Commit 94b0a56a authored by Robert Lyon's avatar Robert Lyon
Browse files

Bug 1716811: Remove Persona completely



Now that it has been obsolete for 1 year

behatnotneeded

Change-Id: Ifa784d9e815b950e4d8725a99acfc57e098ade65
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
parent 1238a95b
<?php
/**
*
* @package mahara
* @subpackage auth-browserid
* @author Francois Marier <francois@catalyst.net.nz>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
function xmldb_auth_browserid_upgrade($oldversion=0) {
return true;
}
<?php
/**
*
* @package mahara
* @subpackage auth-browserid
* @author Francois Marier <francois@catalyst.net.nz>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
defined('INTERNAL') || die();
$string['browserid'] = 'Persona';
$string['title'] = 'Persona';
$string['description'] = 'Authenticate using Persona';
$string['notusable'] = 'Discontinued';
$string['deprecatedmsg1'] = "As of 30 November 2016, <a href=\"https://wiki.mozilla.org/Identity/Persona_Shutdown_Guidelines_for_Reliers\">Mozilla is discontinuing the Persona authentication service</a>. This plugin aids in migrating existing Persona accounts to internal authentication.";
$string['nobrowseridinstances'] = 'This site has no Persona authentication instances, so no action needs to be taken.';
$string['institutioncolumn'] = 'Institution';
$string['numuserscolumn'] = 'Number of active Persona users';
$string['migratetitle'] = 'Auto-migrate Persona users';
$string['migratedesc1'] = 'Automatically move all Persona users to the internal authentication of their institution, and delete all Persona authentication instances. Users will not receive a notification about their new account details. You will need to inform them.';
<!-- @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later -->
<!-- @copyright For copyright information on Mahara, please see the README file distributed with this software. -->
<h3>Auto-migrate Persona users</h3>
<p>Mozilla is <a href="https://wiki.mozilla.org/Identity/Persona_Shutdown_Guidelines_for_Reliers">
discontinuing the Persona authentication service</a> as of 30 November 2016.
If your site is using Persona, you will need to migrate those users to a
different authentication method as they cannot log in anymore.</p>
<p>This plugin provides a basic option to change all Persona-based user accounts
on your site to the Mahara "internal" authentication method.</p>
<p>Selecting "Yes" and saving this form will activate the migration script and
do the following:</p>
<ol>
<li>All Persona authentication instances on the site will be deleted.</li>
<li>All users who are on Persona authentication will be switched to the internal
authentication instance for their institution.</li>
<li>If their institution has no internal authentication instance, one will be
created.</li>
<li>These users will <b>not</b> have a password set. They will need to use the
"Forgot password" link and their Persona email address to set an initial
Mahara password.</li>
<li>The users' usernames will be unchanged.</li>
</ol>
<p><b>Note:</b> Users will not receive any notification that their authentication
method has changed. You may wish to put a message on your site's logged-out
homepage to explain to former Persona users that they should use the "Forgot
password" link and their Persona email address to set a new password and
access their account.</p>
<?php
/**
*
* @package mahara
* @subpackage auth-browserid
* @author Francois Marier <francois@catalyst.net.nz>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
defined('INTERNAL') || die();
require_once(get_config('docroot') . 'auth/lib.php');
require_once(get_config('docroot') . 'lib/institution.php');
class AuthBrowserid extends Auth {
public function __construct($id = null) {
if (!empty($id)) {
return $this->init($id);
}
$this->ready = true;
return true;
}
public function can_auto_create_users() {
return false;
}
}
class PluginAuthBrowserid extends PluginAuth {
public static function has_config() {
return true;
}
public static function get_config_options() {
// Find out how many active users there are, with which instances,
// in which institutions.
$instances = get_records_sql_array(
'SELECT
i.displayname as displayname,
i.name as name,
(
SELECT COUNT(*)
FROM {usr} u
WHERE
u.authinstance = ai.id
AND deleted = 0
) AS numusers
FROM
{auth_instance} ai
INNER JOIN {institution} i
ON ai.institution = i.name
WHERE
ai.authname=\'browserid\'
ORDER BY
i.displayname
'
);
$elements = array();
$elements['helptext'] = array(
'type' => 'html',
'value' => get_string('deprecatedmsg1', 'auth.browserid')
);
if ($instances) {
$smarty = smarty_core();
$smarty->assign('instances', $instances);
$tablehtml = $smarty->fetch('auth:browserid:statustable.tpl');
$elements['statustable'] = array(
'type' => 'html',
'value' => $tablehtml
);
$elements['migrate'] = array(
'type' => 'switchbox',
'title' => get_string('migratetitle', 'auth.browserid'),
'description' => get_string('migratedesc1', 'auth.browserid'),
'defaultvalue' => false,
'help' => true,
);
}
else {
$elements['noaction'] = array(
'type' => 'html',
'value' => get_string('nobrowseridinstances', 'auth.browserid')
);
}
$form = array(
'elements' => $elements
);
if ($instances) {
$form['elements']['js'] = array(
'type' => 'html',
'value' => <<<HTML
<script type="text/javascript">
if (typeof auth_browserid_reload_page === "undefined") {
var auth_browserid_reload_page = function() {
window.location.reload(true);
}
}
</script>
HTML
);
$form['jssuccesscallback'] = 'auth_browserid_reload_page';
}
return $form;
}
public static function save_config_options(Pieform $form, $values) {
if (!empty($values['migrate'])) {
$instances = get_records_array('auth_instance', 'authname', 'browserid', 'id');
foreach ($instances as $authinst) {
// Are there any users with this auth instance?
if (record_exists('usr', 'authinstance', $authinst->id)) {
// Find the internal auth instance for this institution
$internal = get_field('auth_instance', 'id', 'authname', 'internal', 'institution', $authinst->institution);
if (!$internal) {
// Institution has no internal auth instance. Create one.
$todb = new stdClass();
$todb->instancename = 'internal';
$todb->authname = 'internal';
$todb->active = 1;
$todb->institution = $authinst->institution;
$todb->priority = $authinst->priority;
$internal = insert_record('auth_instance', $todb, 'id', true);
}
// Set the password & salt for Persona users to "*", which means "no password set"
update_record(
'usr',
(object)array(
'password' => '*',
'salt' => '*'
),
array(
'authinstance' => $authinst->id
)
);
set_field('usr', 'authinstance', $internal, 'authinstance', $authinst->id);
}
// Delete the Persona auth instance
delete_records('auth_remote_user', 'authinstance', $authinst->id);
delete_records('auth_instance_config', 'instance', $authinst->id);
delete_records('auth_instance', 'id', $authinst->id);
// Make it no longer be the parent authority to any auth instances
delete_records('auth_instance_config', 'field', 'parent', 'value', $authinst->id);
}
set_field('auth_installed', 'active', 0, 'name', 'browserid');
}
}
public static function has_instance_config() {
return false;
}
/**
* Implement the function is_usable()
*
* @return boolean true if the BrowserID verifier is usable, false otherwise
*/
public static function is_usable() {
return false;
}
public static function postinst($fromversion) {
// Always deactivate this plugin, if it has been activated somehow.
set_field('auth_installed', 'active', 0, 'name', 'browserid');
}
public static function can_be_disabled() {
return true;
}
public static function is_deprecated() {
return true;
}
}
<?php
/**
*
* @package mahara
* @subpackage auth-browserid
* @author Francois Marier <francois@catalyst.net.nz>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*/
defined('INTERNAL') || die();
$config = new StdClass;
$config->version = 2016092600;
$config->release = '0.0.0';
$config->requires_config = 0;
$config->requires_parent = 0;
...@@ -5281,5 +5281,45 @@ function xmldb_core_upgrade($oldversion=0) { ...@@ -5281,5 +5281,45 @@ function xmldb_core_upgrade($oldversion=0) {
delete_records('config', 'field', 'defaultnotificationmethod'); delete_records('config', 'field', 'defaultnotificationmethod');
} }
if ($oldversion < 2017092200) {
// This code taken directly from browserid plugin, which we've just deleted so we need
// to run the move users to 'internal' auth here
if ($instances = get_records_array('auth_instance', 'authname', 'browserid', 'id')) {
log_debug('Re-assigning users from "Persona" to "Internal" authentication');
foreach ($instances as $authinst) {
// Are there any users with this auth instance?
if (record_exists('usr', 'authinstance', $authinst->id)) {
// Find the internal auth instance for this institution
$internal = get_field('auth_instance', 'id', 'authname', 'internal', 'institution', $authinst->institution);
if (!$internal) {
// Institution has no internal auth instance. Create one.
$todb = new stdClass();
$todb->instancename = 'internal';
$todb->authname = 'internal';
$todb->active = 1;
$todb->institution = $authinst->institution;
$todb->priority = $authinst->priority;
$internal = insert_record('auth_instance', $todb, 'id', true);
}
// Set the password & salt for Persona users to "*", which means "no password set"
update_record('usr', (object)array('password' => '*', 'salt' => '*'), array('authinstance' => $authinst->id));
set_field('usr', 'authinstance', $internal, 'authinstance', $authinst->id);
set_field('usr_registration', 'authtype', 'internal', 'authtype', 'browserid');
}
// Delete the Persona auth instance
delete_records('auth_remote_user', 'authinstance', $authinst->id);
delete_records('auth_instance_config', 'instance', $authinst->id);
delete_records('auth_instance', 'id', $authinst->id);
// Make it no longer be the parent authority to any auth instances
delete_records('auth_instance_config', 'field', 'parent', 'value', $authinst->id);
}
}
log_debug('Removing "Persona" authentication plugin');
delete_records('auth_config', 'plugin', 'browserid');
delete_records('auth_cron', 'plugin', 'browserid');
delete_records('auth_event_subscription', 'plugin', 'browserid');
delete_records('auth_installed', 'name', 'browserid');
}
return $status; return $status;
} }
...@@ -16,7 +16,7 @@ $config = new stdClass(); ...@@ -16,7 +16,7 @@ $config = new stdClass();
// See https://wiki.mahara.org/wiki/Developer_Area/Version_Numbering_Policy // See https://wiki.mahara.org/wiki/Developer_Area/Version_Numbering_Policy
// For upgrades on stable branches, increment the version by one. On master, use the date. // For upgrades on stable branches, increment the version by one. On master, use the date.
$config->version = 2017092100; $config->version = 2017092200;
$config->series = '17.10'; $config->series = '17.10';
$config->release = '17.10dev'; $config->release = '17.10dev';
$config->minupgradefrom = 2015030409; $config->minupgradefrom = 2015030409;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment