Commit 037273d8 authored by Stephen Bourget's avatar Stephen Bourget
Browse files

MDL-12689: convert auth plugins to use settings.php

parent 216ea39b
......@@ -16,6 +16,9 @@ $err = array();
$returnurl = "$CFG->wwwroot/$CFG->admin/settings.php?section=manageauths";
debugging("Use of config.html files in authentication plugins have been depreciated. " .
" Please migrate your plugin to use the admin settings API", DEBUG_DEVELOPER);
// save configuration changes
if ($frm = data_submitted() and confirm_sesskey()) {
......@@ -86,12 +89,28 @@ exit;
/// Functions /////////////////////////////////////////////////////////////////
// Good enough for most auth plugins
// but some may want a custom one if they are offering
// other options
// Note: lockconfig_ fields have special handling.
/**
* auth field locking
* Good enough for most auth plugins
* but some may want a custom one if they are offering
* other options
* Note: lockconfig_ fields have special handling.
*
* @param string $auth authentication plugin shortname
* @param array $user_fields user profile fields
* @param string $helptext help text to be displayed at top of form
* @param boolean $retrieveopts Map fields or lock only.
* @param boolean $updateopts Allow remote updates
* @param array $customfields list of custom profile fields
* @deprecated since Moodle 3.3
*/
function print_auth_lock_options($auth, $user_fields, $helptext, $retrieveopts, $updateopts, $customfields = array()) {
global $DB, $OUTPUT;
debugging("The function 'print_auth_lock_options' has been depreciated, " .
"Please migrate your code to use the admin settings API and use the function 'display_auth_lock_options' instead. ",
DEBUG_DEVELOPER);
echo '<tr><td colspan="3">';
if ($retrieveopts) {
echo $OUTPUT->heading(get_string('auth_data_mapping', 'auth'));
......
......@@ -230,47 +230,6 @@ class auth_plugin_cas extends auth_plugin_ldap {
}
}
/**
* Prints a form for configuring this authentication plugin.
*
* This function is called from admin/auth.php, and outputs a full page with
* a form for configuring this plugin.
*
* @param array $page An object containing all the data for this page.
*/
function config_form($config, $err, $user_fields) {
global $CFG, $OUTPUT;
if (!function_exists('ldap_connect')) { // Is php-ldap really there?
echo $OUTPUT->notification(get_string('auth_ldap_noextension', 'auth_ldap'));
// Don't return here, like we do in auth/ldap. We cas use CAS without LDAP.
// So just warn the user (done above) and define the LDAP constants we use
// in config.html, to silence the warnings.
if (!defined('LDAP_DEREF_NEVER')) {
define ('LDAP_DEREF_NEVER', 0);
}
if (!defined('LDAP_DEREF_ALWAYS')) {
define ('LDAP_DEREF_ALWAYS', 3);
}
}
include($CFG->dirroot.'/auth/cas/config.html');
}
/**
* A chance to validate form data, and last chance to
* do stuff before it is inserted in config_plugin
* @param object object with submitted configuration settings (without system magic quotes)
* @param array $err array of error messages
*/
function validate_form($form, &$err) {
$certificate_path = trim($form->certificate_path);
if ($form->certificate_check && empty($certificate_path)) {
$err['certificate_path'] = get_string('auth_cas_certificate_path_empty', 'auth_cas');
}
}
/**
* Returns the URL for changing the user's pw, or empty if the default can
* be used.
......@@ -281,143 +240,6 @@ class auth_plugin_cas extends auth_plugin_ldap {
return null;
}
/**
* Processes and stores configuration data for this authentication plugin.
*/
function process_config($config) {
// CAS settings
if (!isset($config->hostname)) {
$config->hostname = '';
}
if (!isset($config->port)) {
$config->port = '';
}
if (!isset($config->casversion)) {
$config->casversion = '';
}
if (!isset($config->baseuri)) {
$config->baseuri = '';
}
if (!isset($config->language)) {
$config->language = '';
}
if (!isset($config->proxycas)) {
$config->proxycas = '';
}
if (!isset($config->logoutcas)) {
$config->logoutcas = '';
}
if (!isset($config->multiauth)) {
$config->multiauth = '';
}
if (!isset($config->certificate_check)) {
$config->certificate_check = '';
}
if (!isset($config->certificate_path)) {
$config->certificate_path = '';
}
if (!isset($config->curl_ssl_version)) {
$config->curl_ssl_version = '';
}
if (!isset($config->logout_return_url)) {
$config->logout_return_url = '';
}
// LDAP settings
if (!isset($config->host_url)) {
$config->host_url = '';
}
if (!isset($config->start_tls)) {
$config->start_tls = false;
}
if (empty($config->ldapencoding)) {
$config->ldapencoding = 'utf-8';
}
if (!isset($config->pagesize)) {
$config->pagesize = LDAP_DEFAULT_PAGESIZE;
}
if (!isset($config->contexts)) {
$config->contexts = '';
}
if (!isset($config->user_type)) {
$config->user_type = 'default';
}
if (!isset($config->user_attribute)) {
$config->user_attribute = '';
}
if (!isset($config->search_sub)) {
$config->search_sub = '';
}
if (!isset($config->opt_deref)) {
$config->opt_deref = LDAP_DEREF_NEVER;
}
if (!isset($config->bind_dn)) {
$config->bind_dn = '';
}
if (!isset($config->bind_pw)) {
$config->bind_pw = '';
}
if (!isset($config->ldap_version)) {
$config->ldap_version = '3';
}
if (!isset($config->objectclass)) {
$config->objectclass = '';
}
if (!isset($config->memberattribute)) {
$config->memberattribute = '';
}
if (!isset($config->memberattribute_isdn)) {
$config->memberattribute_isdn = '';
}
if (!isset($config->attrcreators)) {
$config->attrcreators = '';
}
if (!isset($config->groupecreators)) {
$config->groupecreators = '';
}
if (!isset($config->removeuser)) {
$config->removeuser = AUTH_REMOVEUSER_KEEP;
}
// save CAS settings
set_config('hostname', trim($config->hostname), $this->pluginconfig);
set_config('port', trim($config->port), $this->pluginconfig);
set_config('casversion', $config->casversion, $this->pluginconfig);
set_config('baseuri', trim($config->baseuri), $this->pluginconfig);
set_config('language', $config->language, $this->pluginconfig);
set_config('proxycas', $config->proxycas, $this->pluginconfig);
set_config('logoutcas', $config->logoutcas, $this->pluginconfig);
set_config('multiauth', $config->multiauth, $this->pluginconfig);
set_config('certificate_check', $config->certificate_check, $this->pluginconfig);
set_config('certificate_path', $config->certificate_path, $this->pluginconfig);
set_config('curl_ssl_version', $config->curl_ssl_version, $this->pluginconfig);
set_config('logout_return_url', $config->logout_return_url, $this->pluginconfig);
// save LDAP settings
set_config('host_url', trim($config->host_url), $this->pluginconfig);
set_config('start_tls', $config->start_tls, $this->pluginconfig);
set_config('ldapencoding', trim($config->ldapencoding), $this->pluginconfig);
set_config('pagesize', (int)trim($config->pagesize), $this->pluginconfig);
set_config('contexts', trim($config->contexts), $this->pluginconfig);
set_config('user_type', core_text::strtolower(trim($config->user_type)), $this->pluginconfig);
set_config('user_attribute', core_text::strtolower(trim($config->user_attribute)), $this->pluginconfig);
set_config('search_sub', $config->search_sub, $this->pluginconfig);
set_config('opt_deref', $config->opt_deref, $this->pluginconfig);
set_config('bind_dn', trim($config->bind_dn), $this->pluginconfig);
set_config('bind_pw', $config->bind_pw, $this->pluginconfig);
set_config('ldap_version', $config->ldap_version, $this->pluginconfig);
set_config('objectclass', trim($config->objectclass), $this->pluginconfig);
set_config('memberattribute', core_text::strtolower(trim($config->memberattribute)), $this->pluginconfig);
set_config('memberattribute_isdn', $config->memberattribute_isdn, $this->pluginconfig);
set_config('attrcreators', trim($config->attrcreators), $this->pluginconfig);
set_config('groupecreators', trim($config->groupecreators), $this->pluginconfig);
set_config('removeuser', $config->removeuser, $this->pluginconfig);
return true;
}
/**
* Returns true if user should be coursecreator.
*
......
<?php
include($CFG->dirroot.'/auth/cas/languages.php');
// set to defaults if undefined (CAS)
if (!isset ($config->hostname)) {
$config->hostname = '';
}
if (!isset ($config->port)) {
$config->port = '';
}
if (!isset ($config->casversion)) {
$config->casversion = CAS_VERSION_2_0;
}
if (!isset ($config->baseuri)) {
$config->baseuri = '';
}
if (!isset ($config->language)) {
$config->language = '';
}
if (!isset ($config->proxycas)) {
$config->proxycas = '';
}
if (!isset ($config->logoutcas)) {
$config->logoutcas = '';
}
if (!isset ($config->multiauth)) {
$config->multiauth = '';
}
if (!isset ($config->certificate_check)) {
$config->certificate_check = '';
}
if (!isset ($config->certificate_path)) {
$config->certificate_path = '';
}
if (!isset($config->curl_ssl_version)) {
$config->curl_ssl_version = '';
}
if (!isset($config->logout_return_url)) {
$config->logout_return_url = '';
}
// set to defaults if undefined (LDAP)
if (!isset($config->host_url)) {
$config->host_url = '';
}
if (!isset($config->start_tls)) {
$config->start_tls = false;
}
if (empty($config->ldapencoding)) {
$config->ldapencoding = 'utf-8';
}
if (!isset($config->pagesize)) {
$config->pagesize = LDAP_DEFAULT_PAGESIZE;
}
if (!isset($config->contexts)) {
$config->contexts = '';
}
if (!isset($config->user_type)) {
$config->user_type = 'default';
}
if (!isset($config->user_attribute)) {
$config->user_attribute = '';
}
if (!isset($config->search_sub)) {
$config->search_sub = '';
}
if (!isset($config->opt_deref)) {
$config->opt_deref = LDAP_DEREF_NEVER;
}
if (!isset($config->bind_dn)) {
$config->bind_dn = '';
}
if (!isset($config->bind_pw)) {
$config->bind_pw = '';
}
if (!isset($config->ldap_version)) {
$config->ldap_version = '3';
}
if (!isset($config->objectclass)) {
$config->objectclass = '';
}
if (!isset($config->memberattribute)) {
$config->memberattribute = '';
}
if (!isset($config->memberattribute_isdn)) {
$config->memberattribute_isdn = '';
}
if (!isset($config->groupecreators)) {
$config->groupecreators = '';
}
if (!isset($config->attrcreators)) {
$config->attrcreators = '';
}
if (!isset($config->removeuser)) {
$config->removeuser = AUTH_REMOVEUSER_KEEP;
}
$yesno = array( get_string('no'), get_string('yes') );
$disabled = '';
$pagedresultssupported = false;
if ($config->host_url !== '') {
/**
* We try to connect each and every time we open the config, because we want to set the Page
* Size setting as enabled or disabled depending on the configured LDAP server supporting
* pagination or not, and to notify the user about it. If the user changed the LDAP server (or
* the LDAP protocol version) last time, it might happen that paged results are no longer
* available and we want to show that to the user the next time she goes to the settings page.
*/
try {
$ldapconn = $this->ldap_connect();
$pagedresultssupported = ldap_paged_results_supported($config->ldap_version, $ldapconn);
} catch (Exception $e) {
// If we couldn't connect and get the supported options, we can only assume we don't support paged results.
$pagedresultssupported = false;
}
}
/* Make sure we only disable the paged result size setting and show the notification about it if
* there is a configured server that we tried to contact. Othersiwe, if someone's LDAP server does
* support paged results, they won't be able to turn it on the first time they set it up (because
* the field will be disabled).
*/
if (($config->host_url !== '') && (!$pagedresultssupported)) {
$disabled = ' disabled="disabled"';
echo $OUTPUT->notification(get_string('pagedresultsnotsupp', 'auth_ldap'), \core\output\notification::NOTIFY_INFO);
}
?>
<table cellspacing="0" cellpadding="5" border="0">
<tr>
<td colspan="2">
<h4><?php print_string('auth_cas_server_settings', 'auth_cas') ?></h4>
</td>
</tr>
<tr valign="top" class="required">
<td align="right"><label for="hostname"><?php print_string('auth_cas_hostname_key', 'auth_cas') ?>: </label></td>
<td>
<input name="hostname" id="hostname" type="text" size="30" value="<?php echo $config->hostname ?>" />
<?php if (isset($err['hostname'])) { echo $OUTPUT->error_text($err['hostname']); } ?>
</td>
<td>
<?php print_string('auth_cas_hostname', 'auth_cas') ?>
</td>
</tr>
<tr valign="top" class="required">
<td align="right">
<label for="baseuri"><?php print_string('auth_cas_baseuri_key', 'auth_cas') ?>: </label>
</td>
<td>
<input name="baseuri" id="baseuri" type="text" size="30" value="<?php echo $config->baseuri ?>" />
<?php if (isset($err['baseuri'])) { echo $OUTPUT->error_text($err['baseuri']); } ?>
</td>
<td>
<?php print_string('auth_cas_baseuri', 'auth_cas') ?>
</td>
</tr>
<tr valign="top" class="required">
<td align="right">
<label for="port"><?php print_string('auth_cas_port_key', 'auth_cas') ?>: </label>
</td>
<td>
<input name="port" id="port" type="text" size="30" value="<?php echo $config->port ?>" />
<?php if (isset($err['port'])) { echo $OUTPUT->error_text($err['port']); } ?>
</td>
<td>
<?php print_string('auth_cas_port', 'auth_cas') ?>
</td>
</tr>
<tr valign="top" class="required">
<td align="right">
<?php echo html_writer::label(get_string('auth_cas_casversion', 'auth_cas'), 'menucasversion'); ?>:
</td>
<td>
<?php
$casversions = array();
$casversions[CAS_VERSION_1_0] = 'CAS 1.0';
$casversions[CAS_VERSION_2_0] = 'CAS 2.0';
echo html_writer::select($casversions, 'casversion', $config->casversion, false);
if (isset($err['casversion'])) { echo $OUTPUT->error_text($err['casversion']); }
?>
</td>
<td>
<?php print_string('auth_cas_version', 'auth_cas') ?>
</td>
</tr>
<tr valign="top" class="required">
<td align="right"><?php echo html_writer::label(get_string('auth_cas_language_key', 'auth_cas'), 'menulanguage'); ?>:</td>
<td>
<?php echo html_writer::select($CASLANGUAGES, 'language', $config->language, false); ?>
</td>
<td>
<?php print_string('auth_cas_language', 'auth_cas') ?>
</td>
</tr>
<tr valign="top" class="required">
<td align="right">
<?php echo html_writer::label(get_string('auth_cas_proxycas_key', 'auth_cas'), 'menuproxycas'); ?>:
</td>
<td>
<?php echo html_writer::select($yesno, 'proxycas', $config->proxycas, false); ?>
</td>
<td>
<?php print_string('auth_cas_proxycas', 'auth_cas') ?>
</td>
</tr>
<tr valign="top" class="required">
<td align="right"><?php echo html_writer::label(get_string('auth_cas_logoutcas_key', 'auth_cas'), 'menulogoutcas'); ?>:</td>
<td>
<?php echo html_writer::select($yesno, 'logoutcas', $config->logoutcas, false); ?>
</td>
<td>
<?php print_string('auth_cas_logoutcas', 'auth_cas') ?>
</td>
</tr>
<tr valign="top" class="required">
<td align="right"><?php echo html_writer::label(get_string('auth_cas_multiauth_key', 'auth_cas'), 'menumultiauth'); ?>:</td>
<td>
<?php echo html_writer::select($yesno, 'multiauth', $config->multiauth, false); ?>
</td>
<td>
<?php print_string('auth_cas_multiauth', 'auth_cas') ?>
</td>
</tr>
<tr valign="top" class="required">
<td align="right"><?php echo html_writer::label(get_string('auth_cas_certificate_check_key', 'auth_cas'), 'menucertificate_check'); ?>:</td>
<td>
<?php echo html_writer::select($yesno, 'certificate_check', $config->certificate_check, false); ?>
</td>
<td>
<?php print_string('auth_cas_certificate_check', 'auth_cas') ?>
</td>
</tr>
<tr valign="top" class="required">
<td align="right"><label for="certificate_path"><?php print_string('auth_cas_certificate_path_key', 'auth_cas') ?>: </label></td>
<td>
<input name="certificate_path" id="certificate_path" type="text" size="30" value="<?php echo $config->certificate_path ?>" />
<?php if (isset($err['certificate_path'])) echo $OUTPUT->error_text($err['certificate_path']); ?>
</td>
<td>
<?php print_string('auth_cas_certificate_path', 'auth_cas') ?>
</td>
</tr>
<tr valign="top" class="required">
<td align="right"><label for="curl_ ssl_version"><?php print_string('auth_cas_curl_ssl_version_key', 'auth_cas') ?>: </label></td>
<td>
<?php
$sslversions = array();
$sslversions[''] = get_string('auth_cas_curl_ssl_version_default', 'auth_cas');
if (defined('CURL_SSLVERSION_TLSv1')) {
$sslversions[CURL_SSLVERSION_TLSv1] = get_string('auth_cas_curl_ssl_version_TLSv1x', 'auth_cas');
}
if (defined('CURL_SSLVERSION_TLSv1_0')) {
$sslversions[CURL_SSLVERSION_TLSv1_0] = get_string('auth_cas_curl_ssl_version_TLSv10', 'auth_cas');
}
if (defined('CURL_SSLVERSION_TLSv1_1')) {
$sslversions[CURL_SSLVERSION_TLSv1_1] = get_string('auth_cas_curl_ssl_version_TLSv11', 'auth_cas');
}
if (defined('CURL_SSLVERSION_TLSv1_2')) {
$sslversions[CURL_SSLVERSION_TLSv1_2] = get_string('auth_cas_curl_ssl_version_TLSv12', 'auth_cas');
}
if (defined('CURL_SSLVERSION_SSLv2')) {
$sslversions[CURL_SSLVERSION_SSLv2] = get_string('auth_cas_curl_ssl_version_SSLv2', 'auth_cas');
}
if (defined('CURL_SSLVERSION_SSLv3')) {
$sslversions[CURL_SSLVERSION_SSLv3] = get_string('auth_cas_curl_ssl_version_SSLv3', 'auth_cas');
}
echo html_writer::select($sslversions, 'curl_ssl_version', $config->curl_ssl_version, false);
if (isset($err['curl_ssl_version'])) echo $OUTPUT->error_text($err['curl_ssl_version']);
?>
</td>
<td>
<?php print_string('auth_cas_curl_ssl_version', 'auth_cas') ?>
</td>
</tr>
<tr valign="top" class="required">
<td align="right"><?php print_string('auth_cas_logout_return_url_key', 'auth_cas') ?>:</td>
<td>
<input name="logout_return_url" type="text" size="30" value="<?php echo $config->logout_return_url ?>" />
<?php if (isset($err['logout_return_url'])) { echo $OUTPUT->error_text($err['logout_return_url']); } ?>
</td>
<td>
<?php print_string('auth_cas_logout_return_url', 'auth_cas') ?>
</td>
</tr>
<tr>
<td colspan="2">
<h4><?php print_string('auth_ldap_server_settings', 'auth_ldap') ?></h4>
</td>
</tr>
<tr valign="top" class="required">
<td align="right">
<label for="host_url"><?php print_string('auth_ldap_host_url_key', 'auth_ldap') ?></label>
</td>
<td>
<input name="host_url" id="host_url" type="text" size="30" value="<?php echo $config->host_url?>" />
<?php if (isset($err['host_url'])) { echo $OUTPUT->error_text($err['host_url']); } ?>
</td>
<td>
<?php print_string('auth_ldap_host_url', 'auth_ldap') ?>
</td>
</tr>
<tr valign="top" class="required">
<td align="right"><label for="ldap_version"><?php print_string('auth_ldap_version_key', 'auth_ldap') ?></label></td>
<td>
<?php
$versions = array();
$versions[2] = '2';
$versions[3] = '3';
echo html_writer::select($versions, 'ldap_version', $config->ldap_version, false);
if (isset($err['ldap_version'])) { echo $OUTPUT->error_text($err['ldap_version']); }
?>
</td>
<td>
<?php print_string('auth_ldap_version', 'auth_ldap') ?>
</td>
</tr>
<tr valign="top">
<td align="right">
<label for="start_tls"><?php print_string('start_tls_key', 'auth_ldap') ?></label>
</td>
<td>
<?php echo html_writer::select($yesno, 'start_tls', $config->start_tls, false); ?>
</td>
<td>
<?php print_string('start_tls', 'auth_ldap') ?>
</td>
</tr>
<tr valign="top" class="required">
<td align="right">
<label for="ldapencoding"><?php print_string('auth_ldap_ldap_encoding_key', 'auth_ldap') ?></label>
</td>
<td>
<input id="ldapencoding" name="ldapencoding" type="text" value="<?php echo $config->ldapencoding ?>" />
<?php if (isset($err['ldapencoding'])) { echo $OUTPUT->error_text($err['ldapencoding']); } ?>
</td>
<td>
<?php print_string('auth_ldap_ldap_encoding', 'auth_ldap') ?>
</td>
</tr>
<tr valign="top">
<td align="right">
<label for="pagesize"><?php print_string('pagesize_key', 'auth_ldap') ?></label>
</td>
<td>
<input id="pagesize" name="pagesize" type="text" value="<?php echo $config->pagesize ?>" <?php echo $disabled ?>/>
<?php
if (isset($err['pagesize'])) { echo $OUTPUT->error_text($err['pagesize']); }
if ($disabled) {
// Don't loose the page size value (disabled fields are not submitted!)
?>
<input id="pagesize" name="pagesize" type="hidden" value="<?php echo $config->pagesize ?>" />
<?php } ?>
</td>
<td>
<?php print_string('pagesize', 'auth_ldap') ?>
</td>
</tr>
<tr>
<td colspan="2">
<h4><?php print_string('auth_ldap_bind_settings', 'auth_ldap') ?></h4>
</td>
</tr>
<tr valign="top" class="required">
<td align="right">
<label for="bind_dn"><?php print_string('auth_ldap_bind_dn_key', 'auth_ldap') ?></label>
</td>
<td>
<input name="bind_dn" id="bind_dn" type="text" size="30" value="<?php echo $config->bind_dn?>" />
<?php if (isset($err['bind_dn'])) { echo $OUTPUT->error_text($err['bind_dn']); } ?>
</td>
<td>
<?php print_string('auth_ldap_bind_dn', 'auth_ldap') ?>
</td>
</tr>
<tr valign="top" class="required">
<td align="right">
<label for="bind_pw"><?php print_string('auth_ldap_bind_pw_key', 'auth_ldap') ?></label>
</td>
<td>
<input name="bind_pw" id="bind_pw" type="password" size="30" value="<?php echo $config->bind_pw?>" autocomplete="off"/>
<?php if (isset($err['bind_pw'])) { echo $OUTPUT->error_text($err['bind_pw']); } ?>
</td>
<td>
<?php print_string('auth_ldap_bind_pw', 'auth_ldap') ?>
</td>
</tr>
<tr>
<td colspan="2">
<h4><?php print_string('auth_ldap_user_settings', 'auth_ldap') ?></h4>
</td>
</tr>
<tr valign="top" class="required">
<td align="right">