GitLab

Bug 1399464: $values param must be an array

Change-Id: Ia865e42641830400fffeb3950f6cbe4fbed7ccbb
Signed-off-by: Son Nguyen <son.nguyen@catalyst.net.nz>

- Added ability to self import and import via admin the socialprofile
fields, whether the leap2a file is made with this patch or with older
mahara

- Note: the msn messaging profile will not import into the new system
as it is obsolete

Change-Id: I858acc6c71af61c689e6760991dc00f983b913ac
Signed-off-by: Gregor Anzelj <gregor.anzelj@gmail.com>

Add support for having a CSV (or other file type) filter
in the File control generated by Pieforms, and use it for
the forms for uploading users, groups and group memberships.

Note that support for the accept attribute in browsers is
patchy. This will have no effect in the Chromium and Firefox
versions current at the time of preparation, but has been
successfully tested in Chrome.

Change-Id: Ib5cf42be4e054f31086e9db9cda15473e86df7a3
Signed-off-by: Nigel Cunningham <nigelc@catalyst-au.net>

Various lang string fixes right before RC1

Change-Id: If25cca56b8dd6fff16d586f58d9df9b02fcde31f
Signed-off-by: Kristina D.C. Hoeppner <kristina@catalyst.net.nz>

The way that bulk user csv upload works the authinstance is set for
all users on the csv via institution field in the upload form so we
don't need that column in the csv file.

Same with mail disabled - there is a checkbox on the form that we can
tick/untick to deal with that.

So I've got the system to not display those options on the choices list.

Change-Id: Ib2b3e2f19ee0f8aeed03c7dc04af076721ce8b41
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

As vetted in the May 2014 dev meeting
http://meetbot.mahara.org/mahara-dev/2014/mahara-dev.2014-05-01-08.01.log.html

Change-Id: I353ed74d69a5346fbe4e8e521e5c349dbe8dcbac

Sometimes you just don't have all the data when you are adding users via
csv but you have enough to create a user. So will remove the checking
of mandatory fields - to be in line with 'Add user' page.

Change-Id: I2e2758e6cc82483f0c4c7899fd1bab049c052b8f
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

- also the bug mentions in comment #4 an Object warning
but I couldn't duplicate in testing with v1.8

Change-Id: I59960f9f717154d710de844546cef9cda29f17f3
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

- have updated copyright for the pages that had existing copyright
notices (except for the lib/pieforms/ section as i'm not too sure if
that needs changing as it is a different Catalyst IT product)

Change-Id: I11c65ad26cb9cd856cf16b1dccbd4223ba086645
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>
Signed-off-by: Aaron Wells <aaronw@catalyst.net.nz>

Trying to pass stdClass Object rather than the wanted username string

Change-Id: Ide5323d239854fa0d131c3941731432e81c7d0d7
Signed-off-by: rlyon <rlyon@paradise.net.nz>

Some missing fields in CSV file for updating users causes this
warning:

1. firstname
2. lastname
3. password
4. email
5. username

Change-Id: Ie26a5c53c6af94c3c18d399bf2170caf63053f70
Signed-off-by: Son Nguyen <son.nguyen@catalyst.net.nz>

When you want to add / update users by CSV, you always need to provide
a password. This is fine for adding users but not when you just want
to update some of their fields.

When updating users, the password should not be required field.

Change-Id: Ie907b860f8b8c6c69e58c11689e9e8614914d207
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

"File quota" should not have MB added to it because
usually we have a dropdown which can show the quota in
B, KB, MB, GB.

Change-Id: Ia34e2795373c55881856204d2b61d54bc97150fb
Signed-off-by: Kristina D.C. Hoeppner <kristina@catalyst.net.nz>

When uploading users from a csv file, the remote usernames given in
the file are checked for duplicates.  When a duplicate is found,
get_string is called to generate the error message using the string
key 'uploadcsverrorremoteusertaken', but in two of three instances, it
is called with too few arguments to sprintf.  Sometimes this results
in no error being reported to the user at all.

The error is fixed here by creating a new string without the second
argument for the first call, and by passing the additional argument in
the second call.

Change-Id: Iff93385dee206394c74b1d6b1ad9484e90026dd4
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

When a user csv file with a missing username is uploaded, you get a
"Site unavailable" error instead of a helpful error message because
the validation function attempts to check for duplicates. The
duplicate username check should be skipped when the username is empty.

Change-Id: I59424d51c1b8ab72bbb4b14a33f4e55d2332e156
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

This changes the internal authentication plugin to use
bcrypt instead of sha1.

It also introduces a fast hash (SHA512) for bulk operations.
This hash is updated on user login to the bcrypt hash.

Bug #843568

See https://wiki.mahara.org/index.php/Developer_Area/Specifications_in_Development/Improve_Password_Storage

Change-Id: Ibf2f71bb5b5a5279dbc16ccda781ad99e81c59b8
Signed-off-by: Hugh Davenport <hugh@catalyst.net.nz>

This allows $cfg->maxusercsvlines to be specified in config.php to
stop admins and institutional admins from uploading large csv files.
This is potentially useful on large multi-user sites.

And until such time as we can reduce the amount of memory used by the
create_user function, setting this option will provide the user with
some feedback on csv upload failure (because we can't easily trap the
php out-of-memory error).

See also bug #548042.

This commit also adds a call to set_time_limit() after processing each
user, so that the script doesn't fail due to php's max. execution
time.

Change-Id: I662231288c7d0c6e70602c548123f12c63427a97
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

The patch to update existing users by csv (commit 2f632f79) uses
get_record to check whether email addresses are taken, stupidly
assuming that email addresses are unique. This throws an SQLException
when there are two users already on the site who have the same email
address.

This patch allows the csv update to succeed when one of the existing
emails is already owned by the user specified in the csv line.

Change-Id: I2212907dfbd30de37cd26c6f6504989b36a574e0
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Change-Id: I3b5985a5d4c6cdea7462489598cd9c17679aa75d
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Bug #810302

Enable links to multiple auth instances to be maintained so that
users can have dual login eg: internal + auth/saml etc.

Improve validation around switching auth_instance and
changing the remoteuser at the same time.

Add checks to ensure remoteuser does not get clobbered by update
for another user.  Allow override for the CVS upload case (file == unit
of update).

Change-Id: I5321c0270aeaa93bd193e8e759b08ab7f8b50ded
Signed-off-by: Piers Harding <piers@catalyst.net.nz>

Bug #806777

General account options/settings added to functionality for manually adding a
single user, as well as adding users via CSV.

These are exactly the same settings as found in the 'General account options'
section on the Settings page.

Change-Id: I4fa5b50a588abc4747098f6dce186f600f73097f
Signed-off-by: Eugene Venter <eugene@catalyst.net.nz>

Change-Id: Ieb555235607f35f8586eb0d2e383550fdae5a683
Signed-off-by: Hugh Davenport <hugh@catalyst.net.nz>

Bug #802313

Regression introduced in 4eb7374f

global $USER was not added to some methods that needed it

Change-Id: I31a09fe098dc44db2caff15350d9e3604b5d3802
Signed-off-by: Hugh Davenport <hugh@catalyst.net.nz>

When institutional admins try to add/edit users,
the default quota value passed in the form was a string
ie. 50MB

This fix changes it so that if institutionaloverride is disabled
and the user is not a site admin, then don't set the quota

Change-Id: Idc1607dac992fe3a0bde8996659f90441d1c4753
Signed-off-by: Hugh Davenport <hugh@catalyst.net.nz>

Change-Id: I9783aab92858cf1827609497d026aebd30cad36e
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Change-Id: I17ccc4e7297fed5ec828047b72e4835296338489
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Adds an 'Update Users' checkbox to the CSV upload page.  When checked,
users on the site whose usernames appear in the CSV file will have their
details overwritten by the values in the CSV file.

To be updated, existing users must be in the same institution as the one
specified in the upload form.

Change-Id: Ia47f7034adbade21dd26f455c356f58ed7bbf730
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Change-Id: I83c4ba70d69724bca120bbd757732fb34a23192e
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Change-Id: I4c2dc5beff99e5540196b25cd87357b15d226169
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

This will be useful for doing multiple passes of the csv file, but
keeping errors together when they're associated with a particular
line number.

Change-Id: I6f3fe7049878cf32e2a562adea0f318849f15535
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Also add in default quota for each institution

Change-Id: Ibfdd5a10990e9c6a936b9ad5921f734df1f5c805
Signed-off-by: Hugh Davenport <hugh@catalyst.net.nz>

Change-Id: I942af2136aaf82c68d260c10ccfb4d3725c359da
Signed-off-by: Hugh Davenport <hugh@catalyst.net.nz>

These closing tags are unnecessary and against our coding
guidelines. Let's get rid of them all in one go.

Change-Id: Ia94f103e525185597ee3780a3839d7577cdd0c29
Signed-off-by: Francois Marier <francois@catalyst.net.nz>

The admin page did not verify the username before submitting the form
This change adds in the verification of the form.

Bug #776887

Change-Id: I22b221b951eec5a0b697c9a0c38f153b1b8721b7
Signed-off-by: Hugh Davenport <hugh@catalyst.net.nz>

This is to allow the uploadcsv function to honour the 'Force password change?' selection

Change-Id: I085b257ecb02d38185615f23dcd7534682311a3d
Signed-off-by: Darryl Hamilton <darrylh@catalyst.net.nz>

Change-Id: I6a6e00c3d58c12520f17fc05b9f0086c0d42ddb9
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

- allow remoteuser to be set on CSV upload.
- allow remote user to be set for internal auth types.
Signed-off-by: Piers Harding <piers@catalyst.net.nz>

Temporarily disable institution membership emails during CSV user creation when the admin has turned emails off
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

* encrypt passwords on user add, edit and imports
* upgrade to encrypt and add salt to all existing cleartext passwords
* update validate_password to prevent successful validation of cleartext passwords with no salt
Signed-off-by: Eugene Venter <eugene@catalyst.net.nz>

Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>