Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
mahara
mahara
Commits
ae894987
Commit
ae894987
authored
Dec 24, 2007
by
Richard Mansfield
Browse files
Change user to internal auth when removed from an external-auth institution
parent
84f2c5fc
Changes
5
Hide whitespace changes
Inline
Side-by-side
htdocs/admin/users/edit.php
View file @
ae894987
...
...
@@ -315,14 +315,18 @@ function edituser_institution_submit(Pieform $form, $values) {
db_commit
();
break
;
}
else
if
(
isset
(
$values
[
$i
->
institution
.
'_remove'
]))
{
db_begin
();
delete_records
(
'usr_institution'
,
'usr'
,
$user
->
id
,
'institution'
,
$i
->
institution
);
handle_event
(
'updateuser'
,
$user
->
id
);
db_commit
();
if
(
$user
->
id
==
$USER
->
id
)
{
$USER
->
leave_institution
(
$i
->
institution
);
}
else
{
$user
->
leave_institution
(
$i
->
institution
);
}
// Institutional admins can no longer access this page
// if they remove the user from the institution, so
// send them back to user search.
if
(
!
$USER
->
get
(
'admin'
))
{
if
(
!
$USER
->
is_institutional_admin
())
{
redirect
(
get_config
(
'wwwroot'
));
}
redirect
(
'/admin/users/search.php'
);
}
break
;
...
...
htdocs/admin/users/institutionusers.php
View file @
ae894987
...
...
@@ -76,7 +76,6 @@ if ($usertype == 'requesters') {
'righttitle'
=>
get_string
(
'userstobeadded'
,
'admin'
),
'searchparams'
=>
array
(
'requested'
=>
1
),
);
$update
=
'addUserAsMember'
;
$submittext
=
get_string
(
'addmembers'
,
'admin'
);
}
else
if
(
$usertype
==
'members'
)
{
// LHS shows institution members, RHS shows users to be removed
...
...
@@ -86,7 +85,6 @@ if ($usertype == 'requesters') {
'righttitle'
=>
get_string
(
'userstoberemoved'
,
'admin'
),
'searchparams'
=>
array
(
'member'
=>
1
),
);
$update
=
'removeMember'
;
$submittext
=
get_string
(
'removeusers'
,
'admin'
);
}
else
{
// $usertype == nonmembers
// Behaviour depends on whether we allow users to have > 1 institution
...
...
@@ -98,7 +96,6 @@ if ($usertype == 'requesters') {
'righttitle'
=>
get_string
(
'userstobeinvited'
,
'admin'
),
'searchparams'
=>
array
(
'member'
=>
0
,
'invited'
=>
0
,
'requested'
=>
0
)
);
$update
=
'inviteUser'
;
$submittext
=
get_string
(
'inviteusers'
,
'admin'
);
}
...
...
@@ -124,11 +121,6 @@ $userlistform = pieform(array(
'value'
=>
$institution
,
'rules'
=>
array
(
'regex'
=>
'/^[a-zA-Z0-9]+$/'
)
),
'update'
=>
array
(
'type'
=>
'hidden'
,
'value'
=>
$update
,
'rules'
=>
array
(
'regex'
=>
'/^[a-zA-Z]+$/'
)
),
'submit'
=>
array
(
'type'
=>
'submit'
,
'value'
=>
$submittext
...
...
@@ -146,30 +138,51 @@ function institutionusers_submit(Pieform $form, $values) {
redirect
(
$url
);
}
$institution
=
new
Institution
(
$values
[
'institution'
]);
if
(
!
in_array
(
$values
[
'update'
],
array
(
'addUserAsMember'
,
'removeMember'
,
'inviteUser'
)))
{
$dataerror
=
false
;
if
(
!
in_array
(
$values
[
'usertype'
],
array
(
'requesters'
,
'members'
,
'nonmembers'
))
||
!
is_array
(
$values
[
'users'
]))
{
$dataerror
=
true
;
}
else
{
foreach
(
$values
[
'users'
]
as
$id
)
{
if
(
!
is_numeric
(
$id
))
{
$dataerror
=
true
;
break
;
}
}
}
if
(
$dataerror
)
{
$SESSION
->
add_error_msg
(
get_string
(
'errorupdatinginstitutionusers'
,
'admin'
));
redirect
(
$url
);
}
$institution
=
new
Institution
(
$values
[
'institution'
]);
$maxusers
=
$institution
->
maxuseraccounts
;
if
(
!
empty
(
$maxusers
))
{
$members
=
$institution
->
countMembers
();
if
(
$values
[
'u
pdat
e'
]
==
'
addUserAsMember
'
&&
$members
+
count
(
$values
[
'users'
])
>=
$maxusers
)
{
if
(
$values
[
'u
sertyp
e'
]
==
'
requesters
'
&&
$members
+
count
(
$values
[
'users'
])
>=
$maxusers
)
{
$SESSION
->
add_error_msg
(
get_string
(
'institutionuserserrortoomanyusers'
,
'admin'
));
redirect
(
$url
);
}
if
(
$values
[
'u
pdat
e'
]
==
'
inviteUs
er'
if
(
$values
[
'u
sertyp
e'
]
==
'
nonmemb
er
s
'
&&
$members
+
$institution
->
countInvites
()
+
count
(
$values
[
'users'
])
>=
$maxusers
)
{
$SESSION
->
add_error_msg
(
get_string
(
'institutionuserserrortoomanyinvites'
,
'admin'
));
redirect
(
$url
);
}
}
db_begin
();
foreach
(
$values
[
'users'
]
as
$id
)
{
$institution
->
{
$values
[
'update'
]}(
$id
);
if
(
$values
[
'usertype'
]
==
'members'
)
{
$institution
->
removeMembers
(
$values
[
'users'
]);
}
else
{
$update
=
$values
[
'usertype'
]
==
'requesters'
?
'addUserAsMember'
:
'inviteUser'
;
foreach
(
$values
[
'users'
]
as
$id
)
{
$institution
->
{
$update
}(
$id
);
}
}
db_commit
();
$SESSION
->
add_ok_msg
(
get_string
(
'institutionusersupdated'
.
$values
[
'usertype'
],
'admin'
));
if
(
!
$USER
->
get
(
'admin'
)
&&
!
$USER
->
is_institutional_admin
())
{
redirect
(
get_config
(
'wwwroot'
));
}
redirect
(
$url
);
}
...
...
htdocs/auth/user.php
View file @
ae894987
...
...
@@ -375,8 +375,7 @@ class User {
if
(
$institution
!=
'mahara'
&&
$this
->
in_institution
(
$institution
))
{
require_once
(
'institution.php'
);
$institution
=
new
Institution
(
$institution
);
$institution
->
removeMember
(
$this
);
$this
->
reset_institutions
();
$institution
->
removeMember
(
$this
->
to_stdclass
());
}
}
...
...
@@ -411,7 +410,11 @@ class User {
}
public
function
set_admin_institutions
(
$institutions
)
{
$this
->
set
(
'admininstitutions'
,
array_combine
(
$institutions
,
$institutions
));
if
(
empty
(
$institutions
))
{
$this
->
set
(
'admininstitutions'
,
array
());
}
else
{
$this
->
set
(
'admininstitutions'
,
array_combine
(
$institutions
,
$institutions
));
}
}
public
function
add_institution_request
(
$institution
,
$studentid
=
null
)
{
...
...
@@ -588,7 +591,10 @@ class LiveUser extends User {
return
$this
;
}
protected
function
reloadLiveUser
(
$id
)
{
protected
function
reloadLiveUser
(
$id
=
null
)
{
if
(
is_null
(
$id
))
{
$id
=
$this
->
get
(
'id'
);
}
$this
->
commit
();
$this
->
find_by_id
(
$id
);
$this
->
activityprefs
=
load_activity_preferences
(
$id
);
...
...
@@ -628,5 +634,12 @@ class LiveUser extends User {
return
$id
;
}
public
function
leave_institution
(
$institution
)
{
parent
::
leave_institution
(
$institution
);
$this
->
find_by_id
(
$this
->
get
(
'id'
));
$this
->
reset_institutions
();
}
}
?>
htdocs/lang/en.utf8/mahara.php
View file @
ae894987
...
...
@@ -249,6 +249,41 @@ $string['forgotpasswordenternew'] = 'Please enter your new password to continue'
$string
[
'nosuchpasswordrequest'
]
=
'No such password request'
;
$string
[
'passwordchangedok'
]
=
'Your password was successfully changed'
;
// Reset password when moving from external to internal auth.
$string
[
'noinstitutionsetpassemailsubject'
]
=
'%s: Membership of %s'
;
$string
[
'noinstitutionsetpassemailmessagetext'
]
=
'Dear %s,
You are no longer a member of %s.
You may continue to use %s with your current username %s, but you must set a new password for your account.
Please follow the link below to continue the reset process.
'
.
get_config
(
'wwwroot'
)
.
'forgotpass.php?key=%s
If you have any questsions regarding the above, please feel free to contact
us.
'
.
get_config
(
'wwwroot'
)
.
'contact.php
Regards, %s Site Administrator
'
.
get_config
(
'wwwroot'
)
.
'forgotpass.php?key=%s'
;
$string
[
'noinstitutionsetpassemailmessagehtml'
]
=
'<p>Dear %s,</p>
<p>You are no longer a member of %s.</p>
<p>You may continue to use %s with your current username %s, but you must set a new password for your account.</p>
<p>Please follow the link below to continue the reset process.</p>
<p><a href="'
.
get_config
(
'wwwroot'
)
.
'forgotpass.php?key=%s">'
.
get_config
(
'wwwroot'
)
.
'forgotpass.php?key=%s</a></p>
<p>If you have any questsions regarding the above, please feel free to <a href="'
.
get_config
(
'wwwroot'
)
.
'contact.php">contact us</a>.</p>
<p>Regards, %s Site Administrator</p>
<p><a href="'
.
get_config
(
'wwwroot'
)
.
'forgotpass.php?key=%s">'
.
get_config
(
'wwwroot'
)
.
'forgotpass.php?key=%s</a></p>'
;
// Expiry times
$string
[
'noenddate'
]
=
'No end date'
;
$string
[
'day'
]
=
'day'
;
...
...
htdocs/lib/institution.php
View file @
ae894987
...
...
@@ -306,10 +306,82 @@ class Institution {
db_commit
();
}
public
function
removeMembers
(
$userids
)
{
// Remove self last.
global
$USER
;
$users
=
get_records_select_array
(
'usr'
,
'id IN ('
.
join
(
','
,
$userids
)
.
')'
);
$removeself
=
false
;
foreach
(
$users
as
$user
)
{
if
(
$user
->
id
==
$USER
->
id
)
{
$removeself
=
true
;
continue
;
}
$this
->
removeMember
(
$user
);
}
if
(
$removeself
)
{
$USER
->
leave_institution
(
$this
->
name
);
}
}
public
function
removeMember
(
$user
)
{
$userid
=
is_object
(
$user
)
?
$user
->
id
:
$user
;
delete_records
(
'usr_institution'
,
'usr'
,
$userid
,
'institution'
,
$this
->
name
);
handle_event
(
'updateuser'
,
$userid
);
if
(
is_numeric
(
$user
))
{
$user
=
get_record
(
'usr'
,
'id'
,
$user
);
}
db_begin
();
// If the user is being authed by the institution they are
// being removed from, change them to internal auth
$authinstances
=
get_records_select_assoc
(
'auth_instance'
,
"
institution IN ('mahara','"
.
$this
->
name
.
"')"
);
$oldauth
=
$user
->
authinstance
;
if
(
isset
(
$authinstances
[
$oldauth
])
&&
$authinstances
[
$oldauth
]
->
institution
==
$this
->
name
)
{
foreach
(
$authinstances
as
$ai
)
{
if
(
$ai
->
instancename
==
'internal'
&&
$ai
->
institution
==
'mahara'
)
{
$user
->
authinstance
=
$ai
->
id
;
break
;
}
}
delete_records
(
'auth_remote_user'
,
'authinstance'
,
$oldauth
,
'localusr'
,
$user
->
id
);
// If the old authinstance was external, the user may need
// to set a password
if
(
$user
->
password
==
''
)
{
log_debug
(
'resetting pw for '
.
$user
->
id
);
$this
->
removeMemberSetPassword
(
$user
);
}
update_record
(
'usr'
,
$user
);
}
delete_records
(
'usr_institution'
,
'usr'
,
$user
->
id
,
'institution'
,
$this
->
name
);
handle_event
(
'updateuser'
,
$user
->
id
);
db_commit
();
}
/**
* Reset user's password, and send them a password change email
*/
private
function
removeMemberSetPassword
(
&
$user
)
{
global
$SESSION
,
$USER
;
if
(
$user
->
id
==
$USER
->
id
)
{
$user
->
passwordchange
=
1
;
return
;
}
try
{
$pwrequest
=
new
StdClass
;
$pwrequest
->
usr
=
$user
->
id
;
$pwrequest
->
expiry
=
db_format_timestamp
(
time
()
+
86400
);
$pwrequest
->
key
=
get_random_key
();
$sitename
=
get_config
(
'sitename'
);
$fullname
=
display_name
(
$user
,
null
,
true
);
email_user
(
$user
,
null
,
get_string
(
'noinstitutionsetpassemailsubject'
,
'mahara'
,
$sitename
,
$this
->
displayname
),
get_string
(
'noinstitutionsetpassemailmessagetext'
,
'mahara'
,
$fullname
,
$this
->
displayname
,
$sitename
,
$user
->
username
,
$pwrequest
->
key
,
$sitename
,
$pwrequest
->
key
),
get_string
(
'noinstitutionsetpassemailmessagehtml'
,
'mahara'
,
$fullname
,
$this
->
displayname
,
$sitename
,
$user
->
username
,
$pwrequest
->
key
,
$pwrequest
->
key
,
$sitename
,
$pwrequest
->
key
,
$pwrequest
->
key
));
insert_record
(
'usr_password_request'
,
$pwrequest
);
}
catch
(
SQLException
$e
)
{
$SESSION
->
add_error_msg
(
get_string
(
'forgotpassemailsendunsuccessful'
));
}
catch
(
EmailException
$e
)
{
$SESSION
->
add_error_msg
(
get_string
(
'forgotpassemailsendunsuccessful'
));
}
}
public
function
countMembers
()
{
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment