Skip to content
Snippets Groups Projects
Commit d846efe4 authored by Sergio Vergata's avatar Sergio Vergata
Browse files

Initial Commit added new Plugins for moodle

parent 9b55f03c
No related branches found
No related tags found
No related merge requests found
Showing
with 2626 additions and 0 deletions
language: php
addons:
postgresql: "9.6"
services:
- mysql
- postgresql
- docker
cache:
directories:
- $HOME/.composer/cache
- $HOME/.npm
php:
- 7.2
- 7.3
- 7.4
env:
global:
- MOODLE_BRANCH=MOODLE_310_STABLE
matrix:
- DB=pgsql
- DB=mysqli
before_install:
- phpenv config-rm xdebug.ini
- cd ../..
- composer create-project -n --no-dev --prefer-dist moodlehq/moodle-plugin-ci ci ^3
- export PATH="$(cd ci/bin; pwd):$(cd ci/vendor/bin; pwd):$PATH"
install:
- moodle-plugin-ci install
script:
- moodle-plugin-ci phplint
- moodle-plugin-ci phpcpd
- moodle-plugin-ci phpmd
- moodle-plugin-ci codechecker
- moodle-plugin-ci validate
- moodle-plugin-ci savepoints
- moodle-plugin-ci mustache
- moodle-plugin-ci grunt
- moodle-plugin-ci phpdoc
- moodle-plugin-ci phpunit
- moodle-plugin-ci behat --dump
moodle-auth_ldap_syncplus
=========================
Changes
-------
### v3.10-r1
* 2020-12-11 - Adopt code changes from Moodle 3.10 core auth_ldap.
* 2020-12-11 - Prepare compatibility for Moodle 3.10.
* 2020-12-10 - Change in Moodle release support:
For the time being, this plugin is maintained for the most recent LTS release of Moodle as well as the most recent major release of Moodle.
Bugfixes are backported to the LTS release. However, new features and improvements are not necessarily backported to the LTS release.
* 2020-12-10 - Improvement: Declare which major stable version of Moodle this plugin supports (see MDL-59562 for details).
### v3.9-r1
* 2020-09-18 - Prepare compatibility for Moodle 3.9.
* 2020-02-26 - Added Behat tests.
### v3.8-r1
* 2020-02-19 - Adopt code changes Moodle 3.8 core auth_ldap.
* 2020-02-19 - Prepare compatibility for Moodle 3.8.
### v3.7-r1
* 2019-08-15 - Make codechecker happy.
* 2019-08-15 - Prepare compatibility for Moodle 3.7.
### v3.6-r1
* 2019-01-29 - Check compatibility for Moodle 3.6, no functionality change.
### v3.5-r2
* 2019-01-29 - Adopt code changes Moodle 3.5 core auth_ldap (MDL-63887).
* 2018-12-05 - Changed travis.yml due to upstream changes.
### v3.5-r1
* 2018-06-25 - Bugfix: Creating users and first logins resulted in a fatal error in 3.5 because of a visibility change of update_user_record() in Moodle core.
* 2018-06-25 - Check compatibility for Moodle 3.5, no functionality change.
### v3.4-r4
* 2018-05-16 - Implement Privacy API.
### v3.4-r3
* 2018-02-07 - Bugfix: Login via email for first-time LDAP logins did not work if multiple LDAP contexts were configured; Credits to derhelge.
### v3.4-r2
* 2018-02-07 - Add forgotten sync_roles task definition
### v3.4-r1
* 2018-02-07 - Adopt code changes in Moodle 3.4 core auth_ldap: Assign arbitrary system roles via LDAP sync.
* 2018-02-06 - Check compatibility for Moodle 3.4, no functionality change.
### v3.3-r1
* 2018-02-02 - Adopt code changes in Moodle 3.3 core auth_ldap: Sync user profile fields
* 2018-02-02 - Adopt code changes in Moodle 3.3 core auth_ldap: Convert auth plugins to use settings.php. Please double-check your plugin settings after upgrading to this version.
* 2017-12-12 - Prepare compatibility for Moodle 3.3, no functionality change.
* 2017-12-05 - Added Workaround to travis.yml for fixing Behat tests with TravisCI.
* 2017-11-08 - Updated travis.yml to use newer node version for fixing TravisCI error.
### v3.2-r4
* 2017-05-29 - Add Travis CI support
### v3.2-r3
* 2017-05-05 - Improve README.md
### v3.2-r2
* 2017-03-03 - Adopt code changes in Moodle 3.2 core auth_ldap
### v3.2-r1
* 2017-01-13 - Check compatibility for Moodle 3.2, no functionality change
* 2017-01-13 - Adopt code changes in Moodle 3.2 core auth_ldap
* 2017-01-12 - Move Changelog from README.md to CHANGES.md
### v3.1-r1
* 2016-07-19 - Adopt code changes in Moodle core auth_ldap, adding the possibility to sync the "suspended" attribute
* 2016-07-19 - Check compatibility for Moodle 3.1, no functionality change
### Changes before v3.1
* 2016-03-20 - Edit README to reflect the current naming of the User account syncronisation setting, no functionality change
* 2016-02-10 - Change plugin version and release scheme to the scheme promoted by moodle.org, no functionality change
* 2016-01-01 - Adopt code changes in Moodle core auth_ldap, including the new scheduled task feature. If you have used a LDAP syncronization cron job before, please use the LDAP syncronisation scheduled task from now on (for details, see "Configuring LDAP synchronization task" section below)
* 2016-01-01 - Check compatibility for Moodle 3.0, no functionality change
* 2015-08-18 - Check compatibility for Moodle 2.9, no functionality change
* 2015-08-18 - Adopt a code change in Moodle core auth_ldap
* 2015-01-29 - Check compatibility for Moodle 2.8, no functionality change
* 2015-01-23 - Adopt a code change in Moodle core auth_ldap
* 2014-10-08 - Adopt a code change in Moodle core auth_ldap
* 2014-09-12 - Bugfix: Fetching user details from LDAP on manual user creation didn't work in some circumstances
* 2014-09-02 - Bugfix: Check if LDAP auth is really used on manual user creation
* 2014-08-29 - Support login via email for first-time LDAP logins (MDL-46638)
* 2014-08-29 - Update version.php
* 2014-08-29 - Update README file
* 2014-08-27 - Change line breaks to mtrace() (MDL-30589)
* 2014-08-25 - Support new event API, remove legacy event handling
* 2014-07-31 - Add event handler for "user_created" event (see "Fetching user details from LDAP on manual user creation" below for details - MDL-47029)
* 2014-06-30 - Check compatibility for Moodle 2.7, no functionality change
* 2014-03-12 - Initial version
This diff is collapsed.
moodle-auth_ldap_syncplus
=========================
[![Build Status](https://travis-ci.com/moodleuulm/moodle-auth_ldap_syncplus.svg?branch=master)](https://travis-ci.com/moodleuulm/moodle-auth_ldap_syncplus)
Moodle authentication plugin which provides all functionality of auth_ldap, but supports advanced features for the LDAP synchronization task and LDAP authentication.
Requirements
------------
This plugin requires Moodle 3.10+
Motivation for this plugin
--------------------------
Moodle core's auth_ldap authentication plugin is a great basis for authenticating users in Moodle. However, as Moodle core's auth_ldap is somehow limited in several aspects and there is no prospect to have it improved in Moodle core, we have implemented an extended version for LDAP authentication with these key features:
* The most important part: All functions from auth_ldap are still working if you use this authentication plugin.
* The plugin adds the possibility to the LDAP synchronization task to suspend users which have disappeared in LDAP for a configurable amount of days and delete them only after this grace period (the Moodle core LDAP synchronization task only provides you the option to suspend _or_ delete users which have disappeared in LDAP - MDL-47018).
* You can prevent the LDAP synchronization task from creating Moodle accounts for all LDAP users if they have never logged into Moodle before (the Moodle core LDAP synchronization task always creates Moodle accounts for all LDAP users - MDL-29249).
* You can fetch user details from LDAP on manual user creation (MDL-47029).
* It supports login via email for first-time LDAP logins (Moodle core only supports login via email for existing Moodle users - MDL-46638)
* It adds several line breaks to the output of the LDAP synchronization task to improve readability (MDL-30589).
Installation
------------
Install the plugin like any other plugin to folder
/auth/ldap_syncplus
See http://docs.moodle.org/en/Installing_plugins for details on installing Moodle plugins
Usage & Settings
----------------
After installing the plugin, it does not do anything to Moodle yet.
To configure the plugin and its behaviour, please visit:
Site administration -> Plugins -> Authentication -> Manage authentication -> LDAP server (Sync Plus)
There, you configure the plugin with the same settings like you would configure the Moodle core LDAP authentication method.
Please note that there are additional setting items in settings section "User account synchronisation" compared to the Moodle core LDAP authentication method:
### 1. Removed ext user
The setting "Removed ext user" has an additional option called "Suspend internal and fully delete internal after grace period". If you select this option, the synchronization task will suspend users which have disappeared in LDAP for a configurable amount of days and delete them only after this grace period. If the user reappears in LDAP within the grace period, his Moodle account is revived and he can login again into Moodle as he did before.
### 2. Fully deleting grace period
With the setting "Fully deleting grace period" (Default: 10 days), you can control the length of the grace period until a user account is fully deleted after it has disappeared from LDAP.
### 3. Add new users
With the setting "Add new users" (Default: yes), you can prevent the synchronization task from creating Moodle accounts for all LDAP users if they have never logged into Moodle before.
After configuring the LDAP server (Sync Plus) authentication method, you have to activate the plugin on Site administration -> Plugins -> Authentication -> Manage authentication so that users can be authenticated with this authentication method. Afterwards, you can deactivate the Moodle core LDAP authentication method as it is not needed anymore actively.
Configuring LDAP User account synchronisation
---------------------------------------------
To leverage the additional LDAP synchronization features of auth_ldap_syncplus, you have to disable the scheduled task of the Moodle core auth_ldap plugin and activate and configure the scheduled task of auth_ldap_syncplus. This is done on Site administration -> Server -> Scheduled tasks.
If you don't know how to setup LDAP User account synchronisation at all, see https://docs.moodle.org/en/LDAP_authentication#Enabling_the_LDAP_users_sync_job.
Configuring LDAP User role synchronisation
------------------------------------------
In addition to the LDAP user account synchronisation, there is a LDAP user role synchronisation. LDAP user role synchronisation task in auth_ldap_syncplus does not provide any benefits over the LDAP user role synchronisation in Moodle core auth_ldap yet. However, to keep things in one place and if you want to synchronize LDAP user roles, you should activate and configure the scheduled task of auth_ldap_syncplus instead of auth_ldap. This is done on Site administration -> Server -> Scheduled tasks.
If you don't know about the LDAP user role synchronisation at all, see https://docs.moodle.org/en/LDAP_authentication#Assign_system_roles.
Migrating from auth_ldap to auth_ldap_syncplus
----------------------------------------------
If you already have users in your Moodle installation who authenticate using the auth_ldap authentication method and want to switch them to auth_ldap_syncplus, proceed this way:
* Configure auth_ldap_syncplus as an _additional_ authentication method while keeping auth_ldap activated.
* Create a test user and set his authentication method to auth_ldap_syncplus. Test if this user is able to log into Moodle properly.
* Switch all existing users to the auth_ldap_syncplus authentication method by running the following SQL command in your Moodle database:
`UPDATE mdl_user SET auth='ldap_syncplus' WHERE auth='ldap'`
* Disable auth_ldap authentication method.
Fetching user details from LDAP on manual user creation
-------------------------------------------------------
Normally, when a new user logs into Moodle for the first time and a Moodle account is automatically created, Moodle pulls the user's details from LDAP and stores them in the Moodle user profile according to the LDAP plugin's settings.
auth_ldap_syncplus extends this behaviour of pulling user details from LDAP:
With auth_ldap_syncplus, you can create an user manually on Site administration -> Users -> Accounts -> Add a new user. The only thing you have to specify correctly is the username (which corresponds to the username in LDAP). All other details like first name or email address can be filled with placeholder content. After you click the "Create user" button, Moodle pulls the other user's details from LDAP and creates the user account correctly with the details from LDAP.
This feature is enabled automatically and can be used as soon as you are using auth_ldap_syncplus as your LDAP authentication plugin like described above.
How this plugin works
---------------------
This plugin is implemented with minimal code duplication in mind. It inherits / requires as much code as possible from auth_ldap and only implements the extended functionalities.
Theme support
-------------
This plugin acts behind the scenes, therefore it should work with all Moodle themes.
This plugin is developed and tested on Moodle Core's Boost theme.
It should also work with Boost child themes, including Moodle Core's Classic theme. However, we can't support any other theme than Boost.
Plugin repositories
-------------------
This plugin is published and regularly updated in the Moodle plugins repository:
http://moodle.org/plugins/view/auth_ldap_syncplus
The latest development version can be found on Github:
https://github.com/moodleuulm/moodle-auth_ldap_syncplus
Bug and problem reports / Support requests
------------------------------------------
This plugin is carefully developed and thoroughly tested, but bugs and problems can always appear.
Please report bugs and problems on Github:
https://github.com/moodleuulm/moodle-auth_ldap_syncplus/issues
We will do our best to solve your problems, but please note that due to limited resources we can't always provide per-case support.
Feature proposals
-----------------
Due to limited resources, the functionality of this plugin is primarily implemented for our own local needs and published as-is to the community. We are aware that members of the community will have other needs and would love to see them solved by this plugin.
Please issue feature proposals on Github:
https://github.com/moodleuulm/moodle-auth_ldap_syncplus/issues
Please create pull requests on Github:
https://github.com/moodleuulm/moodle-auth_ldap_syncplus/pulls
We are always interested to read about your feature proposals or even get a pull request from you, but please accept that we can handle your issues only as feature _proposals_ and not as feature _requests_.
Moodle release support
----------------------
Due to limited resources, this plugin is only maintained for the most recent major release of Moodle as well as the most recent LTS release of Moodle. Bugfixes are backported to the LTS release. However, new features and improvements are not necessarily backported to the LTS release.
Apart from these maintained releases, previous versions of this plugin which work in legacy major releases of Moodle are still available as-is without any further updates in the Moodle Plugins repository.
There may be several weeks after a new major release of Moodle has been published until we can do a compatibility check and fix problems if necessary. If you encounter problems with a new major release of Moodle - or can confirm that this plugin still works with a new major release - please let us know on Github.
If you are running a legacy version of Moodle, but want or need to run the latest version of this plugin, you can get the latest version of the plugin, remove the line starting with $plugin->requires from version.php and use this latest plugin version then on your legacy Moodle. However, please note that you will run this setup completely at your own risk. We can't support this approach in any way and there is an undeniable risk for erratic behavior.
Translating this plugin
-----------------------
This Moodle plugin is shipped with an english language pack only. All translations into other languages must be managed through AMOS (https://lang.moodle.org) by what they will become part of Moodle's official language pack.
As the plugin creator, we manage the translation into german for our own local needs on AMOS. Please contribute your translation into all other languages in AMOS where they will be reviewed by the official language pack maintainers for Moodle.
Right-to-left support
---------------------
This plugin has not been tested with Moodle's support for right-to-left (RTL) languages.
If you want to use this plugin with a RTL language and it doesn't work as-is, you are free to send us a pull request on Github with modifications.
Contribution to Moodle Core
---------------------------
There is a Moodle tracker ticket on https://tracker.moodle.org/browse/MDL-47030 which proposes to add the improved features of this plugin to Moodle core auth_ldap plugin.
Please vote for this ticket if you want to have this realized.
PHP7 Support
------------
Since Moodle 3.4 core, PHP7 is mandatory. We are developing and testing this plugin for PHP7 only.
Copyright
---------
Ulm University
Communication and Information Centre (kiz)
Alexander Bias
This diff is collapsed.
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth plugin "LDAP SyncPlus" - Privacy provider
*
* @package auth_ldap_syncplus
* @copyright 2018 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_ldap_syncplus\privacy;
defined('MOODLE_INTERNAL') || die();
/**
* Privacy Subsystem implementing null_provider.
*
* @package auth_ldap_syncplus
* @copyright 2018 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class provider implements \core_privacy\local\metadata\null_provider {
/**
* Get the language string identifier with the component's language
* file to explain why this plugin stores no data.
*
* @return string
*/
public static function get_reason() : string {
return 'privacy:metadata';
}
}
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth plugin "LDAP SyncPlus" - Task definition
*
* @package auth_ldap_syncplus
* @copyright 2014 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_ldap_syncplus\task;
defined('MOODLE_INTERNAL') || die;
/**
* The auth_ldap_syncplus scheduled task class for LDAP roles sync
*
* @package auth_ldap_syncplus
* @copyright 2014 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class sync_roles extends \core\task\scheduled_task {
/**
* Return localised task name.
*
* @return string
*/
public function get_name() {
return get_string('syncroles', 'auth_ldap_syncplus');
}
/**
* Execute scheduled task
*
* @return boolean
*/
public function execute() {
global $DB;
if (is_enabled_auth('ldap_syncplus')) {
$auth = get_auth_plugin('ldap_syncplus');
$users = $DB->get_records('user', array('auth' => 'ldap_syncplus'));
foreach ($users as $user) {
$auth->sync_roles($user);
}
}
}
}
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth plugin "LDAP SyncPlus" - Task definition
*
* @package auth_ldap_syncplus
* @copyright 2014 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_ldap_syncplus\task;
defined('MOODLE_INTERNAL') || die;
/**
* The auth_ldap_syncplus scheduled task class for LDAP user sync
*
* @package auth_ldap_syncplus
* @copyright 2014 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class sync_task extends \core\task\scheduled_task {
/**
* Return localised task name.
*
* @return string
*/
public function get_name() {
return get_string('synctask', 'auth_ldap_syncplus');
}
/**
* Execute scheduled task
*
* @return boolean
*/
public function execute() {
global $CFG;
if (is_enabled_auth('ldap_syncplus')) {
$auth = get_auth_plugin('ldap_syncplus');
$auth->sync_users(true);
}
}
}
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth plugin "LDAP SyncPlus" - CLI Script
*
* @package auth_ldap_syncplus
* @copyright 2014 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
define('CLI_SCRIPT', true);
// @codingStandardsIgnoreFile
// Let codechecker ignore this file. This code mostly re-used from auth_ldap and the problems are already there and not made by us.
require(__DIR__.'/../../../config.php'); // global moodle config file.
require_once($CFG->dirroot.'/course/lib.php');
require_once($CFG->libdir.'/clilib.php');
// Ensure errors are well explained
set_debugging(DEBUG_DEVELOPER, true);
if (!is_enabled_auth('ldap_syncplus')) {
error_log('[AUTH LDAP SYNCPLUS] '.get_string('pluginnotenabled', 'auth_ldap'));
die;
}
cli_problem('[AUTH LDAP SYNCPLUS] The users sync cron has been deprecated. Please use the scheduled task instead.');
// Abort execution of the CLI script if the auth_ldap_syncplus\task\sync_task is enabled.
$taskdisabled = \core\task\manager::get_scheduled_task('auth_ldap_syncplus\task\sync_task');
if (!$taskdisabled->get_disabled()) {
cli_error('[AUTH LDAP SYNCPLUS] The scheduled task sync_task is enabled, the cron execution has been aborted.');
}
$ldapauth = get_auth_plugin('ldap_syncplus');
$ldapauth->sync_users(true);
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth plugin "LDAP SyncPlus" - Event definition
*
* @package auth_ldap_syncplus
* @copyright 2014 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
$observers = array(
array(
'eventname' => '\core\event\user_created',
'includefile' => '/auth/ldap_syncplus/eventhandler.php',
'callback' => 'update_user_onevent',
),
);
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth plugin "LDAP SyncPlus" - Scheduled tasks
*
* @package auth_ldap_syncplus
* @copyright 2014 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
$tasks = array(
array(
'classname' => 'auth_ldap_syncplus\task\sync_roles',
'blocking' => 0,
'minute' => '0',
'hour' => '0',
'day' => '*',
'month' => '*',
'dayofweek' => '*',
'disabled' => 1
),
array(
'classname' => 'auth_ldap_syncplus\task\sync_task',
'blocking' => 0,
'minute' => '0',
'hour' => '0',
'day' => '*',
'month' => '*',
'dayofweek' => '*',
'disabled' => 1
)
);
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth plugin "LDAP SyncPlus" - Upgrade script
*
* @package auth_ldap_syncplus
* @copyright 2014 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die;
/**
* Function to upgrade auth_ldap_syncplus.
* @param int $oldversion the version we are upgrading from
* @return bool result
*/
function xmldb_auth_ldap_syncplus_upgrade($oldversion) {
global $DB;
if ($oldversion < 2018020200) {
// Convert info in config plugins from auth/ldap_syncplus to auth_ldap_syncplus.
upgrade_fix_config_auth_plugin_names('ldap_syncplus');
upgrade_fix_config_auth_plugin_defaults('ldap_syncplus');
upgrade_plugin_savepoint(true, 2018020200, 'auth', 'ldap_syncplus');
}
if ($oldversion < 2018020601) {
// The "auth_ldap_syncplus/coursecreators" setting was replaced with "auth_ldap_syncplus/coursecreatorcontext" (created
// dynamically from system-assignable roles) - so migrate any existing value to the first new slot.
if ($ldapcontext = get_config('auth_ldap_syncplus', 'creators')) {
// Get info about the role that the old coursecreators setting would apply.
$creatorrole = get_archetype_roles('coursecreator');
$creatorrole = array_shift($creatorrole); // We can only use one, let's use the first.
// Create new setting.
set_config($creatorrole->shortname . 'context', $ldapcontext, 'auth_ldap_syncplus');
// Delete old setting.
set_config('creators', null, 'auth_ldap_syncplus');
upgrade_plugin_savepoint(true, 2018020601, 'auth', 'ldap_syncplus');
}
}
return true;
}
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth plugin "LDAP SyncPlus" - Event handler
*
* @package auth_ldap_syncplus
* @copyright 2014 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die;
/**
* Event handler function.
*
* @param object $eventdata Event data
* @return void
*/
function update_user_onevent($eventdata) {
global $DB;
// Do only if user id is enclosed in $eventdata.
if (!empty($eventdata->relateduserid)) {
// Get user data.
$user = $DB->get_record('user', array('id' => $eventdata->relateduserid));
// Do if user was found.
if (!empty($user->username)) {
// Do only if user has ldap_syncplus authentication.
if (isset($user->auth) && $user->auth == 'ldap_syncplus') {
// Update user.
// Actually, we would want to call auth_plugin_base::update_user_record()
// which is lighter, but this function is unfortunately protected since Moodle 3.5.
update_user_record($user->username);
}
}
}
}
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth plugin "LDAP SyncPlus" - Language pack
*
* @package auth_ldap_syncplus
* @copyright 2014 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
$string['pluginname'] = 'LDAP server (Sync Plus)';
$string['auth_ldap_syncplusdescription'] = 'This method provides authentication against an external LDAP server.
If the given username and password are valid, Moodle creates a new user
entry in its database. This module can read user attributes from LDAP and prefill
wanted fields in Moodle. For following logins only the username and
password are checked.';
$string['auth_remove_deletewithgraceperiod'] = 'Suspend internal and fully delete internal after grace period';
$string['nouserentriestosuspend'] = 'No user entries to be suspended';
$string['privacy:metadata'] = 'The LDAP server (Sync Plus) authentication plugin does not store any personal data.';
$string['removeuser_graceperiod'] = 'Fully deleting grace period';
$string['removeuser_graceperiod_desc'] = 'After suspending a user internally, the synchronization script will wait for this number of days until the user will be fully deleted internal. If the user re-appears in LDAP within this grace period, the user will be reactivated. Note: This setting is only used if "Removed ext user" is set to "Suspend internal and fully delete internal after grace period"';
$string['sync_script_createuser_enabled'] = 'If enabled (default), the synchronization script will create Moodle accounts for all LDAP users if they have never logged into Moodle before. If disabled, the synchronization script will not create Moodle accounts for all LDAP users.';
$string['sync_script_createuser_enabled_key'] = 'Add new users';
$string['syncroles'] = 'LDAP roles sync job (Sync Plus)';
$string['synctask'] = 'LDAP users sync job (Sync Plus)';
$string['userentriestosuspend'] = 'User entries to be suspended: {$a}';
$string['waitinginremovalqueue'] = 'Waiting in removal queue for {$a->days} day grace period: {$a->name} ID {$a->id}';
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth plugin "LDAP SyncPlus" - Local library
*
* @package auth_ldap_syncplus
* @copyright 2014 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
define('AUTH_REMOVEUSER_DELETEWITHGRACEPERIOD', 3);
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth plugin "LDAP SyncPlus" - Settings
*
* @package auth_ldap_syncplus
* @copyright 2014 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die;
if ($ADMIN->fulltree) {
if (!function_exists('ldap_connect')) {
$notify = new \core\output\notification(get_string('auth_ldap_noextension', 'auth_ldap'),
\core\output\notification::NOTIFY_WARNING);
$settings->add(new admin_setting_heading('auth_ldap_noextension', '', $OUTPUT->render($notify)));
} else {
// We use a couple of custom admin settings since we need to massage the data before it is inserted into the DB.
require_once($CFG->dirroot.'/auth/ldap/classes/admin_setting_special_lowercase_configtext.php');
require_once($CFG->dirroot.'/auth/ldap/classes/admin_setting_special_contexts_configtext.php');
require_once($CFG->dirroot.'/auth/ldap/classes/admin_setting_special_ntlm_configtext.php');
// We need to use some of the Moodle LDAP constants / functions to create the list of options.
require_once($CFG->dirroot.'/auth/ldap/auth.php');
// We need to use some of the Moodle LDAP Syncplus constants / functions to create the list of options.
require_once($CFG->dirroot.'/auth/ldap_syncplus/locallib.php');
// Introductory explanation.
$settings->add(new admin_setting_heading('auth_ldap_syncplus/pluginname', '',
new lang_string('auth_ldapdescription', 'auth_ldap')));
// LDAP server settings.
$settings->add(new admin_setting_heading('auth_ldap_syncplus/ldapserversettings',
new lang_string('auth_ldap_server_settings', 'auth_ldap'), ''));
// Host.
$settings->add(new admin_setting_configtext('auth_ldap_syncplus/host_url',
get_string('auth_ldap_host_url_key', 'auth_ldap'),
get_string('auth_ldap_host_url', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
// Version.
$versions = array();
$versions[2] = '2';
$versions[3] = '3';
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/ldap_version',
new lang_string('auth_ldap_version_key', 'auth_ldap'),
new lang_string('auth_ldap_version', 'auth_ldap'), 3, $versions));
// Start TLS.
$yesno = array(
new lang_string('no'),
new lang_string('yes'),
);
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/start_tls',
new lang_string('start_tls_key', 'auth_ldap'),
new lang_string('start_tls', 'auth_ldap'), 0 , $yesno));
// Encoding.
$settings->add(new admin_setting_configtext('auth_ldap_syncplus/ldapencoding',
get_string('auth_ldap_ldap_encoding_key', 'auth_ldap'),
get_string('auth_ldap_ldap_encoding', 'auth_ldap'), 'utf-8', PARAM_RAW_TRIMMED));
// Page Size. (Hide if not available).
$settings->add(new admin_setting_configtext('auth_ldap_syncplus/pagesize',
get_string('pagesize_key', 'auth_ldap'),
get_string('pagesize', 'auth_ldap'), '250', PARAM_INT));
// Bind settings.
$settings->add(new admin_setting_heading('auth_ldap_syncplus/ldapbindsettings',
new lang_string('auth_ldap_bind_settings', 'auth_ldap'), ''));
// Store Password in DB.
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/preventpassindb',
new lang_string('auth_ldap_preventpassindb_key', 'auth_ldap'),
new lang_string('auth_ldap_preventpassindb', 'auth_ldap'), 0 , $yesno));
// User ID.
$settings->add(new admin_setting_configtext('auth_ldap_syncplus/bind_dn',
get_string('auth_ldap_bind_dn_key', 'auth_ldap'),
get_string('auth_ldap_bind_dn', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
// Password.
$settings->add(new admin_setting_configpasswordunmask('auth_ldap_syncplus/bind_pw',
get_string('auth_ldap_bind_pw_key', 'auth_ldap'),
get_string('auth_ldap_bind_pw', 'auth_ldap'), ''));
// User Lookup settings.
$settings->add(new admin_setting_heading('auth_ldap_syncplus/ldapuserlookup',
new lang_string('auth_ldap_user_settings', 'auth_ldap'), ''));
// User Type.
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/user_type',
new lang_string('auth_ldap_user_type_key', 'auth_ldap'),
new lang_string('auth_ldap_user_type', 'auth_ldap'), 'default', ldap_supported_usertypes()));
// Contexts.
$settings->add(new auth_ldap_admin_setting_special_contexts_configtext('auth_ldap_syncplus/contexts',
get_string('auth_ldap_contexts_key', 'auth_ldap'),
get_string('auth_ldap_contexts', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
// Search subcontexts.
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/search_sub',
new lang_string('auth_ldap_search_sub_key', 'auth_ldap'),
new lang_string('auth_ldap_search_sub', 'auth_ldap'), 0 , $yesno));
// Dereference aliases.
$optderef = array();
$optderef[LDAP_DEREF_NEVER] = get_string('no');
$optderef[LDAP_DEREF_ALWAYS] = get_string('yes');
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/opt_deref',
new lang_string('auth_ldap_opt_deref_key', 'auth_ldap'),
new lang_string('auth_ldap_opt_deref', 'auth_ldap'), LDAP_DEREF_NEVER , $optderef));
// User attribute.
$settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_ldap_syncplus/user_attribute',
get_string('auth_ldap_user_attribute_key', 'auth_ldap'),
get_string('auth_ldap_user_attribute', 'auth_ldap'), '', PARAM_RAW));
// Suspended attribute.
$settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_ldap_syncplus/suspended_attribute',
get_string('auth_ldap_suspended_attribute_key', 'auth_ldap'),
get_string('auth_ldap_suspended_attribute', 'auth_ldap'), '', PARAM_RAW));
// Member attribute.
$settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_ldap_syncplus/memberattribute',
get_string('auth_ldap_memberattribute_key', 'auth_ldap'),
get_string('auth_ldap_memberattribute', 'auth_ldap'), '', PARAM_RAW));
// Member attribute uses dn.
$settings->add(new admin_setting_configtext('auth_ldap_syncplus/memberattribute_isdn',
get_string('auth_ldap_memberattribute_isdn_key', 'auth_ldap'),
get_string('auth_ldap_memberattribute_isdn', 'auth_ldap'), '', PARAM_RAW));
// Object class.
$settings->add(new admin_setting_configtext('auth_ldap_syncplus/objectclass',
get_string('auth_ldap_objectclass_key', 'auth_ldap'),
get_string('auth_ldap_objectclass', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
// Force Password change Header.
$settings->add(new admin_setting_heading('auth_ldap_syncplus/ldapforcepasswordchange',
new lang_string('forcechangepassword', 'auth'), ''));
// Force Password change.
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/forcechangepassword',
new lang_string('forcechangepassword', 'auth'),
new lang_string('forcechangepasswordfirst_help', 'auth'), 0 , $yesno));
// Standard Password Change.
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/stdchangepassword',
new lang_string('stdchangepassword', 'auth'), new lang_string('stdchangepassword_expl', 'auth') .' '.
get_string('stdchangepassword_explldap', 'auth'), 0 , $yesno));
// Password Type.
$passtype = array();
$passtype['plaintext'] = get_string('plaintext', 'auth');
$passtype['md5'] = get_string('md5', 'auth');
$passtype['sha1'] = get_string('sha1', 'auth');
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/passtype',
new lang_string('auth_ldap_passtype_key', 'auth_ldap'),
new lang_string('auth_ldap_passtype', 'auth_ldap'), 'plaintext', $passtype));
// Password change URL.
$settings->add(new admin_setting_configtext('auth_ldap_syncplus/changepasswordurl',
get_string('auth_ldap_changepasswordurl_key', 'auth_ldap'),
get_string('changepasswordhelp', 'auth'), '', PARAM_URL));
// Password Expiration Header.
$settings->add(new admin_setting_heading('auth_ldap_syncplus/passwordexpire',
new lang_string('auth_ldap_passwdexpire_settings', 'auth_ldap'), ''));
// Password Expiration.
// Create the description lang_string object.
$strno = get_string('no');
$strldapserver = get_string('pluginname', 'auth_ldap');
$langobject = new stdClass();
$langobject->no = $strno;
$langobject->ldapserver = $strldapserver;
$description = new lang_string('auth_ldap_expiration_desc', 'auth_ldap', $langobject);
// Now create the options.
$expiration = array();
$expiration['0'] = $strno;
$expiration['1'] = $strldapserver;
// Add the setting.
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/expiration',
new lang_string('auth_ldap_expiration_key', 'auth_ldap'),
$description, 0 , $expiration));
// Password Expiration warning.
$settings->add(new admin_setting_configtext('auth_ldap_syncplus/expiration_warning',
get_string('auth_ldap_expiration_warning_key', 'auth_ldap'),
get_string('auth_ldap_expiration_warning_desc', 'auth_ldap'), '', PARAM_RAW));
// Password Expiration attribute.
$settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_ldap_syncplus/expireattr',
get_string('auth_ldap_expireattr_key', 'auth_ldap'),
get_string('auth_ldap_expireattr_desc', 'auth_ldap'), '', PARAM_RAW));
// Grace Logins.
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/gracelogins',
new lang_string('auth_ldap_gracelogins_key', 'auth_ldap'),
new lang_string('auth_ldap_gracelogins_desc', 'auth_ldap'), 0 , $yesno));
// Grace logins attribute.
$settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_ldap_syncplus/graceattr',
get_string('auth_ldap_gracelogin_key', 'auth_ldap'),
get_string('auth_ldap_graceattr_desc', 'auth_ldap'), '', PARAM_RAW));
// User Creation.
$settings->add(new admin_setting_heading('auth_ldap_syncplus/usercreation',
new lang_string('auth_user_create', 'auth'), ''));
// Create users externally.
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/auth_user_create',
new lang_string('auth_ldap_auth_user_create_key', 'auth_ldap'),
new lang_string('auth_user_creation', 'auth'), 0 , $yesno));
// Context for new users.
$settings->add(new admin_setting_configtext('auth_ldap_syncplus/create_context',
get_string('auth_ldap_create_context_key', 'auth_ldap'),
get_string('auth_ldap_create_context', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
// System roles mapping header.
$settings->add(new admin_setting_heading('auth_ldap_syncplus/systemrolemapping',
new lang_string('systemrolemapping', 'auth_ldap'), ''));
// Create system role mapping field for each assignable system role.
$roles = get_ldap_assignable_role_names();
foreach ($roles as $role) {
// Before we can add this setting we need to check a few things.
// A) It does not exceed 100 characters otherwise it will break the DB as the 'name' field
// in the 'config_plugins' table is a varchar(100).
// B) The setting name does not contain hyphens. If it does then it will fail the check
// in parse_setting_name() and everything will explode. Role short names are validated
// against PARAM_ALPHANUMEXT which is similar to the regex used in parse_setting_name()
// except it also allows hyphens.
// Instead of shortening the name and removing/replacing the hyphens we are showing a warning.
// If we were to manipulate the setting name by removing the hyphens we may get conflicts, eg
// 'thisisashortname' and 'this-is-a-short-name'. The same applies for shortening the setting name.
if (core_text::strlen($role['settingname']) > 100 || !preg_match('/^[a-zA-Z0-9_]+$/', $role['settingname'])) {
$url = new moodle_url('/admin/roles/define.php', array('action' => 'edit', 'roleid' => $role['id']));
$a = (object)['rolename' => $role['localname'], 'shortname' => $role['shortname'], 'charlimit' => 93,
'link' => $url->out()];
$settings->add(new admin_setting_heading('auth_ldap_syncplus/role_not_mapped_' . sha1($role['settingname']), '',
get_string('cannotmaprole', 'auth_ldap', $a)));
} else {
$settings->add(new admin_setting_configtext('auth_ldap_syncplus/' . $role['settingname'],
get_string('auth_ldap_rolecontext', 'auth_ldap', $role),
get_string('auth_ldap_rolecontext_help', 'auth_ldap', $role), '', PARAM_RAW_TRIMMED));
}
}
// User Account Sync.
$settings->add(new admin_setting_heading('auth_ldap_syncplus/syncusers',
new lang_string('auth_sync_script', 'auth'), ''));
// Remove external user.
$deleteopt = array();
$deleteopt[AUTH_REMOVEUSER_KEEP] = get_string('auth_remove_keep', 'auth');
$deleteopt[AUTH_REMOVEUSER_SUSPEND] = get_string('auth_remove_suspend', 'auth');
$deleteopt[AUTH_REMOVEUSER_FULLDELETE] = get_string('auth_remove_delete', 'auth');
$deleteopt[AUTH_REMOVEUSER_DELETEWITHGRACEPERIOD] = get_string('auth_remove_deletewithgraceperiod', 'auth_ldap_syncplus');
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/removeuser',
new lang_string('auth_remove_user_key', 'auth'),
new lang_string('auth_remove_user', 'auth'), AUTH_REMOVEUSER_KEEP, $deleteopt));
// Remove external user grace period.
$settings->add(new admin_setting_configtext('auth_ldap_syncplus/removeuser_graceperiod',
get_string('removeuser_graceperiod', 'auth_ldap_syncplus'),
get_string('removeuser_graceperiod_desc', 'auth_ldap_syncplus'), 10, PARAM_INT));
// Create users.
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/sync_script_createuser_enabled',
new lang_string('sync_script_createuser_enabled_key', 'auth_ldap_syncplus'),
new lang_string('sync_script_createuser_enabled', 'auth_ldap_syncplus'), 1, $yesno));
// Sync Suspension.
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/sync_suspended',
new lang_string('auth_sync_suspended_key', 'auth'),
new lang_string('auth_sync_suspended', 'auth'), 0 , $yesno));
// NTLM SSO Header.
$settings->add(new admin_setting_heading('auth_ldap_syncplus/ntlm',
new lang_string('auth_ntlmsso', 'auth_ldap'), ''));
// Enable NTLM.
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/ntlmsso_enabled',
new lang_string('auth_ntlmsso_enabled_key', 'auth_ldap'),
new lang_string('auth_ntlmsso_enabled', 'auth_ldap'), 0 , $yesno));
// Subnet.
$settings->add(new admin_setting_configtext('auth_ldap_syncplus/ntlmsso_subnet',
get_string('auth_ntlmsso_subnet_key', 'auth_ldap'),
get_string('auth_ntlmsso_subnet', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
// NTLM Fast Path.
$fastpathoptions = array();
$fastpathoptions[AUTH_NTLM_FASTPATH_YESFORM] = get_string('auth_ntlmsso_ie_fastpath_yesform', 'auth_ldap');
$fastpathoptions[AUTH_NTLM_FASTPATH_YESATTEMPT] = get_string('auth_ntlmsso_ie_fastpath_yesattempt', 'auth_ldap');
$fastpathoptions[AUTH_NTLM_FASTPATH_ATTEMPT] = get_string('auth_ntlmsso_ie_fastpath_attempt', 'auth_ldap');
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/ntlmsso_ie_fastpath',
new lang_string('auth_ntlmsso_ie_fastpath_key', 'auth_ldap'),
new lang_string('auth_ntlmsso_ie_fastpath', 'auth_ldap'),
AUTH_NTLM_FASTPATH_ATTEMPT, $fastpathoptions));
// Authentication type.
$types = array();
$types['ntlm'] = 'NTLM';
$types['kerberos'] = 'Kerberos';
$settings->add(new admin_setting_configselect('auth_ldap_syncplus/ntlmsso_type',
new lang_string('auth_ntlmsso_type_key', 'auth_ldap'),
new lang_string('auth_ntlmsso_type', 'auth_ldap'), 'ntlm', $types));
// Remote Username format.
$settings->add(new auth_ldap_admin_setting_special_ntlm_configtext('auth_ldap_syncplus/ntlmsso_remoteuserformat',
get_string('auth_ntlmsso_remoteuserformat_key', 'auth_ldap'),
get_string('auth_ntlmsso_remoteuserformat', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
}
// Display locking / mapping of profile fields.
$authplugin = get_auth_plugin('ldap_syncplus');
$help = get_string('auth_ldapextrafields', 'auth_ldap');
$help .= get_string('auth_updatelocal_expl', 'auth');
$help .= get_string('auth_fieldlock_expl', 'auth');
$help .= get_string('auth_updateremote_expl', 'auth');
$help .= '<hr />';
$help .= get_string('auth_updateremote_ldap', 'auth');
display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields,
$help, true, true, $authplugin->get_custom_user_profile_fields());
}
@auth @auth_ldap_syncplus
Feature: Checking that all settings are shown
In order to be able to configure the auth_ldap_syncplus plugin
As admin
I need to be able to see the equivalent settings
# This is the only check that is possible to do with Behat tests. The functionality behind cannot be tested with Behat tests.
Scenario: Check if all LDAP server (Sync Plus) settings are there
Given I log in as "admin"
And I navigate to "Plugins > Authentication > Manage authentication" in site administration
And I click on "Settings" "link" in the "LDAP server (Sync Plus)" "table_row"
Then I should see "LDAP server (Sync Plus)" in the "#region-main .settingsform" "css_element"
And the "Removed ext user" select box should contain "Suspend internal and fully delete internal after grace period"
And I should see "Fully deleting grace period" in the "#admin-removeuser_graceperiod" "css_element"
And I should see "Add new users" in the "#admin-sync_script_createuser_enabled" "css_element"
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth plugin "LDAP SyncPlus" - Version file
*
* @package auth_ldap_syncplus
* @copyright 2014 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
$plugin->component = 'auth_ldap_syncplus';
$plugin->version = 2020121100;
$plugin->release = 'v3.10-r1';
$plugin->requires = 2020110900;
$plugin->supported = [310, 310];
$plugin->maturity = MATURITY_STABLE;
$plugin->dependencies = array('auth_ldap' => 2020110900);
---
name: Bug report
about: Create a report to help us improve
title: ''
labels: ''
assignees: ''
---
**Describe the bug**
A clear and concise description of what the bug is.
**To Reproduce**
Steps to reproduce the behavior:
1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error
**Expected behavior**
A clear and concise description of what you expected to happen.
**Screenshots**
If applicable, add screenshots to help explain your problem.
**Desktop (please complete the following information):**
- OS: [e.g. iOS]
- Browser [e.g. chrome, safari]
- Version [e.g. 22]
**Smartphone (please complete the following information):**
- Device: [e.g. iPhone6]
- OS: [e.g. iOS8.1]
- Browser [e.g. stock browser, safari]
- Version [e.g. 22]
**Additional context**
Add any other context about the problem here.
sudo: required
language: php
dist: xenial
services:
- mysql
php:
- 7.2
env:
global:
- MOODLE_BRANCH=master
- IGNORE_PATHS=amd/build,amd/src/bootstrap.js
- IGNORE_NAMES=*.txt,moodle.css,moodle-rtl.css,moodle_min.css,editor.css,editor_min.css,Gruntfile.js
- DB=mysqli
matrix:
- php: 7.2
env: DB=mysqli TASK=PHPUNIT
cache:
directories:
- $HOME/.composer/cache
- $HOME/.npm
before_install:
- cd ../..
- composer selfupdate
- composer create-project -n --no-dev moodlerooms/moodle-plugin-ci ci ^1
- export PATH="$(cd ci/bin; pwd):$(cd ci/vendor/bin; pwd):$PATH"
install:
- moodle-plugin-ci install
script:
- moodle-plugin-ci phplint
- moodle-plugin-ci phpcpd
- moodle-plugin-ci phpmd
- moodle-plugin-ci codechecker
- moodle-plugin-ci csslint
- moodle-plugin-ci jshint
#- moodle-plugin-ci phpunit
\ No newline at end of file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment