coregrade/CoreGradeLearning
1
0
Fork 0
Code Issues Pull Requests Releases Activity

first commit

Browse Source
This commit is contained in:
CHIEFSOFT\ameye
2024-09-30 18:11:26 -04:00
commit e592ca6823
27270 changed files with 5002257 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
auth/mnet/auth.php
+1207
View File
File diff suppressed because it is too large Load Diff
auth/mnet/classes/privacy/provider.php
+273
View File
@@ -0,0 +1,273 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Privacy Subsystem implementation for auth_mnet.
*
* @package auth_mnet
* @copyright 2018 Carlos Escobedo <carlos@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_mnet\privacy;
defined('MOODLE_INTERNAL') || die();
use core_privacy\local\metadata\collection;
use core_privacy\local\request\contextlist;
use core_privacy\local\request\approved_contextlist;
use core_privacy\local\request\transform;
use core_privacy\local\request\writer;
use core_privacy\local\request\userlist;
use core_privacy\local\request\approved_userlist;
/**
* Privacy provider for the mnet authentication
*
* @copyright 2018 Carlos Escobedo <carlos@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class provider implements
\core_privacy\local\metadata\provider,
\core_privacy\local\request\core_userlist_provider,
\core_privacy\local\request\plugin\provider {
/**
* Returns meta data about this system.
*
* @param collection $collection The initialised item collection to add items to.
* @return collection A listing of user data stored through this system.
*/
public static function get_metadata(collection $collection): collection {
$sessionfields = [
'userid' => 'privacy:metadata:mnet_session:userid',
'username' => 'privacy:metadata:mnet_session:username',
'token' => 'privacy:metadata:mnet_session:token',
'mnethostid' => 'privacy:metadata:mnet_session:mnethostid',
'useragent' => 'privacy:metadata:mnet_session:useragent',
'expires' => 'privacy:metadata:mnet_session:expires'
];
$collection->add_database_table('mnet_session', $sessionfields, 'privacy:metadata:mnet_session');
$logfields = [
'hostid' => 'privacy:metadata:mnet_log:hostid',
'remoteid' => 'privacy:metadata:mnet_log:remoteid',
'time' => 'privacy:metadata:mnet_log:time',
'userid' => 'privacy:metadata:mnet_log:userid',
'ip' => 'privacy:metadata:mnet_log:ip',
'course' => 'privacy:metadata:mnet_log:course',
'coursename' => 'privacy:metadata:mnet_log:coursename',
'module' => 'privacy:metadata:mnet_log:module',
'cmid' => 'privacy:metadata:mnet_log:cmid',
'action' => 'privacy:metadata:mnet_log:action',
'url' => 'privacy:metadata:mnet_log:url',
'info' => 'privacy:metadata:mnet_log:info'
];
$collection->add_database_table('mnet_log', $logfields, 'privacy:metadata:mnet_log');
$externalfields = [
'address' => 'privacy:metadata:mnet_external:address',
'alternatename' => 'privacy:metadata:mnet_external:alternatename',
'autosubscribe' => 'privacy:metadata:mnet_external:autosubscribe',
'calendartype' => 'privacy:metadata:mnet_external:calendartype',
'city' => 'privacy:metadata:mnet_external:city',
'country' => 'privacy:metadata:mnet_external:country',
'currentlogin' => 'privacy:metadata:mnet_external:currentlogin',
'department' => 'privacy:metadata:mnet_external:department',
'description' => 'privacy:metadata:mnet_external:description',
'email' => 'privacy:metadata:mnet_external:email',
'emailstop' => 'privacy:metadata:mnet_external:emailstop',
'firstaccess' => 'privacy:metadata:mnet_external:firstaccess',
'firstname' => 'privacy:metadata:mnet_external:firstname',
'firstnamephonetic' => 'privacy:metadata:mnet_external:firstnamephonetic',
'id' => 'privacy:metadata:mnet_external:id',
'idnumber' => 'privacy:metadata:mnet_external:idnumber',
'imagealt' => 'privacy:metadata:mnet_external:imagealt',
'institution' => 'privacy:metadata:mnet_external:institution',
'lang' => 'privacy:metadata:mnet_external:lang',
'lastaccess' => 'privacy:metadata:mnet_external:lastaccess',
'lastlogin' => 'privacy:metadata:mnet_external:lastlogin',
'lastname' => 'privacy:metadata:mnet_external:lastname',
'lastnamephonetic' => 'privacy:metadata:mnet_external:lastnamephonetic',
'maildigest' => 'privacy:metadata:mnet_external:maildigest',
'maildisplay' => 'privacy:metadata:mnet_external:maildisplay',
'middlename' => 'privacy:metadata:mnet_external:middlename',
'phone1' => 'privacy:metadata:mnet_external:phone1',
'pnone2' => 'privacy:metadata:mnet_external:phone2',
'picture' => 'privacy:metadata:mnet_external:picture',
'policyagreed' => 'privacy:metadata:mnet_external:policyagreed',
'suspended' => 'privacy:metadata:mnet_external:suspended',
'timezone' => 'privacy:metadata:mnet_external:timezone',
'trackforums' => 'privacy:metadata:mnet_external:trackforums',
'trustbitmask' => 'privacy:metadata:mnet_external:trustbitmask',
'username' => 'privacy:metadata:mnet_external:username',
];
$collection->add_external_location_link('moodle', $externalfields, 'privacy:metadata:external:moodle');
$collection->add_external_location_link('mahara', $externalfields, 'privacy:metadata:external:mahara');
return $collection;
}
/**
* Get the list of contexts that contain user information for the specified user.
*
* @param int $userid The user to search.
* @return contextlist $contextlist The list of contexts used in this plugin.
*/
public static function get_contexts_for_userid(int $userid): contextlist {
$sql = "SELECT ctx.id
FROM {mnet_log} ml
JOIN {context} ctx ON ctx.instanceid = ml.userid AND ctx.contextlevel = :contextlevel
WHERE ml.userid = :userid";
$params = ['userid' => $userid, 'contextlevel' => CONTEXT_USER];
$contextlist = new contextlist();
$contextlist->add_from_sql($sql, $params);
return $contextlist;
}
/**
* Get the list of users within a specific context.
*
* @param userlist $userlist The userlist containing the list of users who have data in this context/plugin combination.
*/
public static function get_users_in_context(userlist $userlist) {
$context = $userlist->get_context();
if (!$context instanceof \context_user) {
return;
}
$sql = "SELECT userid
FROM {mnet_log}
WHERE userid = ?";
$params = [$context->instanceid];
$userlist->add_from_sql('userid', $sql, $params);
}
/**
* Export all user data for the specified user, in the specified contexts, using the supplied exporter instance.
*
* @param approved_contextlist $contextlist The approved contexts to export information for.
*/
public static function export_user_data(approved_contextlist $contextlist) {
global $DB;
$context = \context_user::instance($contextlist->get_user()->id);
$sql = "SELECT ml.id, mh.wwwroot, mh.name, ml.remoteid, ml.time, ml.userid, ml.ip, ml.course,
ml.coursename, ml.module, ml.cmid, ml.action, ml.url, ml.info
FROM {mnet_log} ml
JOIN {mnet_host} mh ON mh.id = ml.hostid
WHERE ml.userid = :userid
ORDER BY mh.name, ml.coursename";
$params = ['userid' => $contextlist->get_user()->id];
$data = [];
$lastcourseid = null;
$logentries = $DB->get_recordset_sql($sql, $params);
foreach ($logentries as $logentry) {
$item = (object) [
'time' => transform::datetime($logentry->time),
'remoteid' => $logentry->remoteid,
'ip' => $logentry->ip,
'course' => $logentry->course,
'coursename' => format_string($logentry->coursename),
'module' => $logentry->module,
'cmid' => $logentry->cmid,
'action' => $logentry->action,
'url' => $logentry->url,
'info' => format_string($logentry->info)
];
$item->externalhost =
($logentry->name == '') ? preg_replace('#^https?://#', '', $logentry->wwwroot) :
preg_replace('#^https?://#', '', $logentry->name);
if ($lastcourseid && $lastcourseid != $logentry->course) {
$path = [get_string('pluginname', 'auth_mnet'), $data[0]->externalhost, $data[0]->coursename];
writer::with_context($context)->export_data($path, (object) $data);
$data = [];
}
$data[] = $item;
$lastcourseid = $logentry->course;
}
$logentries->close();
$path = [get_string('pluginname', 'auth_mnet'), $item->externalhost, $item->coursename];
writer::with_context($context)->export_data($path, (object) $data);
}
/**
* Delete all personal data for all users in the specified context.
*
* @param context $context Context to delete data from.
*/
public static function delete_data_for_all_users_in_context(\context $context) {
global $DB;
if ($context->contextlevel != CONTEXT_USER) {
return;
}
$DB->delete_records('mnet_log', ['userid' => $context->instanceid]);
}
/**
* Delete multiple users within a single context.
*
* @param approved_userlist $userlist The approved context and user information to delete information for.
*/
public static function delete_data_for_users(approved_userlist $userlist) {
global $DB;
$context = $userlist->get_context();
if ($context instanceof \context_user) {
$DB->delete_records('mnet_log', ['userid' => $context->instanceid]);
}
}
/**
* Delete all user data for the specified user, in the specified contexts.
*
* @param approved_contextlist $contextlist The approved contexts and user information to delete information for.
*/
public static function delete_data_for_user(approved_contextlist $contextlist) {
global $DB;
if (empty($contextlist->count())) {
return;
}
$userid = $contextlist->get_user()->id;
foreach ($contextlist->get_contexts() as $context) {
if ($context->contextlevel != CONTEXT_USER) {
continue;
}
if ($context->instanceid == $userid) {
// Because we only use user contexts the instance ID is the user ID.
$DB->delete_records('mnet_log', ['userid' => $context->instanceid]);
}
}
}
}
auth/mnet/classes/task/cron_task.php
+47
View File
@@ -0,0 +1,47 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace auth_mnet\task;
defined('MOODLE_INTERNAL') || die();
/**
* A schedule task for mnet cron.
*
* @package auth_mnet
* @copyright 2019 Simey Lameze <simey@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class cron_task extends \core\task\scheduled_task {
/**
* Get a descriptive name for this task (shown to admins).
*
* @return string
*/
public function get_name() {
return get_string('crontask', 'auth_mnet');
}
/**
* Run auth mnet cron.
*/
public function execute() {
global $DB, $CFG;
require_once($CFG->dirroot . '/auth/mnet/auth.php');
$mnetplugin = new \auth_plugin_mnet();
$mnetplugin->keepalive_client();
$DB->delete_records_select('mnet_session', "expires < ?", [time() - DAYSECS]);
}
}
auth/mnet/db/install.php
+6
View File
@@ -0,0 +1,6 @@
<?php
function xmldb_auth_mnet_install() {
global $CFG, $DB;
}
auth/mnet/db/mnet.php
+65
View File
@@ -0,0 +1,65 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* This file contains the mnet services for the mnet authentication plugin
*
* @since Moodle 2.0
* @package auth_mnet
* @copyright 2010 Penny Leach
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
$publishes = array(
'sso_idp' => array(
'apiversion' => 1,
'classname' => 'auth_plugin_mnet',
'filename' => 'auth.php',
'methods' => array(
'user_authorise',
'keepalive_server',
'kill_children',
'refresh_log',
'fetch_user_image',
'fetch_theme_info',
'update_enrolments',
),
),
'sso_sp' => array(
'apiversion' => 1,
'classname' => 'auth_plugin_mnet',
'filename' => 'auth.php',
'methods' => array(
'keepalive_client',
'kill_child'
)
)
);
$subscribes = array(
'sso_idp' => array(
'user_authorise' => 'auth/mnet/auth.php/user_authorise',
'keepalive_server' => 'auth/mnet/auth.php/keepalive_server',
'kill_children' => 'auth/mnet/auth.php/kill_children',
'refresh_log' => 'auth/mnet/auth.php/refresh_log',
'fetch_user_image' => 'auth/mnet/auth.php/fetch_user_image',
'fetch_theme_info' => 'auth/mnet/auth.php/fetch_theme_info',
'update_enrolments' => 'auth/mnet/auth.php/update_enrolments',
),
'sso_sp' => array(
'keepalive_client' => 'auth/mnet/auth.php/keepalive_client',
'kill_child' => 'auth/mnet/auth.php/kill_child',
),
);
auth/mnet/db/tasks.php
+34
View File
@@ -0,0 +1,34 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Definition of chat scheduled tasks.
*
* @package auth_mnet
* @copyright 2019 Simey Lameze <simey@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
$tasks = array(
array(
'classname' => '\auth_mnet\task\cron_task',
'blocking' => 0,
'minute' => '*/10',
'hour' => '*',
'day' => '*',
'month' => '*',
'dayofweek' => '*'
)
);
auth/mnet/db/upgrade.php
+44
View File
@@ -0,0 +1,44 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Keeps track of upgrades to the auth_mnet plugin
*
* @package auth_mnet
* @copyright 2010 David Mudrak <david@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
/**
* Function to upgrade auth_mnet.
* @param int $oldversion the version we are upgrading from
* @return bool result
*/
function xmldb_auth_mnet_upgrade($oldversion) {
// Automatically generated Moodle v4.1.0 release upgrade line.
// Put any upgrade step following this.
// Automatically generated Moodle v4.2.0 release upgrade line.
// Put any upgrade step following this.
// Automatically generated Moodle v4.3.0 release upgrade line.
// Put any upgrade step following this.
// Automatically generated Moodle v4.4.0 release upgrade line.
// Put any upgrade step following this.
return true;
}
auth/mnet/jump.php
+70
View File
@@ -0,0 +1,70 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Authentication Plugin: Moodle Network Authentication
* Multiple host authentication support for Moodle Network.
*
* @package auth_mnet
* @author Martin Dougiamas
* @license http://www.gnu.org/copyleft/gpl.html GNU Public License
*/
require_once __DIR__ . '/../../config.php';
// grab the GET params - wantsurl could be anything - take it
// with PARAM_RAW
$hostid = optional_param('hostid', '0', PARAM_INT);
$hostwwwroot = optional_param('hostwwwroot', '', PARAM_URL);
$wantsurl = optional_param('wantsurl', '', PARAM_RAW);
$url = new moodle_url('/auth/mnet/jump.php');
if ($hostid !== '0') $url->param('hostid', $hostid);
if ($hostwwwroot !== '') $url->param('hostwwwroot', $hostwwwroot);
if ($wantsurl !== '') $url->param('wantsurl', $wantsurl);
$PAGE->set_url($url);
if (!isloggedin() or isguestuser()) {
$SESSION->wantsurl = $PAGE->url->out(false);
redirect(get_login_url());
}
if (!is_enabled_auth('mnet')) {
throw new \moodle_exception('mnetdisable');
}
// If hostid hasn't been specified, try getting it using wwwroot
if (!$hostid) {
$hostwwwroot = trim($hostwwwroot);
$hostwwwroot = rtrim($hostwwwroot, '/');
// ensure the wwwroot starts with a http or https prefix
if (strtolower(substr($hostwwwroot, 0, 4)) != 'http') {
$hostwwwroot = 'http://'.$hostwwwroot;
}
$hostid = $DB->get_field('mnet_host', 'id', array('wwwroot' => $hostwwwroot));
}
// start the mnet session and redirect browser to remote URL
$mnetauth = get_auth_plugin('mnet');
$url = $mnetauth->start_jump_session($hostid, $wantsurl);
if (empty($url)) {
throw new \moodle_exception('DEBUG: Jump session was not started correctly or blank URL returned.'); // TODO: errors.
}
redirect($url);
auth/mnet/land.php
+69
View File
@@ -0,0 +1,69 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Authentication Plugin: Moodle Network Authentication
* Multiple host authentication support for Moodle Network.
*
* @package auth_mnet
* @author Martin Dougiamas
* @license http://www.gnu.org/copyleft/gpl.html GNU Public License
*/
require_once __DIR__ . '/../../config.php';
require_once $CFG->dirroot . '/mnet/xmlrpc/client.php';
// grab the GET params
$token = required_param('token', PARAM_BASE64);
$remotewwwroot = required_param('idp', PARAM_URL);
$wantsurl = required_param('wantsurl', PARAM_LOCALURL);
$wantsremoteurl = optional_param('remoteurl', false, PARAM_BOOL);
$url = new moodle_url('/auth/mnet/jump.php', array('token'=>$token, 'idp'=>$remotewwwroot, 'wantsurl'=>$wantsurl));
if ($wantsremoteurl !== false) $url->param('remoteurl', $wantsremoteurl);
$PAGE->set_url($url);
$PAGE->set_context(context_system::instance());
$site = get_site();
if (!is_enabled_auth('mnet')) {
throw new \moodle_exception('mnetdisable');
}
// confirm the MNET session
$mnetauth = get_auth_plugin('mnet');
$remotepeer = new mnet_peer();
$remotepeer->set_wwwroot($remotewwwroot);
// this creates the local user account if necessary, or updates it if it already exists
$localuser = $mnetauth->confirm_mnet_session($token, $remotepeer);
// log in
$user = get_complete_user_data('id', $localuser->id, $localuser->mnethostid);
complete_user_login($user);
// now that we've logged in, set up the mnet session properly
$mnetauth->update_mnet_session($user, $token, $remotepeer);
if (!empty($localuser->mnet_foreign_host_array)) {
$USER->mnet_foreign_host_array = $localuser->mnet_foreign_host_array;
}
// redirect
if ($wantsremoteurl) {
redirect($remotewwwroot . $wantsurl);
}
redirect($CFG->wwwroot . $wantsurl);
auth/mnet/lang/en/auth_mnet.php
+96
View File
@@ -0,0 +1,96 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Strings for component 'auth_mnet', language 'en'.
*
* @package auth_mnet
* @copyright 1999 onwards Martin Dougiamas {@link http://moodle.com}
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
$string['auth_mnet_auto_add_remote_users'] = 'When set to Yes, a local user record is auto-created when a remote user logs in for the first time.';
$string['auth_mnetdescription'] = 'Users are authenticated according to the web of trust defined in your Moodle Network settings.';
$string['auth_mnet_roamin'] = 'These host\'s users can roam in to your site';
$string['auth_mnet_roamout'] = 'Your users can roam out to these hosts';
$string['auth_mnet_rpc_negotiation_timeout'] = 'The timeout in seconds for authentication over the XMLRPC transport.';
$string['auto_add_remote_users'] = 'Auto add remote users';
$string['crontask'] = 'Background processing for MNET authentication';
$string['rpc_negotiation_timeout'] = 'RPC negotiation timeout';
$string['sso_idp_description'] = 'Publish this service to allow your users to roam to the {$a} site without having to re-login there. <ul><li><em>Dependency</em>: You must also <strong>subscribe</strong> to the SSO (Service Provider) service on {$a}.</li></ul><br />Subscribe to this service to allow authenticated users from {$a} to access your site without having to re-login. <ul><li><em>Dependency</em>: You must also <strong>publish</strong> the SSO (Service Provider) service to {$a}.</li></ul><br />';
$string['sso_idp_name'] = 'SSO (Identity Provider)';
$string['sso_mnet_login_refused'] = 'Username {$a->user} is not permitted to login from {$a->host}.';
$string['sso_sp_description'] = 'Publish this service to allow authenticated users from {$a} to access your site without having to re-login. <ul><li><em>Dependency</em>: You must also <strong>subscribe</strong> to the SSO (Identity Provider) service on {$a}.</li></ul><br />Subscribe to this service to allow your users to roam to the {$a} site without having to re-login there. <ul><li><em>Dependency</em>: You must also <strong>publish</strong> the SSO (Identity Provider) service to {$a}.</li></ul><br />';
$string['sso_sp_name'] = 'SSO (Service Provider)';
$string['pluginname'] = 'MNet authentication';
$string['privacy:metadata:external:mahara'] = 'This plugin can send data externally to a linked Mahara application.';
$string['privacy:metadata:external:moodle'] = 'This plugin can send data externally to a linked Moodle application.';
$string['privacy:metadata:mnet_external:address'] = 'The address of the user.';
$string['privacy:metadata:mnet_external:alternatename'] = 'An alternative name for the user.';
$string['privacy:metadata:mnet_external:autosubscribe'] = 'A preference as to if the user should be auto-subscribed to forums the user posts in.';
$string['privacy:metadata:mnet_external:calendartype'] = 'A user preference for the type of calendar to use.';
$string['privacy:metadata:mnet_external:city'] = 'The city of the user.';
$string['privacy:metadata:mnet_external:country'] = 'The country that the user is in.';
$string['privacy:metadata:mnet_external:currentlogin'] = 'The current login for this user.';
$string['privacy:metadata:mnet_external:department'] = 'The department that this user can be found in.';
$string['privacy:metadata:mnet_external:description'] = 'General details about this user.';
$string['privacy:metadata:mnet_external:email'] = 'An email address for contact.';
$string['privacy:metadata:mnet_external:emailstop'] = 'A preference to stop email being sent to the user.';
$string['privacy:metadata:mnet_external:firstaccess'] = 'The time that this user first accessed the site.';
$string['privacy:metadata:mnet_external:firstname'] = 'The first name of the user.';
$string['privacy:metadata:mnet_external:firstnamephonetic'] = 'The phonetic details about the user\'s first name.';
$string['privacy:metadata:mnet_external:id'] = 'The user ID';
$string['privacy:metadata:mnet_external:idnumber'] = 'An identification number given by the institution';
$string['privacy:metadata:mnet_external:imagealt'] = 'Alternative text for the user\'s image.';
$string['privacy:metadata:mnet_external:institution'] = 'The institution that this user is a member of.';
$string['privacy:metadata:mnet_external:lang'] = 'A user preference for the language shown.';
$string['privacy:metadata:mnet_external:lastaccess'] = 'The time that the user last accessed the site.';
$string['privacy:metadata:mnet_external:lastlogin'] = 'The last login of this user.';
$string['privacy:metadata:mnet_external:lastname'] = 'The last name of the user.';
$string['privacy:metadata:mnet_external:lastnamephonetic'] = 'The phonetic details of the user\'s last name.';
$string['privacy:metadata:mnet_external:maildigest'] = 'A setting for the mail digest for this user.';
$string['privacy:metadata:mnet_external:maildisplay'] = 'A preference for the user about displaying their email address to other users.';
$string['privacy:metadata:mnet_external:middlename'] = 'The middle name of the user';
$string['privacy:metadata:mnet_external:phone1'] = 'A phone number for the user.';
$string['privacy:metadata:mnet_external:phone2'] = 'An additional phone number for the user.';
$string['privacy:metadata:mnet_external:picture'] = 'The picture details associated with this user.';
$string['privacy:metadata:mnet_external:policyagreed'] = 'A flag to determine if the user has agreed to the site policy.';
$string['privacy:metadata:mnet_external:suspended'] = 'A flag to show if the user has been suspended on this system.';
$string['privacy:metadata:mnet_external:timezone'] = 'The timezone of the user';
$string['privacy:metadata:mnet_external:trackforums'] = 'A preference for forums and tracking them.';
$string['privacy:metadata:mnet_external:trustbitmask'] = 'The trust bit mask';
$string['privacy:metadata:mnet_external:username'] = 'The username for this user.';
$string['privacy:metadata:mnet_log'] = 'Details of remote actions carried out by a local user logged in a remote system.';
$string['privacy:metadata:mnet_log:action'] = 'Action carried out by the user.';
$string['privacy:metadata:mnet_log:cmid'] = 'ID of the course module.';
$string['privacy:metadata:mnet_log:course'] = 'Remote system course ID where the action occurred.';
$string['privacy:metadata:mnet_log:coursename'] = 'Remote system course full name where the action occurred.';
$string['privacy:metadata:mnet_log:hostid'] = 'Remote system MNet ID.';
$string['privacy:metadata:mnet_log:info'] = 'Additional information about the action.';
$string['privacy:metadata:mnet_log:ip'] = 'The IP address used at the time of the action occurred.';
$string['privacy:metadata:mnet_log:module'] = 'Remote system module where the action occurred.';
$string['privacy:metadata:mnet_log:remoteid'] = 'Remote ID of the user who carried out the action in the remote system.';
$string['privacy:metadata:mnet_log:time'] = 'Time when the action occurred.';
$string['privacy:metadata:mnet_log:url'] = 'Remote system URL where the action occurred.';
$string['privacy:metadata:mnet_log:userid'] = 'Local ID of the user who carried out the action in the remote system.';
$string['privacy:metadata:mnet_session'] = 'The details of each MNet user session in a remote system. The data is stored temporarily.';
$string['privacy:metadata:mnet_session:expires'] = 'Time when the session expires.';
$string['privacy:metadata:mnet_session:mnethostid'] = 'Remote system MNet ID.';
$string['privacy:metadata:mnet_session:token'] = 'Unique session identifier';
$string['privacy:metadata:mnet_session:useragent'] = 'User agent used to access the remote system';
$string['privacy:metadata:mnet_session:userid'] = 'ID of the user jumping to remote system.';
$string['privacy:metadata:mnet_session:username'] = 'Username of the user jumping to remote system.';
$string['unknownhost'] = 'Unknown host';
auth/mnet/settings.php
+39
View File
@@ -0,0 +1,39 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Admin settings and defaults.
*
* @package auth_mnet
* @copyright 2017 Stephen Bourget
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die;
if ($ADMIN->fulltree) {
require_once($CFG->dirroot.'/lib/outputlib.php');
// Introductory explanation.
$settings->add(new admin_setting_heading('auth_mnet/pluginname', '',
new lang_string('auth_mnetdescription', 'auth_mnet')));
// RPC Timeout.
$settings->add(new admin_setting_configtext('auth_mnet/rpc_negotiation_timeout',
get_string('rpc_negotiation_timeout', 'auth_mnet'),
get_string('auth_mnet_rpc_negotiation_timeout', 'auth_mnet'), '30', PARAM_INT));
}
auth/mnet/tests/privacy/provider_test.php
+332
View File
@@ -0,0 +1,332 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Privacy test for the authentication mnet
*
* @package auth_mnet
* @category test
* @copyright 2018 Victor Deniz <victor@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_mnet\privacy;
defined('MOODLE_INTERNAL') || die();
use auth_mnet\privacy\provider;
use core_privacy\local\request\approved_contextlist;
use core_privacy\local\request\writer;
use core_privacy\tests\provider_testcase;
use core_privacy\local\request\transform;
use core_privacy\local\request\approved_userlist;
/**
* Privacy test for the authentication mnet
*
* @package auth_mnet
* @category test
* @copyright 2018 Victor Deniz <victor@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class provider_test extends provider_testcase {
/**
* Set up method.
*/
public function setUp(): void {
$this->resetAfterTest();
$this->setAdminUser();
}
/**
* Check that a user context is returned if there is any user data for this user.
*/
public function test_get_contexts_for_userid(): void {
global $DB;
$user = $this->getDataGenerator()->create_user(['auth' => 'mnet']);
$this->assertEmpty(provider::get_contexts_for_userid($user->id));
// Insert mnet_log record.
$logrecord = new \stdClass();
$logrecord->hostid = '';
$logrecord->remoteid = 65;
$logrecord->time = time();
$logrecord->userid = $user->id;
$DB->insert_record('mnet_log', $logrecord);
$contextlist = provider::get_contexts_for_userid($user->id);
// Check that we only get back one context.
$this->assertCount(1, $contextlist);
// Check that a context is returned is the expected.
$usercontext = \context_user::instance($user->id);
$this->assertEquals($usercontext->id, $contextlist->get_contextids()[0]);
}
/**
* Test that user data is exported correctly.
*/
public function test_export_user_data(): void {
global $DB;
$user = $this->getDataGenerator()->create_user(['auth' => 'mnet']);
// Insert mnet_host record.
$hostrecord = new \stdClass();
$hostrecord->wwwroot = 'https://external.moodle.com';
$hostrecord->name = 'External Moodle';
$hostrecord->public_key = '-----BEGIN CERTIFICATE-----';
$hostid = $DB->insert_record('mnet_host', $hostrecord);
// Insert mnet_log record.
$logrecord = new \stdClass();
$logrecord->hostid = $hostid;
$logrecord->remoteid = 65;
$logrecord->time = time();
$logrecord->userid = $user->id;
$logrecord->course = 3;
$logrecord->coursename = 'test course';
$DB->insert_record('mnet_log', $logrecord);
$usercontext = \context_user::instance($user->id);
/** @var \core_privacy\tests\request\content_writer $writer */
$writer = writer::with_context($usercontext);
$this->assertFalse($writer->has_any_data());
$approvedlist = new approved_contextlist($user, 'auth_mnet', [$usercontext->id]);
provider::export_user_data($approvedlist);
$data = (array)$writer->get_data([get_string('pluginname', 'auth_mnet'), $hostrecord->name, $logrecord->coursename]);
$this->assertEquals($logrecord->remoteid, reset($data)->remoteid);
$this->assertEquals(transform::datetime($logrecord->time), reset($data)->time);
}
/**
* Test deleting all user data for a specific context.
*/
public function test_delete_data_for_all_users_in_context(): void {
global $DB;
$user1 = $this->getDataGenerator()->create_user(['auth' => 'mnet']);
// Insert mnet_log record.
$logrecord1 = new \stdClass();
$logrecord1->hostid = '';
$logrecord1->remoteid = 65;
$logrecord1->time = time();
$logrecord1->userid = $user1->id;
$DB->insert_record('mnet_log', $logrecord1);
$user1context = \context_user::instance($user1->id);
$user2 = $this->getDataGenerator()->create_user(['auth' => 'mnet']);
// Insert mnet_log record.
$logrecord2 = new \stdClass();
$logrecord2->hostid = '';
$logrecord2->remoteid = 65;
$logrecord2->time = time();
$logrecord2->userid = $user2->id;
$DB->insert_record('mnet_log', $logrecord2);
// Get all mnet log records.
$mnetlogrecords = $DB->get_records('mnet_log', array());
// There should be two.
$this->assertCount(2, $mnetlogrecords);
// Delete everything for the first user context.
provider::delete_data_for_all_users_in_context($user1context);
// Get all user1 mnet log records.
$mnetlogrecords = $DB->get_records('mnet_log', ['userid' => $user1->id]);
$this->assertCount(0, $mnetlogrecords);
// Get all mnet log records.
$mnetlogrecords = $DB->get_records('mnet_log', array());
// There should be one (user2).
$this->assertCount(1, $mnetlogrecords);
}
/**
* This should work identical to the above test.
*/
public function test_delete_data_for_user(): void {
global $DB;
$user1 = $this->getDataGenerator()->create_user(['auth' => 'mnet']);
// Insert mnet_log record.
$logrecord1 = new \stdClass();
$logrecord1->hostid = '';
$logrecord1->remoteid = 65;
$logrecord1->time = time();
$logrecord1->userid = $user1->id;
$DB->insert_record('mnet_log', $logrecord1);
$user1context = \context_user::instance($user1->id);
$user2 = $this->getDataGenerator()->create_user(['auth' => 'mnet']);
// Insert mnet_log record.
$logrecord2 = new \stdClass();
$logrecord2->hostid = '';
$logrecord2->remoteid = 65;
$logrecord2->time = time();
$logrecord2->userid = $user2->id;
$DB->insert_record('mnet_log', $logrecord2);
// Get all mnet log records.
$mnetlogrecords = $DB->get_records('mnet_log', array());
// There should be two.
$this->assertCount(2, $mnetlogrecords);
// Delete everything for the first user.
$approvedlist = new approved_contextlist($user1, 'auth_mnet', [$user1context->id]);
provider::delete_data_for_user($approvedlist);
// Get all user1 mnet log records.
$mnetlogrecords = $DB->get_records('mnet_log', ['userid' => $user1->id]);
$this->assertCount(0, $mnetlogrecords);
// Get all mnet log records.
$mnetlogrecords = $DB->get_records('mnet_log', array());
// There should be one (user2).
$this->assertCount(1, $mnetlogrecords);
}
/**
* Test that only users with a user context are fetched.
*/
public function test_get_users_in_context(): void {
global $DB;
$this->resetAfterTest();
$component = 'auth_mnet';
// Create a user.
$user = $this->getDataGenerator()->create_user(['auth' => 'mnet']);
$usercontext = \context_user::instance($user->id);
// The list of users should not return anything yet (related data still haven't been created).
$userlist = new \core_privacy\local\request\userlist($usercontext, $component);
provider::get_users_in_context($userlist);
$this->assertCount(0, $userlist);
// Insert mnet_log record.
$logrecord = new \stdClass();
$logrecord->hostid = '';
$logrecord->remoteid = 65;
$logrecord->time = time();
$logrecord->userid = $user->id;
$DB->insert_record('mnet_log', $logrecord);
// The list of users for user context should return the user.
provider::get_users_in_context($userlist);
$this->assertCount(1, $userlist);
$expected = [$user->id];
$actual = $userlist->get_userids();
$this->assertEquals($expected, $actual);
// The list of users for system context should not return any users.
$systemcontext = \context_system::instance();
$userlist = new \core_privacy\local\request\userlist($systemcontext, $component);
provider::get_users_in_context($userlist);
$this->assertCount(0, $userlist);
}
/**
* Test that data for users in approved userlist is deleted.
*/
public function test_delete_data_for_users(): void {
global $DB;
$this->resetAfterTest();
$component = 'auth_mnet';
// Create user1.
$user1 = $this->getDataGenerator()->create_user(['auth' => 'mnet']);
$usercontext1 = \context_user::instance($user1->id);
// Create user2.
$user2 = $this->getDataGenerator()->create_user(['auth' => 'mnet']);
$usercontext2 = \context_user::instance($user2->id);
// Insert mnet_log record.
$logrecord1 = new \stdClass();
$logrecord1->hostid = '';
$logrecord1->remoteid = 65;
$logrecord1->time = time();
$logrecord1->userid = $user1->id;
$DB->insert_record('mnet_log', $logrecord1);
// Insert mnet_log record.
$logrecord2 = new \stdClass();
$logrecord2->hostid = '';
$logrecord2->remoteid = 65;
$logrecord2->time = time();
$logrecord2->userid = $user2->id;
$DB->insert_record('mnet_log', $logrecord2);
// The list of users for usercontext1 should return user1.
$userlist1 = new \core_privacy\local\request\userlist($usercontext1, $component);
provider::get_users_in_context($userlist1);
$this->assertCount(1, $userlist1);
$expected = [$user1->id];
$actual = $userlist1->get_userids();
$this->assertEquals($expected, $actual);
// The list of users for usercontext2 should return user2.
$userlist2 = new \core_privacy\local\request\userlist($usercontext2, $component);
provider::get_users_in_context($userlist2);
$this->assertCount(1, $userlist2);
$expected = [$user2->id];
$actual = $userlist2->get_userids();
$this->assertEquals($expected, $actual);
// Add userlist1 to the approved user list.
$approvedlist = new approved_userlist($usercontext1, $component, $userlist1->get_userids());
// Delete user data using delete_data_for_user for usercontext1.
provider::delete_data_for_users($approvedlist);
// Re-fetch users in usercontext1 - The user list should now be empty.
$userlist1 = new \core_privacy\local\request\userlist($usercontext1, $component);
provider::get_users_in_context($userlist1);
$this->assertCount(0, $userlist1);
// Re-fetch users in usercontext2 - The user list should not be empty (user2).
$userlist2 = new \core_privacy\local\request\userlist($usercontext2, $component);
provider::get_users_in_context($userlist2);
$this->assertCount(1, $userlist2);
// User data should be only removed in the user context.
$systemcontext = \context_system::instance();
// Add userlist2 to the approved user list in the system context.
$approvedlist = new approved_userlist($systemcontext, $component, $userlist2->get_userids());
// Delete user1 data using delete_data_for_user.
provider::delete_data_for_users($approvedlist);
// Re-fetch users in usercontext2 - The user list should not be empty (user2).
$userlist2 = new \core_privacy\local\request\userlist($usercontext2, $component);
provider::get_users_in_context($userlist2);
$this->assertCount(1, $userlist2);
}
}
auth/mnet/upgrade.txt
+11
View File
@@ -0,0 +1,11 @@
This files describes API changes in auth_mnet code.
=== 3.3 ===
* The config.html file was migrated to use the admin settings API.
The identifier for configuration data stored in config_plugins table was converted from 'auth/mnet' to 'auth_mnet'.
=== 3.1 ===
* Users now are created through user_create_user function which, apart from inserting the user in the database and generating
a user_created event, is applying the site default preferences if they are not set.
auth/mnet/version.php
+29
View File
@@ -0,0 +1,29 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Manual authentication plugin version information
*
* @package auth_mnet
* @copyright 1999 onwards Martin Dougiamas (http://dougiamas.com)
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
$plugin->version = 2024042200; // The current plugin version (Date: YYYYMMDDXX).
$plugin->requires = 2024041600; // Requires this Moodle version.
$plugin->component = 'auth_mnet'; // Full name of the plugin (used for diagnostics)