Commit 8bdb31ed authored by Petr Skoda's avatar Petr Skoda
Browse files

MDL-26564 fix regressions and other problems in csv user upload

This patch fixes incorrect password creating, updating and resetting, updating of user fields, unsupported auth plugins are correctly identified, modification of mnethostid is prevented, fixed problem with email duplicates, new password is generated for users without email, etc. It also includes coding style improvements, more inline docs, future TODOs and license information.
parent 2b37004c
This diff is collapsed.
<?php
if (!defined('MOODLE_INTERNAL')) {
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Bulk user upload forms
*
* @package core
* @subpackage admin
* @copyright 2007 Dan Poltawski
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
require_once $CFG->libdir.'/formslib.php';
class admin_uploaduser_form1 extends moodleform {
function definition (){
global $CFG, $USER;
$mform =& $this->_form;
/**
* Upload a file CVS file with user information.
*
* @package core
* @subpackage admin
* @copyright 2007 Petr Skoda {@link http://skodak.org}
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class admin_uploaduser_form1 extends moodleform {
function definition () {
$mform = $this->_form;
$mform->addElement('header', 'settingsheader', get_string('upload'));
......@@ -36,69 +64,90 @@ class admin_uploaduser_form1 extends moodleform {
$mform->addElement('select', 'previewrows', get_string('rowpreviewnum', 'admin'), $choices);
$mform->setType('previewrows', PARAM_INT);
$choices = array(UU_ADDNEW => get_string('uuoptype_addnew', 'admin'),
UU_ADDINC => get_string('uuoptype_addinc', 'admin'),
UU_ADD_UPDATE => get_string('uuoptype_addupdate', 'admin'),
UU_UPDATE => get_string('uuoptype_update', 'admin'));
$mform->addElement('select', 'uutype', get_string('uuoptype', 'admin'), $choices);
$this->add_action_buttons(false, get_string('uploadusers', 'admin'));
}
}
/**
* Specify user upload details
*
* @package core
* @subpackage admin
* @copyright 2007 Petr Skoda {@link http://skodak.org}
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class admin_uploaduser_form2 extends moodleform {
function definition (){
function definition () {
global $CFG, $USER;
$mform =& $this->_form;
$columns =& $this->_customdata;
$mform = $this->_form;
$columns = $this->_customdata['columns'];
$data = $this->_customdata['data'];
// I am the template user, why should it be the administrator? we have roles now, other ppl may use this script ;-)
$templateuser = $USER;
// upload settings and file
$mform->addElement('header', 'settingsheader', get_string('settings'));
$mform->addElement('static', 'uutypelabel', get_string('uuoptype', 'admin') );
$choices = array(UU_USER_ADDNEW => get_string('uuoptype_addnew', 'admin'),
UU_USER_ADDINC => get_string('uuoptype_addinc', 'admin'),
UU_USER_ADD_UPDATE => get_string('uuoptype_addupdate', 'admin'),
UU_USER_UPDATE => get_string('uuoptype_update', 'admin'));
$mform->addElement('select', 'uutype', get_string('uuoptype', 'admin'), $choices);
$choices = array(0 => get_string('infilefield', 'auth'), 1 => get_string('createpasswordifneeded', 'auth'));
$mform->addElement('select', 'uupasswordnew', get_string('uupasswordnew', 'admin'), $choices);
$mform->setDefault('uupasswordnew', 1);
$mform->disabledIf('uupasswordnew', 'uutype', 'eq', UU_UPDATE);
$mform->disabledIf('uupasswordnew', 'uutype', 'eq', UU_USER_UPDATE);
$choices = array(0 => get_string('nochanges', 'admin'),
1 => get_string('uuupdatefromfile', 'admin'),
2 => get_string('uuupdateall', 'admin'),
3 => get_string('uuupdatemissing', 'admin'));
$choices = array(UU_UPDATE_NOCHANGES => get_string('nochanges', 'admin'),
UU_UPDATE_FILEOVERRIDE => get_string('uuupdatefromfile', 'admin'),
UU_UPDATE_ALLOVERRIDE => get_string('uuupdateall', 'admin'),
UU_UPDATE_MISSING => get_string('uuupdatemissing', 'admin'));
$mform->addElement('select', 'uuupdatetype', get_string('uuupdatetype', 'admin'), $choices);
$mform->setDefault('uuupdatetype', 0);
$mform->disabledIf('uuupdatetype', 'uutype', 'eq', UU_ADDNEW);
$mform->disabledIf('uuupdatetype', 'uutype', 'eq', UU_ADDINC);
$mform->setDefault('uuupdatetype', UU_UPDATE_NOCHANGES);
$mform->disabledIf('uuupdatetype', 'uutype', 'eq', UU_USER_ADDNEW);
$mform->disabledIf('uuupdatetype', 'uutype', 'eq', UU_USER_ADDINC);
$choices = array(0 => get_string('nochanges', 'admin'), 1 => get_string('update'));
$mform->addElement('select', 'uupasswordold', get_string('uupasswordold', 'admin'), $choices);
$mform->setDefault('uupasswordold', 0);
$mform->disabledIf('uupasswordold', 'uutype', 'eq', UU_ADDNEW);
$mform->disabledIf('uupasswordold', 'uutype', 'eq', UU_ADDINC);
$mform->disabledIf('uupasswordold', 'uutype', 'eq', UU_USER_ADDNEW);
$mform->disabledIf('uupasswordold', 'uutype', 'eq', UU_USER_ADDINC);
$mform->disabledIf('uupasswordold', 'uuupdatetype', 'eq', 0);
$mform->disabledIf('uupasswordold', 'uuupdatetype', 'eq', 3);
$choices = array(UU_PWRESET_WEAK => get_string('usersweakpassword', 'admin'),
UU_PWRESET_NONE => get_string('none'),
UU_PWRESET_ALL => get_string('all'));
if (empty($CFG->passwordpolicy)) {
unset($choices[UU_PWRESET_WEAK]);
}
$mform->addElement('select', 'uuforcepasswordchange', get_string('forcepasswordchange', 'core'), $choices);
$mform->addElement('selectyesno', 'uuallowrenames', get_string('allowrenames', 'admin'));
$mform->setDefault('uuallowrenames', 0);
$mform->disabledIf('uuallowrenames', 'uutype', 'eq', UU_ADDNEW);
$mform->disabledIf('uuallowrenames', 'uutype', 'eq', UU_ADDINC);
$mform->disabledIf('uuallowrenames', 'uutype', 'eq', UU_USER_ADDNEW);
$mform->disabledIf('uuallowrenames', 'uutype', 'eq', UU_USER_ADDINC);
$mform->addElement('selectyesno', 'uuallowdeletes', get_string('allowdeletes', 'admin'));
$mform->setDefault('uuallowdeletes', 0);
$mform->disabledIf('uuallowdeletes', 'uutype', 'eq', UU_ADDNEW);
$mform->disabledIf('uuallowdeletes', 'uutype', 'eq', UU_ADDINC);
$mform->disabledIf('uuallowdeletes', 'uutype', 'eq', UU_USER_ADDNEW);
$mform->disabledIf('uuallowdeletes', 'uutype', 'eq', UU_USER_ADDINC);
$mform->addElement('selectyesno', 'uunoemailduplicates', get_string('uunoemailduplicates', 'admin'));
$mform->setDefault('uunoemailduplicates', 1);
$choices = array(0 => get_string('no'),
1 => get_string('uubulknew', 'admin'),
2 => get_string('uubulkupdated', 'admin'),
3 => get_string('uubulkall', 'admin'));
$mform->addElement('selectyesno', 'uustandardusernames', get_string('uustandardusernames', 'admin'));
$mform->setDefault('uustandardusernames', 1);
$choices = array(UU_BULK_NONE => get_string('no'),
UU_BULK_NEW => get_string('uubulknew', 'admin'),
UU_BULK_UPDATED => get_string('uubulkupdated', 'admin'),
UU_BULK_ALL => get_string('uubulkall', 'admin'));
$mform->addElement('select', 'uubulk', get_string('uubulk', 'admin'), $choices);
$mform->setDefault('uubulk', 0);
......@@ -152,18 +201,22 @@ class admin_uploaduser_form2 extends moodleform {
// default values
$mform->addElement('header', 'defaultheader', get_string('defaultvalues', 'admin'));
$mform->addElement('text', 'username', get_string('username'), 'size="20"');
$mform->addElement('text', 'username', get_string('uuusernametemplate', 'admin'), 'size="20"');
$mform->addRule('username', get_string('requiredtemplate', 'admin'), 'required', null, 'client');
$mform->disabledIf('username', 'uutype', 'eq', UU_USER_ADD_UPDATE);
$mform->disabledIf('username', 'uutype', 'eq', UU_USER_UPDATE);
$mform->addElement('text', 'email', get_string('email'), 'maxlength="100" size="30"');
$mform->disabledIf('email', 'uutype', 'eq', UU_USER_ADD_UPDATE);
$mform->disabledIf('email', 'uutype', 'eq', UU_USER_UPDATE);
// only enabled and known to work plugins
$choices = uu_allowed_auths();
$choices = uu_supported_auths();
$mform->addElement('select', 'auth', get_string('chooseauthmethod','auth'), $choices);
$mform->setDefault('auth', 'manual'); // manual is a sensible backwards compatible default
$mform->addHelpButton('auth', 'chooseauthmethod', 'auth');
$mform->setAdvanced('auth');
$mform->addElement('text', 'email', get_string('email'), 'maxlength="100" size="30"');
$choices = array(0 => get_string('emaildisplayno'), 1 => get_string('emaildisplayyes'), 2 => get_string('emaildisplaycourse'));
$mform->addElement('select', 'maildisplay', get_string('emaildisplay'), $choices);
$mform->setDefault('maildisplay', 2);
......@@ -272,27 +325,30 @@ class admin_uploaduser_form2 extends moodleform {
$mform->addElement('hidden', 'previewrows');
$mform->setType('previewrows', PARAM_INT);
$mform->addElement('hidden', 'readcount');
$mform->setType('readcount', PARAM_INT);
$mform->addElement('hidden', 'uutype');
$mform->setType('uutype', PARAM_INT);
$this->add_action_buttons(true, get_string('uploadusers', 'admin'));
$this->set_data($data);
}
/**
* Form tweaks that depend on current data.
*/
function definition_after_data() {
$mform =& $this->_form;
$columns =& $this->_customdata;
$mform = $this->_form;
$columns = $this->_customdata['columns'];
foreach ($columns as $column) {
if ($mform->elementExists($column)) {
$mform->removeElement($column);
}
}
if (!in_array('password', $columns)) {
// password resetting makes sense only if password specified in csv file
if ($mform->elementExists('uuforcepasswordchange')) {
$mform->removeElement('uuforcepasswordchange');
}
}
}
/**
......@@ -300,19 +356,19 @@ class admin_uploaduser_form2 extends moodleform {
*/
function validation($data, $files) {
$errors = parent::validation($data, $files);
$columns =& $this->_customdata;
$columns = $this->_customdata['columns'];
$optype = $data['uutype'];
// detect if password column needed in file
if (!in_array('password', $columns)) {
switch ($optype) {
case UU_UPDATE:
case UU_USER_UPDATE:
if (!empty($data['uupasswordold'])) {
$errors['uupasswordold'] = get_string('missingfield', 'error', 'password');
}
break;
case UU_ADD_UPDATE:
case UU_USER_ADD_UPDATE:
if (empty($data['uupasswordnew'])) {
$errors['uupasswordnew'] = get_string('missingfield', 'error', 'password');
}
......@@ -321,12 +377,12 @@ class admin_uploaduser_form2 extends moodleform {
}
break;
case UU_ADDNEW:
case UU_USER_ADDNEW:
if (empty($data['uupasswordnew'])) {
$errors['uupasswordnew'] = get_string('missingfield', 'error', 'password');
}
break;
case UU_ADDINC:
case UU_USER_ADDINC:
if (empty($data['uupasswordnew'])) {
$errors['uupasswordnew'] = get_string('missingfield', 'error', 'password');
}
......@@ -335,7 +391,7 @@ class admin_uploaduser_form2 extends moodleform {
}
// look for other required data
if ($optype != UU_UPDATE) {
if ($optype != UU_USER_UPDATE) {
if (!in_array('firstname', $columns)) {
$errors['uutype'] = get_string('missingfield', 'error', 'firstname');
}
......@@ -369,7 +425,7 @@ class admin_uploaduser_form2 extends moodleform {
function get_data() {
$data = parent::get_data();
if ($data !== null) {
if ($data !== null and isset($data->description)) {
$data->descriptionformat = $data->description['format'];
$data->description = $data->description['text'];
}
......@@ -377,11 +433,3 @@ class admin_uploaduser_form2 extends moodleform {
return $data;
}
}
class admin_uploaduser_form3 extends moodleform {
function definition (){
global $CFG, $USER;
$mform =& $this->_form;
$this->add_action_buttons(false, get_string('uploadnewfile'));
}
}
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Bulk user registration functions
*
* @package core
* @subpackage admin
* @copyright 2004 onwards Martin Dougiamas (http://dougiamas.com)
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
define('UU_USER_ADDNEW', 0);
define('UU_USER_ADDINC', 1);
define('UU_USER_ADD_UPDATE', 2);
define('UU_USER_UPDATE', 3);
define('UU_UPDATE_NOCHANGES', 0);
define('UU_UPDATE_FILEOVERRIDE', 1);
define('UU_UPDATE_ALLOVERRIDE', 2);
define('UU_UPDATE_MISSING', 3);
define('UU_BULK_NONE', 0);
define('UU_BULK_NEW', 1);
define('UU_BULK_UPDATED', 2);
define('UU_BULK_ALL', 3);
define('UU_PWRESET_NONE', 0);
define('UU_PWRESET_WEAK', 1);
define('UU_PWRESET_ALL', 2);
/**
* Tracking of processed users.
*
* This class prints user information into a html table.
*
* @package core
* @subpackage admin
* @copyright 2007 Petr Skoda {@link http://skodak.org}
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class uu_progress_tracker {
private $_row;
public $columns = array('status', 'line', 'id', 'username', 'firstname', 'lastname', 'email', 'password', 'auth', 'enrolments', 'deleted');
/**
* Print table header.
* @return void
*/
public function start() {
$ci = 0;
echo '<table id="uuresults" class="generaltable boxaligncenter flexible-wrap" summary="'.get_string('uploadusersresult', 'admin').'">';
echo '<tr class="heading r0">';
echo '<th class="header c'.$ci++.'" scope="col">'.get_string('status').'</th>';
echo '<th class="header c'.$ci++.'" scope="col">'.get_string('uucsvline', 'admin').'</th>';
echo '<th class="header c'.$ci++.'" scope="col">ID</th>';
echo '<th class="header c'.$ci++.'" scope="col">'.get_string('username').'</th>';
echo '<th class="header c'.$ci++.'" scope="col">'.get_string('firstname').'</th>';
echo '<th class="header c'.$ci++.'" scope="col">'.get_string('lastname').'</th>';
echo '<th class="header c'.$ci++.'" scope="col">'.get_string('email').'</th>';
echo '<th class="header c'.$ci++.'" scope="col">'.get_string('password').'</th>';
echo '<th class="header c'.$ci++.'" scope="col">'.get_string('authentication').'</th>';
echo '<th class="header c'.$ci++.'" scope="col">'.get_string('enrolments', 'enrol').'</th>';
echo '<th class="header c'.$ci++.'" scope="col">'.get_string('delete').'</th>';
echo '</tr>';
$this->_row = null;
}
/**
* Flush previous line and start a new one.
* @return void
*/
public function flush() {
if (empty($this->_row) or empty($this->_row['line']['normal'])) {
// Nothing to print - each line has to have at least number
$this->_row = array();
foreach ($this->columns as $col) {
$this->_row[$col] = array('normal'=>'', 'info'=>'', 'warning'=>'', 'error'=>'');
}
return;
}
$ci = 0;
$ri = 1;
echo '<tr class="r'.$ri.'">';
foreach ($this->_row as $key=>$field) {
foreach ($field as $type=>$content) {
if ($field[$type] !== '') {
$field[$type] = '<span class="uu'.$type.'">'.$field[$type].'</span>';
} else {
unset($field[$type]);
}
}
echo '<td class="cell c'.$ci++.'">';
if (!empty($field)) {
echo implode('<br />', $field);
} else {
echo '&nbsp;';
}
echo '</td>';
}
echo '</tr>';
foreach ($this->columns as $col) {
$this->_row[$col] = array('normal'=>'', 'info'=>'', 'warning'=>'', 'error'=>'');
}
}
/**
* Add tracking info
* @param string $col name of column
* @param string $msg message
* @param string $level 'normal', 'warning' or 'error'
* @param bool $merge true means add as new line, false means override all previous text of the same type
* @return void
*/
public function track($col, $msg, $level = 'normal', $merge = true) {
if (empty($this->_row)) {
$this->flush(); //init arrays
}
if (!in_array($col, $this->columns)) {
debugging('Incorrect column:'.$col);
return;
}
if ($merge) {
if ($this->_row[$col][$level] != '') {
$this->_row[$col][$level] .='<br />';
}
$this->_row[$col][$level] .= $msg;
} else {
$this->_row[$col][$level] = $msg;
}
}
/**
* Print the table end
* @return void
*/
public function close() {
$this->flush();
echo '</table>';
}
}
/**
* Validation callback function - verified the column line of csv file.
* Converts column names to lowercase too.
* @param csv_import_reader $cir
* @param array standard user fields
* @param array custom profile fields
* @param moodle_url $returnurl return url in case of any error
* @return array list of fields
*/
function uu_validate_user_upload_columns(csv_import_reader $cir, $stdfields, $frofilefields, moodle_url $returnurl) {
$columns = $cir->get_columns();
if (empty($columns)) {
$cir->close();
$cir->cleanup();
print_error('cannotreadtmpfile', 'error', $returnurl);
}
if (count($columns) < 2) {
$cir->close();
$cir->cleanup();
print_error('csvfewcolumns', 'error', $returnurl);
}
// test columns
$processed = array();
foreach ($columns as $key=>$unused) {
$field = strtolower($columns[$key]); // no unicode expected here, ignore case
if (!in_array($field, $stdfields) && !in_array($field, $frofilefields) &&// if not a standard field and not an enrolment field, then we have an error
!preg_match('/^course\d+$/', $field) && !preg_match('/^group\d+$/', $field) &&
!preg_match('/^type\d+$/', $field) && !preg_match('/^role\d+$/', $field) &&
!preg_match('/^enrolperiod\d+$/', $field)) {
print_error('invalidfieldname', 'error', $returnurl, $field);
}
if (in_array($field, $processed)) {
$cir->close();
$cir->cleanup();
print_error('duplicatefieldname', 'error', $returnurl, $field);
}
$processed[$key] = $field;
}
return $processed;
}
/**
* Increments username - increments trailing number or adds it if not present.
* Varifies that the new username does not exist yet
* @param string $username
* @return incremented username which does not exist yet
*/
function uu_increment_username($username) {
global $DB, $CFG;
if (!preg_match_all('/(.*?)([0-9]+)$/', $username, $matches)) {
$username = $username.'2';
} else {
$username = $matches[1][0].($matches[2][0]+1);
}
if ($DB->record_exists('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id))) {
return uu_increment_username($username);
} else {
return $username;
}
}
/**
* Check if default field contains templates and apply them.
* @param string template - potential tempalte string
* @param object user object- we need username, firstname and lastname
* @return string field value
*/
function uu_process_template($template, $user) {
if (is_array($template)) {
// hack for for support of text editors with format
$t = $template['text'];
} else {
$t = $template;
}
if (strpos($t, '%') === false) {
return $template;
}
$username = isset($user->username) ? $user->username : '';
$firstname = isset($user->firstname) ? $user->firstname : '';
$lastname = isset($user->lastname) ? $user->lastname : '';
$callback = partial('uu_process_template_callback', $username, $firstname, $lastname);
$result = preg_replace_callback('/(?<!%)%([+-~])?(\d)*([flu])/', $callback, $t);
if (is_null($result)) {
return $template; //error during regex processing??
} else {
if (array($template)) {
$template['text'] = $t;
return $t;
} else {
return $t;
}
}
}
/**
* Internal callback function.
*/
function uu_process_template_callback($block, $username, $firstname, $lastname) {
$textlib = textlib_get_instance();
$repl = $block[0];
switch ($block[3]) {
case 'u': $repl = $username; break;
case 'f': $repl = $firstname; break;
case 'l': $repl = $lastname; break;
}
switch ($block[1]) {
case '+': $repl = $textlib->strtoupper($repl); break;
case '-': $repl = $textlib->strtolower($repl); break;
case '~': $repl = $textlib->strtotitle($repl); break;
}
if (!empty($block[2])) {
$repl = $textlib->substr($repl, 0 , $block[2]);
}
return $repl;
}
/**
* Returns list of auth plugins that are enabled and known to work.
*
* If ppl want to use some other auth type they have to include it
* in the CSV file next on each line.
*
* @return array type=>name
*/
function uu_supported_auths() {
// only following plugins are guaranteed to work properly
$whitelist = array('manual', 'nologin', 'none', 'email');
$plugins = get_enabled_auth_plugins();
$choices = array();
foreach ($plugins as $plugin) {
if (!in_array($plugin, $whitelist)) {
continue;
}
$choices[$plugin] = get_string('pluginname', "auth_{$plugin}");
}
return $choices;
}