Index: moodle/admin/uploaduser.php --- moodle/admin/uploaduser.php Base (1.108) +++ moodle/admin/uploaduser.php Locally Modified (Based On 1.108) @@ -164,7 +164,7 @@ // caches $ccache = array(); // course cache - do not fetch all courses here, we will not probably use them all anyway! $rolecache = array(); // roles lookup cache - + $authcache = array(); // authentication cache $allowedauths = uu_allowed_auths(); $allowedauths = array_keys($allowedauths); $availableauths = get_plugin_list('auth'); @@ -211,23 +211,12 @@ foreach ($line as $key => $value) { if ($value !== '') { $key = $columns[$key]; - // password is special field - if ($key == 'password') { - if ($value !== '') { - $user->password = hash_internal_user_password($value); - if (!empty($CFG->passwordpolicy) and !check_password_policy($value, $errmsg)) { - $forcechangepassword = true; - $weakpasswords++; - } - } - } else { $user->$key = $value; if (in_array($key, $upt->columns)) { $upt->track($key, $value); } } } - } // get username, first/last name now - we need them in templates!! if ($optype == UU_UPDATE) { @@ -445,30 +434,24 @@ profile_load_data($existinguser); $allowed = array(); + if ($updatetype == 1) { $allowed = $columns; } else if ($updatetype == 2 or $updatetype == 3) { $allowed = array_merge($STD_FIELDS, $PRF_FIELDS); } + foreach ($allowed as $column) { if ($column == 'username') { continue; } - if ($column == 'password') { - if (!$updatepasswords or $updatetype == 3) { - continue; - } else if (!empty($user->password)) { - $upt->track('password', get_string('updated')); - if ($forcechangepassword) { - set_user_preference('auth_forcepasswordchange', 1, $existinguser->id); - } - } - } + if ((array_key_exists($column, $existinguser) and array_key_exists($column, $user)) or in_array($column, $PRF_FIELDS)) { - if ($updatetype == 3 and $existinguser->$column !== '') { + if ($updatetype == 3 && $existinguser->$column !== '' && $column != 'auth') { //missing == non-empty only continue; } + if ($existinguser->$column !== $user->$column) { if ($column == 'email') { if ($DB->record_exists('user', array('email'=>$user->email))) { @@ -482,6 +465,21 @@ } } } + + if ($column == 'auth') { + if (empty($user->auth) && !empty($existinguser->auth)) { + $user->auth = $existinguser->auth; + } else if (empty($user->auth)) { + $user->auth = 'manual'; + } + + if ($user->auth == 'manual' || $user->auth == 'email') { + $forcechangepassword = true; + $existinguser->password=''; + } else { + $forcechangepassword = false; + } + } if ($column != 'password' and in_array($column, $upt->columns)) { $upt->track($column, '', 'normal', false); // clear previous $upt->track($column, $existinguser->$column.'-->'.$user->$column, 'info'); @@ -504,6 +502,21 @@ if ($DB->update_record('user', $existinguser)) { $upt->track('status', $struserupdated); $usersupdated++; + + if ($forcechangepassword) { //from external to internal auth + set_user_preference('auth_forcepasswordchange', 1, $existinguser->id); + set_user_preference('create_password', 1, $existinguser->id); + $user->password = ''; + } else { //from internal to external auth + if (get_user_preferences('auth_forcepasswordchange', false, $existinguser->id)) { + unset_user_preference('auth_forcepasswordchange', $existinguser->id); + } + if (get_user_preferences('create_password', false, $existinguser->id)) { + unset_user_preference('create_password', $existinguser->id); + } + } + update_internal_user_password($existinguser, $existinguser->password); + } else { $upt->track('status', $strusernotupdated, 'error'); $userserrors++; @@ -525,7 +538,12 @@ $user->timemodified = time(); $user->timecreated = time(); - if (!$createpasswords and empty($user->password)) { + $isinternalauth = false; + if (empty($user->auth) || $user->auth == 'manual' || $user->auth == 'email') { + $isinternalauth = true; + } + + if (!$createpasswords && empty($user->password) && $isinternalauth ) { $upt->track('password', get_string('missingfield', 'error', 'password'), 'error'); $upt->track('status', $strusernotaddederror, 'error'); $userserrors++; @@ -560,12 +578,35 @@ $upt->track('status', $struseradded); $upt->track('id', $user->id, 'normal', false); $usersnew++; - if ($createpasswords and empty($user->password)) { - // passwords will be created and sent out on cron + + //re-set password if necessary + if (empty($user->password)){ + $user->password = ''; + } + if (empty($user->auth)){ + $user->auth = 'manual'; + } + $authplugin = get_auth_plugin($user->auth); + + if (array_key_exists($user->auth, $authcache)) { + $prevent_store_pwd = $authcache[$user->auth]; + } else { + $authplugin = get_auth_plugin($user->auth); + $prevent_store_pwd = $authplugin->prevent_local_passwords(); + $authcache[$user->auth] = $prevent_store_pwd; + } + + if ($prevent_store_pwd) { // external authentication + $forcechangepassword = false; + } else { // internal authentication + if (empty($user->password) && $createpasswords) { set_user_preference('create_password', 1, $user->id); - set_user_preference('auth_forcepasswordchange', 1, $user->id); - $upt->track('password', get_string('new')); } + $forcechangepassword = true; + $weakpasswords++; + } + update_internal_user_password($user, $user->password); + if ($forcechangepassword) { set_user_preference('auth_forcepasswordchange', 1, $user->id); } @@ -786,6 +827,19 @@ } } + //check password column + if (array_key_exists('auth', $rowcols)) { + if (!empty($rowcols['auth']) && $rowcols['auth'] != 'manual' && $rowcols['auth'] != 'email') { + if (array_key_exists('password', $rowcols) && !empty($rowcols['password'])) { + $errormsg['password'] = get_string('externalauthpassworderror'); + } + } + } + + if (empty($optype) ) { + $optype = $uploadtype; + } + switch($optype) { case UU_ADDNEW: if ($usernameexist || $emailexist ) { Index: moodle/admin/uploaduser_form.php --- moodle/admin/uploaduser_form.php Base (1.17) +++ moodle/admin/uploaduser_form.php Locally Modified (Based On 1.17) @@ -62,7 +62,7 @@ $choices = array(0 => get_string('infilefield', 'auth'), 1 => get_string('createpasswordifneeded', 'auth')); $mform->addElement('select', 'uupasswordnew', get_string('uupasswordnew', 'admin'), $choices); - $mform->setDefault('uupasswordnew', 0); + $mform->setDefault('uupasswordnew', 1); $mform->disabledIf('uupasswordnew', 'uutype', 'eq', UU_UPDATE); $choices = array(0 => get_string('nochanges', 'admin'), @@ -305,6 +305,10 @@ break; case UU_ADDNEW: + if (empty($data['uupasswordnew'])) { + $errors['uupasswordnew'] = get_string('missingfield', 'error', 'password'); + } + break; case UU_ADDINC: if (empty($data['uupasswordnew'])) { $errors['uupasswordnew'] = get_string('missingfield', 'error', 'password'); Index: moodle/lang/en_utf8/moodle.php --- moodle/lang/en_utf8/moodle.php Base (1.280) +++ moodle/lang/en_utf8/moodle.php Locally Modified (Based On 1.280) @@ -1830,4 +1830,5 @@ $string['requestedcourses'] = 'Requested courses'; $string['addcountertousername'] = 'Create user by adding number to username'; $string['uploadfilecontentsnovaliddata'] = 'The uploaded file contains no valid data.'; +$string['externalauthpassworderror'] = 'Non-empty password for external authentication'; ?>