Commit b523f6e7 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Allow remote auth username to be changed by admins

parent bcddc472
...@@ -130,6 +130,7 @@ if ($USER->get('admin')) { ...@@ -130,6 +130,7 @@ if ($USER->get('admin')) {
$elements['quota'] = array( $elements['quota'] = array(
'type' => 'bytes', 'type' => 'bytes',
'title' => get_string('filequota','admin'), 'title' => get_string('filequota','admin'),
'rules' => array('integer' => true),
'defaultvalue' => $user->quota, 'defaultvalue' => $user->quota,
); );
...@@ -137,9 +138,13 @@ $authinstances = auth_get_auth_instances(); ...@@ -137,9 +138,13 @@ $authinstances = auth_get_auth_instances();
if (count($authinstances) > 1) { if (count($authinstances) > 1) {
$options = array(); $options = array();
$external = false;
foreach ($authinstances as $authinstance) { foreach ($authinstances as $authinstance) {
if ($USER->can_edit_institution($authinstance->name)) { if ($USER->can_edit_institution($authinstance->name)) {
$options[$authinstance->id] = $authinstance->displayname. ': '.$authinstance->instancename; $options[$authinstance->id] = $authinstance->displayname. ': '.$authinstance->instancename;
if ($authinstance->authname != 'internal') {
$external = true;
}
} }
} }
...@@ -150,7 +155,17 @@ if (count($authinstances) > 1) { ...@@ -150,7 +155,17 @@ if (count($authinstances) > 1) {
'options' => $options, 'options' => $options,
'defaultvalue' => $user->authinstance, 'defaultvalue' => $user->authinstance,
); );
if ($external) {
$un = get_field('auth_remote_user', 'remoteusername', 'authinstance', $user->authinstance, 'localusr', $user->id);
$elements['remoteusername'] = array(
'type' => 'text',
'title' => get_string('remoteusername', 'admin'),
'rules' => array('regex' => '/^[a-zA-Z]+[0-9a-zA-Z\.-]*$/'),
'defaultvalue' => $un ? $un : $user->username,
);
}
} }
} }
$elements['submit'] = array( $elements['submit'] = array(
...@@ -189,7 +204,12 @@ function edituser_site_submit(Pieform $form, $values) { ...@@ -189,7 +204,12 @@ function edituser_site_submit(Pieform $form, $values) {
// Authinstance can be changed by institutional admins if both the // Authinstance can be changed by institutional admins if both the
// old and new authinstances belong to the admin's institutions // old and new authinstances belong to the admin's institutions
if (isset($values['authinstance']) && $values['authinstance'] != $user->authinstance) { $remotename = get_field('auth_remote_user', 'remoteusername', 'authinstance', $user->authinstance, 'localusr', $user->id);
if (!$remotename) {
$remotename = $user->username;
}
if (isset($values['authinstance']) && ($values['authinstance'] != $user->authinstance
|| $values['remoteusername'] != $remotename)) {
$authinst = get_records_select_assoc('auth_instance', 'id = ? OR id = ?', $authinst = get_records_select_assoc('auth_instance', 'id = ? OR id = ?',
array($values['authinstance'], $user->authinstance)); array($values['authinstance'], $user->authinstance));
if ($USER->get('admin') || if ($USER->get('admin') ||
...@@ -197,9 +217,15 @@ function edituser_site_submit(Pieform $form, $values) { ...@@ -197,9 +217,15 @@ function edituser_site_submit(Pieform $form, $values) {
$USER->is_institutional_admin($authinst[$user->authinstance]->institution))) { $USER->is_institutional_admin($authinst[$user->authinstance]->institution))) {
delete_records('auth_remote_user', 'authinstance', $user->authinstance, 'localusr', $user->id); delete_records('auth_remote_user', 'authinstance', $user->authinstance, 'localusr', $user->id);
if ($authinst[$values['authinstance']]->authname != 'internal') { if ($authinst[$values['authinstance']]->authname != 'internal') {
if (isset($values['remoteusername']) && strlen($values['remoteusername']) > 0) {
$un = $values['remoteusername'];
}
else {
$un = $remotename;
}
insert_record('auth_remote_user', (object) array( insert_record('auth_remote_user', (object) array(
'authinstance' => $values['authinstance'], 'authinstance' => $values['authinstance'],
'remoteusername' => $user->username, 'remoteusername' => $un,
'localusr' => $user->id, 'localusr' => $user->id,
)); ));
} }
......
...@@ -416,7 +416,8 @@ function auth_get_auth_instances() { ...@@ -416,7 +416,8 @@ function auth_get_auth_instances() {
i.id, i.id,
inst.name, inst.name,
inst.displayname, inst.displayname,
i.instancename i.instancename,
i.authname
FROM FROM
{institution} inst, {institution} inst,
{auth_instance} i {auth_instance} i
......
...@@ -295,6 +295,7 @@ $string['registrationalloweddescription'] = 'Whether users can register for the ...@@ -295,6 +295,7 @@ $string['registrationalloweddescription'] = 'Whether users can register for the
$string['defaultmembershipperiod'] = 'Default membership period'; $string['defaultmembershipperiod'] = 'Default membership period';
$string['defaultmembershipperioddescription'] = 'How long new members remain associated with the institution'; $string['defaultmembershipperioddescription'] = 'How long new members remain associated with the institution';
$string['authenticatedby'] = 'Authentication Method'; $string['authenticatedby'] = 'Authentication Method';
$string['remoteusername'] = 'Username for external authentication';
$string['institutionsettings'] = 'Institution Settings'; $string['institutionsettings'] = 'Institution Settings';
$string['changeinstitution'] = 'Change Institution'; $string['changeinstitution'] = 'Change Institution';
$string['institutionstaff'] = 'Institution Staff'; $string['institutionstaff'] = 'Institution Staff';
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment