MDL-58395 auth_ldap: User sync now brings problem details and continue

Co-authored-by: Iñaki Arenaza <iarenaza@mondragon.edu>
moodle · Aug 19, 2021 · de91d62 · de91d62
1 parent 9937593
commit de91d62
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 1 deletion.
diff --git a/auth/ldap/auth.php b/auth/ldap/auth.php
@@ -930,6 +930,7 @@ function sync_users($do_updates=true) {
 
         if (!empty($add_users)) {
             print_string('userentriestoadd', 'auth_ldap', count($add_users));
+            $errors = 0;
 
             $transaction = $DB->start_delegated_transaction();
             foreach ($add_users as $user) {
@@ -954,7 +955,14 @@ function sync_users($do_updates=true) {
                     $user->calendartype = $CFG->calendartype;
                 }
 
-                $id = user_create_user($user, false);
+                // $id = user_create_user($user, false);
+                try {
+                    $id = user_create_user($user, false);
+                } catch (Exception $e) {
+                    print_string('invaliduserexception', 'auth_ldap', print_r($user, true) .  $e->getMessage());
+                    $errors++;
+                    continue;
+                }
                 echo "\t"; print_string('auth_dbinsertuser', 'auth_db', array('name'=>$user->username, 'id'=>$id)); echo "\n";
                 $euser = $DB->get_record('user', array('id' => $id));
 
@@ -969,6 +977,12 @@ function sync_users($do_updates=true) {
                 $this->sync_roles($euser);
 
             }
+
+            // Display number of user creation errors, if any.
+            if ($errors) {
+                print_string('invalidusererrors', 'auth_ldap', $errors);
+            }
+
             $transaction->allow_commit();
             unset($add_users); // free mem
         } else {

diff --git a/auth/ldap/lang/en/auth_ldap.php b/auth/ldap/lang/en/auth_ldap.php
@@ -116,6 +116,8 @@
 $string['didntfindexpiretime'] = 'password_expire() didn\'t find expiration time.';
 $string['didntgetusersfromldap'] = "Did not get any users from LDAP -- error? -- exiting\n";
 $string['gotcountrecordsfromldap'] = "Got {\$a} records from LDAP\n";
+$string['invalidusererrors'] = "Warning: Skipped creation of {\$a} user accounts.\n\n";
+$string['invaliduserexception'] = "\nError: Cannot create new user account. Details and reason:\n{\$a}\nSkipping this user.\n\n";
 $string['ldapnotconfigured'] = 'The LDAP host url is currently not configured';
 $string['morethanoneuser'] = 'More than one user record found in LDAP. Using only the first one.';
 $string['needbcmath'] = 'You need the BCMath extension to use expired password checking with Active Directory.';