Commit Graph

173 Commits

Author SHA1 Message Date
David Mudrák d82859b2c1 MDL-46946 user: Make missing required custom fields trigger profile edit
If there is a required custom field that the user can fill by editing
their profile, and that field is missing, the user should be considered
as not fully set up. Instead, we want to redirect them to edit their
profile first.

There are some exceptions when we want to fall back to the previous
behaviour and check just the name and email fields. These exceptional
cases include checking remote user data in incoming MNet request (no
user id, no custom fields supported) and calls to require_login() with
redirecting disabled (typically ajax filepicker requests on profile
editing page itself).

Additional plugins that call the function user_not_fully_set_up()
themselves, should perform the strict check in most/typical cases. So
the strict mode is enabled by default even if it changes the behaviour
slightly. In improbable case of additional plugins relying on the
previous behaviour of the function, they can use the $strict parameter
and keep performing the lax check. However, I am sure the correct fix in
that case will likely be to stop abusing this function.

Note that custom fields are not currently transferred during the MNet
roaming. So having custom fields configured as required on MNet service
provider site (where users can't edit their profiles) is expected to
display an error (as the site is considered as misconfigured).
2016-09-21 18:02:51 +02:00
Cameron Ball 8ffe9aef1f MDL-53580 auth_ldap: Set default value for suspended_attribute
It was also necessary to cast some boolean values to ints as a
workaround for moodle's broken boolean validation.
2016-05-10 23:04:46 +08:00
Cameron Ball 6141dcfe67 MDL-52386 auth_ldap: Add support for disabled accounts 2016-03-11 16:48:18 +08:00
Rajesh Taneja b4a5d4fa17 MDL-52387 auth_ldap: Use proper dn to find password age
dn with fine grained password should be used
to get msds-maximumpasswordage attribute.
No checks should be used to see if the array
key is set as entry should always return them.
2016-02-18 11:38:03 +08:00
David Monllao ce74ad69ae Merge branch 'MDL-52387-master' of git://github.com/lameze/moodle 2016-02-16 11:25:22 +08:00
Simey Lameze c1bc628e1d MDL-52387 auth_ldap: add support for fine grained password
Contributed by Matthew Johnson.
2016-02-16 11:03:42 +08:00
Andrew Nicols abedeb8c70 MDL-51723 ldap: Normalise the user objectclass 2016-02-01 10:24:34 +08:00
Marina Glancy 4a89e83b80 MDL-52285 auth: use __construct() for constructors 2015-12-10 13:40:42 +08:00
Simey Lameze 06ae66043b MDL-49360 core_lib: remove get_referer() call form auth ldap 2015-07-29 10:43:03 +08:00
Simey Lameze 25565918d9 MDL-49360 core_lib: fix typo on auth_ldap 2015-07-28 15:04:27 +08:00
Simey Lameze dcee0b9447 MDL-49360 core_lib: add new method get_local_referer()
This commit also replace all usages of $_SERVER['HTTP_REFERER'] and get_referer().
2015-07-27 11:11:24 +08:00
Eloy Lafuente (stronk7) 870d1aae1e MDL-49022 auth_ldap: keep method visibility unmodified. 2015-06-24 03:07:35 +02:00
Mark Ward 7b9643b59c MDL-49022 auth_ldap: trigger event when required.
When calling update_user_record() for auth_ldap the method
now has option to trigger event core\event\user_updated when
syncing with domain controller.
This means that the event will be triggered by sync_users()
but not by user_signup().
2015-06-23 17:00:34 +08:00
Marina Glancy 4f8b6d5674 MDL-50099 auth: less verbose account confirmed message 2015-05-05 15:33:36 +01:00
Frederic Massart b2687a055d MDL-49179 weblib: Secure the direct usage of $_SERVER['HTTP_REFERER'] 2015-05-05 18:31:13 +08:00
Eloy Lafuente (stronk7) 6054036fbc Merge branch 'MDL-48255-master' of git://github.com/lameze/moodle 2014-12-08 19:14:07 +01:00
Simey Lameze ef9739f0eb MDL-48255 auth_ldap: make ldap cookie check more robust
Thanks to Baptiste Desprez for spotting this and provide a solution.
2014-12-02 15:28:03 +08:00
Petr Skoda 1d658535b6 MDL-47830 auth: Add pw rotation restrictions 2014-12-01 08:53:52 +13:00
Petr Skoda f720c2c060 MDL-48282 Standardise update of user->firstaccess 2014-11-21 09:25:57 +13:00
zbdd 77218e4a52 MDL-42993 auth: spaces removed from usernames by default only
Functionality by default does not change with this patch.
However spaces are no longer stripped when cleaning usernames IF
$CFG->extendedusernamechars has been set.

Also included 2 trim statements where small issues were found with reading
external usernames in that  were not filtered for trailing whitespaces.
2014-10-01 08:24:54 +13:00
Rajesh Taneja 9363073b22 MDL-45641 event: Manually trigger event where needed.
Some places, user_created_user and user_updated_user
events should be triggred after profile data is saved.
2014-06-27 15:44:56 +08:00
Dan Poltawski e78e671f29 Merge branch 'MDL-43405_master' of https://github.com/markn86/moodle 2014-02-25 10:30:35 +08:00
fabmen fcf2176098 MDL-43405 auth_ldap: Fixed issue with undefined variable: ldap_cookie 2014-02-16 14:22:48 -08:00
Iñaki Arenaza a8451603cf MDL-32724: LDAP Auth function user_update() returns true even if update has failed 2014-02-04 19:28:59 +01:00
Petr Škoda 64ad5208a9 MDL-43585 remove incorrect user/lib.php include 2014-01-07 12:16:02 +08:00
Mark Nelson 8bf0f20795 MDL-42932 core_calendar: introduced calendar type system setting 2013-12-09 18:40:46 -08:00
Ankit Agarwal 963cdce4e2 MDL-42097 auth: Auth plugins must check passwordurl before returning it 2013-12-03 14:17:42 +08:00
Mark Nelson 5991cabfd7 MDL-40045 auth: removed unnecessary add_to_log calls
Both LDAP and Shibboleth call complete_user_login which triggers
a user_loggedin event that handles the legacy call to add_to_log.
2013-10-21 11:53:30 +08:00
Petr Škoda d79d5ac276 MDL-31501 rework user session architecture
List of changes:
 * New OOP API using PHP namespace \core\session\.
 * All handlers now update the sessions table consistently.
 * Experimental DB session support in Oracle.
 * Full support for session file handler (filesystem locking required).
 * New option for alternative session directory.
 * Official memcached session handler support.
 * Workaround for memcached version with non-functional gc.
 * Improved security - forced session id regeneration.
 * Improved compatibility with recent PHP releases.
 * Fixed borked CSS during install in debug mode.
 * Switched to file based sessions in new installs.
 * DB session setting disappears if DB does not support sessions.
 * DB session setting disappears if session handler specified in config.php.
 * Fast purging of sessions used in request only.
 * No legacy distinction -  file, database and memcached support the same functionality.
 * Session handler name included in performance info.
 * Fixed user_loggedin and user_loggedout event triggering.
 * Other minor bugfixing and improvements.
 * Fixed database session segfault if MUC disposed before $DB.

Limitations:
 * Session access time is now updated right after session start.
 * Support for $CFG->sessionlockloggedinonly was removed.
 * First request does not update userid in sessions table.
 * The timeouts may break badly if server hosting forces PHP.ini session settings.
 * The session GC is a lot slower, we do not rely on external session timeouts.
 * There cannot be any hooks triggered at the session write time.
 * File and memcached handlers do not support session lock acquire timeouts.
 * Some low level PHP session functions can not be used directly in Moodle code.
2013-09-21 13:11:56 +02:00
Dan Poltawski 378b3eac83 MDL-36316 useragent: Reduce user agent sniffing
* core_useragent: Introduce is_vendor methods to improve readability
  when we are just detecting if a browser is from a vendor, rather than
  the exact version

* Remove uncessary browser version checks when we are just detecting
  vendors - this makes the intention of our sniffing clearer.

* Remove sniffing for browsers which we do not support, grades/ajax/tinymce
  all support modern browsers so there is no need to sniff for them.
2013-09-13 14:25:37 +08:00
Rajesh Taneja bb78e249cd MDL-39961 Events: Replace Legacy events - User
This change includes:
* Added user_updated event, replacing old event
* Added user_created event, replacing old event
* Added user_deleted event, replacing old event
* Added user_loggedout event, replacing old event
* Added user_enrolment_created event, replacing old event
* Added user_enrolment_deleted event, replacing old event
* Added user_enrolment_updated event, replacing old event
2013-09-02 16:10:05 +08:00
Sam Hemelryk c3d2fbf9cd MDL-40931 useragent: separated user agent functionality into a lib
This commit moves user agent related functionality out of several
core libraries and combines it into a more manageable class.
All core uses are converted and functions deprecated in favor
of the new class.
2013-08-26 13:59:19 +12:00
Damyon Wiese 9ead041cdb Revert "MDL-40931 useragent: separated user agent functionality into a lib"
This reverts commit af62237d0e.
This reverts commit 87a4194fdc.
This reverts commit b2c66eb60c.

Conflicts:

	version.php
2013-08-22 13:31:25 +08:00
Sam Hemelryk af62237d0e MDL-40931 useragent: separated user agent functionality into a lib
This commit moves user agent related functionality out of several
core libraries and combines it into a more manageable class.
All core uses are converted and functions deprecated in favor
of the new class.
2013-08-16 09:02:01 +12:00
Petr Škoda 2f1e464a88 MDL-40438 migrate all collatorlib:: and textlib:: uses 2013-08-06 21:04:35 +02:00
Mark Nelson 9b29f68648 MDL-27953 auth: introduced new function can_be_manually_set() to the authentication base class 2013-07-29 17:06:08 +08:00
Sam Hemelryk 93b4d2658a Merge branch 'master_MDL-20867' of git://github.com/danmarsden/moodle 2013-07-10 11:07:00 +12:00
Damyon Wiese 8a011a9f0a Merge branch 'w28_MDL-40243_m26_ldapsuspend' of https://github.com/skodak/moodle 2013-07-09 13:44:01 +08:00
Tim Lock a9166e8210 MDL-40436: auth_ldap: Fixed warning when adding new LDAP users 2013-07-08 22:57:25 +08:00
Petr Škoda d03e450857 MDL-40243 use suspended flag in auth_enrol instead of nologin auth 2013-07-07 14:40:46 +02:00
Dan Marsden d962e8143d MDL-20867 LDAP NTLM fast path - allow FF to use NTLM when fastpath
enabled
2013-07-05 13:05:47 +12:00
Rajesh Taneja d8372b54b9 MDL-16982 Administration: Moved bulk action outside loop and using profile api to save data 2013-06-17 12:55:09 +08:00
Rajesh Taneja d836e3ed1f MDL-16982 Administration: Integrated Inaki's suggestions 2013-06-11 10:27:43 +08:00
Rajesh Taneja 57d135a1c6 MDL-16982 Administration: Cleaned whitespaces and alignment in orignal patch 2013-06-11 10:27:43 +08:00
Gilles-Philippe Leblanc b88adb55fc MDL-16982 Administration: Adding data mapping for custom user fields 2013-06-11 10:27:37 +08:00
Eloy Lafuente (stronk7) 0288c5ffe1 Merge branch 'MDL-39166-m25' of https://github.com/jfilip/moodle 2013-06-03 23:51:22 +02:00
Petr Škoda 60d7078adf MDL-39387 normalise MOODLE_INTERNAL 2013-04-27 15:09:05 +02:00
Petr Škoda a2f10958ff MDL-39387 fix /auth phpdocs 2013-04-27 15:06:40 +02:00
Justin Filip 9b8e4952d4 MDL-39166 auth_ldap Add triggers for user created/updated events. 2013-04-24 16:16:52 -04:00
Iñaki Arenaza 4bcb0396c2 MDL-38262 auth/{ldap,cas}: Fix undefined property notification on first config
Just move the test after we've set the default configuration values if
they are not defined.

Signed-off-by: Iñaki Arenaza <iarenaza@mondragon.edu>
2013-03-03 21:22:19 +01:00