Commit 262a8e97 authored by Cecilia Vela Gurovic's avatar Cecilia Vela Gurovic Committed by Gerrit Code Review
Browse files

Merge "Bug 1717744: Allow LDAP to find user by email address"

parents ee8d8cdb 3a38ab0c
......@@ -42,6 +42,7 @@ $string['ldapfieldforfirstname'] = 'LDAP field for first name';
$string['ldapfieldforsurname'] = 'LDAP field for surname';
$string['ldapfieldforstudentid'] = 'LDAP field for student ID';
$string['ldapversion'] = 'LDAP version';
$string['loginlink'] = 'Allow users to link their own account';
$string['nocreate']= 'Do not create new accounts';
$string['nocreatemissinggroups']='Do not create LDAP groups if they are not already set up in the institution.';
$string['nomatchingauths']='No LDAP authentication plugin found for this institution';
......
<!-- @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later -->
<!-- @copyright For copyright information on Mahara, please see the README file distributed with this software. -->
<h3>Login link</h3>
<p>Allow users to link their own local account to the authenticated LDAP account.
This depends on the email address supplied via LDAP matching a username in Mahara.</p>
......@@ -46,6 +46,7 @@ class AuthLdap extends Auth {
$this->config['starttls'] = 0;
$this->config['updateuserinfoonlogin'] = 0;
$this->config['weautocreateusers'] = 1;
$this->config['loginlink'] = false;
$this->config['firstnamefield' ] = '';
$this->config['surnamefield'] = '';
$this->config['emailfield'] = '';
......@@ -380,7 +381,17 @@ class AuthLdap extends Auth {
$attributes['preferredname'] = $this->config['preferrednamefield'];
$userinfo = $this->get_userinfo_ldap($username, $attributes);
// Check if we can link this login to an existing account via email value
if ($this->config['loginlink'] === true && !empty($userinfo['email'])) {
$user = new User();
try {
$user->find_by_email_address($userinfo['email']);
return $user;
}
catch (AuthUnknownUserException $e) {
// Skip non-existent users
}
}
return (object)$userinfo;
}
......@@ -1575,6 +1586,7 @@ class PluginAuthLdap extends PluginAuth {
'starttls' => 0,
'updateuserinfoonlogin' => 0,
'weautocreateusers' => 1,
'loginlink' => 0,
'firstnamefield' => '',
'surnamefield' => '',
'emailfield' => '',
......@@ -1806,6 +1818,12 @@ class PluginAuthLdap extends PluginAuth {
'defaultvalue' => self::$default_config['weautocreateusers'],
'help' => true,
),
'loginlink' => array(
'type' => 'switchbox',
'title' => get_string('loginlink', 'auth.ldap'),
'defaultvalue' => self::$default_config['loginlink'],
'help' => true,
),
'firstnamefield' => array(
'type' => 'text',
'title' => get_string('ldapfieldforfirstname', 'auth.ldap'),
......
......@@ -1749,7 +1749,10 @@ function login_submit(Pieform $form, $values) {
$USER->authinstance = $authinstance->id;
$userdata = $auth->get_user_info($username);
if ($userdata instanceof User) {
$userdata->reanimate($userdata->id, $authinstance->id);
return;
}
if (empty($userdata)) {
throw new AuthUnknownUserException("\"$username\" is not known");
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment