Merge "Bug 1640308: Adding an auth_instance "active" column"

htdocs/admin/users/add.php

@@ -298,7 +298,10 @@ function adduser_submit(Pieform $form, $values) {
         $user->quota = $values['quota'];
     }
 
-    $authinstance = get_record('auth_instance', 'id', $values['authinstance']);
+    $authinstance = get_record('auth_instance', 'id', $values['authinstance'], 'active', 1);
+    if (!$authinstance) {
+        throw new InvalidArgumentException("trying to add user to inactive auth instance " . $values['authinstance']);
+    }
     $remoteauth = false;
     if ($authinstance->authname != 'internal') {
         $remoteauth = true;

htdocs/admin/users/addauthority.php

@@ -60,6 +60,7 @@ if ($institution && $plugin) {
         $authinstance->instancename = $plugin;
         $authinstance->institution  = $institution;
         $authinstance->authname     = $plugin;
+        $authinstance->active       = 1;
         $authinstance->id           = insert_record('auth_instance', $authinstance, 'id', true);
         json_reply(false, array('id' => $authinstance->id, 'name' => ucfirst($authinstance->authname), 'authname' => $authinstance->authname));
         exit;

htdocs/admin/users/bulkimport.php

@@ -173,7 +173,10 @@ function import_next_user($filename, $username, $authinstance) {
 
     log_debug('adding user ' . $username . ' from ' . $filename);
 
-    $authobj = get_record('auth_instance', 'id', $authinstance);
+    $authobj = get_record('auth_instance', 'id', $authinstance, 'active', 1);
+    if (!$authobj) {
+        throw new InvalidArgumentException("trying to add user to inactive auth instance {$authinstance}");
+    }
     $institution = new Institution($authobj->institution);
 
     $date = time();

htdocs/admin/users/institutions.php

@@ -76,7 +76,7 @@ if ($institution || $add) {
                     $authinstanceids
                 );
                 if ($badusers) {
-                    $defaultauth = record_exists('auth_instance', 'institution', 'mahara', 'authname', 'internal');
+                    $defaultauth = record_exists('auth_instance', 'institution', 'mahara', 'authname', 'internal', 'active', 1);
                     if ($values['i'] == 'mahara' || !$defaultauth) {
                         $form->set_error(
                             'submit',
@@ -133,7 +133,7 @@ if ($institution || $add) {
                 execute_sql("
                     UPDATE {usr}
                     SET authinstance = (
-                        SELECT MIN(id) FROM {auth_instance} WHERE institution = 'mahara' AND authname = 'internal'
+                        SELECT MIN(id) FROM {auth_instance} WHERE institution = 'mahara' AND authname = 'internal' AND active = 1
                     )
                     WHERE authinstance IN (" . join(',', array_fill(0, count($authinstanceids), '?')) . ')',
                     $authinstanceids
@@ -915,6 +915,7 @@ function institution_submit(Pieform $form, $values) {
         $authinstance = (object)array(
             'instancename' => 'internal',
             'priority'     => 0,
+            'active'       => 1,
             'institution'  => $newinstitution->name,
             'authname'     => 'internal',
         );

htdocs/admin/users/uploadcsv.php

@@ -54,7 +54,7 @@ if (count($authinstances) > 0) {
         }
     }
     if ($USER->get('admin')) {
-        $definst = get_field('auth_instance', 'id', 'institution', 'mahara');
+        $definst = get_field('auth_instance', 'id', 'institution', 'mahara', 'active', 1);
         $default = $definst ? $definst : key($options);
     }
     else {
@@ -184,7 +184,7 @@ function uploadcsv_validate(Pieform $form, $values) {
     require_once('csvfile.php');
 
     $authinstance = (int) $values['authinstance'];
-    $institution = get_field('auth_instance', 'institution', 'id', $authinstance);
+    $institution = get_field('auth_instance', 'institution', 'id', $authinstance, 'active', 1);
     if (!$USER->can_edit_institution($institution)) {
         $form->set_error('authinstance', get_string('notadminforinstitution', 'admin'));
         return;
@@ -461,7 +461,10 @@ function uploadcsv_submit(Pieform $form, $values) {
     $formatkeylookup = array_flip($FORMAT);
 
     $authinstance = (int) $values['authinstance'];
-    $authrecord   = get_record('auth_instance', 'id', $authinstance);
+    $authrecord   = get_record('auth_instance', 'id', $authinstance, 'active', 1);
+    if (!$authrecord) {
+        throw new InvalidArgumentException("trying to add user to inactive auth instance {$authinstance}");
+    }
     $authobj      = AuthFactory::create($authinstance);
 
     $institution = new Institution($authobj->institution);

htdocs/auth/browserid/lib.php

@@ -124,6 +124,7 @@ HTML
                         $todb = new stdClass();
                         $todb->instancename = 'internal';
                         $todb->authname = 'internal';
+                        $todb->active = 1;
                         $todb->institution = $authinst->institution;
                         $todb->priority = $authinst->priority;
                         $internal = insert_record('auth_instance', $todb, 'id', true);

htdocs/auth/imap/lib.php

@@ -121,7 +121,7 @@ class AuthImap extends Auth {
  */
 class PluginAuthImap extends PluginAuth {
 
-    private static $default_config = array('host'=>'', 'port'=>'143', 'protocol'=>'/imap', 'domainname'=>'', 'changepasswordurl'=>'', 'weautocreateusers'=>'');
+    private static $default_config = array('host'=>'', 'port'=>'143', 'protocol'=>'/imap', 'domainname'=>'', 'changepasswordurl'=>'', 'weautocreateusers'=>'', 'active' => 1);
 
     public static function has_config() {
         return false;
@@ -163,6 +163,7 @@ class PluginAuthImap extends PluginAuth {
                     self::$default_config[$key] = $current_config[$key];
                 }
             }
+            self::$default_config['active'] = $default->active;
         } else {
             $default = new stdClass();
             $default->instancename = '';
@@ -177,6 +178,12 @@ class PluginAuthImap extends PluginAuth {
             'defaultvalue' => $default->instancename
         );
 
+        $elements['active'] = array(
+            'type'  => 'switchbox',
+            'title' => get_string('active', 'auth'),
+            'defaultvalue' => (int) self::$default_config['active'],
+        );
+
         $elements['instance'] = array(
             'type' => 'hidden',
             'value' => $instance
@@ -279,6 +286,7 @@ class PluginAuthImap extends PluginAuth {
         $authinstance->instancename = $values['instancename'];
         $authinstance->institution  = $values['institution'];
         $authinstance->authname     = $values['authname'];
+        $authinstance->active       = $values['active'];
 
         if ($values['create']) {
             $values['instance'] = insert_record('auth_instance', $authinstance, 'id', true);

htdocs/auth/ldap/lib.php

@@ -1601,6 +1601,7 @@ class PluginAuthLdap extends PluginAuth {
         'syncgroupsbyuserfield' => false,
         'syncgroupsuserattribute' => '',
         'syncgroupsusergroupnames' => '',
+        'active' => 1
     );
 
     public static function get_cron() {
@@ -1623,13 +1624,15 @@ class PluginAuthLdap extends PluginAuth {
             return;
         }
         foreach ($auths as $auth) {
-            /* @var $authobj AuthLdap */
-            $authobj = AuthFactory::create($auth->id);
-            // Each instance will decide for itself whether it should sync users and/or groups
-            // User sync needs to be called before group sync in order for new users to wind
-            // up in the correct groups
-            $authobj->sync_users();
-            $authobj->sync_groups();
+            if ($auth->active == '1') {
+                /* @var $authobj AuthLdap */
+                $authobj = AuthFactory::create($auth->id);
+                // Each instance will decide for itself whether it should sync users and/or groups
+                // User sync needs to be called before group sync in order for new users to wind
+                // up in the correct groups
+                $authobj->sync_users();
+                $authobj->sync_groups();
+            }
         }
     }
 
@@ -1682,6 +1685,7 @@ class PluginAuthLdap extends PluginAuth {
                     self::$default_config[$key] = $current_config[$key];
                 }
             }
+            self::$default_config['active'] = $default->active;
         } else {
             $default = new stdClass();
             $default->instancename = '';
@@ -1711,6 +1715,11 @@ class PluginAuthLdap extends PluginAuth {
                 'type'  => 'hidden',
                 'value' => 'ldap',
             ),
+            'active' => array(
+                'type'  => 'switchbox',
+                'title' => get_string('active', 'auth'),
+                'defaultvalue' => (int) self::$default_config['active'],
+            ),
             'host_url' => array(
                 'type'  => 'text',
                 'title' => get_string('hosturl', 'auth.ldap'),

htdocs/auth/lib.php

@@ -72,6 +72,7 @@ abstract class Auth {
     protected $instancename;
     protected $priority;
     protected $authname;
+    protected $active;
     protected $config;
     protected $has_instance_config;
     protected $type;
@@ -109,6 +110,7 @@ abstract class Auth {
         $this->institution  = $instance->institution;
         $this->instancename = $instance->instancename;
         $this->priority     = $instance->priority;
+        $this->active       = $instance->active;
         $this->authname     = $instance->authname;
 
         // Return now if the plugin type doesn't require any config
@@ -534,7 +536,8 @@ function auth_get_auth_instances() {
             inst.name,
             inst.displayname,
             i.instancename,
-            i.authname
+            i.authname,
+            i.active
         FROM
             {institution} inst,
             {auth_instance} i
@@ -570,7 +573,8 @@ function auth_get_auth_instances_for_institutions($institutions) {
             inst.name,
             inst.displayname,
             i.instancename,
-            i.authname
+            i.authname,
+            i.active
         FROM
             {institution} inst,
             {auth_instance} i
@@ -611,6 +615,7 @@ function auth_get_auth_instances_for_institution($institution=null) {
                 i.instancename,
                 i.priority,
                 i.authname,
+                i.active,
                 a.requires_config,
                 a.requires_parent
             FROM
@@ -643,6 +648,7 @@ function auth_get_auth_instances_for_wwwroot($wwwroot) {
     $query = "  SELECT
                     ai.id,
                     ai.authname,
+                    ai.active,
                     i.id as institutionid,
                     i.displayname,
                     i.suspended
@@ -1378,8 +1384,12 @@ function auth_get_enabled_auth_plugins() {
                 {auth_installed} inst ON inst.name = ai.authname
             WHERE
                 i.suspended = 0 AND
-                inst.active = 1
-            ORDER BY authname';
+                inst.active = 1';
+    if (get_config('version') >= '2016111000') {
+        // we added a new column auth_instance.active so check for $version to avoid error messages on upgrade
+        $sql .= ' AND ai.active = 1';
+    }
+    $sql .= ' ORDER BY authname';
     $authplugins = get_column_sql($sql);
 
     $usableplugins = array();
@@ -1483,7 +1493,7 @@ function login_submit(Pieform $form, $values) {
             $authinstances = get_records_sql_array("
                 SELECT a.id, a.instancename, a.priority, a.authname, a.institution, i.suspended, i.displayname
                 FROM {institution} i JOIN {auth_instance} a ON a.institution = i.name
-                WHERE a.authname != 'internal'
+                WHERE a.authname != 'internal' AND a.active = 1
                 ORDER BY a.institution, a.priority, a.instancename", array());
 
             if ($authinstances == false) {
@@ -1677,12 +1687,13 @@ function ensure_user_account_is_active($user=null) {
     // make sure their authinstance is not set to the suspended/expired institution
     // otherwise they will not be able to login (administer via site).
     $authinstance = get_record_sql('
-        SELECT i.suspended, CASE WHEN i.expiry < NOW() THEN 1 ELSE 0 END AS expired, i.displayname
+        SELECT i.suspended, CASE WHEN i.expiry < NOW() THEN 1 ELSE 0 END AS expired, i.displayname, a.active
         FROM {institution} i JOIN {auth_instance} a ON a.institution = i.name
         WHERE a.id = ?', array($user->authinstance));
-    if ($authinstance->suspended || $authinstance->expired) {
+    if ($authinstance->suspended || $authinstance->expired || !$authinstance->active) {
         $sitename = get_config('sitename');
         $state = ($authinstance->suspended) ? 'suspended' : 'expired';
+        $state = ($authinstane->active) ? $state : 'inactive';
         throw new AccessTotallyDeniedException(get_string('accesstotallydenied_institution' . $state, 'mahara', $authinstance->displayname, $sitename));
         return false;
     }
@@ -2119,6 +2130,7 @@ function auth_generate_registration_form($formname, $authname='internal', $goto)
                 {auth_instance} ai
             WHERE
                 ai.authname = ? AND
+                ai.active = 1 AND
                 ai.institution = i.name AND
                 i.registerallowed = 1';
     $institutions = get_records_sql_array($sql, array($authname));
@@ -2401,7 +2413,7 @@ function auth_register_submit(Pieform $form, $values) {
     // @todo the expiry date should be configurable
     if ($confirm = (get_config('requireregistrationconfirm') || get_field('institution', 'registerconfirm', 'name', $values['institution']))) {
         if (isset($values['authtype']) && $values['authtype'] != 'internal') {
-            $authinstance = get_record('auth_instance', 'institution', $values['institution'], 'authname', $values['authtype'] ? $values['authtype'] : 'internal');
+            $authinstance = get_record('auth_instance', 'institution', $values['institution'], 'authname', $values['authtype'] ? $values['authtype'] : 'internal', 'active', 1);
             $auth = AuthFactory::create($authinstance->id);
             $confirm = !$auth->weautocreateusers;
         }

htdocs/auth/plugintables.xml

@@ -17,7 +17,8 @@
                 <FIELD NAME="instancename" TYPE="char" LENGTH="255" NOTNULL="true" />
                 <FIELD NAME="priority" TYPE="int" LENGTH="2" NOTNULL="true" DEFAULT="0" />
                 <FIELD NAME="institution" TYPE="char" LENGTH="255" NOTNULL="true" />
-               <FIELD NAME="authname" TYPE="char" LENGTH="255" NOTNULL="true" />
+                <FIELD NAME="authname" TYPE="char" LENGTH="255" NOTNULL="true" />
+                <FIELD NAME="active" TYPE="int" LENGTH="1" NOTNULL="true" DEFAULT="1" />
             </FIELDS>
             <KEYS>
                 <KEY NAME="primary" TYPE="primary" FIELDS="id" />

htdocs/auth/saml/index.php

@@ -263,7 +263,7 @@ function auth_saml_find_authinstance($saml_attributes) {
     $institutions = array();
 
     // find all the possible institutions/auth instances of type saml
-    $instances = recordset_to_array(get_recordset_sql("SELECT * FROM {auth_instance_config} aic, {auth_instance} ai WHERE ai.id = aic.instance AND ai.authname = 'saml' AND aic.field = 'institutionattribute'"));
+    $instances = recordset_to_array(get_recordset_sql("SELECT * FROM {auth_instance_config} aic, {auth_instance} ai WHERE ai.id = aic.instance AND ai.authname = 'saml' AND ai.active = 1 AND aic.field = 'institutionattribute'"));
     foreach ($instances as $row) {
         $institutions[]= $row->instance . ':' . $row->institution . ':' . $row->value;
         if (isset($saml_attributes[$row->value])) {
@@ -551,10 +551,10 @@ function login_test_all_user_authinstance($username, $password) {
     // internal, or ldap - definitely NOT none, saml, or xmlrpc
     $instances = array();
 
-    // all other candidtate auth_instances
+    // all other candidate auth_instances
     $sql = 'SELECT ai.* from {auth_instance} ai INNER JOIN {auth_remote_user} aru
                 ON ai.id = aru.authinstance
-                WHERE ai.authname NOT IN(\'saml\', \'xmlrpc\', \'none\') AND aru.localusr = ?';
+                WHERE ai.active = 1 AND ai.authname NOT IN(\'saml\', \'xmlrpc\', \'none\') AND aru.localusr = ?';
     $authinstances = get_records_sql_array($sql, array($user->id));
     foreach ($authinstances as $authinstance) {
         $instances[]= $authinstance->id;
@@ -562,7 +562,7 @@ function login_test_all_user_authinstance($username, $password) {
 
     // determine the internal authinstance ID associated with the base 'mahara'
     // 'no institution' - use this is a default fallback login attempt
-    $authinstance = get_record('auth_instance', 'institution', 'mahara', 'authname', 'internal');
+    $authinstance = get_record('auth_instance', 'institution', 'mahara', 'authname', 'internal', 'active', 1);
     $instances[]= $authinstance->id;
 
     // test each auth_instance candidate associated with this user

htdocs/auth/saml/lib.php

@@ -296,6 +296,7 @@ class PluginAuthSaml extends PluginAuth {
         'institutionregex'      => 0,
         'remoteuser'            => 1,
         'loginlink'             => 0,
+        'active'                => 1
             );
 
     public static function can_be_disabled() {
@@ -525,18 +526,20 @@ class PluginAuthSaml extends PluginAuth {
             if ($current_config == false) {
                 $current_config = array();
             }
-
             foreach (self::$default_config as $key => $value) {
                 if (array_key_exists($key, $current_config)) {
                     self::$default_config[$key] = $current_config[$key];
                 }
             }
-            if(empty(self::$default_config['institutionvalue'])) {
+            if (empty(self::$default_config['institutionvalue'])) {
                 self::$default_config['institutionvalue'] = $institution;
             }
-        } else {
+            self::$default_config['active'] = $default->active;
+        }
+        else {
             $default = new stdClass();
             $default->instancename = '';
+            $default->active = 1;
         }
 
         // lookup the institution metadata
@@ -586,6 +589,11 @@ class PluginAuthSaml extends PluginAuth {
                 'type'  => 'hidden',
                 'value' => 'saml',
             ),
+            'active' => array(
+                'type'  => 'switchbox',
+                'title' => get_string('active', 'auth'),
+                'defaultvalue' => (int) self::$default_config['active'],
+            ),
             'institutionidp' => array(
                 'type'  => 'textarea',
                 'title' => $idp_title,
@@ -782,6 +790,7 @@ class PluginAuthSaml extends PluginAuth {
 
         $authinstance->institution  = $values['institution'];
         $authinstance->authname     = $values['authname'];
+        $authinstance->active       = (int) $values['active'];
         $authinstance->instancename = $values['authname'];
 
         if ($values['create']) {

htdocs/auth/xmlrpc/lib.php

@@ -587,7 +587,8 @@ class PluginAuthXmlrpc extends PluginAuth {
         'theyssoin'             => 0,
         'weimportcontent'       => 0,
         'parent'                => null,
-        'authloginmsg'          => ''
+        'authloginmsg'          => '',
+        'active'                => 1
     );
 
     public static function has_config() {
@@ -667,18 +668,21 @@ class PluginAuthXmlrpc extends PluginAuth {
                         $peer->findByWwwroot($current_config[$key]);
                         self::$default_config['wwwroot_orig'] = $current_config[$key];
                     }
-                } elseif (property_exists($default, $key)) {
+                }
+                else if (property_exists($default, $key)) {
                     self::$default_config[$key] = $default->{$key};
                 }
             }
-        } else {
+        }
+        else {
             $max_priority = get_field('auth_instance', 'MAX(priority)', 'institution', $institution);
             self::$default_config['priority'] = ++$max_priority;
         }
 
         if (empty($peer->application->name)) {
             self::$default_config['appname'] = key(current($applicationset));
-        } else {
+        }
+        else {
             self::$default_config['appname'] = $peer->application->name;
         }
 
@@ -692,6 +696,12 @@ class PluginAuthXmlrpc extends PluginAuth {
             'help'   => true
         );
 
+        $elements['actve'] = array(
+            'type'  => 'switchbox',
+            'title' => get_string('active', 'auth'),
+            'defaultvalue' => (int) self::$default_config['active'],
+        );
+
         $elements['instance'] = array(
             'type' => 'hidden',
             'value' => $instance
@@ -939,6 +949,7 @@ class PluginAuthXmlrpc extends PluginAuth {
         $authinstance->instancename = $values['instancename'];
         $authinstance->institution  = $values['institution'];
         $authinstance->authname     = $values['authname'];
+        $authinstance->active       = $values['active'];
 
         if ($values['create']) {
             $values['instance'] = insert_record('auth_instance', $authinstance, 'id', true);

htdocs/forgotpass.php

@@ -108,14 +108,14 @@ function forgotpass_validate(Pieform $form, $values) {
     if (!$form->get_error('emailusername')) {
         // Check if the user who associates to username or email address is using the external authentication
         if (record_exists_sql('SELECT u.authinstance
-            FROM {usr} u INNER JOIN {auth_instance} ai ON (u.authinstance = ai.id)
+            FROM {usr} u INNER JOIN {auth_instance} ai ON (u.authinstance = ai.id AND ai.active = 1)
             WHERE (LOWER(u.email) = ? OR LOWER(u.username) = ?)
             AND ((ai.authname != \'internal\') AND (ai.authname != \'none\'))', array_fill(0, 2, strtolower($values['emailusername'])))) {
                 $form->set_error('emailusername', get_string('forgotpassuserusingexternalauthentication', 'mahara', get_config('wwwroot') . 'contact.php'));
         }
         else {
             if (!($authinstance = get_field_sql('SELECT u.authinstance
-                FROM {usr} u INNER JOIN {auth_instance} ai ON (u.authinstance = ai.id)
+                FROM {usr} u INNER JOIN {auth_instance} ai ON (u.authinstance = ai.id AND ai.active = 1)
                 WHERE (LOWER(u.email) = ? OR LOWER(u.username) = ?)
                 AND ai.authname = \'internal\'', array_fill(0, 2, strtolower($values['emailusername']))))) {
                     $form->set_error('emailusername', get_string('forgotpassnosuchemailaddressorusername'));
@@ -138,7 +138,7 @@ function forgotpass_submit(Pieform $form, $values) {
 
     try {
         if (!($user = get_record_sql('SELECT u.* FROM {usr} u
-            INNER JOIN {auth_instance} ai ON (u.authinstance = ai.id)
+            INNER JOIN {auth_instance} ai ON (u.authinstance = ai.id AND ai.active = 1)
             WHERE (LOWER(u.email) = ? OR LOWER(u.username) = ?)
             AND ai.authname = \'internal\'', array_fill(0, 2, strtolower($values['emailusername']))))) {
                 die_info(get_string('forgotpassnosuchemailaddressorusername'));

htdocs/lang/en.utf8/auth.php

@@ -43,6 +43,7 @@ $string['authloginmsg2'] = "When you have not chosen a parent authority, enter a
 $string['application'] = 'Application';
 $string['cantretrievekey'] = 'An error occurred while retrieving the public key from the remote server.<br>Please ensure that the Application and WWW root fields are correct and that networking is enabled on the remote host.';
 $string['ssodirection'] = 'SSO direction';
+$string['active'] = 'Active';
 
 $string['errorcertificateinvalidwwwroot'] = 'This certificate claims to be for %s, but you are trying to use it for %s.';
 $string['errorcouldnotgeneratenewsslkey'] = 'Could not generate a new SSL key. Are you sure that both openssl and the PHP module for openssl are installed on this machine?';

htdocs/lang/en.utf8/mahara.php

@@ -247,6 +247,8 @@ $string['accesstotallydenied_institutionsuspended'] = 'Your institution %s has b
 Please contact your institution for help.';
 $string['accesstotallydenied_institutionexpired'] = 'Your institution %s has expired. Until it is unexpired, you will not be able to log in to %s.
 Please contact your institution for help.';
+$string['accesstotallydenied_institutioninactive'] = 'Your institution %s authenticcation method is inactive. Until it is made active, you will not be able to log in to %s.
+Please contact your institution for help.';
 $string['accessforbiddentoadminsection'] = 'You are forbidden from accessing the administration section.';
 $string['accountdeleted'] = 'Sorry, your account has been deleted. You can <a href="%scontact.php">contact the site administrator</a>.';
 $string['accountexpired'] = 'Sorry, your account has expired. You can <a href="%scontact.php">contact the site administrator</a> to have it reactivated.';

htdocs/lib/db/upgrade.php

@@ -4861,5 +4861,13 @@ function xmldb_core_upgrade($oldversion=0) {
         bump_cache_version();
     }
 
+    if ($oldversion < 2017012600) {
+        log_debug('Add "active" column to "auth_instance" table');
+        $table = new XMLDBTable('auth_instance');
+        $field = new XMLDBField('active');
+        $field->setAttributes(XMLDB_TYPE_INTEGER, 1, null, XMLDB_NOTNULL, null, null, null, 1);
+        add_field($table, $field);
+    }
+
     return $status;
 }

htdocs/lib/institution.php

@@ -579,7 +579,7 @@ class Institution {
         // we can't find that, some other no institution auth.
         $authinstances = get_records_select_assoc(
             'auth_instance',
-            "institution IN ('mahara', ?)",
+            "institution IN ('mahara', ?) AND active = 1",
             array($this->name),
             "institution = 'mahara' DESC, authname = 'internal' DESC"
         );

htdocs/lib/phpunit.php

@@ -245,7 +245,7 @@ EOD;
      * @return int new user id.
      */
     protected function create_test_user($userdata = null, $institution = null) {
-        $authinstance = get_record('auth_instance', 'institution', 'mahara');
+        $authinstance = get_record('auth_instance', 'institution', 'mahara', 'active', 1);
         $testdata = array(
             'username'     => 'test' . count($this->testusers),
             'email'        => 'test' . count($this->testusers) . '@localhost',

htdocs/lib/upgrade.php

@@ -743,6 +743,7 @@ function core_install_lastcoredata_defaults() {
     $auth_instance->priority='1';
     $auth_instance->institution   = 'mahara';
     $auth_instance->authname      = 'internal';
+    $auth_instance->active        = 1;
     $auth_instance->id = insert_record('auth_instance', $auth_instance, 'id', true);
 
     // Insert the root user