Commit 210a98b4 authored by Robert Lyon's avatar Robert Lyon
Browse files

Bug 1640308: Adding an auth_instance "active" column



To allow us to easily turn of a 'bad' auth when it is trying to
connect to a third party server but that server is not reachable.

Currently it makes logging in slow as it needs to timeout on that auth
instance before trying the next one.

behatnotneeded

Change-Id: Ieeaeeaeb1bc0aa61ed3faad8f3bf751edd9c1023
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
parent 17ef60df
...@@ -298,7 +298,10 @@ function adduser_submit(Pieform $form, $values) { ...@@ -298,7 +298,10 @@ function adduser_submit(Pieform $form, $values) {
$user->quota = $values['quota']; $user->quota = $values['quota'];
} }
$authinstance = get_record('auth_instance', 'id', $values['authinstance']); $authinstance = get_record('auth_instance', 'id', $values['authinstance'], 'active', 1);
if (!$authinstance) {
throw new InvalidArgumentException("trying to add user to inactive auth instance " . $values['authinstance']);
}
$remoteauth = false; $remoteauth = false;
if ($authinstance->authname != 'internal') { if ($authinstance->authname != 'internal') {
$remoteauth = true; $remoteauth = true;
......
...@@ -60,6 +60,7 @@ if ($institution && $plugin) { ...@@ -60,6 +60,7 @@ if ($institution && $plugin) {
$authinstance->instancename = $plugin; $authinstance->instancename = $plugin;
$authinstance->institution = $institution; $authinstance->institution = $institution;
$authinstance->authname = $plugin; $authinstance->authname = $plugin;
$authinstance->active = 1;
$authinstance->id = insert_record('auth_instance', $authinstance, 'id', true); $authinstance->id = insert_record('auth_instance', $authinstance, 'id', true);
json_reply(false, array('id' => $authinstance->id, 'name' => ucfirst($authinstance->authname), 'authname' => $authinstance->authname)); json_reply(false, array('id' => $authinstance->id, 'name' => ucfirst($authinstance->authname), 'authname' => $authinstance->authname));
exit; exit;
......
...@@ -173,7 +173,10 @@ function import_next_user($filename, $username, $authinstance) { ...@@ -173,7 +173,10 @@ function import_next_user($filename, $username, $authinstance) {
log_debug('adding user ' . $username . ' from ' . $filename); log_debug('adding user ' . $username . ' from ' . $filename);
$authobj = get_record('auth_instance', 'id', $authinstance); $authobj = get_record('auth_instance', 'id', $authinstance, 'active', 1);
if (!$authobj) {
throw new InvalidArgumentException("trying to add user to inactive auth instance {$authinstance}");
}
$institution = new Institution($authobj->institution); $institution = new Institution($authobj->institution);
$date = time(); $date = time();
......
...@@ -76,7 +76,7 @@ if ($institution || $add) { ...@@ -76,7 +76,7 @@ if ($institution || $add) {
$authinstanceids $authinstanceids
); );
if ($badusers) { if ($badusers) {
$defaultauth = record_exists('auth_instance', 'institution', 'mahara', 'authname', 'internal'); $defaultauth = record_exists('auth_instance', 'institution', 'mahara', 'authname', 'internal', 'active', 1);
if ($values['i'] == 'mahara' || !$defaultauth) { if ($values['i'] == 'mahara' || !$defaultauth) {
$form->set_error( $form->set_error(
'submit', 'submit',
...@@ -133,7 +133,7 @@ if ($institution || $add) { ...@@ -133,7 +133,7 @@ if ($institution || $add) {
execute_sql(" execute_sql("
UPDATE {usr} UPDATE {usr}
SET authinstance = ( SET authinstance = (
SELECT MIN(id) FROM {auth_instance} WHERE institution = 'mahara' AND authname = 'internal' SELECT MIN(id) FROM {auth_instance} WHERE institution = 'mahara' AND authname = 'internal' AND active = 1
) )
WHERE authinstance IN (" . join(',', array_fill(0, count($authinstanceids), '?')) . ')', WHERE authinstance IN (" . join(',', array_fill(0, count($authinstanceids), '?')) . ')',
$authinstanceids $authinstanceids
...@@ -915,6 +915,7 @@ function institution_submit(Pieform $form, $values) { ...@@ -915,6 +915,7 @@ function institution_submit(Pieform $form, $values) {
$authinstance = (object)array( $authinstance = (object)array(
'instancename' => 'internal', 'instancename' => 'internal',
'priority' => 0, 'priority' => 0,
'active' => 1,
'institution' => $newinstitution->name, 'institution' => $newinstitution->name,
'authname' => 'internal', 'authname' => 'internal',
); );
......
...@@ -54,7 +54,7 @@ if (count($authinstances) > 0) { ...@@ -54,7 +54,7 @@ if (count($authinstances) > 0) {
} }
} }
if ($USER->get('admin')) { if ($USER->get('admin')) {
$definst = get_field('auth_instance', 'id', 'institution', 'mahara'); $definst = get_field('auth_instance', 'id', 'institution', 'mahara', 'active', 1);
$default = $definst ? $definst : key($options); $default = $definst ? $definst : key($options);
} }
else { else {
...@@ -184,7 +184,7 @@ function uploadcsv_validate(Pieform $form, $values) { ...@@ -184,7 +184,7 @@ function uploadcsv_validate(Pieform $form, $values) {
require_once('csvfile.php'); require_once('csvfile.php');
$authinstance = (int) $values['authinstance']; $authinstance = (int) $values['authinstance'];
$institution = get_field('auth_instance', 'institution', 'id', $authinstance); $institution = get_field('auth_instance', 'institution', 'id', $authinstance, 'active', 1);
if (!$USER->can_edit_institution($institution)) { if (!$USER->can_edit_institution($institution)) {
$form->set_error('authinstance', get_string('notadminforinstitution', 'admin')); $form->set_error('authinstance', get_string('notadminforinstitution', 'admin'));
return; return;
...@@ -461,7 +461,10 @@ function uploadcsv_submit(Pieform $form, $values) { ...@@ -461,7 +461,10 @@ function uploadcsv_submit(Pieform $form, $values) {
$formatkeylookup = array_flip($FORMAT); $formatkeylookup = array_flip($FORMAT);
$authinstance = (int) $values['authinstance']; $authinstance = (int) $values['authinstance'];
$authrecord = get_record('auth_instance', 'id', $authinstance); $authrecord = get_record('auth_instance', 'id', $authinstance, 'active', 1);
if (!$authrecord) {
throw new InvalidArgumentException("trying to add user to inactive auth instance {$authinstance}");
}
$authobj = AuthFactory::create($authinstance); $authobj = AuthFactory::create($authinstance);
$institution = new Institution($authobj->institution); $institution = new Institution($authobj->institution);
......
...@@ -124,6 +124,7 @@ HTML ...@@ -124,6 +124,7 @@ HTML
$todb = new stdClass(); $todb = new stdClass();
$todb->instancename = 'internal'; $todb->instancename = 'internal';
$todb->authname = 'internal'; $todb->authname = 'internal';
$todb->active = 1;
$todb->institution = $authinst->institution; $todb->institution = $authinst->institution;
$todb->priority = $authinst->priority; $todb->priority = $authinst->priority;
$internal = insert_record('auth_instance', $todb, 'id', true); $internal = insert_record('auth_instance', $todb, 'id', true);
......
...@@ -121,7 +121,7 @@ class AuthImap extends Auth { ...@@ -121,7 +121,7 @@ class AuthImap extends Auth {
*/ */
class PluginAuthImap extends PluginAuth { class PluginAuthImap extends PluginAuth {
private static $default_config = array('host'=>'', 'port'=>'143', 'protocol'=>'/imap', 'domainname'=>'', 'changepasswordurl'=>'', 'weautocreateusers'=>''); private static $default_config = array('host'=>'', 'port'=>'143', 'protocol'=>'/imap', 'domainname'=>'', 'changepasswordurl'=>'', 'weautocreateusers'=>'', 'active' => 1);
public static function has_config() { public static function has_config() {
return false; return false;
...@@ -163,6 +163,7 @@ class PluginAuthImap extends PluginAuth { ...@@ -163,6 +163,7 @@ class PluginAuthImap extends PluginAuth {
self::$default_config[$key] = $current_config[$key]; self::$default_config[$key] = $current_config[$key];
} }
} }
self::$default_config['active'] = $default->active;
} else { } else {
$default = new stdClass(); $default = new stdClass();
$default->instancename = ''; $default->instancename = '';
...@@ -177,6 +178,12 @@ class PluginAuthImap extends PluginAuth { ...@@ -177,6 +178,12 @@ class PluginAuthImap extends PluginAuth {
'defaultvalue' => $default->instancename 'defaultvalue' => $default->instancename
); );
$elements['active'] = array(
'type' => 'switchbox',
'title' => get_string('active', 'auth'),
'defaultvalue' => (int) self::$default_config['active'],
);
$elements['instance'] = array( $elements['instance'] = array(
'type' => 'hidden', 'type' => 'hidden',
'value' => $instance 'value' => $instance
...@@ -279,6 +286,7 @@ class PluginAuthImap extends PluginAuth { ...@@ -279,6 +286,7 @@ class PluginAuthImap extends PluginAuth {
$authinstance->instancename = $values['instancename']; $authinstance->instancename = $values['instancename'];
$authinstance->institution = $values['institution']; $authinstance->institution = $values['institution'];
$authinstance->authname = $values['authname']; $authinstance->authname = $values['authname'];
$authinstance->active = $values['active'];
if ($values['create']) { if ($values['create']) {
$values['instance'] = insert_record('auth_instance', $authinstance, 'id', true); $values['instance'] = insert_record('auth_instance', $authinstance, 'id', true);
......
...@@ -1601,6 +1601,7 @@ class PluginAuthLdap extends PluginAuth { ...@@ -1601,6 +1601,7 @@ class PluginAuthLdap extends PluginAuth {
'syncgroupsbyuserfield' => false, 'syncgroupsbyuserfield' => false,
'syncgroupsuserattribute' => '', 'syncgroupsuserattribute' => '',
'syncgroupsusergroupnames' => '', 'syncgroupsusergroupnames' => '',
'active' => 1
); );
public static function get_cron() { public static function get_cron() {
...@@ -1623,13 +1624,15 @@ class PluginAuthLdap extends PluginAuth { ...@@ -1623,13 +1624,15 @@ class PluginAuthLdap extends PluginAuth {
return; return;
} }
foreach ($auths as $auth) { foreach ($auths as $auth) {
/* @var $authobj AuthLdap */ if ($auth->active == '1') {
$authobj = AuthFactory::create($auth->id); /* @var $authobj AuthLdap */
// Each instance will decide for itself whether it should sync users and/or groups $authobj = AuthFactory::create($auth->id);
// User sync needs to be called before group sync in order for new users to wind // Each instance will decide for itself whether it should sync users and/or groups
// up in the correct groups // User sync needs to be called before group sync in order for new users to wind
$authobj->sync_users(); // up in the correct groups
$authobj->sync_groups(); $authobj->sync_users();
$authobj->sync_groups();
}
} }
} }
...@@ -1682,6 +1685,7 @@ class PluginAuthLdap extends PluginAuth { ...@@ -1682,6 +1685,7 @@ class PluginAuthLdap extends PluginAuth {
self::$default_config[$key] = $current_config[$key]; self::$default_config[$key] = $current_config[$key];
} }
} }
self::$default_config['active'] = $default->active;
} else { } else {
$default = new stdClass(); $default = new stdClass();
$default->instancename = ''; $default->instancename = '';
...@@ -1711,6 +1715,11 @@ class PluginAuthLdap extends PluginAuth { ...@@ -1711,6 +1715,11 @@ class PluginAuthLdap extends PluginAuth {
'type' => 'hidden', 'type' => 'hidden',
'value' => 'ldap', 'value' => 'ldap',
), ),
'active' => array(
'type' => 'switchbox',
'title' => get_string('active', 'auth'),
'defaultvalue' => (int) self::$default_config['active'],
),
'host_url' => array( 'host_url' => array(
'type' => 'text', 'type' => 'text',
'title' => get_string('hosturl', 'auth.ldap'), 'title' => get_string('hosturl', 'auth.ldap'),
......
...@@ -72,6 +72,7 @@ abstract class Auth { ...@@ -72,6 +72,7 @@ abstract class Auth {
protected $instancename; protected $instancename;
protected $priority; protected $priority;
protected $authname; protected $authname;
protected $active;
protected $config; protected $config;
protected $has_instance_config; protected $has_instance_config;
protected $type; protected $type;
...@@ -109,6 +110,7 @@ abstract class Auth { ...@@ -109,6 +110,7 @@ abstract class Auth {
$this->institution = $instance->institution; $this->institution = $instance->institution;
$this->instancename = $instance->instancename; $this->instancename = $instance->instancename;
$this->priority = $instance->priority; $this->priority = $instance->priority;
$this->active = $instance->active;
$this->authname = $instance->authname; $this->authname = $instance->authname;
// Return now if the plugin type doesn't require any config // Return now if the plugin type doesn't require any config
...@@ -534,7 +536,8 @@ function auth_get_auth_instances() { ...@@ -534,7 +536,8 @@ function auth_get_auth_instances() {
inst.name, inst.name,
inst.displayname, inst.displayname,
i.instancename, i.instancename,
i.authname i.authname,
i.active
FROM FROM
{institution} inst, {institution} inst,
{auth_instance} i {auth_instance} i
...@@ -570,7 +573,8 @@ function auth_get_auth_instances_for_institutions($institutions) { ...@@ -570,7 +573,8 @@ function auth_get_auth_instances_for_institutions($institutions) {
inst.name, inst.name,
inst.displayname, inst.displayname,
i.instancename, i.instancename,
i.authname i.authname,
i.active
FROM FROM
{institution} inst, {institution} inst,
{auth_instance} i {auth_instance} i
...@@ -611,6 +615,7 @@ function auth_get_auth_instances_for_institution($institution=null) { ...@@ -611,6 +615,7 @@ function auth_get_auth_instances_for_institution($institution=null) {
i.instancename, i.instancename,
i.priority, i.priority,
i.authname, i.authname,
i.active,
a.requires_config, a.requires_config,
a.requires_parent a.requires_parent
FROM FROM
...@@ -643,6 +648,7 @@ function auth_get_auth_instances_for_wwwroot($wwwroot) { ...@@ -643,6 +648,7 @@ function auth_get_auth_instances_for_wwwroot($wwwroot) {
$query = " SELECT $query = " SELECT
ai.id, ai.id,
ai.authname, ai.authname,
ai.active,
i.id as institutionid, i.id as institutionid,
i.displayname, i.displayname,
i.suspended i.suspended
...@@ -1378,8 +1384,12 @@ function auth_get_enabled_auth_plugins() { ...@@ -1378,8 +1384,12 @@ function auth_get_enabled_auth_plugins() {
{auth_installed} inst ON inst.name = ai.authname {auth_installed} inst ON inst.name = ai.authname
WHERE WHERE
i.suspended = 0 AND i.suspended = 0 AND
inst.active = 1 inst.active = 1';
ORDER BY authname'; if (get_config('version') >= '2016111000') {
// we added a new column auth_instance.active so check for $version to avoid error messages on upgrade
$sql .= ' AND ai.active = 1';
}
$sql .= ' ORDER BY authname';
$authplugins = get_column_sql($sql); $authplugins = get_column_sql($sql);
$usableplugins = array(); $usableplugins = array();
...@@ -1483,7 +1493,7 @@ function login_submit(Pieform $form, $values) { ...@@ -1483,7 +1493,7 @@ function login_submit(Pieform $form, $values) {
$authinstances = get_records_sql_array(" $authinstances = get_records_sql_array("
SELECT a.id, a.instancename, a.priority, a.authname, a.institution, i.suspended, i.displayname SELECT a.id, a.instancename, a.priority, a.authname, a.institution, i.suspended, i.displayname
FROM {institution} i JOIN {auth_instance} a ON a.institution = i.name FROM {institution} i JOIN {auth_instance} a ON a.institution = i.name
WHERE a.authname != 'internal' WHERE a.authname != 'internal' AND a.active = 1
ORDER BY a.institution, a.priority, a.instancename", array()); ORDER BY a.institution, a.priority, a.instancename", array());
if ($authinstances == false) { if ($authinstances == false) {
...@@ -1677,12 +1687,13 @@ function ensure_user_account_is_active($user=null) { ...@@ -1677,12 +1687,13 @@ function ensure_user_account_is_active($user=null) {
// make sure their authinstance is not set to the suspended/expired institution // make sure their authinstance is not set to the suspended/expired institution
// otherwise they will not be able to login (administer via site). // otherwise they will not be able to login (administer via site).
$authinstance = get_record_sql(' $authinstance = get_record_sql('
SELECT i.suspended, CASE WHEN i.expiry < NOW() THEN 1 ELSE 0 END AS expired, i.displayname SELECT i.suspended, CASE WHEN i.expiry < NOW() THEN 1 ELSE 0 END AS expired, i.displayname, a.active
FROM {institution} i JOIN {auth_instance} a ON a.institution = i.name FROM {institution} i JOIN {auth_instance} a ON a.institution = i.name
WHERE a.id = ?', array($user->authinstance)); WHERE a.id = ?', array($user->authinstance));
if ($authinstance->suspended || $authinstance->expired) { if ($authinstance->suspended || $authinstance->expired || !$authinstance->active) {
$sitename = get_config('sitename'); $sitename = get_config('sitename');
$state = ($authinstance->suspended) ? 'suspended' : 'expired'; $state = ($authinstance->suspended) ? 'suspended' : 'expired';
$state = ($authinstane->active) ? $state : 'inactive';
throw new AccessTotallyDeniedException(get_string('accesstotallydenied_institution' . $state, 'mahara', $authinstance->displayname, $sitename)); throw new AccessTotallyDeniedException(get_string('accesstotallydenied_institution' . $state, 'mahara', $authinstance->displayname, $sitename));
return false; return false;
} }
...@@ -2119,6 +2130,7 @@ function auth_generate_registration_form($formname, $authname='internal', $goto) ...@@ -2119,6 +2130,7 @@ function auth_generate_registration_form($formname, $authname='internal', $goto)
{auth_instance} ai {auth_instance} ai
WHERE WHERE
ai.authname = ? AND ai.authname = ? AND
ai.active = 1 AND
ai.institution = i.name AND ai.institution = i.name AND
i.registerallowed = 1'; i.registerallowed = 1';
$institutions = get_records_sql_array($sql, array($authname)); $institutions = get_records_sql_array($sql, array($authname));
...@@ -2401,7 +2413,7 @@ function auth_register_submit(Pieform $form, $values) { ...@@ -2401,7 +2413,7 @@ function auth_register_submit(Pieform $form, $values) {
// @todo the expiry date should be configurable // @todo the expiry date should be configurable
if ($confirm = (get_config('requireregistrationconfirm') || get_field('institution', 'registerconfirm', 'name', $values['institution']))) { if ($confirm = (get_config('requireregistrationconfirm') || get_field('institution', 'registerconfirm', 'name', $values['institution']))) {
if (isset($values['authtype']) && $values['authtype'] != 'internal') { if (isset($values['authtype']) && $values['authtype'] != 'internal') {
$authinstance = get_record('auth_instance', 'institution', $values['institution'], 'authname', $values['authtype'] ? $values['authtype'] : 'internal'); $authinstance = get_record('auth_instance', 'institution', $values['institution'], 'authname', $values['authtype'] ? $values['authtype'] : 'internal', 'active', 1);
$auth = AuthFactory::create($authinstance->id); $auth = AuthFactory::create($authinstance->id);
$confirm = !$auth->weautocreateusers; $confirm = !$auth->weautocreateusers;
} }
......
...@@ -17,7 +17,8 @@ ...@@ -17,7 +17,8 @@
<FIELD NAME="instancename" TYPE="char" LENGTH="255" NOTNULL="true" /> <FIELD NAME="instancename" TYPE="char" LENGTH="255" NOTNULL="true" />
<FIELD NAME="priority" TYPE="int" LENGTH="2" NOTNULL="true" DEFAULT="0" /> <FIELD NAME="priority" TYPE="int" LENGTH="2" NOTNULL="true" DEFAULT="0" />
<FIELD NAME="institution" TYPE="char" LENGTH="255" NOTNULL="true" /> <FIELD NAME="institution" TYPE="char" LENGTH="255" NOTNULL="true" />
<FIELD NAME="authname" TYPE="char" LENGTH="255" NOTNULL="true" /> <FIELD NAME="authname" TYPE="char" LENGTH="255" NOTNULL="true" />
<FIELD NAME="active" TYPE="int" LENGTH="1" NOTNULL="true" DEFAULT="1" />
</FIELDS> </FIELDS>
<KEYS> <KEYS>
<KEY NAME="primary" TYPE="primary" FIELDS="id" /> <KEY NAME="primary" TYPE="primary" FIELDS="id" />
......
...@@ -263,7 +263,7 @@ function auth_saml_find_authinstance($saml_attributes) { ...@@ -263,7 +263,7 @@ function auth_saml_find_authinstance($saml_attributes) {
$institutions = array(); $institutions = array();
// find all the possible institutions/auth instances of type saml // find all the possible institutions/auth instances of type saml
$instances = recordset_to_array(get_recordset_sql("SELECT * FROM {auth_instance_config} aic, {auth_instance} ai WHERE ai.id = aic.instance AND ai.authname = 'saml' AND aic.field = 'institutionattribute'")); $instances = recordset_to_array(get_recordset_sql("SELECT * FROM {auth_instance_config} aic, {auth_instance} ai WHERE ai.id = aic.instance AND ai.authname = 'saml' AND ai.active = 1 AND aic.field = 'institutionattribute'"));
foreach ($instances as $row) { foreach ($instances as $row) {
$institutions[]= $row->instance . ':' . $row->institution . ':' . $row->value; $institutions[]= $row->instance . ':' . $row->institution . ':' . $row->value;
if (isset($saml_attributes[$row->value])) { if (isset($saml_attributes[$row->value])) {
...@@ -551,10 +551,10 @@ function login_test_all_user_authinstance($username, $password) { ...@@ -551,10 +551,10 @@ function login_test_all_user_authinstance($username, $password) {
// internal, or ldap - definitely NOT none, saml, or xmlrpc // internal, or ldap - definitely NOT none, saml, or xmlrpc
$instances = array(); $instances = array();
// all other candidtate auth_instances // all other candidate auth_instances
$sql = 'SELECT ai.* from {auth_instance} ai INNER JOIN {auth_remote_user} aru $sql = 'SELECT ai.* from {auth_instance} ai INNER JOIN {auth_remote_user} aru
ON ai.id = aru.authinstance ON ai.id = aru.authinstance
WHERE ai.authname NOT IN(\'saml\', \'xmlrpc\', \'none\') AND aru.localusr = ?'; WHERE ai.active = 1 AND ai.authname NOT IN(\'saml\', \'xmlrpc\', \'none\') AND aru.localusr = ?';
$authinstances = get_records_sql_array($sql, array($user->id)); $authinstances = get_records_sql_array($sql, array($user->id));
foreach ($authinstances as $authinstance) { foreach ($authinstances as $authinstance) {
$instances[]= $authinstance->id; $instances[]= $authinstance->id;
...@@ -562,7 +562,7 @@ function login_test_all_user_authinstance($username, $password) { ...@@ -562,7 +562,7 @@ function login_test_all_user_authinstance($username, $password) {
// determine the internal authinstance ID associated with the base 'mahara' // determine the internal authinstance ID associated with the base 'mahara'
// 'no institution' - use this is a default fallback login attempt // 'no institution' - use this is a default fallback login attempt
$authinstance = get_record('auth_instance', 'institution', 'mahara', 'authname', 'internal'); $authinstance = get_record('auth_instance', 'institution', 'mahara', 'authname', 'internal', 'active', 1);
$instances[]= $authinstance->id; $instances[]= $authinstance->id;
// test each auth_instance candidate associated with this user // test each auth_instance candidate associated with this user
......
...@@ -287,6 +287,7 @@ class PluginAuthSaml extends PluginAuth { ...@@ -287,6 +287,7 @@ class PluginAuthSaml extends PluginAuth {
'institutionregex' => 0, 'institutionregex' => 0,
'remoteuser' => 1, 'remoteuser' => 1,
'loginlink' => 0, 'loginlink' => 0,
'active' => 1
); );
public static function can_be_disabled() { public static function can_be_disabled() {
...@@ -516,18 +517,20 @@ class PluginAuthSaml extends PluginAuth { ...@@ -516,18 +517,20 @@ class PluginAuthSaml extends PluginAuth {
if ($current_config == false) { if ($current_config == false) {
$current_config = array(); $current_config = array();
} }
foreach (self::$default_config as $key => $value) { foreach (self::$default_config as $key => $value) {
if (array_key_exists($key, $current_config)) { if (array_key_exists($key, $current_config)) {
self::$default_config[$key] = $current_config[$key]; self::$default_config[$key] = $current_config[$key];
} }
} }
if(empty(self::$default_config['institutionvalue'])) { if (empty(self::$default_config['institutionvalue'])) {
self::$default_config['institutionvalue'] = $institution; self::$default_config['institutionvalue'] = $institution;
} }
} else { self::$default_config['active'] = $default->active;
}
else {
$default = new stdClass(); $default = new stdClass();
$default->instancename = ''; $default->instancename = '';
$default->active = 1;
} }
// lookup the institution metadata // lookup the institution metadata
...@@ -577,6 +580,11 @@ class PluginAuthSaml extends PluginAuth { ...@@ -577,6 +580,11 @@ class PluginAuthSaml extends PluginAuth {
'type' => 'hidden', 'type' => 'hidden',
'value' => 'saml', 'value' => 'saml',
), ),
'active' => array(
'type' => 'switchbox',
'title' => get_string('active', 'auth'),
'defaultvalue' => (int) self::$default_config['active'],
),
'institutionidp' => array( 'institutionidp' => array(
'type' => 'textarea', 'type' => 'textarea',
'title' => $idp_title, 'title' => $idp_title,
...@@ -767,6 +775,7 @@ class PluginAuthSaml extends PluginAuth { ...@@ -767,6 +775,7 @@ class PluginAuthSaml extends PluginAuth {
$authinstance->institution = $values['institution']; $authinstance->institution = $values['institution'];
$authinstance->authname = $values['authname']; $authinstance->authname = $values['authname'];
$authinstance->active = (int) $values['active'];
$authinstance->instancename = $values['authname']; $authinstance->instancename = $values['authname'];
if ($values['create']) { if ($values['create']) {
......
...@@ -587,7 +587,8 @@ class PluginAuthXmlrpc extends PluginAuth { ...@@ -587,7 +587,8 @@ class PluginAuthXmlrpc extends PluginAuth {
'theyssoin' => 0, 'theyssoin' => 0,
'weimportcontent' => 0, 'weimportcontent' => 0,
'parent' => null, 'parent' => null,
'authloginmsg' => '' 'authloginmsg' => '',
'active' => 1
); );
public static function has_config() { public static function has_config() {
...@@ -667,18 +668,21 @@ class PluginAuthXmlrpc extends PluginAuth { ...@@ -667,18 +668,21 @@ class PluginAuthXmlrpc extends PluginAuth {
$peer->findByWwwroot($current_config[$key]); $peer->findByWwwroot($current_config[$key]);
self::$default_config['wwwroot_orig'] = $current_config[$key]; self::$default_config['wwwroot_orig'] = $current_config[$key];
} }
} elseif (property_exists($default, $key)) { }
else if (property_exists($default, $key)) {
self::$default_config[$key] = $default->{$key}; self::$default_config[$key] = $default->{$key};
} }
} }
} else {