +++ b/auth/shibboleth/db/upgrade.php @@ -0,0 +1,45 @@ +. + +/** + * Shibboleth authentication plugin upgrade code + * + * @package auth_shibboleth + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die(); + +/** + * Function to upgrade auth_shibboleth. + * @param int $oldversion the version we are upgrading from + * @return bool result + */ +function xmldb_auth_shibboleth_upgrade($oldversion) { + global $CFG, $DB; + + // Automatically generated Moodle v3.2.0 release upgrade line. + // Put any upgrade step following this. + + if ($oldversion < 2017020700) { + // Convert info in config plugins from auth/shibboleth to auth_shibboleth. + $DB->set_field('config_plugins', 'plugin', 'auth_shibboleth', array('plugin' => 'auth/shibboleth')); + upgrade_plugin_savepoint(true, 2017020700, 'auth', 'shibboleth'); + } + + return true; +} diff --git a/auth/shibboleth/index.php b/auth/shibboleth/index.php index a8cbd03c78df0..07b5ce72d2686 100644 --- a/auth/shibboleth/index.php +++ b/auth/shibboleth/index.php @@ -28,7 +28,7 @@ } - $pluginconfig = get_config('auth/shibboleth'); + $pluginconfig = get_config('auth_shibboleth'); $shibbolethauth = get_auth_plugin('shibboleth'); // Check whether Shibboleth is configured properly diff --git a/auth/shibboleth/index_form.html b/auth/shibboleth/index_form.html index 29943d6a8eaa2..4d7e7df518c92 100644 --- a/auth/shibboleth/index_form.html +++ b/auth/shibboleth/index_form.html @@ -1,5 +1,5 @@ On each line there must be a comma-separated tuple for entityID of the IdP (see the Shibboleth metadata file) and Name of IdP as it shall be displayed in the drop-down list.
As an optional third parameter you can add the location of a Shibboleth session initiator that shall be used in case your Moodle installation is part of a multi federation setup.'; $string['auth_shib_instructions'] = 'Use the Shibboleth login to get access via Shibboleth, if your institution supports it.
Otherwise, use the normal login form shown here.'; $string['auth_shib_instructions_help'] = 'Here you should provide custom instructions for your users to explain Shibboleth. It will be shown on the login page in the instructions section. The instructions must include a link to "{$a}" that users click when they want to log in.'; +$string['auth_shib_instructions_key'] = 'Login instructions'; $string['auth_shib_integrated_wayf'] = 'Moodle WAYF service'; -$string['auth_shib_integrated_wayf_description'] = 'If you check this, Moodle will use its own WAYF service instead of the one configured for Shibboleth. Moodle will display a drop-down list on this alternative login page where the user has to select his Identity Provider.'; +$string['auth_shib_integrated_wayf_description'] = 'If you enable this, Moodle will use its own WAYF service instead of the one configured for Shibboleth. Moodle will display a drop-down list on this alternative login page where the user has to select his Identity Provider.'; $string['auth_shib_logout_return_url'] = 'Alternative logout return URL'; $string['auth_shib_logout_return_url_description'] = 'Provide the URL that Shibboleth users shall be redirected to after logging out.
If left empty, users will be redirected to the location that moodle will redirect users to'; $string['auth_shib_logout_url'] = 'Shibboleth Service Provider logout handler URL'; diff --git a/auth/shibboleth/login.php b/auth/shibboleth/login.php index 6f984c591e752..cfe474e06d550 100644 --- a/auth/shibboleth/login.php +++ b/auth/shibboleth/login.php @@ -33,7 +33,7 @@ } // Set SAML domain cookie - $config = get_config('auth/shibboleth'); + $config = get_config('auth_shibboleth'); $IdPs = get_idp_list($config->organization_selection); diff --git a/auth/shibboleth/settings.php b/auth/shibboleth/settings.php new file mode 100644 index 0000000000000..87b303a51348e --- /dev/null +++ b/auth/shibboleth/settings.php @@ -0,0 +1,82 @@ +. + +/** + * Admin settings and defaults. + * + * @package auth_shibboleth + * @copyright 2017 Stephen Bourget + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die; + +if ($ADMIN->fulltree) { + // We use a couple of custom admin settings since we need to massage the data before it is inserted into the DB. + require_once($CFG->dirroot.'/auth/shibboleth/classes/admin_setting_special_wayf_select.php'); + require_once($CFG->dirroot.'/auth/shibboleth/classes/admin_setting_special_idp_configtextarea.php'); + + // Introductory explanation. + $settings->add(new admin_setting_heading('auth_shibboleth/pluginname', '', + new lang_string('auth_shibbolethdescription', 'auth_shibboleth'))); + + // Username. + $settings->add(new admin_setting_configtext('auth_shibboleth/user_attribute', get_string('username'), + get_string('auth_shib_username_description', 'auth_shibboleth'), '', PARAM_RAW)); + + // COnvert Data configuration file. + $settings->add(new admin_setting_configfile('auth_shibboleth/convert_data', + get_string('auth_shib_convert_data', 'auth_shibboleth'), + get_string('auth_shib_convert_data_description', 'auth_shibboleth'), '')); + + // WAYF. + $settings->add(new auth_shibboleth_admin_setting_special_wayf_select()); + + // Organization_selection. + $settings->add(new auth_shibboleth_admin_setting_special_idp_configtextarea()); + + // Logout handler. + $settings->add(new admin_setting_configtext('auth_shibboleth/logout_handler', + get_string('auth_shib_logout_url', 'auth_shibboleth'), + get_string('auth_shib_logout_url_description', 'auth_shibboleth'), '', PARAM_URL)); + + // Logout return URL. + $settings->add(new admin_setting_configtext('auth_shibboleth/logout_return_url', + get_string('auth_shib_logout_return_url', 'auth_shibboleth'), + get_string('auth_shib_logout_return_url_description', 'auth_shibboleth'), '', PARAM_URL)); + + // Authentication method name. + $settings->add(new admin_setting_configtext('auth_shibboleth/login_name', + get_string('auth_shib_auth_method', 'auth_shibboleth'), + get_string('auth_shib_auth_method_description', 'auth_shibboleth'), 'Shibboleth Login', PARAM_RAW_TRIMMED)); + + // Login directions. + $settings->add(new admin_setting_configtextarea('auth_shibboleth/auth_instructions', + get_string('auth_shib_instructions_key', 'auth_shibboleth'), + get_string('auth_shib_instructions_help', 'auth_shibboleth', $CFG->wwwroot.'/auth/shibboleth/index.php'), + get_string('auth_shib_instructions', 'auth_shibboleth', $CFG->wwwroot.'/auth/shibboleth/index.php'), PARAM_RAW_TRIMMED)); + + // Password change URL. + $settings->add(new admin_setting_configtext('auth_shibboleth/changepasswordurl', + get_string('auth_shib_changepasswordurl', 'auth_shibboleth'), + get_string('changepasswordhelp', 'auth'), '', PARAM_URL)); + + // Display locking / mapping of profile fields. + $authplugin = get_auth_plugin($this->name); + display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields, + '', true, true, $authplugin->get_custom_user_profile_fields()); + +} diff --git a/auth/shibboleth/upgrade.txt b/auth/shibboleth/upgrade.txt new file mode 100644 index 0000000000000..3870496a67e5f --- /dev/null +++ b/auth/shibboleth/upgrade.txt @@ -0,0 +1,7 @@ +This files describes API changes in /auth/shibboleth/*, +information provided here is intended especially for developers. + +=== 3.3 === + +* The config.html file was migrated to use the admin settings API. + The identifier for configuration data stored in config_plugins table was converted from 'auth/shibboleth' to 'auth_shibboleth'. diff --git a/auth/shibboleth/version.php b/auth/shibboleth/version.php index e4dc7829490da..9a9e3e27afcf6 100644 --- a/auth/shibboleth/version.php +++ b/auth/shibboleth/version.php @@ -25,6 +25,6 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2016120500; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2017020700; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2016112900; // Requires this Moodle version $plugin->component = 'auth_shibboleth'; // Full name of the plugin (used for diagnostics) diff --git a/auth/upgrade.txt b/auth/upgrade.txt index 6bd5ef3d84a85..8ee79dcf96af6 100644 --- a/auth/upgrade.txt +++ b/auth/upgrade.txt @@ -1,6 +1,13 @@ This files describes API changes in /auth/* - plugins, information provided here is intended especially for developers. +=== 3.3 === + +* Authentication plugins have been migrated to use the admin settings API. + Plugins should use a settings.php file to manage configurations rather than using the config.html files. +* The function 'print_auth_lock_options' has been replaced by 'display_auth_lock_options' which uses the admin settings API. + See auth_manual as an exmple of how it can be used. More information can be found in MDL-12689. + === 3.2 === * New auth hook - pre_user_login_hook() - available, triggered right after the user object is created. diff --git a/auth/webservice/auth.php b/auth/webservice/auth.php index f027f1cf0ea16..479b7fd37cda8 100644 --- a/auth/webservice/auth.php +++ b/auth/webservice/auth.php @@ -37,7 +37,7 @@ class auth_plugin_webservice extends auth_plugin_base { */ public function __construct() { $this->authtype = 'webservice'; - $this->config = get_config('auth/webservice'); + $this->config = get_config('auth_webservice'); } /** @@ -137,24 +137,6 @@ function can_reset_password() { return false; } - /** - * Prints a form for configuring this authentication plugin. - * - * This function is called from admin/auth.php, and outputs a full page with - * a form for configuring this plugin. - * - * @param array $page An object containing all the data for this page. - */ - function config_form($config, $err, $user_fields) { - } - - /** - * Processes and stores configuration data for this authentication plugin. - */ - function process_config($config) { - return true; - } - /** * Confirm the new user as registered. This should normally not be used, * but it may be necessary if the user auth_method is changed to manual diff --git a/lib/adminlib.php b/lib/adminlib.php index f3cb8e6333fe7..74a92b359bec3 100644 --- a/lib/adminlib.php +++ b/lib/adminlib.php @@ -6508,14 +6508,12 @@ public function output_html($data, $query='') { //add always enabled plugins first $displayname = $displayauths['manual']; - $settings = "{$txt->settings}"; - //$settings = "{$txt->settings}"; + $settings = "{$txt->settings}"; $usercount = $DB->count_records('user', array('auth'=>'manual', 'deleted'=>0)); $table->data[] = array($displayname, $usercount, '', '', $settings, '', ''); $displayname = $displayauths['nologin']; - $settings = "{$txt->settings}"; $usercount = $DB->count_records('user', array('auth'=>'nologin', 'deleted'=>0)); - $table->data[] = array($displayname, $usercount, '', '', $settings, '', ''); + $table->data[] = array($displayname, $usercount, '', '', '', '', ''); // iterate through auth plugins and add to the display table @@ -6567,8 +6565,10 @@ public function output_html($data, $query='') { // settings link if (file_exists($CFG->dirroot.'/auth/'.$auth.'/settings.php')) { $settings = "{$txt->settings}"; - } else { + } else if (file_exists($CFG->dirroot.'/auth/'.$auth.'/config.html')) { $settings = "{$txt->settings}"; + } else { + $settings = ''; } // Uninstall link. diff --git a/lib/authlib.php b/lib/authlib.php index 09aa59d058464..edc29f287a9d3 100644 --- a/lib/authlib.php +++ b/lib/authlib.php @@ -405,8 +405,10 @@ function get_userinfo($username) { * @param object $config * @param object $err * @param array $user_fields + * @deprecated since Moodle 3.3 */ function config_form($config, $err, $user_fields) { + debugging('Use of config.html files have been deprecated, please update your code to use the admin settings API.'); //override if needed } @@ -415,8 +417,10 @@ function config_form($config, $err, $user_fields) { * do stuff before it is inserted in config_plugin * @param object object with submitted configuration settings (without system magic quotes) * @param array $err array of error messages + * @deprecated since Moodle 3.3 */ function validate_form($form, &$err) { + debugging('Use of config.html files have been deprecated, please update your code to use the admin settings API.'); //override if needed } @@ -424,8 +428,10 @@ function validate_form($form, &$err) { * Processes and stores configuration data for this authentication plugin. * * @param object object with submitted configuration settings (without system magic quotes) + * @deprecated since Moodle 3.3 */ function process_config($config) { + debugging('Use of config.html files have been deprecated, please update your code to use the admin settings API.'); //override if needed return true; } @@ -934,3 +940,85 @@ function signup_is_enabled() { } return false; } + +/** + * Helper function used to print locking for auth plugins on admin pages. + * @param stdclass $settings Moodle admin settings instance + * @param string $auth authentication plugin shortname + * @param array $userfields user profile fields + * @param string $helptext help text to be displayed at top of form + * @param boolean $mapremotefields Map fields or lock only. + * @param boolean $updateremotefields Allow remote updates + * @param array $customfields list of custom profile fields + * @since Moodle 3.3 + */ +function display_auth_lock_options($settings, $auth, $userfields, $helptext, $mapremotefields, $updateremotefields, $customfields = array()) { + global $DB; + + // Introductory explanation and help text. + if ($mapremotefields) { + $settings->add(new admin_setting_heading($auth.'/data_mapping', new lang_string('auth_data_mapping', 'auth'), $helptext)); + } else { + $settings->add(new admin_setting_heading($auth.'/auth_fieldlocks', new lang_string('auth_fieldlocks', 'auth'), $helptext)); + } + + // Generate the list of options. + $lockoptions = array ('unlocked' => get_string('unlocked', 'auth'), + 'unlockedifempty' => get_string('unlockedifempty', 'auth'), + 'locked' => get_string('locked', 'auth')); + $updatelocaloptions = array('oncreate' => get_string('update_oncreate', 'auth'), + 'onlogin' => get_string('update_onlogin', 'auth')); + $updateextoptions = array('0' => get_string('update_never', 'auth'), + '1' => get_string('update_onupdate', 'auth')); + + // Generate the list of profile fields to allow updates / lock. + if (!empty($customfields)) { + $userfields = array_merge($userfields, $customfields); + $customfieldname = $DB->get_records('user_info_field', null, '', 'shortname, name'); + } + + foreach ($userfields as $field) { + + // Define the fieldname we display to the user. + // this includes special handling for some profile fields. + $fieldname = $field; + if ($fieldname === 'lang') { + $fieldname = get_string('language'); + } else if (!empty($customfields) && in_array($field, $customfields)) { + // If custom field then pick name from database. + $fieldshortname = str_replace('profile_field_', '', $fieldname); + $fieldname = $customfieldname[$fieldshortname]->name; + } else if ($fieldname == 'url') { + $fieldname = get_string('webpage'); + } else { + $fieldname = get_string($fieldname); + } + + // Generate the list of fields / mappings. + if ($mapremotefields) { + // We are mapping to a remote field here. + // Mapping. + $settings->add(new admin_setting_configtext("auth_{$auth}/field_map_{$field}", + $fieldname, '', '', PARAM_ALPHANUMEXT, 30)); + + // Update local. + $settings->add(new admin_setting_configselect("auth_{$auth}/field_updatelocal_{$field}", + get_string('auth_updatelocal', 'auth'), '', 'oncreate', $updatelocaloptions)); + + // Update remote. + if ($updateremotefields) { + $settings->add(new admin_setting_configselect("auth_{$auth}/field_updateremote_{$field}", + get_string('auth_updateremote', 'auth'), '', 0, $updateextoptions)); + } + + // Lock fields. + $settings->add(new admin_setting_configselect("auth_{$auth}/field_lock_{$field}", + get_string('auth_fieldlock', 'auth'), '', 'unlocked', $lockoptions)); + + } else { + // Lock fields Only. + $settings->add(new admin_setting_configselect("auth_{$auth}/field_lock_{$field}", + get_string('auth_fieldlock', 'auth'), '', 'unlocked', $lockoptions)); + } + } +} \ No newline at end of file diff --git a/lib/classes/plugininfo/auth.php b/lib/classes/plugininfo/auth.php index f92771deac538..9d2b7d68257ab 100644 --- a/lib/classes/plugininfo/auth.php +++ b/lib/classes/plugininfo/auth.php @@ -83,7 +83,7 @@ public function load_settings(part_of_admin_tree $adminroot, $parentnodename, $h $settings = new admin_settingpage($section, $this->displayname, 'moodle/site:config', $this->is_enabled() === false); include($this->full_path('settings.php')); // This may also set $settings to null. - } else { + } else if (file_exists($this->full_path('config.html'))) { $settingsurl = new moodle_url('/admin/auth_config.php', array('auth' => $this->name)); $settings = new admin_externalpage($section, $this->displayname, $settingsurl, 'moodle/site:config', $this->is_enabled() === false);