Commit 5b067df7 authored by Richard Mansfield's avatar Richard Mansfield Committed by Gerrit Code Review
Browse files

Merge "Add admin option to change a users username (Bug #633273)"

parents e7c44a14 1179587f
...@@ -55,6 +55,15 @@ $elements['id'] = array( ...@@ -55,6 +55,15 @@ $elements['id'] = array(
'value' => $id, 'value' => $id,
); );
if (method_exists($authobj, 'change_username')) {
$elements['username'] = array(
'type' => 'text',
'title' => get_string('changeusername', 'admin'),
'description' => get_string('changeusernamedescription', 'admin'),
'defaultvalue' => $user->username,
);
}
if (method_exists($authobj, 'change_password')) { if (method_exists($authobj, 'change_password')) {
// Only show the password options if the plugin allows for the functionality // Only show the password options if the plugin allows for the functionality
$elements['password'] = array( $elements['password'] = array(
...@@ -188,15 +197,12 @@ function edituser_site_validate(Pieform $form, $values) { ...@@ -188,15 +197,12 @@ function edituser_site_validate(Pieform $form, $values) {
} }
function edituser_site_submit(Pieform $form, $values) { function edituser_site_submit(Pieform $form, $values) {
global $USER, $authobj; global $USER, $authobj, $SESSION;
if (!$user = get_record('usr', 'id', $values['id'])) { if (!$user = get_record('usr', 'id', $values['id'])) {
return false; return false;
} }
if (method_exists($authobj, 'change_password')) {
$user->passwordchange = (int) ($values['passwordchange'] == 'on');
}
$user->quota = $values['quota']; $user->quota = $values['quota'];
$user->expiry = db_format_timestamp($values['expiry']); $user->expiry = db_format_timestamp($values['expiry']);
...@@ -253,24 +259,63 @@ function edituser_site_submit(Pieform $form, $values) { ...@@ -253,24 +259,63 @@ function edituser_site_submit(Pieform $form, $values) {
)); ));
} }
$user->authinstance = $values['authinstance']; $user->authinstance = $values['authinstance'];
// update the global $authobj to match the new authinstance
// this is used by the password/username change methods
// if either/both has been requested at the same time
$authobj = AuthFactory::create($user->authinstance);
} }
} }
if (isset($values['password']) && $values['password'] !== '') {
$userobj = new User();
$userobj = $userobj->find_by_id($user->id);
$authobj = AuthFactory::create($user->authinstance);
if (method_exists($authobj, 'change_password')) { // Only change the pw if the new auth instance allows for it
// Only change the pw if the new auth instance allows for it if (method_exists($authobj, 'change_password')) {
$user->passwordchange = (int) ($values['passwordchange'] == 'on');
if (isset($values['password']) && $values['password'] !== '') {
$userobj = new User();
$userobj = $userobj->find_by_id($user->id);
$user->password = $authobj->change_password($userobj, $values['password']); $user->password = $authobj->change_password($userobj, $values['password']);
$user->salt = $userobj->salt; $user->salt = $userobj->salt;
} else {
unset($userobj);
}
} else {
// inform the user that the chosen auth instance doesn't allow password changes
// but only if they tried changing it
if (isset($values['password']) && $values['password'] !== '') {
$SESSION->add_error_msg(get_string('passwordchangenotallowed', 'admin'));
// Set empty pw with salt // Set empty pw with salt
$user->password = ''; $user->password = '';
$user->salt = auth_get_random_salt(); $user->salt = auth_get_random_salt();
} }
}
if (isset($values['username']) && $values['username'] !== '') {
$userobj = new User();
$userobj = $userobj->find_by_id($user->id);
if ($userobj->username != $values['username']) {
// Only change the username if the auth instance allows for it
if (method_exists($authobj, 'change_username')) {
// check the existence of the chosen username
try {
if ($authobj->user_exists($values['username'])) {
// set an error message if it is already in use
$SESSION->add_error_msg(get_string('usernameexists', 'account'));
}
} catch (AuthUnknownUserException $e) {
// update the username otherwise
$user->username = $authobj->change_username($userobj, $values['username']);
}
} else {
// inform the user that the chosen auth instance doesn't allow username changes
$SESSION->add_error_msg(get_string('usernamechangenotallowed', 'admin'));
}
}
unset($userobj, $authobj); unset($userobj);
} }
update_record('usr', $user); update_record('usr', $user);
......
...@@ -130,6 +130,29 @@ class AuthInternal extends Auth { ...@@ -130,6 +130,29 @@ class AuthInternal extends Auth {
return preg_match('/^[a-zA-Z0-9!@#$%^&*()\-_=+\[{\]}\\|;:\'",<\.>\/?`]{3,30}$/', $username); return preg_match('/^[a-zA-Z0-9!@#$%^&*()\-_=+\[{\]}\\|;:\'",<\.>\/?`]{3,30}$/', $username);
} }
/**
* Changes the user's username.
*
* This method is not strictly part of the authentication API, but if
* defined allows the method to change a user's username.
*
* @param object $user The user to change the password for
* @param string $username The username to set for the user
* @return string The new username, or the original username if it could not be set
*/
public function change_username(User $user, $username) {
$this->must_be_ready();
// proposed username must pass validation
if ($this->is_username_valid($username)) {
$user->username = $username;
$user->commit();
}
// return the new username, or the original one if it failed validation
return $user->username;
}
/* /*
The following two functions are inspired by Andrew McMillan's salted md5 The following two functions are inspired by Andrew McMillan's salted md5
functions in AWL, adapted with his kind permission. Changed to use sha1 functions in AWL, adapted with his kind permission. Changed to use sha1
......
...@@ -33,7 +33,9 @@ $string['oldpasswordincorrect'] = 'This is not your current password'; ...@@ -33,7 +33,9 @@ $string['oldpasswordincorrect'] = 'This is not your current password';
$string['changeusernameheading'] = 'Change username'; $string['changeusernameheading'] = 'Change username';
$string['changeusername'] = 'New username'; $string['changeusername'] = 'New username';
$string['changeusernamedesc'] = 'The username you use to log into %s. Usernames are 3-30 characters long, and may contain letters, numbers, and most common symbols excuding spaces.'; $string['changeusernamedesc'] = 'The username you use to log into %s. Usernames are 3-30 characters long, and may contain letters, numbers, and most common symbols excluding spaces.';
$string['usernameexists'] = 'This username is taken, please choose another.';
$string['accountoptionsdesc'] = 'General account options'; $string['accountoptionsdesc'] = 'General account options';
$string['friendsnobody'] = 'Nobody may add me as a friend'; $string['friendsnobody'] = 'Nobody may add me as a friend';
......
...@@ -487,6 +487,8 @@ $string['userunsuspended'] = 'User unsuspended'; ...@@ -487,6 +487,8 @@ $string['userunsuspended'] = 'User unsuspended';
// User account settings // User account settings
$string['accountsettings'] = 'Account settings'; $string['accountsettings'] = 'Account settings';
$string['siteaccountsettings'] = 'Site account settings'; $string['siteaccountsettings'] = 'Site account settings';
$string['changeusername'] = 'Change username';
$string['changeusernamedescription'] = 'Change this user\'s username. Usernames are 3-30 characters long, and may contain letters, numbers, and most common symbols excluding spaces.';
$string['resetpassword'] = 'Reset password'; $string['resetpassword'] = 'Reset password';
$string['resetpassworddescription'] = 'If you enter text here, it will replace the user\'s current password.'; $string['resetpassworddescription'] = 'If you enter text here, it will replace the user\'s current password.';
$string['forcepasswordchange'] = 'Force password change on next login'; $string['forcepasswordchange'] = 'Force password change on next login';
...@@ -516,6 +518,8 @@ $string['suspenddeleteuser'] = 'Suspend/Delete User'; ...@@ -516,6 +518,8 @@ $string['suspenddeleteuser'] = 'Suspend/Delete User';
$string['suspenddeleteuserdescription'] = 'Here you may suspend or entirely delete a user account. Suspended users are unable to log in until their account is unsuspended. Please note that while a suspension can be undone, deletion <strong>cannot</strong> be undone.'; $string['suspenddeleteuserdescription'] = 'Here you may suspend or entirely delete a user account. Suspended users are unable to log in until their account is unsuspended. Please note that while a suspension can be undone, deletion <strong>cannot</strong> be undone.';
$string['deleteusernote'] = 'Please note that this operation <strong>cannot be undone</strong>.'; $string['deleteusernote'] = 'Please note that this operation <strong>cannot be undone</strong>.';
$string['youcannotadministerthisuser'] = 'You cannot administer this user'; $string['youcannotadministerthisuser'] = 'You cannot administer this user';
$string['usernamechangenotallowed'] = 'The chosen authentication method does not allow changes to the username.';
$string['passwordchangenotallowed'] = 'The chosen authentication method does not allow changes to the password.';
// Add User // Add User
$string['adduser'] = 'Add User'; $string['adduser'] = 'Add User';
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment