Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-32724

LDAP Auth function user_update() returns true even if update has failed

    Details

    • Testing Instructions:
      Hide
      1. Enable and configure the LDAP auth plugin. Use a bind user that doesn't have the privileges needed to change other users LDAP attributes (i.e., a "readonly" bind user).
      2. Map at least one external attribute to one internal Moodle user field (e.g., surname), and configure that mapping to 'Update external' with 'On update'. Make sure you use an attribute that has already a value for the LDAP user we are going to use in the next step.
      3. Log in with the LDAP user (to create the internal Moodle user account). If requested, fill in the missing mandatory user profile fields.
      4. Log out and log in as an admin.
      5. Edit the user details and change the user field that is mapped to 'Update external'. Without the bugfix, the user details will be changed in Moodle without error (but an LDAP error will be present in the PHP error logs). With the bugfix, an error stating 'Failed to update user data on external auth: ldap. See the server logs for more details' will be shown.
      Show
      Enable and configure the LDAP auth plugin. Use a bind user that doesn't have the privileges needed to change other users LDAP attributes (i.e., a "readonly" bind user). Map at least one external attribute to one internal Moodle user field (e.g., surname), and configure that mapping to 'Update external' with 'On update'. Make sure you use an attribute that has already a value for the LDAP user we are going to use in the next step. Log in with the LDAP user (to create the internal Moodle user account). If requested, fill in the missing mandatory user profile fields. Log out and log in as an admin. Edit the user details and change the user field that is mapped to 'Update external'. Without the bugfix, the user details will be changed in Moodle without error (but an LDAP error will be present in the PHP error logs). With the bugfix, an error stating 'Failed to update user data on external auth: ldap. See the server logs for more details' will be shown.
    • Affected Branches:
      MOODLE_21_STABLE, MOODLE_24_STABLE, MOODLE_25_STABLE, MOODLE_26_STABLE
    • Fixed Branches:
      MOODLE_25_STABLE, MOODLE_26_STABLE
    • Pull Master Branch:
      wip_master_mdl-32724

      Description

      When updating user information and calling $authplugin->user_update($olduser, $newuser) the function returns a true or false based on whether it has been sucessful or not. If the function sucessfully updates the user through LDAP it returns true and conversly if the process fails for some reason it should return false.

      I am currently writing a script which relies on this information to control behaviour. If the user can be updated via LDAP then Moodle's record can also be updated, if not then an email will be sent to have the information updated manually.

      Unforuntately what I have found is that if the function succeeds in every step EXCEPT the actual LDAP command it still returns a true, meaning that if we have users accounts which cannot be modified by our bind user their records will not be updated but the returned value of true gives us no way of knowing this.

      I'm adding a patch which adds a check on the value of $changed at the very end of the script. If $changed equals false it will return false.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  10/Mar/14