### Eclipse Workspace Patch 1.0
#P moodle18
Index: login/logout.php
===================================================================
RCS file: /cvsroot/moodle/moodle/login/logout.php,v
retrieving revision 1.18.2.2
diff -u -r1.18.2.2 logout.php
--- login/logout.php 2 Mar 2007 16:54:39 -0000 1.18.2.2
+++ login/logout.php 20 Mar 2007 20:58:28 -0000
@@ -3,11 +3,13 @@
require_once("../config.php");
- if (!empty($USER->mnethostid) and $USER->mnethostid != $CFG->mnet_localhost_id) {
- $host = get_record('mnet_host', 'id', $USER->mnethostid);
- $wwwroot = $host->wwwroot;
- } else {
- $wwwroot = $CFG->wwwroot;
+ // can be overriden by auth plugins
+ $redirect = $CFG->wwwroot.'/';
+
+ $authsequence = explode(',', $CFG->auth); // auths, in sequence
+ foreach($authsequence as $authname) {
+ $authplugin = get_auth_plugin($authname);
+ $authplugin->prelogin_hook();
}
$sesskey = optional_param('sesskey', '__notpresent__', PARAM_RAW); // we want not null default to prevent required sesskey warning
@@ -21,6 +23,6 @@
require_logout();
- redirect("$wwwroot/");
+ redirect($redirect);
?>
Index: login/signup.php
===================================================================
RCS file: /cvsroot/moodle/moodle/login/signup.php,v
retrieving revision 1.52.2.2
diff -u -r1.52.2.2 signup.php
--- login/signup.php 27 Feb 2007 10:25:56 -0000 1.52.2.2
+++ login/signup.php 20 Mar 2007 20:58:28 -0000
@@ -8,7 +8,7 @@
}
$authplugin = get_auth_plugin($CFG->registerauth);
- if (!method_exists($authplugin, 'user_signup')) {
+ if (!$authplugin->can_signup()) {
error("Sorry, you may not use this page.");
}
@@ -28,7 +28,7 @@
$user->secret = random_string(15);
$user->auth = $CFG->registerauth;
- $authplugin->user_signup($user, $notify=true); // prints notice and link to login/index.php
+ $authplugin->user_signup($user, true); // prints notice and link to login/index.php
exit; //never reached
}
Index: login/signup_form.php
===================================================================
RCS file: /cvsroot/moodle/moodle/login/signup_form.php,v
retrieving revision 1.23.2.2
diff -u -r1.23.2.2 signup_form.php
--- login/signup_form.php 27 Feb 2007 10:25:56 -0000 1.23.2.2
+++ login/signup_form.php 20 Mar 2007 20:58:28 -0000
@@ -76,10 +76,11 @@
}
}
}
- if (method_exists($authplugin, 'user_exists')){
- if ($authplugin->user_exists($user->username)) {
- $errors['username'] = get_string('usernameexists');
- }
+
+ //check if user exists in external db
+ //TODO: maybe we should check all enabled plugins instead
+ if ($authplugin->user_exists($user->username)) {
+ $errors['username'] = get_string('usernameexists');
}
Index: login/index.php
===================================================================
RCS file: /cvsroot/moodle/moodle/login/index.php,v
retrieving revision 1.109.2.5
diff -u -r1.109.2.5 index.php
--- login/index.php 6 Mar 2007 23:53:19 -0000 1.109.2.5
+++ login/index.php 20 Mar 2007 20:58:28 -0000
@@ -23,9 +23,6 @@
$session_has_timed_out = false;
}
- //HTTPS is potentially required in this page
- httpsrequired();
-
/// Check if the guest user exists. If not, create one.
if (! record_exists('user', 'username', 'guest')) {
$guest->auth = 'manual';
@@ -49,11 +46,6 @@
$authsequence = explode(',', $CFG->auth); // auths, in sequence
-// Load alternative login screens if necessary
-if ($authsequence[0] == 'cas' and !empty($CFG->cas_enabled)) {
- require($CFG->dirroot.'/auth/cas/login.php');
- }
-
if (!isset($CFG->registerauth)) {
set_config('registerauth', '');
}
@@ -62,17 +54,19 @@
set_config('auth_instructions', '');
}
-// See http://moodle.org/mod/forum/discuss.php?d=39918#187611
-// if ($CFG->auth == 'shibboleth') {
-// if (!empty($SESSION->shibboleth_checked) ) { // Just come from there
-// unset($SESSION->shibboleth_checked);
-// } else if (empty($_POST)) { // No incoming data, so redirect
-// redirect($CFG->wwwroot.'/auth/shibboleth/index.php');
-// }
-// }
-
-
+// auth plugins can override these - SSO anyone?
+$frm = false;
+$user = false;
+
+foreach($authsequence as $authname) {
+ $authplugin = get_auth_plugin($authname);
+ $authplugin->prelogin_hook();
+}
+
+//HTTPS is potentially required in this page
+httpsrequired();
+
/// Define variables used in page
if (!$site = get_site()) {
error("No site found!");
@@ -91,16 +85,18 @@
$loginurl = (!empty($CFG->alternateloginurl)) ? $CFG->alternateloginurl : '';
- $frm = false;
- $user = false;
+ if ($user !== false or $frm !== false) {
+ // some auth plugin alredy supplied these
- if ((!empty($SESSION->wantsurl) and strstr($SESSION->wantsurl,'username=guest')) or $loginguest) {
+ } else if ((!empty($SESSION->wantsurl) and strstr($SESSION->wantsurl,'username=guest')) or $loginguest) {
/// Log in as guest automatically (idea from Zbigniew Fiedorowicz)
$frm->username = 'guest';
$frm->password = 'guest';
+
} else if (!empty($SESSION->wantsurl) && file_exists($CFG->dirroot.'/login/weblinkauth.php')) {
// Handles the case of another Moodle site linking into a page on this site
+ //TODO: move weblink into own auth plugin
include($CFG->dirroot.'/login/weblinkauth.php');
if (function_exists(weblink_auth)) {
$user = weblink_auth($SESSION->wantsurl);
@@ -110,6 +106,7 @@
} else {
$frm = data_submitted($loginurl);
}
+
} else {
$frm = data_submitted($loginurl);
}
@@ -120,7 +117,7 @@
$errormsg = get_string("cookiesnotenabled");
- } else if ($frm) { // Login WITH cookies
+ } else if ($frm) { // Login WITH cookies
$frm->username = trim(moodle_strtolower($frm->username));
@@ -132,10 +129,12 @@
}
}
- if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) {
+ if ($user) {
+ //user already supplied by aut plugin prelogin hook
+ } else if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) {
$user = false; /// Can't log in as guest if guest button is disabled
$frm = false;
- } else if (!$user) {
+ } else {
if (empty($errormsg)) {
$user = authenticate_user_login($frm->username, $frm->password);
}
@@ -178,7 +177,7 @@
//Select password change url
$userauth = get_auth_plugin($USER->auth);
if ($userauth->can_change_password()) {
- if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
+ if ($userauth->change_password_url()) {
$passwordchangeurl = $userauth->change_password_url();
} else {
$passwordchangeurl = $CFG->httpswwwroot.'/login/change_password.php';
@@ -213,7 +212,7 @@
}
/// Go to my-moodle page instead of homepage if mymoodleredirect enabled
- if (!has_capability('moodle/site:config',get_context_instance(CONTEXT_SYSTEM, SITEID)) and !empty($CFG->mymoodleredirect) and !isguest()) {
+ if (!has_capability('moodle/site:config',get_context_instance(CONTEXT_SYSTEM)) and !empty($CFG->mymoodleredirect) and !isguest()) {
if ($urltogo == $CFG->wwwroot or $urltogo == $CFG->wwwroot.'/' or $urltogo == $CFG->wwwroot.'/index.php') {
$urltogo = $CFG->wwwroot.'/my/';
}
@@ -222,7 +221,7 @@
// check if user password has expired
// Currently supported only for ldap-authentication module
- if (method_exists($userauth, 'password_expire') and !empty($userauth->config->expiration) and $userauth->config->expiration == 1) {
+ if (!empty($userauth->config->expiration) and $userauth->config->expiration == 1) {
$days2expire = $userauth->password_expire($USER->username);
if (intval($days2expire) > 0 && intval($days2expire) < intval($CFG->{$USER->auth.'_expiration_warning'})) {
print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "");
Index: login/change_password.php
===================================================================
RCS file: /cvsroot/moodle/moodle/login/change_password.php,v
retrieving revision 1.54.2.3
diff -u -r1.54.2.3 change_password.php
--- login/change_password.php 6 Mar 2007 10:48:12 -0000 1.54.2.3
+++ login/change_password.php 20 Mar 2007 20:58:26 -0000
@@ -43,7 +43,7 @@
error(get_string('nopasswordchange', 'auth'));
}
- if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
+ if ($userauth->change_password_url()) {
// this internal scrip not used
redirect($userauth->change_password_url());
}
Index: login/confirm.php
===================================================================
RCS file: /cvsroot/moodle/moodle/login/confirm.php,v
retrieving revision 1.24.2.2
diff -u -r1.24.2.2 confirm.php
--- login/confirm.php 27 Feb 2007 10:25:56 -0000 1.24.2.2
+++ login/confirm.php 20 Mar 2007 20:58:26 -0000
@@ -12,7 +12,7 @@
}
$authplugin = get_auth_plugin($CFG->registerauth);
- if (!method_exists($authplugin, 'user_confirm')) {
+ if ($authplugin->can_confirm()) {
error("Sorry, you may not use this page.");
}
@@ -42,10 +42,8 @@
} else if ($confirmed == AUTH_CONFIRM_OK) {
// Activate new user if necessary
- if (method_exists($authplugin, 'user_activate')) {
- if (!$authplugin->user_activate($username)) {
- error('Could not activate this user!');
- }
+ if (!$authplugin->user_activate($username)) {
+ error('Could not activate this user!');
}
// The user has confirmed successfully, let's log them in
Index: login/forgot_password.php
===================================================================
RCS file: /cvsroot/moodle/moodle/login/forgot_password.php,v
retrieving revision 1.38.2.3
diff -u -r1.38.2.3 forgot_password.php
--- login/forgot_password.php 22 Feb 2007 22:25:20 -0000 1.38.2.3
+++ login/forgot_password.php 20 Mar 2007 20:58:26 -0000
@@ -98,7 +98,7 @@
$userauth = get_auth_plugin($user->auth);
- if (method_exists($userauth, 'can_reset_password') and $userauth->can_reset_password()) {
+ if ($userauth->can_reset_password()) {
// reset internal password and notify user
// set 'secret' string
Index: login/index_form.html
===================================================================
RCS file: /cvsroot/moodle/moodle/login/index_form.html,v
retrieving revision 1.48.2.1
diff -u -r1.48.2.1 index_form.html
--- login/index_form.html 20 Feb 2007 17:28:45 -0000 1.48.2.1
+++ login/index_form.html 20 Mar 2007 20:58:28 -0000
@@ -90,16 +90,13 @@
registerauth)) {
- echo format_text($CFG->auth_instructions);
- $authplugin = get_auth_plugin($CFG->registerauth);
- if (method_exists($authplugin, 'user_create')) { ?>
-
-auth_instructions); ?>
+
+auth_instructions);
} ?>
Index: auth/ldap/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/auth/ldap/auth.php,v
retrieving revision 1.6.2.3
diff -u -r1.6.2.3 auth.php
--- auth/ldap/auth.php 21 Feb 2007 21:45:14 -0000 1.6.2.3
+++ auth/ldap/auth.php 20 Mar 2007 20:58:05 -0000
@@ -16,20 +16,18 @@
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* LDAP authentication plugin.
*/
-class auth_plugin_ldap {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_ldap extends auth_plugin_base {
/**
* Constructor with initialisation.
*/
function auth_plugin_ldap() {
+ $this->authtype = 'ldap';
$this->config = get_config('auth/ldap');
if (empty($this->config->ldapencoding)) {
$this->config->ldapencoding = 'utf-8';
@@ -274,7 +272,7 @@
* If userpassword does not expire it should return 0. If password is already expired
* it should return negative value.
*
- * @param mixed $username username
+ * @param mixed $username username (with system magic quotes)
* @return integer
*/
function password_expire($username) {
@@ -584,7 +582,7 @@
if ($this->iscreator($user->username)) {
role_assign($creatorrole->id, $user->id, 0, $sitecontext->id, 0, 0, 0, 'ldap');
} else {
- role_unassign($creatorrole->id, $user->id, 0, $sitecontext->id);
+ role_unassign($creatorrole->id, $user->id, 0, $sitecontext->id, 'ldap');
}
}
@@ -783,26 +781,18 @@
/**
* Returns true if user should be coursecreator.
*
- * @param mixed $username username (with system magic quotes)
+ * @param mixed $username username (without system magic quotes)
* @return boolean result
*/
- function iscreator($username = false) {
- global $USER;
-
+ function iscreator($username) {
if (empty($this->config->creators) or empty($this->config->memberattribute)) {
- return false;
- }
-
- if ($username === false) {
- $username = $USER->username;
- } else {
- $username = stripslashes($username);
+ return null;
}
$textlib = textlib_get_instance();
$extusername = $textlib->convert($username, 'utf-8', $this->config->ldapencoding);
- return $this->ldap_isgroupmember($extusername, $this->config->creators);
+ return (boolean)$this->ldap_isgroupmember($extusername, $this->config->creators);
}
/**
@@ -1513,6 +1503,30 @@
}
/**
+ * Sync roles for this user
+ *
+ * @param $user object user object (without system magic quotes)
+ */
+ function sync_roles($user) {
+ $iscreator = $this->iscreator($user->username);
+ if ($iscreator === null) {
+ return; //nothing to sync - creators not configured
+ }
+
+ if ($roles = get_roles_with_capability('moodle/legacy:coursecreator', CAP_ALLOW)) {
+ $creatorrole = array_shift($roles); // We can only use one, let's use the first one
+ $systemcontext = get_context_instance(CONTEXT_SYSTEM);
+
+ if ($iscreator) { // Following calls will not create duplicates
+ role_assign($creatorrole->id, $user->id, 0, $systemcontext->id, 0, 0, 0, 'ldap');
+ } else {
+ //unassign only if previously assigned by this plugin!
+ role_unassign($creatorrole->id, $user->id, 0, $systemcontext->id, 'ldap');
+ }
+ }
+ }
+
+ /**
* Prints a form for configuring this authentication plugin.
*
* This function is called from admin/auth.php, and outputs a full page with
Index: auth/imap/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/auth/imap/auth.php,v
retrieving revision 1.2.2.2
diff -u -r1.2.2.2 auth.php
--- auth/imap/auth.php 21 Feb 2007 21:45:14 -0000 1.2.2.2
+++ auth/imap/auth.php 20 Mar 2007 20:58:01 -0000
@@ -16,20 +16,18 @@
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* IMAP authentication plugin.
*/
-class auth_plugin_imap {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_imap extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_imap() {
+ $this->authtype = 'imap';
$this->config = get_config('auth/imap');
}
Index: auth/email/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/auth/email/auth.php,v
retrieving revision 1.5.2.4
diff -u -r1.5.2.4 auth.php
--- auth/email/auth.php 27 Feb 2007 10:25:56 -0000 1.5.2.4
+++ auth/email/auth.php 20 Mar 2007 20:57:59 -0000
@@ -16,21 +16,18 @@
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
/**
* Email authentication plugin.
*/
-class auth_plugin_email {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_email extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_email() {
+ $this->authtype = 'email';
$this->config = get_config('auth/email');
}
@@ -65,6 +62,10 @@
return update_internal_user_password($user, $newpassword);
}
+ function can_signup() {
+ return true;
+ }
+
/**
* Sign up a new user ready for confirmation.
* Password is passed in plaintext.
@@ -72,7 +73,7 @@
* @param object $user new user object (with system magic quotes)
* @param boolean $notify print notice with link and terminate
*/
- function user_signup($user, $notify = true) {
+ function user_signup($user, $notify=true) {
$user->password = hash_internal_user_password($user->password);
if (! ($user->id = insert_record('user', $user)) ) {
@@ -93,6 +94,15 @@
}
/**
+ * Returns true if plugin allows confirming of new users.
+ *
+ * @return bool
+ */
+ function can_confirm() {
+ return true;
+ }
+
+ /**
* Confirm the new user as registered.
*
* @param string $username (with system magic quotes)
Index: auth/authlib.php
===================================================================
RCS file: auth/authlib.php
diff -N auth/authlib.php
--- auth/authlib.php 4 Jan 2007 04:52:43 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,33 +0,0 @@
-
Index: lib/moodlelib.php
===================================================================
RCS file: /cvsroot/moodle/moodle/lib/moodlelib.php,v
retrieving revision 1.837.2.31
diff -u -r1.837.2.31 moodlelib.php
--- lib/moodlelib.php 20 Mar 2007 08:07:00 -0000 1.837.2.31
+++ lib/moodlelib.php 20 Mar 2007 20:58:19 -0000
@@ -261,14 +261,6 @@
define ('BLOG_SITE_LEVEL', 4);
define ('BLOG_GLOBAL_LEVEL', 5);
-/**
- * Authentication - error codes for user confirm
- */
-define('AUTH_CONFIRM_FAIL', 0);
-define('AUTH_CONFIRM_OK', 1);
-define('AUTH_CONFIRM_ALREADY', 2);
-define('AUTH_CONFIRM_ERROR', 3);
-
/// PARAMETER HANDLING ////////////////////////////////////////////////////
@@ -1673,7 +1665,7 @@
if (get_user_preferences('auth_forcepasswordchange') && empty($USER->realuser)) {
if ($userauth->can_change_password()) {
$SESSION->wantsurl = $FULLME;
- if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
+ if ($userauth->change_password_url()) {
//use plugin custom url
redirect($userauth->change_password_url());
} else {
@@ -2440,12 +2432,10 @@
$authplugin = get_auth_plugin($auth);
- if (method_exists($authplugin, 'get_userinfo')) {
- if ($newinfo = $authplugin->get_userinfo($username)) {
- $newinfo = truncate_userinfo($newinfo);
- foreach ($newinfo as $key => $value){
- $newuser->$key = addslashes($value);
- }
+ if ($newinfo = $authplugin->get_userinfo($username)) {
+ $newinfo = truncate_userinfo($newinfo);
+ foreach ($newinfo as $key => $value){
+ $newuser->$key = addslashes($value);
}
}
@@ -2489,24 +2479,23 @@
* @return user A {@link $USER} object
*/
function update_user_record($username, $authplugin) {
- if (method_exists($authplugin, 'get_userinfo')) {
- $username = trim(moodle_strtolower($username)); /// just in case check text case
+ $username = trim(moodle_strtolower($username)); /// just in case check text case
- $oldinfo = get_record('user', 'username', $username, '','','','', 'username, auth');
- $userauth = get_auth_plugin($oldinfo->auth);
+ $oldinfo = get_record('user', 'username', $username, '','','','', 'username, auth');
+ $userauth = get_auth_plugin($oldinfo->auth);
- if ($newinfo = $authplugin->get_userinfo($username)) {
- $newinfo = truncate_userinfo($newinfo);
- foreach ($newinfo as $key => $value){
- $confkey = 'field_updatelocal_' . $key;
- if (!empty($userauth->config->$confkey) and $userauth->config->$confkey === 'onlogin') {
- $value = addslashes(stripslashes($value)); // Just in case
- set_field('user', $key, $value, 'username', $username)
- or error_log("Error updating $key for $username");
- }
+ if ($newinfo = $userauth->get_userinfo($username)) {
+ $newinfo = truncate_userinfo($newinfo);
+ foreach ($newinfo as $key => $value){
+ $confkey = 'field_updatelocal_' . $key;
+ if (!empty($userauth->config->$confkey) and $userauth->config->$confkey === 'onlogin') {
+ $value = addslashes(stripslashes($value)); // Just in case
+ set_field('user', $key, $value, 'username', $username)
+ or error_log("Error updating $key for $username");
}
}
}
+
return get_complete_user_data('username', $username);
}
@@ -2627,29 +2616,10 @@
// if user not found, create him
$user = create_user_record($username, $password, $auth);
}
- // fix for MDL-6928
- if (method_exists($authplugin, 'iscreator')) {
- $sitecontext = get_context_instance(CONTEXT_SYSTEM);
- if ($creatorroles = get_roles_with_capability('moodle/legacy:coursecreator', CAP_ALLOW)) {
- $creatorrole = array_shift($creatorroles); // We can only use one, let's use the first one
- // Check if the user is a creator
- if ($authplugin->iscreator($username)) { // Following calls will not create duplicates
- role_assign($creatorrole->id, $user->id, 0, $sitecontext->id, 0, 0, 0, $auth);
- } else {
- role_unassign($creatorrole->id, $user->id, 0, $sitecontext->id);
- }
- }
- }
- /// Log in to a second system if necessary
- if (!empty($CFG->sso)) {
- include_once($CFG->dirroot .'/sso/'. $CFG->sso .'/lib.php');
- if (function_exists('sso_user_login')) {
- if (!sso_user_login($username, $password)) { // Perform the signon process
- notify('Second sign-on failed');
- }
- }
- }
+ $authplugin->sync_roles($user);
+
+ $authplugin->user_authenticated_hook($user, $username, $password);
return $user;
@@ -3586,7 +3556,7 @@
$data->admin = fullname($from).' ('. $from->email .')';
$userauth = get_auth_plugin($user->auth);
- if ($userauth->can_change_password() and method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
+ if ($userauth->can_change_password() and $userauth->change_password_url()) {
// we have some external url for password cahnging
$data->link .= $userauth->change_password_url();
Index: lib/accesslib.php
===================================================================
RCS file: /cvsroot/moodle/moodle/lib/accesslib.php,v
retrieving revision 1.221.2.25
diff -u -r1.221.2.25 accesslib.php
--- lib/accesslib.php 20 Mar 2007 07:38:18 -0000 1.221.2.25
+++ lib/accesslib.php 20 Mar 2007 20:58:12 -0000
@@ -2194,9 +2194,10 @@
* @param $userid
* @param $groupid
* @param $contextid
+ * @param $enrol unassign only if enrolment type matches, NULL means anything
* @return boolean - success or failure
*/
-function role_unassign($roleid=0, $userid=0, $groupid=0, $contextid=0) {
+function role_unassign($roleid=0, $userid=0, $groupid=0, $contextid=0, $enrol=NULL) {
global $USER, $CFG;
@@ -2209,6 +2210,9 @@
$select[] = $arg.' = '.$$arg;
}
}
+ if (!empty($enrol)) {
+ $select[] = "enrol='$enrol'";
+ }
if ($select) {
if ($ras = get_records_select('role_assignments', implode(' AND ', $select))) {
Index: auth/shibboleth/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/auth/shibboleth/auth.php,v
retrieving revision 1.1.2.3
diff -u -r1.1.2.3 auth.php
--- auth/shibboleth/auth.php 9 Mar 2007 12:34:03 -0000 1.1.2.3
+++ auth/shibboleth/auth.php 20 Mar 2007 20:58:07 -0000
@@ -24,20 +24,18 @@
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* Shibboleth authentication plugin.
*/
-class auth_plugin_shibboleth {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_shibboleth extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_shibboleth() {
+ $this->authtype = 'shibboleth';
$this->config = get_config('auth/shibboleth');
}
@@ -148,6 +146,22 @@
return false;
}
+ function prelogin_hook() {
+ global $SESSION, $CFG;
+
+ //TODO: fix the code
+ return;
+
+ // See http://moodle.org/mod/forum/discuss.php?d=39918#187611
+ // if ($CFG->auth == 'shibboleth') {
+ // if (!empty($SESSION->shibboleth_checked) ) { // Just come from there
+ // unset($SESSION->shibboleth_checked);
+ // } else if (empty($_POST)) { // No incoming data, so redirect
+ // redirect($CFG->wwwroot.'/auth/shibboleth/index.php');
+ // }
+ // }
+ }
+
/**
* Prints a form for configuring this authentication plugin.
*
Index: blocks/login/block_login.php
===================================================================
RCS file: /cvsroot/moodle/moodle/blocks/login/block_login.php,v
retrieving revision 1.19.2.2
diff -u -r1.19.2.2 block_login.php
--- blocks/login/block_login.php 11 Mar 2007 19:59:13 -0000 1.19.2.2
+++ blocks/login/block_login.php 20 Mar 2007 20:58:07 -0000
@@ -29,7 +29,7 @@
if (!empty($CFG->registerauth)) {
$authplugin = get_auth_plugin($CFG->registerauth);
- if (method_exists($authplugin, 'user_signup')) {
+ if ($authplugin->can_signup()) {
$signup = $wwwroot . '/login/signup.php';
}
}
Index: user/view.php
===================================================================
RCS file: /cvsroot/moodle/moodle/user/view.php,v
retrieving revision 1.143.2.6
diff -u -r1.143.2.6 view.php
--- user/view.php 19 Mar 2007 18:52:48 -0000 1.143.2.6
+++ user/view.php 20 Mar 2007 20:58:28 -0000
@@ -352,7 +352,7 @@
$passwordchangeurl = false;
if ($userauth->can_change_password()) {
- if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
+ if ($userauth->change_password_url()) {
$passwordchangeurl = $userauth->change_password_url();
} else {
if (empty($CFG->loginhttps)) {
Index: user/edit.php
===================================================================
RCS file: /cvsroot/moodle/moodle/user/edit.php,v
retrieving revision 1.152.2.4
diff -u -r1.152.2.4 edit.php
--- user/edit.php 14 Mar 2007 23:35:08 -0000 1.152.2.4
+++ user/edit.php 20 Mar 2007 20:58:28 -0000
@@ -70,20 +70,18 @@
$usernew->timemodified = time();
- if (update_record('user', $usernew)) {
- if (method_exists($authplugin, 'user_update')){
- // pass a true $userold here
- if (! $authplugin->user_update($user, $userform->get_data(false))) {
- // auth update failed, rollback for moodle
- update_record('user', addslashes_object($user));
- error('Failed to update user data on external auth: '.$usernew->auth.
- '. See the server logs for more details.');
- }
- };
- } else {
+ if (!update_record('user', $usernew)) {
error('Error updating user record');
}
+ // pass a true $userold here
+ if (! $authplugin->user_update($user, $userform->get_data(false))) {
+ // auth update failed, rollback for moodle
+ update_record('user', addslashes_object($user));
+ error('Failed to update user data on external auth: '.$usernew->auth.
+ '. See the server logs for more details.');
+ }
+
//update preferences
useredit_update_user_preference($usernew);
Index: user/editadvanced.php
===================================================================
RCS file: /cvsroot/moodle/moodle/user/editadvanced.php,v
retrieving revision 1.8.2.3
diff -u -r1.8.2.3 editadvanced.php
--- user/editadvanced.php 14 Mar 2007 23:35:10 -0000 1.8.2.3
+++ user/editadvanced.php 20 Mar 2007 20:58:28 -0000
@@ -83,26 +83,20 @@
if (!update_record('user', $usernew)) {
error('Error updating user record');
}
- if (method_exists($authplugin, 'user_update')){
- // pass a true $userold here
- if (! $authplugin->user_update($user, $userform->get_data(false))) {
- // auth update failed, rollback for moodle
- update_record('user', addslashes_object($user));
- error('Failed to update user data on external auth: '.$usernew->auth.
- '. See the server logs for more details.');
- }
- };
+ // pass a true $userold here
+ if (! $authplugin->user_update($user, $userform->get_data(false))) {
+ // auth update failed, rollback for moodle
+ update_record('user', addslashes_object($user));
+ error('Failed to update user data on external auth: '.$usernew->auth.
+ '. See the server logs for more details.');
+ }
//set new password if specified
if (!empty($usernew->newpassword)) {
if ($authplugin->can_change_password()) {
- if (method_exists($authplugin, 'user_update_password')){
- if (!$authplugin->user_update_password($usernew, $usernew->newpassword)){
- error('Failed to update password on external auth: ' . $usernew->auth .
- '. See the server logs for more details.');
- }
- } else {
- error('Your external authentication module is misconfigued!');
+ if (!$authplugin->user_update_password($usernew, $usernew->newpassword)){
+ error('Failed to update password on external auth: ' . $usernew->auth .
+ '. See the server logs for more details.');
}
}
}
Index: admin/auth_config.php
===================================================================
RCS file: /cvsroot/moodle/moodle/admin/auth_config.php,v
retrieving revision 1.6.2.1
diff -u -r1.6.2.1 auth_config.php
--- admin/auth_config.php 20 Feb 2007 17:13:36 -0000 1.6.2.1
+++ admin/auth_config.php 20 Mar 2007 20:57:58 -0000
@@ -19,9 +19,7 @@
error(get_string('confirmsesskeybad', 'error'));
}
- if (method_exists($authplugin, 'validate_form')) {
- $authplugin->validate_form($frm, $err);
- }
+ $authplugin->validate_form($frm, $err);
if (count($err) == 0) {
Index: admin/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/admin/auth.php,v
retrieving revision 1.53.2.5
diff -u -r1.53.2.5 auth.php
--- admin/auth.php 23 Feb 2007 00:35:20 -0000 1.53.2.5
+++ admin/auth.php 20 Mar 2007 20:57:58 -0000
@@ -147,7 +147,7 @@
foreach ($authsenabled as $auth) {
$authplugin = get_auth_plugin($auth);
$displayauths[$auth] = get_string("auth_{$auth}title", 'auth');
- if (method_exists($authplugin, 'user_signup')) {
+ if ($authplugin->can_signup()) {
$registrationauths[$auth] = get_string("auth_{$auth}title", 'auth');
}
}
@@ -158,7 +158,7 @@
}
$authplugin = get_auth_plugin($auth);
$displayauths[$auth] = get_string("auth_{$auth}title", 'auth');
- if (method_exists($authplugin, 'user_signup')) {
+ if ($authplugin->can_signup()) {
$registrationauths[$auth] = get_string("auth_{$auth}title", 'auth');
}
}
Index: auth/fc/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/auth/fc/auth.php,v
retrieving revision 1.1.2.1
diff -u -r1.1.2.1 auth.php
--- auth/fc/auth.php 20 Feb 2007 17:06:48 -0000 1.1.2.1
+++ auth/fc/auth.php 20 Mar 2007 20:58:01 -0000
@@ -15,22 +15,20 @@
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
require_once 'fcFPP.php';
/**
* FirstClass authentication plugin.
*/
-class auth_plugin_fc {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_fc extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_fc() {
+ $this->authtype = 'fc';
$this->config = get_config('auth/fc');
}
@@ -116,14 +114,9 @@
* Get users group membership from the FirstClass server user and check if
* user is member of one of the groups of creators.
*/
- function iscreator($username = 0) {
- global $USER;
-
+ function iscreator($username) {
if (! $this->config->creators) {
- return false;
- }
- if (! $username) {
- $username = $USER->username;
+ return null;
}
$fcgroups = array();
@@ -143,7 +136,9 @@
$creators = explode(";", $this->config->creators);
foreach($creators as $creator) {
- If (in_array($creator, $fcgroups)) return true;
+ if (in_array($creator, $fcgroups)) {
+ return true;
+ }
}
return false;
@@ -169,6 +164,30 @@
}
/**
+ * Sync roles for this user
+ *
+ * @param $user object user object (without system magic quotes)
+ */
+ function sync_roles($user) {
+ $iscreator = $this->iscreator($user->username);
+ if ($iscreator === null) {
+ return; //nothing to sync - creators not configured
+ }
+
+ if ($roles = get_roles_with_capability('moodle/legacy:coursecreator', CAP_ALLOW)) {
+ $creatorrole = array_shift($roles); // We can only use one, let's use the first one
+ $systemcontext = get_context_instance(CONTEXT_SYSTEM);
+
+ if ($iscreator) { // Following calls will not create duplicates
+ role_assign($creatorrole->id, $user->id, 0, $systemcontext->id, 0, 0, 0, 'fc');
+ } else {
+ //unassign only if previously assigned by this plugin!
+ role_unassign($creatorrole->id, $user->id, 0, $systemcontext->id, 'fc');
+ }
+ }
+ }
+
+ /**
* Prints a form for configuring this authentication plugin.
*
* This function is called from admin/auth.php, and outputs a full page with
Index: auth/db/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/auth/db/auth.php,v
retrieving revision 1.11.2.4
diff -u -r1.11.2.4 auth.php
--- auth/db/auth.php 22 Feb 2007 22:25:19 -0000 1.11.2.4
+++ auth/db/auth.php 20 Mar 2007 20:57:59 -0000
@@ -16,20 +16,18 @@
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* External database authentication plugin.
*/
-class auth_plugin_db {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_db extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_db() {
+ $this->authtype = 'db';
$this->config = get_config('auth/db');
if (empty($this->config->extencoding)) {
$this->config->extencoding = 'utf-8';
@@ -572,7 +570,6 @@
$this->config->changepasswordurl = '';
set_config('changepasswordurl', '', 'auth/db');
}
- return true;
}
/**
Index: auth/mnet/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/auth/mnet/auth.php,v
retrieving revision 1.14.2.3
diff -u -r1.14.2.3 auth.php
--- auth/mnet/auth.php 28 Feb 2007 05:36:30 -0000 1.14.2.3
+++ auth/mnet/auth.php 20 Mar 2007 20:58:05 -0000
@@ -16,21 +16,18 @@
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* Moodle Network authentication plugin.
*/
-class auth_plugin_mnet
-{
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_mnet extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_mnet() {
+ $this->authtype = 'mnet';
$this->config = get_config('auth/mnet');
}
@@ -1336,6 +1333,16 @@
}
return $accessctrl == 'allow';
}
+
+ function prelogout_hook() {
+ global $USER, $CFG, $redirect;
+
+ if (!empty($USER->mnethostid) and $USER->mnethostid != $CFG->mnet_localhost_id) {
+ $host = get_record('mnet_host', 'id', $USER->mnethostid);
+ $redirect = $host->wwwroot.'/';
+ }
+ }
+
}
?>
Index: auth/radius/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/auth/radius/auth.php,v
retrieving revision 1.2.2.2
diff -u -r1.2.2.2 auth.php
--- auth/radius/auth.php 21 Feb 2007 21:45:16 -0000 1.2.2.2
+++ auth/radius/auth.php 20 Mar 2007 20:58:07 -0000
@@ -17,20 +17,18 @@
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* RADIUS authentication plugin.
*/
-class auth_plugin_radius {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_radius extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_radius() {
+ $this->authtype = 'radius';
$this->config = get_config('auth/radius');
}
Index: auth/nologin/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/auth/nologin/auth.php,v
retrieving revision 1.1.2.3
diff -u -r1.1.2.3 auth.php
--- auth/nologin/auth.php 21 Feb 2007 21:45:15 -0000 1.1.2.3
+++ auth/nologin/auth.php 20 Mar 2007 20:58:07 -0000
@@ -16,16 +16,19 @@
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* Plugin for no authentication.
*/
-class auth_plugin_nologin {
+class auth_plugin_nologin extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_nologin() {
+ $this->authtype = 'nologin';
}
/**
Index: auth/manual/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/auth/manual/auth.php,v
retrieving revision 1.4.2.3
diff -u -r1.4.2.3 auth.php
--- auth/manual/auth.php 22 Feb 2007 22:25:20 -0000 1.4.2.3
+++ auth/manual/auth.php 20 Mar 2007 20:58:05 -0000
@@ -15,23 +15,18 @@
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* Manual authentication plugin.
*/
-class auth_plugin_manual
-{
- /**
- * The configuration details for the plugin.
- */
- var $config;
-
- var $canchangepassword = true;
- var $isinternal = true;
+class auth_plugin_manual extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_manual() {
+ $this->authtype = 'manual';
$this->config = get_config('auth/manual');
}
Index: lib/db/postgres7.php
===================================================================
RCS file: /cvsroot/moodle/moodle/lib/db/postgres7.php,v
retrieving revision 1.232.2.1
diff -u -r1.232.2.1 postgres7.php
--- lib/db/postgres7.php 28 Feb 2007 05:36:21 -0000 1.232.2.1
+++ lib/db/postgres7.php 20 Mar 2007 20:58:26 -0000
@@ -559,14 +559,15 @@
if ($oldversion < 2004082600) {
//update auth-fields for external users
- include_once ($CFG->dirroot."/auth/".$CFG->auth."/lib.php");
+ // following code would not work in 1.8
+/* include_once ($CFG->dirroot."/auth/".$CFG->auth."/lib.php");
if (function_exists('auth_get_userlist')) {
$externalusers = auth_get_userlist();
if (!empty($externalusers)){
$externalusers = '\''. implode('\',\'',$externalusers).'\'';
execute_sql("UPDATE {$CFG->prefix}user SET auth = '$CFG->auth' WHERE username IN ($externalusers)");
}
- }
+ }*/
}
if ($oldversion < 2004082900) { // Make sure guest is "manual" too.
Index: lib/db/mysql.php
===================================================================
RCS file: /cvsroot/moodle/moodle/lib/db/mysql.php,v
retrieving revision 1.251.2.1
diff -u -r1.251.2.1 mysql.php
--- lib/db/mysql.php 28 Feb 2007 05:36:21 -0000 1.251.2.1
+++ lib/db/mysql.php 20 Mar 2007 20:58:23 -0000
@@ -826,14 +826,15 @@
if ($oldversion < 2004082600) {
//update auth-fields for external users
- include_once ($CFG->dirroot."/auth/".$CFG->auth."/lib.php");
+ // following code would not work in 1.8
+/* include_once ($CFG->dirroot."/auth/".$CFG->auth."/lib.php");
if (function_exists('auth_get_userlist')) {
$externalusers = auth_get_userlist();
if (!empty($externalusers)){
$externalusers = '\''. implode('\',\'',$externalusers).'\'';
execute_sql("UPDATE {$CFG->prefix}user SET auth = '$CFG->auth' WHERE username IN ($externalusers)");
}
- }
+ }*/
}
if ($oldversion < 2004082900) { // Make sure guest is "manual" too.
Index: auth/pop3/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/auth/pop3/auth.php,v
retrieving revision 1.2.2.2
diff -u -r1.2.2.2 auth.php
--- auth/pop3/auth.php 21 Feb 2007 21:45:15 -0000 1.2.2.2
+++ auth/pop3/auth.php 20 Mar 2007 20:58:07 -0000
@@ -16,20 +16,18 @@
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* POP3 authentication plugin.
*/
-class auth_plugin_pop3 {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_pop3 extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_pop3() {
+ $this->authtype = 'pop3';
$this->config = get_config('auth/pop3');
}
Index: auth/nntp/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/auth/nntp/auth.php,v
retrieving revision 1.2.2.2
diff -u -r1.2.2.2 auth.php
--- auth/nntp/auth.php 21 Feb 2007 21:45:14 -0000 1.2.2.2
+++ auth/nntp/auth.php 20 Mar 2007 20:58:07 -0000
@@ -16,20 +16,18 @@
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* NNTP authentication plugin.
*/
-class auth_plugin_nntp {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_nntp extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_nntp() {
+ $this->authtype = 'nntp';
$this->config = get_config('auth/nntp');
}
Index: auth/none/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/auth/none/auth.php,v
retrieving revision 1.8
diff -u -r1.8 auth.php
--- auth/none/auth.php 20 Mar 2007 07:55:54 -0000 1.8
+++ auth/none/auth.php 20 Mar 2007 20:58:07 -0000
@@ -16,23 +16,18 @@
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* Plugin for no authentication.
*/
-class auth_plugin_none {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
-
- var $canchangepassword = true;
- var $isinternal = true;
+class auth_plugin_none extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_none() {
+ $this->authtype = 'none';
$this->config = get_config('auth/none');
}
Index: auth/pam/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/auth/pam/auth.php,v
retrieving revision 1.2.2.2
diff -u -r1.2.2.2 auth.php
--- auth/pam/auth.php 21 Feb 2007 21:45:14 -0000 1.2.2.2
+++ auth/pam/auth.php 20 Mar 2007 20:58:07 -0000
@@ -30,15 +30,12 @@
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* PAM authentication plugin.
*/
-class auth_plugin_pam {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_pam extends auth_plugin_base {
/**
* Store error messages from pam authentication attempts.
@@ -49,6 +46,7 @@
* Constructor.
*/
function auth_plugin_pam() {
+ $this->authtype = 'pam';
$this->config = get_config('auth/pam');
$this->errormessage = '';
}
Index: auth/cas/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/auth/cas/auth.php,v
retrieving revision 1.3.2.2
diff -u -r1.3.2.2 auth.php
--- auth/cas/auth.php 21 Feb 2007 21:45:15 -0000 1.3.2.2
+++ auth/cas/auth.php 20 Mar 2007 20:57:58 -0000
@@ -15,20 +15,18 @@
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* CAS authentication plugin.
*/
-class auth_plugin_cas {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_cas extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_cas() {
+ $this->authtype = 'cas';
$this->config = get_config('auth/cas');
}
@@ -222,6 +220,17 @@
return !empty($this->config->changepasswordurl);
}
+ function prelogin_hook() {
+ // Load alternative login screens if necessary
+ // TODO: fix the cas login screen
+ return;
+
+ if(!empty($CFG->cas_enabled)) {
+ require($CFG->dirroot.'/auth/cas/login.php');
+ }
+ }
+
+
/**
* Prints a form for configuring this authentication plugin.
*
Index: lib/authlib.php
===================================================================
RCS file: lib/authlib.php
diff -N lib/authlib.php
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ lib/authlib.php 1 Jan 1970 00:00:00 -0000
@@ -0,0 +1,281 @@
+sso)) {
+ include_once($CFG->dirroot .'/sso/'. $CFG->sso .'/lib.php');
+ if (function_exists('sso_user_login')) {
+ if (!sso_user_login($username, $password)) { // Perform the signon process
+ notify('Second sign-on failed');
+ }
+ }
+ }
+ }
+
+ /**
+ * Prelogout actions.
+ */
+ function prelogout_hook() {
+ //override if needed
+ }
+}
+
+?>