Commit 922d5944 authored by Elliot Pahl's avatar Elliot Pahl Committed by Elliot Pahl
Browse files

Prevent users already in the database from being logged in if their institution is suspended.

parent a65a74f3
......@@ -800,6 +800,18 @@ class LiveUser extends User {
if ($auth->authenticate_user_account($user, $password)) {
$user->lastauthinstance = $auth->instanceid;
$this->authenticate($user, $auth->instanceid);
// Check for a suspended institution
$authinstance = get_record_sql('
SELECT i.suspended, i.displayname
FROM {institution} i JOIN {auth_instance} a ON a.institution = i.name
WHERE a.id = ?', array($instanceid));
if ($authinstance->suspended) {
$sitename = get_config('sitename');
throw new AccessTotallyDeniedException(get_string('accesstotallydenied_institutionsuspended', 'mahara', $authinstance->displayname, $sitename));
return false;
}
return true;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment