Commit 1a925a29 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Remove all remote user records when an admin changes a user's authinstance


Signed-off-by: default avatarRichard Mansfield <richardm@catalyst.net.nz>
parent 8f3314d8
......@@ -210,7 +210,7 @@ function edituser_site_submit(Pieform $form, $values) {
if ($USER->get('admin') ||
($USER->is_institutional_admin($authinst[$values['authinstance']]->institution) &&
$USER->is_institutional_admin($authinst[$user->authinstance]->institution))) {
delete_records('auth_remote_user', 'authinstance', $user->authinstance, 'localusr', $user->id);
delete_records('auth_remote_user', 'localusr', $user->id);
if ($authinst[$values['authinstance']]->authname != 'internal') {
if (isset($values['remoteusername']) && strlen($values['remoteusername']) > 0) {
$un = $values['remoteusername'];
......
......@@ -314,9 +314,14 @@ class Institution {
}
db_begin();
// If the user is being authed by the institution they are
// being removed from, change them to internal auth
$authinstances = get_records_select_assoc('auth_instance', "
institution IN ('mahara', " . db_quote($this->name) . ')');
// being removed from, change them to internal auth, or if
// we can't find that, some other no institution auth.
$authinstances = get_records_select_assoc(
'auth_instance',
"institution IN ('mahara', ?)",
array($this->name),
"institution = 'mahara' DESC, authname = 'internal' DESC"
);
$oldauth = $user->authinstance;
if (isset($authinstances[$oldauth]) && $authinstances[$oldauth]->institution == $this->name) {
foreach ($authinstances as $ai) {
......@@ -324,6 +329,10 @@ class Institution {
$user->authinstance = $ai->id;
break;
}
else if ($ai->institution == 'mahara') {
$user->authinstance = $ai->id;
break;
}
}
delete_records('auth_remote_user', 'authinstance', $oldauth, 'localusr', $user->id);
// If the old authinstance was external, the user may need
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment