Moodle
  1. Moodle
  2. MDL-29093

Authentication for authentication only, not for user creation

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 2.0, 2.1, 2.2
    • Fix Version/s: 2.1.2
    • Component/s: Authentication
    • Labels:
    • Environment:
      RHEL 5
    • Database:
      Any
    • Testing Instructions:
      Hide

      0 Please, if possible, test this under 21_STABLE

      1. Enable any external authentication plugin (manual and email always create the user before she has any chance to log in).
      2. Go to Site Administration >> Plugins >> Authentication >> Manage authentication
      3. Tick the ''Prevent account creation when authenticating'' checkbox and save the changes.
      4. Try to login with a user that exists and is enabled in the external authentication subsystem. We should get a message telling us that either the username or password is invalid, and login is denied.
      5. Go to Site Administration >> Plugins >> Authentication >> Manage authentication , untick the 'Authentication for authentication only' checkbox and save the changes.
      6. Try to login with the same user user than before. The user should be able to log in.

      Show
      0 Please, if possible, test this under 21_STABLE 1. Enable any external authentication plugin (manual and email always create the user before she has any chance to log in). 2. Go to Site Administration >> Plugins >> Authentication >> Manage authentication 3. Tick the ''Prevent account creation when authenticating'' checkbox and save the changes. 4. Try to login with a user that exists and is enabled in the external authentication subsystem. We should get a message telling us that either the username or password is invalid, and login is denied. 5. Go to Site Administration >> Plugins >> Authentication >> Manage authentication , untick the 'Authentication for authentication only' checkbox and save the changes. 6. Try to login with the same user user than before. The user should be able to log in.
    • Workaround:
      Hide

      The only way to do that is by editing the code:

      /moodle/lib/moodlelib.php (line 3587)

      } else

      { // if user not found, create him // Better to have an if check with option HERE //$user = create_user_record($username, $password, $auth); continue; }

      Code retrieved from: http://moodle.org/mod/forum/discuss.php?d=102711

      Show
      The only way to do that is by editing the code: /moodle/lib/moodlelib.php (line 3587) } else { // if user not found, create him // Better to have an if check with option HERE //$user = create_user_record($username, $password, $auth); continue; } Code retrieved from: http://moodle.org/mod/forum/discuss.php?d=102711
    • Affected Branches:
      MOODLE_20_STABLE, MOODLE_21_STABLE, MOODLE_22_STABLE
    • Fixed Branches:
      MOODLE_21_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      wip_MDL-29093_auth_for_auth_only_master
    • Rank:
      18782

      Description

      There are cases that a moodle installation needs only to use (LDAP) authentication and not (LDAP) user creation.
      It would be nice to have an option for preventing automatic user creation if the administrator does't want users to be automatically created when they dont exist in the database.

        Issue Links

          Activity

          Hide
          Michael de Raadt added a comment -

          Thanks for suggesting that and providing a workaround.

          If you would like to help us by working on a generalised solution, please go ahead.

          Show
          Michael de Raadt added a comment - Thanks for suggesting that and providing a workaround. If you would like to help us by working on a generalised solution, please go ahead.
          Hide
          Henning Bostelmann added a comment -

          I fully agree - we are using a similar hack in our installation since years ago.

          However, there's already another feature request for this, which I link here.

          Show
          Henning Bostelmann added a comment - I fully agree - we are using a similar hack in our installation since years ago. However, there's already another feature request for this, which I link here.
          Hide
          Iñaki Arenaza added a comment -

          Note for integrators: the master patch should be backported to MOODLE_21_STABLE. MOODLE_20_STABLE needs its own patch, due to differences in admin/settings/plugins.php.

          Saludos.
          Iñaki.

          Show
          Iñaki Arenaza added a comment - Note for integrators: the master patch should be backported to MOODLE_21_STABLE. MOODLE_20_STABLE needs its own patch, due to differences in admin/settings/plugins.php. Saludos. Iñaki.
          Hide
          Iñaki Arenaza added a comment -

          Oops! I forgot about testing instructions

          Saludos.
          Iñaki.

          Show
          Iñaki Arenaza added a comment - Oops! I forgot about testing instructions Saludos. Iñaki.
          Hide
          Eloy Lafuente (stronk7) added a comment -

          The main moodle.git repository has just been updated with latest weekly modifications. You may wish to rebase your PULL branches to simplify history and avoid any possible merge conflicts. This would also make integrator's life easier next week.

          TIA and ciao

          Show
          Eloy Lafuente (stronk7) added a comment - The main moodle.git repository has just been updated with latest weekly modifications. You may wish to rebase your PULL branches to simplify history and avoid any possible merge conflicts. This would also make integrator's life easier next week. TIA and ciao
          Hide
          Sam Hemelryk added a comment -

          Hi Inaki,

          The patch looks good thank you, before it gets integrated however I would like Helen to have a look at the two new strings as I think they could probably be improved.

          $string['authonly'] = 'Authentication for authentication only';
          $string['authonly_help'] = 'Enabling this option makes authentication plugins only authenticate already existing users. No new users will be created as part of the login process, even if entered username and password are valid. This also means you need to create new users using other mechanisms (manual creation, user uploading, LDAP sync, etc.)';
          

          Also just to note that this will only be integrated to master sorry.
          New features and improvements like this are only ever integrated to the development branch for the next release. As a rule we only backport bug fixes unless there is a very good reason to backport something else.

          Cheers
          Sam

          Show
          Sam Hemelryk added a comment - Hi Inaki, The patch looks good thank you, before it gets integrated however I would like Helen to have a look at the two new strings as I think they could probably be improved. $string['authonly'] = 'Authentication for authentication only'; $string['authonly_help'] = 'Enabling this option makes authentication plugins only authenticate already existing users. No new users will be created as part of the login process, even if entered username and password are valid. This also means you need to create new users using other mechanisms (manual creation, user uploading, LDAP sync, etc.)'; Also just to note that this will only be integrated to master sorry. New features and improvements like this are only ever integrated to the development branch for the next release. As a rule we only backport bug fixes unless there is a very good reason to backport something else. Cheers Sam
          Hide
          Helen Foster added a comment -

          How about:

          $string['authonly'] = 'Prevent account creation when authenticating';

          $string['authonly_help'] = 'If enabled, only users with existing accounts on the site will be able to authenticate. New accounts will need to be created manually or via the upload users feature. This setting applies to authentication using external databases, such as LDAP.';

          OR

          $string['authonly_help'] = 'When a user authenticates, an account on the site is automatically created if it doesn't yet exist. If an external database, such as LDAP, is used for authentication, but you wish to restrict access to the site to users with an existing account only, then this option should be enabled. New accounts will need to be created manually or via the upload users feature.';

          Show
          Helen Foster added a comment - How about: $string ['authonly'] = 'Prevent account creation when authenticating'; $string ['authonly_help'] = 'If enabled, only users with existing accounts on the site will be able to authenticate. New accounts will need to be created manually or via the upload users feature. This setting applies to authentication using external databases, such as LDAP.'; OR $string ['authonly_help'] = 'When a user authenticates, an account on the site is automatically created if it doesn't yet exist. If an external database, such as LDAP, is used for authentication, but you wish to restrict access to the site to users with an existing account only, then this option should be enabled. New accounts will need to be created manually or via the upload users feature.';
          Hide
          Sam Hemelryk added a comment -

          Thanks Helen,

          I definitely like the title string, in regards to the options for the help string I like the second one more I think.
          I'm out of time to look at this unfortunately, I'll see if Eloy or Apu have time to finish this off.

          Cheers
          Sam

          Show
          Sam Hemelryk added a comment - Thanks Helen, I definitely like the title string, in regards to the options for the help string I like the second one more I think. I'm out of time to look at this unfortunately, I'll see if Eloy or Apu have time to finish this off. Cheers Sam
          Hide
          Iñaki Arenaza added a comment -

          +1 for the second help string option

          Saludos.
          Iñaki.

          Show
          Iñaki Arenaza added a comment - +1 for the second help string option Saludos. Iñaki.
          Hide
          Michael de Raadt added a comment -

          Thanks for sharing this solution.

          I agree that the original option label is a little confusing. Helen's suggestion may confuse people. I suggest: "Authentication does not create new accounts". I prefer Helen's second option above, but I would embellish it as follows...

          $string['authonly_help'] = 'It is possible for a user to be authenticated using an external system, such as LDAP. When a user authenticates, if they do not yet have an account on the site, usually one will be automatically. It may be that you wish to authenticate using an external system, but you wish to restrict access to the site to users with an existing account only. With this option enabled, only existing users will be able to gain access after they are authenticated via the external system. New accounts will need to be created manually or via the upload users feature.';

          Show
          Michael de Raadt added a comment - Thanks for sharing this solution. I agree that the original option label is a little confusing. Helen's suggestion may confuse people. I suggest: "Authentication does not create new accounts". I prefer Helen's second option above, but I would embellish it as follows... $string ['authonly_help'] = 'It is possible for a user to be authenticated using an external system, such as LDAP. When a user authenticates, if they do not yet have an account on the site, usually one will be automatically. It may be that you wish to authenticate using an external system, but you wish to restrict access to the site to users with an existing account only. With this option enabled, only existing users will be able to gain access after they are authenticated via the external system. New accounts will need to be created manually or via the upload users feature.';
          Hide
          Sam Hemelryk added a comment -

          Hi Eloy,

          I've made you the integrator of this issue as I've got a branch proposal for it (sorry to be adding to your load).
          Basically I've just improved the name of the variable and used the new strings.

          Git: git://github.com/samhemelryk/moodle.git
          Branch: wip-MDL-29093-master
          Diff: https://github.com/samhemelryk/moodle/compare/master...wip-MDL-29093-master

          Cheers
          Sam

          Show
          Sam Hemelryk added a comment - Hi Eloy, I've made you the integrator of this issue as I've got a branch proposal for it (sorry to be adding to your load). Basically I've just improved the name of the variable and used the new strings. Git: git://github.com/samhemelryk/moodle.git Branch: wip- MDL-29093 -master Diff: https://github.com/samhemelryk/moodle/compare/master...wip-MDL-29093-master Cheers Sam
          Hide
          Eloy Lafuente (stronk7) added a comment -

          Two comments to this before integrating:

          • Stating I'm not an English guy at all, I've read the 3 alternative lang strings and my opinion is that Helen's and Sam's alternative are clearer than Michael's one (with Sam's one "wishing" too much, heh).
          • More important: Not sure why but before looking at code I had imagined this as an option to exist for each enabled external auth plugin and not one global switch. That way other use cases like creation from DB and auth only from LDAP could be possible.

          Any opinion? Surely this will need 1-more week to discuss / decide.

          Show
          Eloy Lafuente (stronk7) added a comment - Two comments to this before integrating: Stating I'm not an English guy at all, I've read the 3 alternative lang strings and my opinion is that Helen's and Sam's alternative are clearer than Michael's one (with Sam's one "wishing" too much, heh). More important: Not sure why but before looking at code I had imagined this as an option to exist for each enabled external auth plugin and not one global switch. That way other use cases like creation from DB and auth only from LDAP could be possible. Any opinion? Surely this will need 1-more week to discuss / decide.
          Hide
          Iñaki Arenaza added a comment -

          On your second commnent, I suspect those use cases you mention are rather unusual. It's pretty uncommon to have more than one external authentication subsystem at the same time (while it's rather common to have one external auth subsys and internal manual auth at the same time).

          My 0.02 €

          Saludos.
          Iñaki.

          Show
          Iñaki Arenaza added a comment - On your second commnent, I suspect those use cases you mention are rather unusual. It's pretty uncommon to have more than one external authentication subsystem at the same time (while it's rather common to have one external auth subsys and internal manual auth at the same time). My 0.02 € Saludos. Iñaki.
          Hide
          Eloy Lafuente (stronk7) added a comment -

          This has been integrated into master and backported to 21_STABLE (not to 20_STABLE at all).

          I've used Sam's branch that includes original from Iñaki plus some rewording.

          Thanks everybody.

          PS: If some day we want to move from current global switch to "by plugin" one that should be easy to achieve in and BC way.

          Show
          Eloy Lafuente (stronk7) added a comment - This has been integrated into master and backported to 21_STABLE (not to 20_STABLE at all). I've used Sam's branch that includes original from Iñaki plus some rewording. Thanks everybody. PS: If some day we want to move from current global switch to "by plugin" one that should be easy to achieve in and BC way.
          Hide
          Aparup Banerjee added a comment -

          just updating the test

          Show
          Aparup Banerjee added a comment - just updating the test
          Hide
          Aparup Banerjee added a comment - - edited

          I'm getting logged in fine when test says i'm not supposed to be logging in.
          i have mnet auth setup between 2 sites (roaming both ways). "Prevent account creation" is ticked (on both sites actually).
          an account that exists only on my 21_STABLE site can login to through to my 22/master site. test says this should be denied? am i missing anything?

          Show
          Aparup Banerjee added a comment - - edited I'm getting logged in fine when test says i'm not supposed to be logging in. i have mnet auth setup between 2 sites (roaming both ways). "Prevent account creation" is ticked (on both sites actually). an account that exists only on my 21_STABLE site can login to through to my 22/master site. test says this should be denied? am i missing anything?
          Hide
          Aparup Banerjee added a comment -

          i initially tested with deleted users so they wouldn't exist on the site being tested. i tested now with newly created users from the remote site. i was able to login to the local site even with 'prevent account creation' turned on.

          failing this as it doesn't seem to work with Mnet authentication.

          Show
          Aparup Banerjee added a comment - i initially tested with deleted users so they wouldn't exist on the site being tested. i tested now with newly created users from the remote site. i was able to login to the local site even with 'prevent account creation' turned on. failing this as it doesn't seem to work with Mnet authentication.
          Hide
          Eloy Lafuente (stronk7) added a comment -

          Note: Just replaced the 'authpreventaccountcreation_help' string by Helen alternative. This should not affect testing nor hurt anybody. Ciao

          Show
          Eloy Lafuente (stronk7) added a comment - Note: Just replaced the 'authpreventaccountcreation_help' string by Helen alternative. This should not affect testing nor hurt anybody. Ciao
          Hide
          Iñaki Arenaza added a comment -

          Hi Aparup,

          it seems Mnet authentication completely ignores the normal authentication flow and uses and alternative approach (I didn't know it).

          I'm preparing a new patch taking this into account, but integrators should probably have a look at MDL-21327 and associated discussion at http://moodle.org/mod/forum/discuss.php?d=141491 before deciding if we should leave MNet out of this config setting

          Saludos.
          Iñaki.

          Show
          Iñaki Arenaza added a comment - Hi Aparup, it seems Mnet authentication completely ignores the normal authentication flow and uses and alternative approach (I didn't know it). I'm preparing a new patch taking this into account, but integrators should probably have a look at MDL-21327 and associated discussion at http://moodle.org/mod/forum/discuss.php?d=141491 before deciding if we should leave MNet out of this config setting Saludos. Iñaki.
          Hide
          Eloy Lafuente (stronk7) added a comment -

          Note: this change does not apply to mnet. Try LDAP/DB instead. I've asked Helen for string amending in the mean time.

          Show
          Eloy Lafuente (stronk7) added a comment - Note: this change does not apply to mnet. Try LDAP/DB instead. I've asked Helen for string amending in the mean time.
          Hide
          Aparup Banerjee added a comment -

          hm understood that Mnet probably doesn't apply. string to explain would be handy, testing with DB again

          Show
          Aparup Banerjee added a comment - hm understood that Mnet probably doesn't apply. string to explain would be handy, testing with DB again
          Hide
          Eloy Lafuente (stronk7) added a comment - - edited

          I don't think MNET should be handled by this setting at all. One of the basic requirements for it to work is to populate the users table with mnethostid. Cannot imagine any point about preventing that.

          So I think current behavior is correct. This setting does not apply to MNET auth (nor will). Let it 100% separated (own settings...).

          Ciao

          Show
          Eloy Lafuente (stronk7) added a comment - - edited I don't think MNET should be handled by this setting at all. One of the basic requirements for it to work is to populate the users table with mnethostid. Cannot imagine any point about preventing that. So I think current behavior is correct. This setting does not apply to MNET auth (nor will). Let it 100% separated (own settings...). Ciao
          Hide
          Helen Foster added a comment -

          How about:

          $string['authpreventaccountcreation_help'] = 'When a user authenticates, an account on the site is automatically created if it doesn\'t yet exist. If an external database, such as LDAP, is used for authentication, but you wish to restrict access to the site to users with an existing account only, then this option should be enabled. New accounts will need to be created manually or via the upload users feature. Note that this setting doesn\'t apply to MNet authentication.';

          Show
          Helen Foster added a comment - How about: $string ['authpreventaccountcreation_help'] = 'When a user authenticates, an account on the site is automatically created if it doesn\'t yet exist. If an external database, such as LDAP, is used for authentication, but you wish to restrict access to the site to users with an existing account only, then this option should be enabled. New accounts will need to be created manually or via the upload users feature. Note that this setting doesn\'t apply to MNet authentication.';
          Hide
          Eloy Lafuente (stronk7) added a comment -

          String changes applied to master and 21_STABLE, thanks!

          Show
          Eloy Lafuente (stronk7) added a comment - String changes applied to master and 21_STABLE, thanks!
          Hide
          Aparup Banerjee added a comment - - edited

          sorry, i keep getting (for local mysql and also remote (vm)mssql ))
          Could not connect to the specified authentication database...

          line 92 of /auth/db/auth.php: call to debugging()
          line 3751 of /lib/moodlelib.php: call to auth_plugin_db->user_login()
          line 133 of /login/index.php: call to authenticate_user_login()

          i'll try again later (something with my perm? even with same db the site is running on), if anyone else can test this too it would be great..

          Show
          Aparup Banerjee added a comment - - edited sorry, i keep getting (for local mysql and also remote (vm)mssql )) Could not connect to the specified authentication database... line 92 of /auth/db/auth.php: call to debugging() line 3751 of /lib/moodlelib.php: call to auth_plugin_db->user_login() line 133 of /login/index.php: call to authenticate_user_login() i'll try again later (something with my perm? even with same db the site is running on), if anyone else can test this too it would be great..
          Hide
          Eloy Lafuente (stronk7) added a comment -

          Hi Aparup,

          I'm getting this for testing as far as I've here some ldap & db working as auth sources configured. Hope it's ok for you. Ciao

          PS: About MDL-29326 I'm sorry I cannot test it (no Windows box available here today).

          Show
          Eloy Lafuente (stronk7) added a comment - Hi Aparup, I'm getting this for testing as far as I've here some ldap & db working as auth sources configured. Hope it's ok for you. Ciao PS: About MDL-29326 I'm sorry I cannot test it (no Windows box available here today).
          Hide
          Eloy Lafuente (stronk7) added a comment -

          Tested under 21_STABLE:

          • DB auth, against postgres and mssql (not sqlsrv).
          • LDAP, against OpenDS server

          The switch worked as expected. Passing, thanks!

          Show
          Eloy Lafuente (stronk7) added a comment - Tested under 21_STABLE: DB auth, against postgres and mssql (not sqlsrv). LDAP, against OpenDS server The switch worked as expected. Passing, thanks!
          Hide
          Eloy Lafuente (stronk7) added a comment -

          Offtopic, when setting up my testing environment for MDL-26257 (Shibboleth), I got horrible errors with $CFG->authpreventaccountcreation enabled.

          Show
          Eloy Lafuente (stronk7) added a comment - Offtopic, when setting up my testing environment for MDL-26257 (Shibboleth), I got horrible errors with $CFG->authpreventaccountcreation enabled.
          Hide
          Eloy Lafuente (stronk7) added a comment -

          Here it is the complete output after successful login in Shibboleth IDP with $CFG->authpreventaccountcreation=true

          Notice: Undefined property: stdClass::$currentlogin in /Users/stronk7/git_moodle/integration/lib/moodlelib.php on line 3068
          Call Stack
          #	Time	Memory	Function	Location
          1	0.0003	641048	{main}( )	../index.php:0
          2	0.0531	2936904	update_user_login_times( )	../index.php:47
          
          
          ( ! ) Notice: Undefined property: stdClass::$id in /Users/stronk7/git_moodle/integration/lib/moodlelib.php on line 3071
          Call Stack
          #	Time	Memory	Function	Location
          1	0.0003	641048	{main}( )	../index.php:0
          2	0.0531	2936904	update_user_login_times( )	../index.php:47
          
          
          Coding error detected, it must be fixed by a programmer: moodle_database::update_record_raw() id field must be specified.
          Stack trace:
          line 961 of /lib/dml/mysqli_native_moodle_database.php: coding_exception thrown
          line 1017 of /lib/dml/mysqli_native_moodle_database.php: call to mysqli_native_moodle_database->update_record_raw()
          line 3073 of /lib/moodlelib.php: call to mysqli_native_moodle_database->update_record()
          line 47 of /auth/shibboleth/index.php: call to update_user_login_times()
          
          
          Coding error detected, it must be fixed by a programmer: Invalid $user parameter in check_user_preferences_loaded() call, missing id field
          Stack trace:
          line 1519 of /lib/moodlelib.php: coding_exception thrown
          line 1740 of /lib/moodlelib.php: call to check_user_preferences_loaded()
          line 7942 of /lib/moodlelib.php: call to get_user_preferences()
          line 536 of /lib/pagelib.php: call to get_user_device_type()
          line 617 of /lib/pagelib.php: call to moodle_page->magic_get_devicetypeinuse()
          line 1337 of /lib/pagelib.php: call to moodle_page->__get()
          line 1259 of /lib/pagelib.php: call to moodle_page->resolve_theme()
          line 1348 of /lib/setuplib.php: call to moodle_page->initialise_theme_and_output()
          line 328 of /lib/setuplib.php: call to bootstrap_renderer->__call()
          line 328 of /lib/setuplib.php: call to bootstrap_renderer->fatal_error()
          line ? of unknownfile: call to default_exception_handler()
          
          Show
          Eloy Lafuente (stronk7) added a comment - Here it is the complete output after successful login in Shibboleth IDP with $CFG->authpreventaccountcreation=true Notice: Undefined property: stdClass::$currentlogin in /Users/stronk7/git_moodle/integration/lib/moodlelib.php on line 3068 Call Stack # Time Memory Function Location 1 0.0003 641048 {main}( ) ../index.php:0 2 0.0531 2936904 update_user_login_times( ) ../index.php:47 ( ! ) Notice: Undefined property: stdClass::$id in /Users/stronk7/git_moodle/integration/lib/moodlelib.php on line 3071 Call Stack # Time Memory Function Location 1 0.0003 641048 {main}( ) ../index.php:0 2 0.0531 2936904 update_user_login_times( ) ../index.php:47 Coding error detected, it must be fixed by a programmer: moodle_database::update_record_raw() id field must be specified. Stack trace: line 961 of /lib/dml/mysqli_native_moodle_database.php: coding_exception thrown line 1017 of /lib/dml/mysqli_native_moodle_database.php: call to mysqli_native_moodle_database->update_record_raw() line 3073 of /lib/moodlelib.php: call to mysqli_native_moodle_database->update_record() line 47 of /auth/shibboleth/index.php: call to update_user_login_times() Coding error detected, it must be fixed by a programmer: Invalid $user parameter in check_user_preferences_loaded() call, missing id field Stack trace: line 1519 of /lib/moodlelib.php: coding_exception thrown line 1740 of /lib/moodlelib.php: call to check_user_preferences_loaded() line 7942 of /lib/moodlelib.php: call to get_user_preferences() line 536 of /lib/pagelib.php: call to get_user_device_type() line 617 of /lib/pagelib.php: call to moodle_page->magic_get_devicetypeinuse() line 1337 of /lib/pagelib.php: call to moodle_page->__get() line 1259 of /lib/pagelib.php: call to moodle_page->resolve_theme() line 1348 of /lib/setuplib.php: call to moodle_page->initialise_theme_and_output() line 328 of /lib/setuplib.php: call to bootstrap_renderer->__call() line 328 of /lib/setuplib.php: call to bootstrap_renderer->fatal_error() line ? of unknownfile: call to default_exception_handler()
          Hide
          Sam Hemelryk added a comment -

          Linked two issues that I've created to see the notices and errors resolved.

          Cheers
          Sam

          Show
          Sam Hemelryk added a comment - Linked two issues that I've created to see the notices and errors resolved. Cheers Sam
          Hide
          Eloy Lafuente (stronk7) added a comment -

          YTC !

          (aka, yay, thanks and ciao ) Closing.

          Show
          Eloy Lafuente (stronk7) added a comment - YTC ! (aka, yay, thanks and ciao ) Closing.
          Hide
          Christos Rodosthenous added a comment -

          Very good job. Nice to see a very usefull feature getting into moodle core.

          Show
          Christos Rodosthenous added a comment - Very good job. Nice to see a very usefull feature getting into moodle core.
          Hide
          Luis de Vasconcelos added a comment -

          THANKS so much for this change! This alone makes upgrading to Moodle 2.1 worth the effort!

          Show
          Luis de Vasconcelos added a comment - THANKS so much for this change! This alone makes upgrading to Moodle 2.1 worth the effort!
          Hide
          Luis de Vasconcelos added a comment - - edited

          I've applied this patch to my Moodle 2.0.3+ (Build: 20110609) site and it works perfectly. But how will it affect my upgrade to Moodle 2.2 in the future? This patch creates the extra "authonly" row in the mdl_config table, so will having that extra row in the database cause any problems with the upgrade to Moodle 2.1 or 2.2?

          Show
          Luis de Vasconcelos added a comment - - edited I've applied this patch to my Moodle 2.0.3+ (Build: 20110609) site and it works perfectly. But how will it affect my upgrade to Moodle 2.2 in the future? This patch creates the extra "authonly" row in the mdl_config table, so will having that extra row in the database cause any problems with the upgrade to Moodle 2.1 or 2.2?
          Hide
          Iñaki Arenaza added a comment -

          Hi Luis,

          note that the original 'authonly' setting name from my patch was renamed to 'authpreventaccountcreation' in the final integrated patch. So when you upgrade to 2.2 in the future, your current (2.0.3+) setting won't have any effect, unless you rename it in the mdl_config table.

          Saludos.
          Iñaki.

          Show
          Iñaki Arenaza added a comment - Hi Luis, note that the original 'authonly' setting name from my patch was renamed to 'authpreventaccountcreation' in the final integrated patch. So when you upgrade to 2.2 in the future, your current (2.0.3+) setting won't have any effect, unless you rename it in the mdl_config table. Saludos. Iñaki.
          Hide
          Luis de Vasconcelos added a comment -

          Thanks Iñaki. So the best upgrade plan would be to:

          1) Restore the origional .php files that were modified by the patch
          /admin/settings/plugins.php
          /lang/en/admin.php
          /lib/moodlelib.php

          2) delete the 'authonly' row from mdl_config

          3) upgrade to Moodle 2.2

          Show
          Luis de Vasconcelos added a comment - Thanks Iñaki. So the best upgrade plan would be to: 1) Restore the origional .php files that were modified by the patch /admin/settings/plugins.php /lang/en/admin.php /lib/moodlelib.php 2) delete the 'authonly' row from mdl_config 3) upgrade to Moodle 2.2
          Hide
          Iñaki Arenaza added a comment -

          Hi Luis,

          you don't need to restore the files modified by the patch, as you are going to overwrite all of them with the new version

          Simply upgrade to the new version (2.1 or later already have the patch included) and either rename the setting or delete it and go to "Site Administration >> Plugins >> Authentication >> Manage authentication" , tick the 'Prevent account creation when authenticating' checkbox and save the changes.

          That should do it.

          Saludos.
          Iñaki.

          Show
          Iñaki Arenaza added a comment - Hi Luis, you don't need to restore the files modified by the patch, as you are going to overwrite all of them with the new version Simply upgrade to the new version (2.1 or later already have the patch included) and either rename the setting or delete it and go to "Site Administration >> Plugins >> Authentication >> Manage authentication" , tick the 'Prevent account creation when authenticating' checkbox and save the changes. That should do it. Saludos. Iñaki.

            People

            • Votes:
              2 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: