From 90afcf32809a5aa3bb56c9946f1fbf14b3b60748 Mon Sep 17 00:00:00 2001 From: skodak Date: Tue, 21 Aug 2007 20:52:36 +0000 Subject: [PATCH] MDL-10260 added new user_delete() hook into auth plugins; refactored user delete code = new function delete_user() in moodlelib.php + improved cleanup in core tables when deleting user --- admin/user.php | 13 +----------- auth/cas/auth.php | 19 +++--------------- auth/db/auth.php | 15 +------------- auth/ldap/auth.php | 15 +------------- lib/authlib.php | 10 ++++++++++ lib/moodlelib.php | 50 ++++++++++++++++++++++++++++++++++++++++++++++ 6 files changed, 66 insertions(+), 56 deletions(-) diff --git a/admin/user.php b/admin/user.php index 8b19695ca2..a68303d912 100644 --- a/admin/user.php +++ b/admin/user.php @@ -109,18 +109,7 @@ admin_externalpage_print_footer(); die; } else if (data_submitted() and !$user->deleted) { - //following code is also used in auth sync scripts - $updateuser = new object(); - $updateuser->id = $user->id; - $updateuser->deleted = 1; - $updateuser->username = addslashes("$user->email.".time()); // Remember it just in case - $updateuser->email = ''; // Clear this field to free it up - $updateuser->idnumber = ''; // Clear this field to free it up - $updateuser->timemodified = time(); - if (update_record('user', $updateuser)) { - // not sure if this is needed. unenrol_student($user->id); // From all courses - delete_records('role_assignments', 'userid', $user->id); // unassign all roles - // remove all context assigned on this user? + if (delete_user($user)) { notify(get_string('deletedactivity', '', fullname($user, true)) ); } else { notify(get_string('deletednot', '', fullname($user, true))); diff --git a/auth/cas/auth.php b/auth/cas/auth.php index 43faed08a9..2f89de748b 100644 --- a/auth/cas/auth.php +++ b/auth/cas/auth.php @@ -97,7 +97,7 @@ class auth_plugin_cas extends auth_plugin_base { return; } - // Test si cas activé et paramêtres non remplis + // Test si cas activ� et param�tres non remplis if (empty($this->config->hostname)) { return; } @@ -105,7 +105,7 @@ class auth_plugin_cas extends auth_plugin_base { // Connection to CAS server $this->connectCAS(); - // Gestion de la connection CAS si accès direct d'un ent ou autre + // Gestion de la connection CAS si acc�s direct d'un ent ou autre if (phpCAS::checkAuthentication()) { $frm->username=phpCAS::getUser(); // if (phpCAS::getUser()=='esup9992') @@ -699,21 +699,9 @@ if ( !is_object($PHPCAS_CLIENT) ) { $remove_users = get_records_sql($sql); if (!empty($remove_users)) { print "User entries to remove: ". count($remove_users) . "\n"; - begin_sql(); foreach ($remove_users as $user) { if ($this->config->removeuser == 2) { - //following is copy pasted from admin/user.php - //maybe this should moved to function in lib/datalib.php - $updateuser = new object(); - $updateuser->id = $user->id; - $updateuser->deleted = 1; - $updateuser->username = addslashes("$user->email.".time()); // Remember it just in case - $updateuser->email = ''; // Clear this field to free it up - $updateuser->idnumber = ''; // Clear this field to free it up - $updateuser->timemodified = time(); - if (update_record('user', $updateuser)) { - delete_records('role_assignments', 'userid', $user->id); // unassign all roles - //copy pasted part ends + if (delete_user($user)) { echo "\t"; print_string('auth_dbdeleteuser', 'auth', array($user->username, $user->id)); echo "\n"; } else { echo "\t"; print_string('auth_dbdeleteusererror', 'auth', $user->username); echo "\n"; @@ -729,7 +717,6 @@ if ( !is_object($PHPCAS_CLIENT) ) { } } } - commit_sql(); } else { print "No user entries to be removed\n"; } diff --git a/auth/db/auth.php b/auth/db/auth.php index 020b3cff6e..e8b2e50c36 100644 --- a/auth/db/auth.php +++ b/auth/db/auth.php @@ -248,21 +248,9 @@ class auth_plugin_db extends auth_plugin_base { if (!empty($remove_users)) { print_string('auth_dbuserstoremove','auth', count($remove_users)); echo "\n"; - begin_sql(); foreach ($remove_users as $user) { if ($this->config->removeuser == 2) { - //following is copy pasted from admin/user.php - //maybe this should moved to function in lib/datalib.php - $updateuser = new object(); - $updateuser->id = $user->id; - $updateuser->deleted = 1; - $updateuser->username = addslashes("$user->email.".time()); // Remember it just in case - $updateuser->email = ''; // Clear this field to free it up - $updateuser->idnumber = ''; // Clear this field to free it up - $updateuser->timemodified = time(); - if (update_record('user', $updateuser)) { - delete_records('role_assignments', 'userid', $user->id); // unassign all roles - //copy pasted part ends + if (delete_user($user)) { echo "\t"; print_string('auth_dbdeleteuser', 'auth', array($user->username, $user->id)); echo "\n"; } else { echo "\t"; print_string('auth_dbdeleteusererror', 'auth', $user->username); echo "\n"; @@ -278,7 +266,6 @@ class auth_plugin_db extends auth_plugin_base { } } } - commit_sql(); } unset($remove_users); // free mem! } diff --git a/auth/ldap/auth.php b/auth/ldap/auth.php index cb2ec2efbf..ec0ceb1809 100644 --- a/auth/ldap/auth.php +++ b/auth/ldap/auth.php @@ -614,21 +614,9 @@ class auth_plugin_ldap extends auth_plugin_base { if (!empty($remove_users)) { print "User entries to remove: ". count($remove_users) . "\n"; - begin_sql(); foreach ($remove_users as $user) { if ($this->config->removeuser == 2) { - //following is copy pasted from admin/user.php - //maybe this should moved to function in lib/datalib.php - $updateuser = new object(); - $updateuser->id = $user->id; - $updateuser->deleted = 1; - $updateuser->username = addslashes("$user->email.".time()); // Remember it just in case - $updateuser->email = ''; // Clear this field to free it up - $updateuser->idnumber = ''; // Clear this field to free it up - $updateuser->timemodified = time(); - if (update_record('user', $updateuser)) { - delete_records('role_assignments', 'userid', $user->id); // unassign all roles - //copy pasted part ends + if (delete_user($user)) { echo "\t"; print_string('auth_dbdeleteuser', 'auth', array($user->username, $user->id)); echo "\n"; } else { echo "\t"; print_string('auth_dbdeleteusererror', 'auth', $user->username); echo "\n"; @@ -644,7 +632,6 @@ class auth_plugin_ldap extends auth_plugin_base { } } } - commit_sql(); } else { print "No user entries to be removed\n"; } diff --git a/lib/authlib.php b/lib/authlib.php index 2c3b58db0e..355fdf3ec5 100644 --- a/lib/authlib.php +++ b/lib/authlib.php @@ -138,6 +138,16 @@ class auth_plugin_base { return true; } + /** + * User delete requested - internal user record is mared as deleted already, username not present anymore. + * Do any action in external database. + * @param object $user Userobject before delete (without system magic quotes) + */ + function user_delete($olduser) { + //override if needed + return; + } + /** * Returns true if plugin allows resetting of internal password. * diff --git a/lib/moodlelib.php b/lib/moodlelib.php index 707c4eeb4f..d3419cdea1 100644 --- a/lib/moodlelib.php +++ b/lib/moodlelib.php @@ -2616,6 +2616,56 @@ function truncate_userinfo($info) { return $info; } +/** + * Marks user deleted in internal user database and notifies the auth plugin. + * Also unenrols user from all roles and does other cleanup. + * @param object $user Userobject before delete (without system magic quotes) + * @return boolean success + */ +function delete_user($user) { + global $CFG; + require_once($CFG->libdir.'/grouplib.php'); + + begin_sql(); + + // delete all grades - backup is kept in grade_grades_history table + if ($grades = grade_grade::fetch_all(array('userid'=>$user->id))) { + foreach ($grades as $grade) { + $grade->delete('userdelete'); + } + } + + // remove from all groups + delete_records('groups_members', 'userid', $user->id); + + // unenrol from all roles in all contexts + role_unassign(0, $user->id); // this might be slow but it is really needed - modules might do some extra cleanup! + + // now do a final accesslib cleanup - removes all role assingments in user context and context itself + delete_context(CONTEXT_USER, $user->id); + + // mark internal user record as "deleted" + $updateuser = new object(); + $updateuser->id = $user->id; + $updateuser->deleted = 1; + $updateuser->username = addslashes("$user->email.".time()); // Remember it just in case + $updateuser->email = ''; // Clear this field to free it up + $updateuser->idnumber = ''; // Clear this field to free it up + $updateuser->timemodified = time(); + + if (update_record('user', $updateuser)) { + commit_sql(); + // notify auth plugin - do not block the delete even when plugin fails + $authplugin = get_auth_plugin($user->auth); + $authplugin->user_delete($user); + return true; + + } else { + rollback_sql(); + return false; + } +} + /** * Retrieve the guest user object * -- 2.39.5