Commit 64af9324 authored by Robert Lyon's avatar Robert Lyon Committed by Cecilia Vela Gurovic
Browse files

Bug 1763581: Check email based usernames in lowercase for LTI



In Mahara we compare supplied usernames in lower case to what exists
in the database. This avoids problems of 'test01' vs 'Test01'.

The LTI plugin needs to also adhere to this convention

behatnotneeded

Change-Id: I822ccf9e3e3c3b43533c503f1600ef3c3af8008e
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
(cherry picked from commit 80c5e70a)
parent 0e023165
......@@ -110,9 +110,11 @@ class module_lti_launch extends external_api {
// User not found - try to match on email
if (!$userid && isset($params['lis_person_contact_email_primary'])) {
log_debug('User not found in auth_remote_user with user_id:'.$params['user_id']);
$userid = get_field('artefact_internal_profile_email', 'owner', 'email', $params['lis_person_contact_email_primary'], 'verified', 1);
log_debug('User not found in auth_remote_user with user_id:' . $params['user_id']);
$userid = get_field_sql("SELECT owner
FROM {artefact_internal_profile_email}
WHERE LOWER(email) = ?
AND verified = ?", array(strtolower($params['lis_person_contact_email_primary']), 1));
$updateremote = true;
}
......@@ -157,7 +159,9 @@ class module_lti_launch extends external_api {
$user->authinstance = $authinstanceid;
// Make sure that the username doesn't already exist
if (get_record('usr', 'username', $user->email)) {
if (get_field_sql("SELECT username
FROM {usr}
WHERE LOWER(username) = ?", array(strtolower($user->email)))) {
$USER->logout();
throw new WebserviceInvalidParameterException(get_string('usernameexists1', 'module.lti', $user->email));
}
......@@ -177,7 +181,9 @@ class module_lti_launch extends external_api {
$user = get_record('usr', 'id', $userid, 'deleted', 0);
if ($updateuser) {
$user->email = $params['lis_person_contact_email_primary'];
if (strtolower($user->email) != strtolower($params['lis_person_contact_email_primary'])) {
$user->email = $params['lis_person_contact_email_primary'];
}
$user->firstname = $params['lis_person_name_given'];
$user->lastname = $params['lis_person_name_family'];
unset($user->password);
......@@ -204,7 +210,7 @@ class module_lti_launch extends external_api {
insert_record('auth_remote_user', $authremoteuser);
}
log_debug('reanimating: '.var_export($user->username, true));
log_debug('reanimating: ' . var_export($user->username, true));
$USER->reanimate($user->id, $authinstanceid);
if (isset($params['launch_presentation_return_url'])) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment