From: skodak Date: Tue, 20 Feb 2007 17:09:20 +0000 (+0000) Subject: MDL-8590 auth cleanup - part 2 X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=16ce6c0dccb5fff193772132342ef5e79e4bc2f9;p=moodle.git MDL-8590 auth cleanup - part 2 --- diff --git a/admin/auth.php b/admin/auth.php index e9c3b5ae82..28b7cadc51 100644 --- a/admin/auth.php +++ b/admin/auth.php @@ -7,117 +7,128 @@ * */ -require_once dirname(dirname(__FILE__)) . '/config.php'; -require_once $CFG->libdir . '/tablelib.php'; +require_once('../config.php'); require_once($CFG->libdir.'/adminlib.php'); +require_once($CFG->libdir.'/tablelib.php'); $adminroot = admin_get_root(); admin_externalpage_setup('userauthentication', $adminroot); +$action = optional_param('action', '', PARAM_ACTION); +$auth = optional_param('auth', '', PARAM_SAFEDIR); + // get currently installed and enabled auth plugins $authsavailable = get_list_of_plugins('auth'); -if (empty($CFG->auth_plugins_enabled)) { - set_config('auth_plugins_enabled', $CFG->auth); - $CFG->auth_plugins_enabled = $CFG->auth; + +//revert auth_plugins_enabled +if (isset($CFG->auth_plugins_enabled)) { + set_config('auth', $CFG->auth_plugins_enabled); + delete_records('config', 'name', 'auth_plugins_enabled'); + unset($CFG->auth_plugins_enabled); } -$authsenabled = explode(',', $CFG->auth_plugins_enabled); -// save form -if ($form = data_submitted()) { +if (empty($CFG->auth)) { + $authsenabled = array(); +} else { + $authsenabled = explode(',', $CFG->auth); + $authsenabled = array_unique($authsenabled); +} - if (!confirm_sesskey()) { - error(get_string('confirmsesskeybad', 'error')); - } +$key = array_search('manual', $authsenabled); +if ($key !== false) { + unset($authsenabled[$key]); // manual is always enabled anyway + set_config('auth', implode(',', $authsenabled)); +} - if (! isset($form->guestloginbutton)) { - $form->guestloginbutton = 1; - } - if (empty($form->alternateloginurl)) { - $form->alternateloginurl = ''; - } - if (empty($form->register)) { - $form->register = 'manual'; - } - set_config('guestloginbutton', $form->guestloginbutton); - set_config('alternateloginurl', $form->alternateloginurl); - set_config('auth', $form->register); - - // add $CFG->auth to auth_plugins_enabled list - if (!array_search($form->register, $authsenabled)) { - $authsenabled[] = $form->register; - $authsenabled = array_unique($authsenabled); - set_config('auth_plugins_enabled', implode(',', $authsenabled)); - } +if (!isset($CFG->registerauth)) { + set_config('registerauth', ''); +} + +if (!isset($CFG->auth_instructions)) { + set_config('auth_instructions', ''); +} + +if (!empty($auth) and !exists_auth_plugin($auth)) { + error(get_string('pluginnotinstalled', 'auth', $auth), $url); } -// grab GET/POST parameters -$params = new object(); -$params->action = optional_param('action', '', PARAM_ACTION); -$params->auth = optional_param('auth', $CFG->auth, PARAM_ALPHANUM); //////////////////////////////////////////////////////////////////////////////// // process actions -switch ($params->action) { +$status = ''; + +switch ($action) { + + case 'save': + if (data_submitted() and confirm_sesskey()) { + + // save settings + set_config('guestloginbutton', required_param('guestloginbutton', PARAM_BOOL)); + set_config('alternateloginurl', stripslashes(trim(required_param('alternateloginurl', PARAM_RAW)))); + set_config('registerauth', required_param('register', PARAM_SAFEDIR)); + set_config('auth_instructions', stripslashes(trim(required_param('auth_instructions', PARAM_RAW)))); + + // enable registerauth in $CFG->auth if needed + if (!empty($CFG->registerauth) and !in_array($CFG->registerauth, $authsenabled)) { + $authsenabled[] = $CFG->registerauth; + set_config('auth', implode(',', $authsenabled)); + } + $status = get_string('changessaved'); + } + break; case 'disable': - // remove from enabled list - $key = array_search($params->auth, $authsenabled); - if ($key !== false and $params->auth != $CFG->auth) { + // remove from enabled list + $key = array_search($auth, $authsenabled); + if ($key !== false) { unset($authsenabled[$key]); - set_config('auth_plugins_enabled', implode(',', $authsenabled)); + set_config('auth', implode(',', $authsenabled)); + } + + if ($auth == $CFG->registerauth) { + set_config('registerauth', ''); } break; - + case 'enable': - // check auth plugin is valid first - if (!exists_auth_plugin($params->auth)) { - error(get_string('pluginnotinstalled', 'auth', $params->auth), $url); - } // add to enabled list - if (!array_search($params->auth, $authsenabled)) { - $authsenabled[] = $params->auth; + if (!in_array($auth, $authsenabled)) { + $authsenabled[] = $auth; $authsenabled = array_unique($authsenabled); - set_config('auth_plugins_enabled', implode(',', $authsenabled)); + set_config('auth', implode(',', $authsenabled)); } break; - + case 'down': - $key = array_search($params->auth, $authsenabled); + $key = array_search($auth, $authsenabled); // check auth plugin is valid if ($key === false) { - error(get_string('pluginnotenabled', 'auth', $params->auth), $url); + error(get_string('pluginnotenabled', 'auth', $auth), $url); } // move down the list if ($key < (count($authsenabled) - 1)) { $fsave = $authsenabled[$key]; $authsenabled[$key] = $authsenabled[$key + 1]; $authsenabled[$key + 1] = $fsave; - set_config('auth_plugins_enabled', implode(',', $authsenabled)); + set_config('auth', implode(',', $authsenabled)); } break; - + case 'up': - $key = array_search($params->auth, $authsenabled); + $key = array_search($auth, $authsenabled); // check auth is valid if ($key === false) { - error(get_string('pluginnotenabled', 'auth', $params->auth), $url); + error(get_string('pluginnotenabled', 'auth', $auth), $url); } // move up the list if ($key >= 1) { $fsave = $authsenabled[$key]; $authsenabled[$key] = $authsenabled[$key - 1]; $authsenabled[$key - 1] = $fsave; - set_config('auth_plugins_enabled', implode(',', $authsenabled)); + set_config('auth', implode(',', $authsenabled)); } break; - - case 'save': - // save settings - set_config('auth_plugins_enabled', implode(',', $authsenabled)); - set_config('auth', $authsenabled[0]); - redirect("auth.php?sesskey=$USER->sesskey", get_string('changessaved'), 1); - break; default: break; @@ -132,22 +143,24 @@ $txt->updown = "$txt->up/$txt->down"; // construct the display array, with enabled auth plugins at the top, in order $displayauths = array(); $registrationauths = array(); -$registrationauths['manual'] = $txt->disable; +$registrationauths[''] = $txt->disable; foreach ($authsenabled as $auth) { - $displayauths[$auth] = get_string("auth_{$auth}title", 'auth'); $authplugin = get_auth_plugin($auth); + $displayauths[$auth] = get_string("auth_{$auth}title", 'auth'); if (method_exists($authplugin, 'user_signup')) { $registrationauths[$auth] = get_string("auth_{$auth}title", 'auth'); - } + } } + foreach ($authsavailable as $auth) { - if (!array_key_exists($auth, $displayauths)) { - $displayauths[$auth] = get_string("auth_{$auth}title", 'auth'); + if (array_key_exists($auth, $displayauths)) { + continue; //already in the list } $authplugin = get_auth_plugin($auth); + $displayauths[$auth] = get_string("auth_{$auth}title", 'auth'); if (method_exists($authplugin, 'user_signup')) { $registrationauths[$auth] = get_string("auth_{$auth}title", 'auth'); - } + } } // build the display table @@ -164,11 +177,23 @@ $table->set_attribute('style', 'margin:auto;'); $table->set_attribute('cellpadding', '5'); $table->setup(); +//add always enabled plugins first +$displayname = "".$displayauths['manual'].""; +$settings = "sesskey}&auth=manual\">{$txt->settings}"; +$table->add_data(array($displayname, '', '', $settings)); +$displayname = "".$displayauths['nologin'].""; +$settings = "sesskey}&auth=nologin\">{$txt->settings}"; +$table->add_data(array($displayname, '', '', $settings)); + + // iterate through auth plugins and add to the display table $updowncount = 1; $authcount = count($authsenabled); $url = "auth.php?sesskey=" . sesskey(); foreach ($displayauths as $auth => $name) { + if ($auth == 'manual' or $auth == 'nologin') { + continue; + } // hide/show link if (in_array($auth, $authsenabled)) { $hideshow = ""; @@ -204,7 +229,7 @@ foreach ($displayauths as $auth => $name) { } ++ $updowncount; } - + // settings link $settings = "sesskey}&auth=$auth\">{$txt->settings}"; @@ -214,28 +239,38 @@ foreach ($displayauths as $auth => $name) { // output form admin_externalpage_print_header($adminroot); + +//print stus messages +if ($status !== '') { + notify($status, 'notifysuccess'); +} + print_simple_box(get_string('configauthenticationplugins', 'admin'), 'center', '700'); -echo "
frametarget id=\"authmenu\" method=\"post\" action=\"auth.php\">"; -echo "
sesskey."\" />
"; print_table($table); //////////////////////////////////////////////////////////////////////////////// +$guestoptions = array(); $guestoptions[0] = get_string("hide"); $guestoptions[1] = get_string("show"); echo '
'; print_heading(get_string('auth_common_settings', 'auth')); + +echo 'frametarget.' id="authmenu" method="post" action="auth.php">'; +echo '
'; +echo '
'; + echo ''; // User self registration echo "\n"; -echo "\n"; +echo "\n"; echo "\n"; echo "\n"; // Login as guest button enabled echo "\n"; -echo "\n"; +echo "\n"; echo "\n"; @@ -256,22 +291,33 @@ echo "\n"; /// An alternate url for the login form. It means we can use login forms that are integrated /// into non-moodle pages echo "\n"; -echo "\n"; +echo "\n"; echo "\n"; echo "\n"; echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; + echo "
\n"; +echo "\n\n"; -choose_from_menu($registrationauths, "register", $CFG->auth, ""); +choose_from_menu($registrationauths, "register", $CFG->registerauth, ""); echo "\n"; print_string("selfregistration_help", "auth"); @@ -243,9 +278,9 @@ echo "
\n"; +echo "\n\n"; choose_from_menu($guestoptions, "guestloginbutton", $CFG->guestloginbutton, ""); echo "
\n"; +echo "\n\n"; -echo '\n"; +echo '\n"; echo "\n"; print_string('alternatelogin', 'auth', htmlspecialchars($CFG->wwwroot.'/login/index.php')); echo "
\n\n"; +echo '\n"; +echo "\n"; +print_string('authinstructions', 'auth'); +echo "
\n"; //////////////////////////////////////////////////////////////////////////////// - echo '
'; echo '
'; admin_externalpage_print_footer($adminroot); diff --git a/admin/auth_config.php b/admin/auth_config.php index 6fbb217f96..710af72925 100644 --- a/admin/auth_config.php +++ b/admin/auth_config.php @@ -2,13 +2,13 @@ /** * Edit configuration for an individual auth plugin */ - + require_once '../config.php'; require_once $CFG->libdir.'/adminlib.php'; $adminroot = admin_get_root(); admin_externalpage_setup('userauthentication', $adminroot); -$auth = optional_param('auth', '', PARAM_SAFEDIR); +$auth = required_param('auth', PARAM_SAFEDIR); $authplugin = get_auth_plugin($auth); $err = array(); @@ -33,19 +33,19 @@ if ($frm = data_submitted()) { if (preg_match('/^lockconfig_(.+?)$/', $name, $matches)) { $plugin = "auth/$auth"; $name = $matches[1]; - if (!set_config($name, $value, $plugin)) { - notify("Problem saving config $name as $value for plugin $plugin"); + if (!set_config($name, $value, $plugin)) { + error("Problem saving config $name as $value for plugin $plugin"); } } } - redirect("auth.php?sesskey=$USER->sesskey", get_string("changessaved"), 1); + redirect("auth.php?sesskey=$USER->sesskey"); exit; } } else { foreach ($err as $key => $value) { $focus = "form.$key"; } - } + } } else { $frm = get_config("auth/$auth"); } @@ -73,7 +73,7 @@ print_simple_box_start('center', '60%', '', 5, 'informationbox'); print_string("auth_{$auth}description", 'auth'); print_simple_box_end(); echo "
\n"; -$authplugin->config_form($frm, $err); +$authplugin->config_form($frm, $err, $user_fields); print_simple_box_end(); echo '

\n"; echo "\n"; @@ -86,7 +86,7 @@ exit; // Good enough for most auth plugins // but some may want a custom one if they are offering // other options -// Note: lockconfig_ fields have special handling. +// Note: lockconfig_ fields have special handling. function print_auth_lock_options ($auth, $user_fields, $helptext, $retrieveopts, $updateopts) { echo ''; @@ -104,7 +104,7 @@ function print_auth_lock_options ($auth, $user_fields, $helptext, $retrieveopts, 'onlogin' => get_string('update_onlogin', 'auth')); $updateextoptions = array('0' => get_string('update_never', 'auth'), '1' => get_string('update_onupdate', 'auth')); - + $pluginconfig = get_config("auth/$auth"); // helptext is on a field with rowspan @@ -138,30 +138,32 @@ function print_auth_lock_options ($auth, $user_fields, $helptext, $retrieveopts, $fieldname = get_string($fieldname); } - echo ''; - echo $fieldname; - echo ''; - if ($retrieveopts) { $varname = 'field_map_' . $field; - echo "$varname}\" />"; + echo ''; + echo ''; + echo ''; + + echo "$varname}\" />"; echo '
'; - echo get_string('auth_updatelocal', 'auth') . '  '; + echo ' '; choose_from_menu($updatelocaloptions, "lockconfig_field_updatelocal_{$field}", $pluginconfig->{"field_updatelocal_$field"}, ""); echo '
'; if ($updateopts) { - echo get_string('auth_updateremote', 'auth') . '  '; - '  '; + echo ' '; choose_from_menu($updateextoptions, "lockconfig_field_updateremote_{$field}", $pluginconfig->{"field_updateremote_$field"}, ""); echo '
'; } - echo get_string('auth_fieldlock', 'auth') . '  '; + echo ' '; choose_from_menu($lockoptions, "lockconfig_field_lock_{$field}", $pluginconfig->{"field_lock_$field"}, ""); echo '
'; } else { + echo ''; + echo ''; + echo ''; choose_from_menu($lockoptions, "lockconfig_field_lock_{$field}", $pluginconfig->{"field_lock_$field"}, ""); } echo ''; diff --git a/admin/cron.php b/admin/cron.php index f7bc1f37e7..17cbf97abe 100644 --- a/admin/cron.php +++ b/admin/cron.php @@ -307,8 +307,10 @@ } /// Run the auth cron, if any - if (!($auths = explode(',', $CFG->auth_plugins_enabled))) { - $auths = array($user->auth); + if (empty($CFG->auth)) { + $auths = array(); + } else { + $auths = explode(',', $CFG->auth); // only for enabled ones (without manual and nologin) } mtrace("Running auth crons if required..."); foreach ($auths as $auth) { diff --git a/admin/mnet/access_control.php b/admin/mnet/access_control.php index 5c5e245b24..54f0c69c84 100644 --- a/admin/mnet/access_control.php +++ b/admin/mnet/access_control.php @@ -127,15 +127,11 @@ $warn = ''; if (empty($CFG->mnet_dispatcher_mode) || $CFG->mnet_dispatcher_mode !== 'strict') { $warn = '

' . get_string('mnetdisabled','mnet') .'

'; } -if (empty($CFG->auth_plugins_enabled)) { + +if (!is_enabled_auth('mnet')) { $warn .= '

' . get_string('authmnetdisabled','mnet').'

'; -} else { - $auths = explode(',', $CFG->auth_plugins_enabled); - if (!in_array('mnet', $auths)) { - $warn .= '

' . get_string('authmnetdisabled','mnet').'

'; - } - unset($auths); } + if (get_config('auth/mnet', 'auto_add_remote_users') != true) { $warn .= '

' . get_string('authmnetautoadddisabled','mnet').'

'; } diff --git a/admin/user.php b/admin/user.php index f543ad4d93..df6b274a79 100644 --- a/admin/user.php +++ b/admin/user.php @@ -104,12 +104,13 @@ admin_externalpage_print_footer($adminroot); die; } else if (data_submitted() and !$user->deleted) { + //following code is also used in auth sync scripts $updateuser = new object(); - $updateuser->id = $user->id; - $updateuser->deleted = 1; - $updateuser->username = addslashes("$user->email.".time()); // Remember it just in case - $updateuser->email = ''; // Clear this field to free it up - $updateuser->idnumber = ''; // Clear this field to free it up + $updateuser->id = $user->id; + $updateuser->deleted = 1; + $updateuser->username = addslashes("$user->email.".time()); // Remember it just in case + $updateuser->email = ''; // Clear this field to free it up + $updateuser->idnumber = ''; // Clear this field to free it up $updateuser->timemodified = time(); if (update_record('user', $updateuser)) { // not sure if this is needed. unenrol_student($user->id); // From all courses diff --git a/backup/restorelib.php b/backup/restorelib.php index 1d0c0216af..90c913d647 100644 --- a/backup/restorelib.php +++ b/backup/restorelib.php @@ -1561,14 +1561,14 @@ //We need to analyse the AUTH field to recode it: // - if the field isn't set, we are in a pre 1.4 backup and we'll - // use $CFG->auth - // - if the destination site has any kind of INTERNAL authentication, - // then apply it to the new user. - // - if the destination site has any kind of EXTERNAL authentication, - // then leave the original authentication of the user. - - if ((! isset($user->auth)) || is_internal_auth($CFG->auth)) { - $user->auth = $CFG->auth; + // use manual + + if (empty($user->auth)) { + if ($CFG->registerauth == 'email') { + $user->auth = 'email'; + } else { + $user->auth = 'manual'; + } } //We need to process the POLICYAGREED field to recalculate it: diff --git a/blocks/login/block_login.php b/blocks/login/block_login.php index 3744257979..a6c0555337 100644 --- a/blocks/login/block_login.php +++ b/blocks/login/block_login.php @@ -26,14 +26,15 @@ class block_login extends block_base { // in unencrypted connection... $wwwroot = str_replace("http://", "https://", $CFG->wwwroot); } - - $authplugin = get_auth_plugin($CFG->auth); - if (method_exists($authplugin, 'user_signup')) { - $signup = $wwwroot . '/login/signup.php'; - } - if ($authplugin->can_change_password()) { - $forgot = $wwwroot . '/login/forgot_password.php'; + + if (!empty($CFG->registerauth)) { + $authplugin = get_auth_plugin($CFG->registerauth); + if (method_exists($authplugin, 'user_signup')) { + $signup = $wwwroot . '/login/signup.php'; + } } + // TODO: now that we have multiauth it is hard to find out if there is a way to change password + $forgot = $wwwroot . '/login/forgot_password.php'; $username = get_moodle_cookie() === 'nobody' ? '' : get_moodle_cookie();