Commit 5e934890 authored by Eloy Lafuente's avatar Eloy Lafuente
Browse files

MDL-16658 restore - new restore:createuser cap + pre-check users before...

MDL-16658 restore - new restore:createuser cap + pre-check users before restoring; merged from 19_STABLE
parent e07a7081
......@@ -742,7 +742,7 @@ define('RESTORE_GROUPS_GROUPINGS', 3);
}
// Handle checks from same site backups
if (backup_is_same_site($restore)) {
if (backup_is_same_site($restore) && empty($CFG->forcedifferentsitecheckingusersonrestore)) {
// 1A - If match by id and username and mnethost => ok, return target user
if ($rec = $DB->get_record('user', array('id'=>$user->id, 'username'=>$user->username, 'mnethostid'=>$user->mnethostid))) {
......@@ -950,7 +950,7 @@ define('RESTORE_GROUPS_GROUPINGS', 3);
$user = $rec->info;
// Find the correct mnethostid for user before performing any further check
if (empty($user->mnethosturl) || $user->mnethosturl===$CFG->wwwroot) {
if (empty($user->mnethosturl) || $user->mnethosturl === $CFG->wwwroot) {
$user->mnethostid = $CFG->mnet_localhost_id;
} else {
// fast url-to-id lookups
......@@ -965,13 +965,18 @@ define('RESTORE_GROUPS_GROUPINGS', 3);
$usercheck = restore_check_user($restore, $user);
if (is_object($usercheck)) { // No problem, we have found one user in DB to be mapped to
// Annotate it, for later process by restore_create_users(). Set new_id to mapping user->id
backup_putid($restore->backup_unique_code, 'user', $userid, $usercheck->id, $user);
} else if ($usercheck === false) { // Found conflict, report it as problem
$problems[] = get_string('restoreuserconflict', '', $user->username);
$status = false;
} else if ($usercheck === true) { // User needs to be created, check if we are able
if (!$cancreateuser) { // Cannot create, report as problem
if ($cancreateuser) { // Can create user, annotate it, for later process by restore_create_users(). Set new_id to 0
backup_putid($restore->backup_unique_code, 'user', $userid, 0, $user);
} else { // Cannot create user, report it as problem
$problems[] = get_string('restorecannotcreateuser', '', $user->username);
$status = false;
......@@ -2830,25 +2835,17 @@ define('RESTORE_GROUPS_GROUPINGS', 3);
$authcache = array(); // Cache to get some bits from authentication plugins
$status = true;
//Check it exists
if (!file_exists($xml_file)) {
$status = false;
}
//Get info from xml
if ($status) {
//info will contain the old_id of every user
//in backup_ids->info will be the real info (serialized)
$info = restore_read_xml_users($restore,$xml_file);
}
//Now, get evey user_id from $info and user data from $backup_ids
//and create the necessary db structures
// Users have already been checked by restore_precheck_users() so they are loaded
// in backup_ids table. They don't need to be loaded (parsed) from XML again. Also, note
// the same function has performed the needed modifications in the $user->mnethostid field
// so we don't need to do it again here at all. Just some checks.
if (!empty($info->users)) {
// Get users ids from backup_ids table
$userids = $DB->get_fieldset_select('backup_ids', 'old_id', 'backup_code = ? AND table_name = ?', array($restore->backup_unique_code, 'user'));
/// Grab mnethosts keyed by wwwroot, to map to id
$mnethosts = $DB->get_records('mnet_host', null,
'wwwroot', 'wwwroot, id');
// Have users to process, proceed with them
if (!empty($userids)) {
/// Get languages for quick search later
$languages = get_list_of_languages();
......@@ -2858,9 +2855,22 @@ define('RESTORE_GROUPS_GROUPINGS', 3);
/// Init trailing messages
$messages = array();
foreach ($info->users as $userid) {
$rec = backup_getid($restore->backup_unique_code,"user",$userid);
$user = $rec->info;
foreach ($userids as $userid) {
// Defaults
$user_exists = false; // By default user does not exist
$newid = null; // By default, there is not newid
// Get record from backup_ids
$useridsdbrec = backup_getid($restore->backup_unique_code, 'user', $userid);
// Based in restore_precheck_users() calculations, if the user exists
// new_id must contain the id of the matching user
if (!empty($useridsdbrec->new_id)) {
$user_exists = true;
$newid = $useridsdbrec->new_id;
}
$user = $useridsdbrec->info;
foreach (array_keys(get_object_vars($user)) as $field) {
if (!is_array($user->$field)) {
$user->$field = backup_todb($user->$field);
......@@ -2908,31 +2918,12 @@ define('RESTORE_GROUPS_GROUPINGS', 3);
//Has role teacher or student or needed
$is_course_user = ($is_teacher or $is_student or $is_needed);
// in case we are restoring to same server, look for user by id and username
// it should return record always, but in sites rebuilt from scratch
// and being reconstructed using course backups
$user_data = false;
if (backup_is_same_site($restore)) {
$user_data = $DB->get_record('user', array('id'=>$user->id, 'username'=>$user->username));
}
// Only try to perform mnethost/auth modifications if restoring to another server
// or if, while restoring to same server, the user doesn't exists yet (rebuilt site)
//
// So existing user data in same server *won't be modified by restore anymore*,
// under any circumpstance. If somehting is wrong with existing data, it's server fault.
if (!backup_is_same_site($restore) || (backup_is_same_site($restore) && !$user_data)) {
//Calculate mnethostid
if (empty($user->mnethosturl) || $user->mnethosturl===$CFG->wwwroot) {
$user->mnethostid = $CFG->mnet_localhost_id;
} else {
// fast url-to-id lookups
if (isset($mnethosts[$user->mnethosturl])) {
$user->mnethostid = $mnethosts[$user->mnethosturl]->id;
} else {
$user->mnethostid = $CFG->mnet_localhost_id;
}
}
if (!backup_is_same_site($restore) || (backup_is_same_site($restore) && !$user_exists)) {
//Arriving here, any user with mnet auth and using $CFG->mnet_localhost_id is wrong
//as own server cannot be accesed over mnet. Change auth to manual and inform about the switch
if ($user->auth == 'mnet' && $user->mnethostid == $CFG->mnet_localhost_id) {
......@@ -2951,21 +2942,6 @@ define('RESTORE_GROUPS_GROUPINGS', 3);
}
unset($user->mnethosturl);
//To store user->id along all the iteration
$newid=null;
//check if it exists (by username) and get its id
$user_exists = true;
if (!backup_is_same_site($restore) || !$user_data) { /// Restoring to another server, or rebuilding site (failed id&
/// login search above), look for existing user based on fields
$user_data = $DB->get_record('user', array('username'=>$user->username, 'mnethostid'=>$user->mnethostid));
}
if (!$user_data) {
$user_exists = false;
} else {
$newid = $user_data->id;
}
//Flags to see what parts are we going to restore
$create_user = true;
$create_roles = true;
......@@ -3245,7 +3221,7 @@ define('RESTORE_GROUPS_GROUPINGS', 3);
}
backup_flush(300);
}
} /// End of loop over all the users loaded from xml
} /// End of loop over all the users loaded from backup_ids table
/// Inform about all the messages geerated while restoring users
if (!defined('RESTORE_SILENTLY')) {
......@@ -8487,7 +8463,6 @@ define('RESTORE_GROUPS_GROUPINGS', 3);
// Precheck the users section, detecting various situations that can lead to problems, so
// we stop restore before performing any further action
/*
if (!defined('RESTORE_SILENTLY')) {
echo '<li>'.get_string('restoreusersprecheck').'</li>';
}
......@@ -8501,7 +8476,6 @@ define('RESTORE_GROUPS_GROUPINGS', 3);
}
return false;
}
*/
//If we've selected to restore into new course
//create it (course)
......
......@@ -180,6 +180,21 @@ $CFG->admin = 'admin';
// shared out from your site/institution!
// $CFG->includeuserpasswordsinbackup = true;
//
// Completely disable user creation on restore, bypassing any right granted
// via roles/capabilities. By enabling this setting any restore process
// requiring users to be created will be stopped before any further action.
// $CFG->disableusercreationonrestore = true;
//
// Modify the restore process in order to force the "user checks" to assume
// that the backup was originated in a different site so detection of matching
// users is performed with some different (more "relaxed") rules. *Only* useful
// if the backup file has been generated with Moodle < 1.9.4 and the site has
// been rebuilt from scratch using backup files (not the best way, btw). If you
// are getting user conflicts on restore, try to restore the backup to a different
// site, backup it again and then restore on target server instead of enabling this
// setting permanently!
// $CFG->forcedifferentsitecheckingusersonrestore = true;
//
// Prevent stats processing and hide the GUI
// $CFG->disablestatsprocessing = true;
//
......
......@@ -1369,6 +1369,7 @@ $string['resource'] = 'Resource';
$string['resources'] = 'Resources';
$string['restore'] = 'Restore';
$string['restorecancelled'] = 'Restore canceled';
$string['restorecannotcreateuser'] = 'restore needs to create user \'$a\' from backup file and you are not allowed to do that';
$string['restorecoursenow'] = 'Restore this course now!';
$string['restoredaccount'] = 'Restored account';
$string['restoredaccountinfo'] = 'This account was imported from another server and the password has been lost. To set a new password by email, please click \"Continue\"';
......@@ -1376,7 +1377,10 @@ $string['restorefinished'] = 'Restore completed successfully';
$string['restoreto'] = 'Restore to';
$string['restoretositeadding'] = 'Warning: You are about to restore to the site front page, adding data to it!';
$string['restoretositedeleting'] = 'Warning: You are about to restore to the site front page, deleting data from it first!';
$string['restoreuserconflict'] = 'trying to restore user \'$a\' from backup file will cause conflict';
$string['restoreuserinfofailed'] = 'The restore process has stopped because you don\'t have permission to restore user data.';
$string['restoreusersprecheck'] = 'Checking user information';
$string['restoreusersprecheckerror'] = 'Some problems were detected checking user information';
$string['restricted'] = 'Restricted';
$string['restrictmodules'] = 'Restrict activity modules?';
$string['returntooriginaluser'] = 'Return to $a';
......
......@@ -200,6 +200,7 @@ $string['resetrolenolegacy'] = 'Clear permissions';
$string['resetrolesure'] = 'Are you sure that you want to reset role \"$a->name ($a->shortname)\" to defaults?<p></p>The defaults are taken from the selected legacy capability ($a->legacytype).';
$string['resetrolesurenolegacy'] = 'Are you sure that you want to clear all permissions defined in this role \"$a->name ($a->shortname)\"?';
$string['restore:rolldates'] = 'Allowed to roll activity configuration dates on restore';
$string['restore:createuser'] = 'Create users on restore';
$string['restore:userinfo'] = 'Restore user data';
$string['risks'] = 'Risks';
$string['role:assign'] = 'Assign roles to users';
......
......@@ -216,6 +216,17 @@ $capabilities = array(
)
),
'moodle/restore:createuser' => array(
'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
'captype' => 'write',
'contextlevel' => CONTEXT_SYSTEM,
'legacy' => array(
'admin' => CAP_ALLOW
)
),
'moodle/restore:userinfo' => array(
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
......
......@@ -6,7 +6,7 @@
// This is compared against the values stored in the database to determine
// whether upgrades should be performed (see lib/db/*.php)
$version = 2009122500; // YYYYMMDD = date of the last version bump
$version = 2009123000; // YYYYMMDD = date of the last version bump
// XX = daily increments
$release = '2.0 dev (Build: 20091230)'; // Human-friendly version name
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment