coregrade/CoreGradeLearning
1
0
Fork 0
Code Issues Pull Requests Releases Activity

first commit

Browse Source
This commit is contained in:
CHIEFSOFT\ameye
2024-09-30 18:11:26 -04:00
commit e592ca6823
27270 changed files with 5002257 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
enrol/ldap/classes/privacy/provider.php
+41
View File
@@ -0,0 +1,41 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Privacy Subsystem implementation for enrol_ldap.
*
* @package enrol_ldap
* @copyright 2018 Carlos Escobedo <carlos@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace enrol_ldap\privacy;
defined('MOODLE_INTERNAL') || die();
/**
* Privacy Subsystem for enrol_ldap implementing null_provider.
*
* @copyright 2018 Carlos Escobedo <carlos@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class provider implements \core_privacy\local\metadata\null_provider {
/**
* Get the language string identifier with the component's language
* file to explain why this plugin stores no data.
*
* @return string
*/
public static function get_reason(): string {
return 'privacy:metadata';
}
}
enrol/ldap/classes/task/sync_enrolments.php
+66
View File
@@ -0,0 +1,66 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Sync enrolments task
* @package enrol_ldap
* @author Guy Thomas <gthomas@moodlerooms.com>
* @copyright Copyright (c) 2017 Blackboard Inc.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace enrol_ldap\task;
defined('MOODLE_INTERNAL') || die();
/**
* Class sync_enrolments
* @package enrol_ldap
* @author Guy Thomas <gthomas@moodlerooms.com>
* @copyright Copyright (c) 2017 Blackboard Inc.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class sync_enrolments extends \core\task\scheduled_task {
/**
* Name for this task.
*
* @return string
*/
public function get_name() {
return get_string('syncenrolmentstask', 'enrol_ldap');
}
/**
* Run task for synchronising users.
*/
public function execute() {
if (!enrol_is_enabled('ldap')) {
mtrace(get_string('pluginnotenabled', 'enrol_ldap'));
exit(0); // Note, exit with success code, this is not an error - it's just disabled.
}
/** @var \enrol_ldap_plugin $enrol */
$enrol = enrol_get_plugin('ldap');
$trace = new \text_progress_trace();
// Update enrolments -- these handlers should autocreate courses if required.
$enrol->sync_enrolments($trace);
}
}
enrol/ldap/db/access.php
+39
View File
@@ -0,0 +1,39 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Capabilities for LDAP enrolment plugin.
*
* @package enrol_ldap
* @author Iñaki Arenaza
* @copyright 2010 Iñaki Arenaza <iarenaza@eps.mondragon.edu>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
$capabilities = array(
'enrol/ldap:manage' => array(
'captype' => 'write',
'contextlevel' => CONTEXT_COURSE,
'archetypes' => array(
'manager' => CAP_ALLOW,
)
),
);
enrol/ldap/db/install.php
+31
View File
@@ -0,0 +1,31 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* LDAP enrolment plugin installation.
*
* @package enrol_ldap
* @author Iñaki Arenaza
* @copyright 2010 Iñaki Arenaza <iarenaza@eps.mondragon.edu>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
function xmldb_enrol_ldap_install() {
global $CFG, $DB;
}
enrol/ldap/db/tasks.php
+39
View File
@@ -0,0 +1,39 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Task definition for enrol_ldap.
* @author Guy Thomas <gthomas@moodlerooms.com>
* @copyright Copyright (c) 2017 Blackboard Inc.
* @package enrol_ldap
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
$tasks = array(
array(
'classname' => '\enrol_ldap\task\sync_enrolments',
'blocking' => 0,
'minute' => 'R',
'hour' => 'R',
'day' => '*',
'month' => '*',
'dayofweek' => '*',
'disabled' => 1
)
);
enrol/ldap/lang/en/enrol_ldap.php
+131
View File
@@ -0,0 +1,131 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Strings for component 'enrol_ldap', language 'en'.
*
* @package enrol_ldap
* @copyright 1999 onwards Martin Dougiamas {@link http://moodle.com}
* @copyright 2010 Iñaki Arenaza <iarenaza@eps.mondragon.edu>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
$string['assignrole'] = "Assigning role '{\$a->role_shortname}' to user '{\$a->user_username}' into course '{\$a->course_shortname}' (id {\$a->course_id})";
$string['assignrolefailed'] = "Failed to assign role '{\$a->role_shortname}' to user '{\$a->user_username}' into course '{\$a->course_shortname}' (id {\$a->course_id})\n";
$string['autocreate'] = '<p>Courses can be created automatically if there are enrolments to a course that doesn\'t yet exist in Moodle</p><p>If you are using automatic course creation, it is recommended that you remove the following capabilities: moodle/course:changeidnumber, moodle/course:changeshortname, moodle/course:changefullname and moodle/course:changesummary, from the relevant roles to prevent modifications of the four course fields specified above (ID number, shortname, fullname and summary).</p>';
$string['autocreate_key'] = 'Auto create';
$string['autocreation_settings'] = 'Automatic course creation settings';
$string['autoupdate_settings'] = 'Automatic course update settings';
$string['autoupdate_settings_desc'] = '<p>Select fields to update when the \'Synchronise LDAP enrolments\' scheduled task is running.</p><p>When at least one field is selected an update will occur.</p>';
$string['bind_dn'] = 'If you want to use a bind user to search users, specify it here. Someting like \'cn=ldapuser,ou=public,o=org\'';
$string['bind_dn_key'] = 'Bind user distinguished name';
$string['bind_pw'] = 'Password for the bind user';
$string['bind_pw_key'] = 'Password';
$string['bind_settings'] = 'Bind settings';
$string['cannotcreatecourse'] = 'Cannot create course: missing required data from the LDAP record!';
$string['cannotupdatecourse'] = "Cannot update course: missing required data from the LDAP record! Course idnumber: '{\$a->idnumber}'";
$string['cannotupdatecourse_duplicateshortname'] = "Cannot update course: Duplicate short name. Skipping course with idnumber '{\$a->idnumber}'...";
$string['courseupdated'] = "Course with idnumber '{\$a->idnumber}' was successfully updated.";
$string['courseupdateskipped'] = "Course with idnumber '{\$a->idnumber}' does not require updating. Skipping...";
$string['category'] = 'The category for auto-created courses';
$string['category_key'] = 'Category';
$string['contexts'] = 'LDAP contexts';
$string['couldnotfinduser'] = "Could not find user '{\$a}', skipping\n";
$string['coursenotexistskip'] = "Course '{\$a}' does not exist and autocreation disabled, skipping\n";
$string['course_fullname'] = 'Optional: LDAP attribute to get the full name from';
$string['course_fullname_key'] = 'Full name';
$string['course_fullname_updateonsync'] = 'Update full name during synchronisation script';
$string['course_fullname_updateonsync_key'] = 'Update full name';
$string['course_idnumber'] = 'LDAP attribute to get the course ID number from. Usually \'cn\' or \'uid\'.';
$string['course_idnumber_key'] = 'ID number';
$string['course_search_sub'] = 'Search group memberships from subcontexts';
$string['course_search_sub_key'] = 'Search subcontexts';
$string['course_settings'] = 'Course enrolment settings';
$string['course_shortname'] = 'Optional: LDAP attribute to get the shortname from';
$string['course_shortname_key'] = 'Short name';
$string['course_shortname_updateonsync'] = 'Update short name during synchronisation script';
$string['course_shortname_updateonsync_key'] = 'Update short name';
$string['course_summary'] = 'Optional: LDAP attribute to get the summary from';
$string['course_summary_key'] = 'Summary';
$string['course_summary_updateonsync'] = 'Update summary during synchronisation script';
$string['course_summary_updateonsync_key'] = 'Update summary';
$string['createcourseextid'] = 'CREATE User enrolled to a non-existing course \'{$a->courseextid}\'';
$string['createnotcourseextid'] = 'User enrolled to a non-existing course \'{$a->courseextid}\'';
$string['creatingcourse'] = 'Creating course \'{$a}\'...';
$string['duplicateshortname'] = "Course creation failed. Duplicate short name. Skipping course with idnumber '{\$a->idnumber}'...";
$string['editlock'] = 'Lock value';
$string['emptyenrolment'] = "Empty enrolment for role '{\$a->role_shortname}' in course '{\$a->course_shortname}'\n";
$string['enrolname'] = 'LDAP';
$string['enroluser'] = "Enrol user '{\$a->user_username}' into course '{\$a->course_shortname}' (id {\$a->course_id})";
$string['enroluserenable'] = "Enabled enrolment for user '{\$a->user_username}' in course '{\$a->course_shortname}' (id {\$a->course_id})";
$string['explodegroupusertypenotsupported'] = "ldap_explode_group() does not support selected user type: {\$a}\n";
$string['extcourseidinvalid'] = 'The course external id is invalid!';
$string['extremovedsuspend'] = "Disabled enrolment for user '{\$a->user_username}' in course '{\$a->course_shortname}' (id {\$a->course_id})";
$string['extremovedsuspendnoroles'] = "Disabled enrolment and removed roles for user '{\$a->user_username}' in course '{\$a->course_shortname}' (id {\$a->course_id})";
$string['extremovedunenrol'] = "Unenrol user '{\$a->user_username}' from course '{\$a->course_shortname}' (id {\$a->course_id})";
$string['failed'] = "Failed!\n";
$string['general_options'] = 'General options';
$string['group_memberofattribute'] = 'Name of the attribute that specifies which groups a given user or group belongs to (e.g., memberOf, groupMembership, etc.)';
$string['group_memberofattribute_key'] = '\'Member of\' attribute';
$string['host_url'] = 'Specify LDAP host in URL-form like \'ldap://ldap.myorg.com/\' or \'ldaps://ldap.myorg.com/\'';
$string['host_url_key'] = 'Host URL';
$string['idnumber_attribute'] = 'If the group membership contains distinguished names, specify the same attribute you have used for the user \'ID Number\' mapping in the LDAP authentication settings.';
$string['idnumber_attribute_key'] = 'ID number attribute';
$string['ldap_encoding'] = 'Specify encoding used by LDAP server. Most probably utf-8, MS AD v2 uses default platform encoding such as cp1252, cp1250, etc.';
$string['ldap_encoding_key'] = 'LDAP encoding';
$string['ldap:manage'] = 'Manage LDAP enrol instances';
$string['memberattribute'] = 'LDAP member attribute';
$string['memberattribute_isdn'] = 'If the group membership contains distinguished names, you need to specify them here. If so, you also need to configure the remaining settings in this section.';
$string['memberattribute_isdn_key'] = 'Member attribute uses dn';
$string['nested_groups'] = 'Do you want to use nested groups (groups of groups) for enrolment?';
$string['nested_groups_key'] = 'Nested groups';
$string['nested_groups_settings'] = 'Nested groups settings';
$string['nosuchrole'] = "No such role: '{\$a}'\n";
$string['objectclass'] = 'objectClass used to search courses. Usually \'group\' or \'posixGroup\'';
$string['objectclass_key'] = 'Object class';
$string['ok'] = "OK!\n";
$string['opt_deref'] = 'If the group membership contains distinguished names, specify how aliases are handled during a search. Select one of the following values: \'No\' (LDAP_DEREF_NEVER) or \'Yes\' (LDAP_DEREF_ALWAYS).';
$string['opt_deref_key'] = 'Dereference aliases';
$string['phpldap_noextension'] = 'The PHP LDAP module does not seem to be present. Please ensure it is installed and enabled if you want to use this enrolment plugin.';
$string['pluginname'] = 'LDAP enrolments';
$string['pluginname_desc'] = '<p>You can use an LDAP server to control your enrolments. It is assumed your LDAP tree contains groups that map to the courses, and that each of those groups/courses will have membership entries to map to students.</p><p>It is assumed that courses are defined as groups in LDAP, with each group having multiple membership fields (<em>member</em> or <em>memberUid</em>) that contain a uniqueidentification of the user.</p><p>To use LDAP enrolment, your users <strong>must</strong> to have a valid idnumber field. The LDAP groups must have that idnumber in the member fields for a user to be enrolled in the course. This will usually work well if you are already using LDAP Authentication.</p><p>Enrolments will be updated when the user logs in. You can also run a script to keep enrolments in synch. Look in <em>enrol/ldap/cli/sync.php</em>.</p><p>This plugin can also be set to automatically create new courses when new groups appear in LDAP.</p>';
$string['pluginnotenabled'] = 'Plugin not enabled!';
$string['role_mapping'] = '<p>For each role, you need to specify all LDAP contexts where the groups that represent the courses are located. Separate different contexts with a semicolon (;).</p><p>You also need to specify the attribute your LDAP server uses to hold the members of a group. This is usually \'member\' or \'memberUid\'.</p>';
$string['role_mapping_attribute'] = 'LDAP member attribute for {$a}';
$string['role_mapping_context'] = 'LDAP contexts for {$a}';
$string['role_mapping_key'] = 'Map roles from LDAP ';
$string['roles'] = 'Role mapping';
$string['server_settings'] = 'LDAP server settings';
$string['syncenrolmentstask'] = 'Synchronise LDAP enrolments task';
$string['synccourserole'] = "== Synching course '{\$a->idnumber}' for role '{\$a->role_shortname}'\n";
$string['template'] = 'Optional: auto-created courses can copy their settings from a template course';
$string['template_key'] = 'Template';
$string['unassignrole'] = "Unassigning role '{\$a->role_shortname}' to user '{\$a->user_username}' from course '{\$a->course_shortname}' (id {\$a->course_id})\n";
$string['unassignroleid'] = "Unassigning role id '{\$a->role_id}' to user id '{\$a->user_id}'\n";
$string['unassignrolefailed'] = "Failed to unassign role '{\$a->role_shortname}' to user '{\$a->user_username}' from course '{\$a->course_shortname}' (id {\$a->course_id})\n";
$string['updatelocal'] = 'Update local data';
$string['user_attribute'] = 'If the group membership contains distinguished names, specify the attribute used to name/search for users. If you are using LDAP authentication, this value should match the attribute specified in the \'ID Number\' mapping in the LDAP authentication plugin.';
$string['user_attribute_key'] = 'ID number attribute';
$string['user_contexts'] = 'If the group membership contains distinguished names, specify the list of contexts where users are located. Separate different contexts with a semi-colon (;). For example: \'ou=users,o=org; ou=others,o=org\'.';
$string['user_contexts_key'] = 'Contexts';
$string['user_search_sub'] = 'If the group membership contains distinguished names, specify if the search for users is done in sub-contexts too.';
$string['user_search_sub_key'] = 'Search subcontexts';
$string['user_settings'] = 'User lookup settings';
$string['user_type'] = 'If the group membership contains distinguished names, specify how users are stored in LDAP';
$string['user_type_key'] = 'User type';
$string['version'] = 'The version of the LDAP protocol your server is using';
$string['version_key'] = 'Version';
$string['privacy:metadata'] = 'The LDAP enrolments plugin does not store any personal data.';
enrol/ldap/lib.php
+1196
View File
File diff suppressed because it is too large Load Diff
enrol/ldap/settings.php
+116
View File
@@ -0,0 +1,116 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* LDAP enrolment plugin settings and presets.
*
* @package enrol_ldap
* @author Iñaki Arenaza
* @copyright 2010 Iñaki Arenaza <iarenaza@eps.mondragon.edu>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
if ($ADMIN->fulltree) {
if (!function_exists('ldap_connect')) {
$notify = new \core\output\notification(get_string('phpldap_noextension', 'enrol_ldap'),
\core\output\notification::NOTIFY_WARNING);
$settings->add(new admin_setting_heading('enrol_phpldap_noextension', '', $OUTPUT->render($notify)));
$settings->add(new admin_setting_heading('enrol_ldap_settings', '', get_string('pluginname_desc', 'enrol_ldap')));
} else {
$settings->add(new admin_setting_heading('enrol_ldap_settings', '', get_string('pluginname_desc', 'enrol_ldap')));
require_once($CFG->dirroot.'/enrol/ldap/settingslib.php');
require_once($CFG->libdir.'/ldaplib.php');
$yesno = array(get_string('no'), get_string('yes'));
//--- connection settings ---
$settings->add(new admin_setting_heading('enrol_ldap_server_settings', get_string('server_settings', 'enrol_ldap'), ''));
$settings->add(new admin_setting_configtext_trim_lower('enrol_ldap/host_url', get_string('host_url_key', 'enrol_ldap'), get_string('host_url', 'enrol_ldap'), ''));
$settings->add(new admin_setting_configselect('enrol_ldap/start_tls', get_string('start_tls_key', 'auth_ldap'), get_string('start_tls', 'auth_ldap'), 0, $yesno));
// Set LDAPv3 as the default. Nowadays all the servers support it and it gives us some real benefits.
$options = array(3=>'3', 2=>'2');
$settings->add(new admin_setting_configselect('enrol_ldap/ldap_version', get_string('version_key', 'enrol_ldap'), get_string('version', 'enrol_ldap'), 3, $options));
$settings->add(new admin_setting_configtext_trim_lower('enrol_ldap/ldapencoding', get_string('ldap_encoding_key', 'enrol_ldap'), get_string('ldap_encoding', 'enrol_ldap'), 'utf-8'));
$settings->add(new admin_setting_configtext_trim_lower('enrol_ldap/pagesize', get_string('pagesize_key', 'auth_ldap'), get_string('pagesize', 'auth_ldap'), LDAP_DEFAULT_PAGESIZE, true));
//--- binding settings ---
$settings->add(new admin_setting_heading('enrol_ldap_bind_settings', get_string('bind_settings', 'enrol_ldap'), ''));
$settings->add(new admin_setting_configtext_trim_lower('enrol_ldap/bind_dn', get_string('bind_dn_key', 'enrol_ldap'), get_string('bind_dn', 'enrol_ldap'), ''));
$settings->add(new admin_setting_configpasswordunmask('enrol_ldap/bind_pw', get_string('bind_pw_key', 'enrol_ldap'), get_string('bind_pw', 'enrol_ldap'), ''));
//--- role mapping settings ---
$settings->add(new admin_setting_heading('enrol_ldap_roles', get_string('roles', 'enrol_ldap'), ''));
if (!during_initial_install()) {
$settings->add(new admin_setting_ldap_rolemapping('enrol_ldap/role_mapping', get_string ('role_mapping_key', 'enrol_ldap'), get_string ('role_mapping', 'enrol_ldap'), ''));
}
$options = $yesno;
$settings->add(new admin_setting_configselect('enrol_ldap/course_search_sub', get_string('course_search_sub_key', 'enrol_ldap'), get_string('course_search_sub', 'enrol_ldap'), 0, $options));
$options = $yesno;
$settings->add(new admin_setting_configselect('enrol_ldap/memberattribute_isdn', get_string('memberattribute_isdn_key', 'enrol_ldap'), get_string('memberattribute_isdn', 'enrol_ldap'), 0, $options));
$settings->add(new admin_setting_configtext_trim_lower('enrol_ldap/user_contexts', get_string('user_contexts_key', 'enrol_ldap'), get_string('user_contexts', 'enrol_ldap'), ''));
$options = $yesno;
$settings->add(new admin_setting_configselect('enrol_ldap/user_search_sub', get_string('user_search_sub_key', 'enrol_ldap'), get_string('user_search_sub', 'enrol_ldap'), 0, $options));
$options = ldap_supported_usertypes();
$settings->add(new admin_setting_configselect('enrol_ldap/user_type', get_string('user_type_key', 'enrol_ldap'), get_string('user_type', 'enrol_ldap'), 'default', $options));
$options = array();
$options[LDAP_DEREF_NEVER] = get_string('no');
$options[LDAP_DEREF_ALWAYS] = get_string('yes');
$settings->add(new admin_setting_configselect('enrol_ldap/opt_deref', get_string('opt_deref_key', 'enrol_ldap'), get_string('opt_deref', 'enrol_ldap'), 0, $options));
$settings->add(new admin_setting_configtext_trim_lower('enrol_ldap/idnumber_attribute', get_string('idnumber_attribute_key', 'enrol_ldap'), get_string('idnumber_attribute', 'enrol_ldap'), '', true, true));
//--- course mapping settings ---
$settings->add(new admin_setting_heading('enrol_ldap_course_settings', get_string('course_settings', 'enrol_ldap'), ''));
$settings->add(new admin_setting_configtext_trim_lower('enrol_ldap/objectclass', get_string('objectclass_key', 'enrol_ldap'), get_string('objectclass', 'enrol_ldap'), ''));
$settings->add(new admin_setting_configtext_trim_lower('enrol_ldap/course_idnumber', get_string('course_idnumber_key', 'enrol_ldap'), get_string('course_idnumber', 'enrol_ldap'), '', true, true));
$coursefields = array ('shortname', 'fullname', 'summary');
foreach ($coursefields as $field) {
$settings->add(new admin_setting_configtext_trim_lower('enrol_ldap/course_'.$field, get_string('course_'.$field.'_key', 'enrol_ldap'), get_string('course_'.$field, 'enrol_ldap'), '', true, true));
}
$settings->add(new admin_setting_configcheckbox('enrol_ldap/ignorehiddencourses', get_string('ignorehiddencourses', 'enrol_database'), get_string('ignorehiddencourses_desc', 'enrol_database'), 0));
$options = array(ENROL_EXT_REMOVED_UNENROL => get_string('extremovedunenrol', 'enrol'),
ENROL_EXT_REMOVED_KEEP => get_string('extremovedkeep', 'enrol'),
ENROL_EXT_REMOVED_SUSPEND => get_string('extremovedsuspend', 'enrol'),
ENROL_EXT_REMOVED_SUSPENDNOROLES => get_string('extremovedsuspendnoroles', 'enrol'));
$settings->add(new admin_setting_configselect('enrol_ldap/unenrolaction', get_string('extremovedaction', 'enrol'), get_string('extremovedaction_help', 'enrol'), ENROL_EXT_REMOVED_UNENROL, $options));
//--- course creation settings ---
$settings->add(new admin_setting_heading('enrol_ldap_autocreation_settings', get_string('autocreation_settings', 'enrol_ldap'), ''));
$options = $yesno;
$settings->add(new admin_setting_configselect('enrol_ldap/autocreate', get_string('autocreate_key', 'enrol_ldap'), get_string('autocreate', 'enrol_ldap'), 0, $options));
$settings->add(new enrol_ldap_admin_setting_category('enrol_ldap/category', get_string('category_key', 'enrol_ldap'), get_string('category', 'enrol_ldap')));
$settings->add(new admin_setting_configtext_trim_lower('enrol_ldap/template', get_string('template_key', 'enrol_ldap'), get_string('template', 'enrol_ldap'), ''));
//--- course update settings ---
$settings->add(new admin_setting_heading('enrol_ldap_autoupdate_settings', get_string('autoupdate_settings', 'enrol_ldap'), get_string('autoupdate_settings_desc', 'enrol_ldap')));
$options = $yesno;
foreach ($coursefields as $field) {
$settings->add(new admin_setting_configselect('enrol_ldap/course_'.$field.'_updateonsync', get_string('course_'.$field.'_updateonsync_key', 'enrol_ldap'), get_string('course_'.$field.'_updateonsync', 'enrol_ldap'), 0, $options));
}
//--- nested groups settings ---
$settings->add(new admin_setting_heading('enrol_ldap_nested_groups_settings', get_string('nested_groups_settings', 'enrol_ldap'), ''));
$options = $yesno;
$settings->add(new admin_setting_configselect('enrol_ldap/nested_groups', get_string('nested_groups_key', 'enrol_ldap'), get_string('nested_groups', 'enrol_ldap'), 0, $options));
$settings->add(new admin_setting_configtext_trim_lower('enrol_ldap/group_memberofattribute', get_string('group_memberofattribute_key', 'enrol_ldap'), get_string('group_memberofattribute', 'enrol_ldap'), '', true, true));
}
}
enrol/ldap/settingslib.php
+209
View File
@@ -0,0 +1,209 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* LDAP enrolment plugin admin setting classes
*
* @package enrol_ldap
* @author Iñaki Arenaza
* @copyright 2010 Iñaki Arenaza <iarenaza@eps.mondragon.edu>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
class admin_setting_configtext_trim_lower extends admin_setting_configtext {
/* @var boolean whether to lowercase the value or not before writing in to the db */
private $lowercase;
/** @var bool To store enable/disabled status of the input field. */
protected $enabled;
/**
* Constructor: uses parent::__construct
*
* @param string $name unique ascii name, either 'mysetting' for settings that in config, or 'myplugin/mysetting' for ones in config_plugins.
* @param string $visiblename localised
* @param string $description long localised info
* @param string $defaultsetting default value for the setting
* @param boolean $lowercase if true, lowercase the value before writing it to the db.
* @param boolean $enabled if true, the input field is enabled, otherwise it's disabled.
*/
public function __construct($name, $visiblename, $description, $defaultsetting, $lowercase=false, $enabled=true) {
$this->lowercase = $lowercase;
$this->enabled = $enabled;
parent::__construct($name, $visiblename, $description, $defaultsetting);
}
/**
* Saves the setting(s) provided in $data
*
* @param array $data An array of data, if not array returns empty str
* @return mixed empty string on useless data or success, error string if failed
*/
public function write_setting($data) {
if ($this->paramtype === PARAM_INT and $data === '') {
// do not complain if '' used instead of 0
$data = 0;
}
// $data is a string
$validated = $this->validate($data);
if ($validated !== true) {
return $validated;
}
if ($this->lowercase) {
$data = core_text::strtolower($data);
}
if (!$this->enabled) {
return '';
}
return ($this->config_write($this->name, trim($data)) ? '' : get_string('errorsetting', 'admin'));
}
}
class admin_setting_ldap_rolemapping extends admin_setting {
/**
* Constructor: uses parent::__construct
*
* @param string $name unique ascii name, either 'mysetting' for settings that in config, or 'myplugin/mysetting' for ones in config_plugins.
* @param string $visiblename localised
* @param string $description long localised info
* @param string $defaultsetting default value for the setting (actually unused)
*/
public function __construct($name, $visiblename, $description, $defaultsetting) {
parent::__construct($name, $visiblename, $description, $defaultsetting);
}
/**
* Returns the current setting if it is set
*
* @return mixed null if null, else an array
*/
public function get_setting() {
$roles = role_fix_names(get_all_roles());
$result = array();
foreach ($roles as $role) {
$contexts = $this->config_read('contexts_role'.$role->id);
$memberattribute = $this->config_read('memberattribute_role'.$role->id);
$result[] = array('id' => $role->id,
'name' => $role->localname,
'contexts' => $contexts,
'memberattribute' => $memberattribute);
}
return $result;
}
/**
* Saves the setting(s) provided in $data
*
* @param array $data An array of data, if not array returns empty str
* @return mixed empty string on useless data or success, error string if failed
*/
public function write_setting($data) {
if(!is_array($data)) {
return ''; // ignore it
}
$result = '';
foreach ($data as $roleid => $data) {
if (!$this->config_write('contexts_role'.$roleid, trim($data['contexts']))) {
$return = get_string('errorsetting', 'admin');
}
if (!$this->config_write('memberattribute_role'.$roleid, core_text::strtolower(trim($data['memberattribute'])))) {
$return = get_string('errorsetting', 'admin');
}
}
return $result;
}
/**
* Returns XHTML field(s) as required by choices
*
* Relies on data being an array should data ever be another valid vartype with
* acceptable value this may cause a warning/error
* if (!is_array($data)) would fix the problem
*
* @todo Add vartype handling to ensure $data is an array
*
* @param array $data An array of checked values
* @param string $query
* @return string XHTML field
*/
public function output_html($data, $query='') {
$return = html_writer::start_tag('div', array('style' =>'float:left; width:auto; margin-right: 0.5em;'));
$return .= html_writer::tag('div', get_string('roles', 'role'), array('style' => 'height: 2em;'));
foreach ($data as $role) {
$return .= html_writer::tag('div', s($role['name']), array('style' => 'height: 2em;'));
}
$return .= html_writer::end_tag('div');
$return .= html_writer::start_tag('div', array('style' => 'float:left; width:auto; margin-right: 0.5em;'));
$return .= html_writer::tag('div', get_string('contexts', 'enrol_ldap'), array('style' => 'height: 2em;'));
foreach ($data as $role) {
$contextid = $this->get_id().'['.$role['id'].'][contexts]';
$contextname = $this->get_full_name().'['.$role['id'].'][contexts]';
$return .= html_writer::start_tag('div', array('style' => 'height: 2em;'));
$return .= html_writer::label(get_string('role_mapping_context', 'enrol_ldap', $role['name']), $contextid, false, array('class' => 'accesshide'));
$attrs = array('type' => 'text', 'size' => '40', 'id' => $contextid, 'name' => $contextname,
'value' => s($role['contexts']), 'class' => 'text-ltr');
$return .= html_writer::empty_tag('input', $attrs);
$return .= html_writer::end_tag('div');
}
$return .= html_writer::end_tag('div');
$return .= html_writer::start_tag('div', array('style' => 'float:left; width:auto; margin-right: 0.5em;'));
$return .= html_writer::tag('div', get_string('memberattribute', 'enrol_ldap'), array('style' => 'height: 2em;'));
foreach ($data as $role) {
$memberattrid = $this->get_id().'['.$role['id'].'][memberattribute]';
$memberattrname = $this->get_full_name().'['.$role['id'].'][memberattribute]';
$return .= html_writer::start_tag('div', array('style' => 'height: 2em;'));
$return .= html_writer::label(get_string('role_mapping_attribute', 'enrol_ldap', $role['name']), $memberattrid, false, array('class' => 'accesshide'));
$attrs = array('type' => 'text', 'size' => '15', 'id' => $memberattrid, 'name' => $memberattrname,
'value' => s($role['memberattribute']), 'class' => 'text-ltr');
$return .= html_writer::empty_tag('input', $attrs);
$return .= html_writer::end_tag('div');
}
$return .= html_writer::end_tag('div');
$return .= html_writer::tag('div', '', array('style' => 'clear:both;'));
return format_admin_setting($this, $this->visiblename, $return,
$this->description, true, '', '', $query);
}
}
/**
* Class implements new specialized setting for course categories that are loaded
* only when required
* @author Darko Miletic
*
*/
class enrol_ldap_admin_setting_category extends admin_setting_configselect {
public function __construct($name, $visiblename, $description) {
parent::__construct($name, $visiblename, $description, 1, null);
}
public function load_choices() {
if (is_array($this->choices)) {
return true;
}
$this->choices = core_course_category::make_categories_list('', 0, ' / ');
return true;
}
}
enrol/ldap/tests/ldap_test.php
+556
View File
@@ -0,0 +1,556 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace enrol_ldap;
/**
* LDAP enrolment plugin tests.
*
* NOTE: in order to execute this test you need to set up
* OpenLDAP server with core, cosine, nis and internet schemas
* and add configuration constants to config.php or phpunit.xml configuration file:
*
* define('TEST_ENROL_LDAP_HOST_URL', 'ldap://127.0.0.1');
* define('TEST_ENROL_LDAP_BIND_DN', 'cn=someuser,dc=example,dc=local');
* define('TEST_ENROL_LDAP_BIND_PW', 'somepassword');
* define('TEST_ENROL_LDAP_DOMAIN', 'dc=example,dc=local');
*
* @package enrol_ldap
* @category test
* @copyright 2013 Petr Skoda {@link http://skodak.org}
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class ldap_test extends \advanced_testcase {
/**
* Data provider for enrol_ldap tests
*
* Used to ensure that all the paged stuff works properly, irrespectively
* of the pagesize configured (that implies all the chunking and paging
* built in the plugis is doing its work consistently). Both searching and
* not searching within subcontexts.
*
* @return array[]
*/
public function enrol_ldap_provider() {
$pagesizes = [1, 3, 5, 1000];
$subcontexts = [0, 1];
$combinations = [];
foreach ($pagesizes as $pagesize) {
foreach ($subcontexts as $subcontext) {
$combinations["pagesize {$pagesize}, subcontexts {$subcontext}"] = [$pagesize, $subcontext];
}
}
return $combinations;
}
/**
* General enrol_ldap testcase
*
* @dataProvider enrol_ldap_provider
* @param int $pagesize Value to be configured in settings controlling page size.
* @param int $subcontext Value to be configured in settings controlling searching in subcontexts.
*/
public function test_enrol_ldap(int $pagesize, int $subcontext): void {
global $CFG, $DB;
if (!extension_loaded('ldap')) {
$this->markTestSkipped('LDAP extension is not loaded.');
}
$this->resetAfterTest();
require_once($CFG->dirroot.'/enrol/ldap/lib.php');
require_once($CFG->libdir.'/ldaplib.php');
if (!defined('TEST_ENROL_LDAP_HOST_URL') or !defined('TEST_ENROL_LDAP_BIND_DN') or !defined('TEST_ENROL_LDAP_BIND_PW') or !defined('TEST_ENROL_LDAP_DOMAIN')) {
$this->markTestSkipped('External LDAP test server not configured.');
}
// Make sure we can connect the server.
$debuginfo = '';
if (!$connection = ldap_connect_moodle(TEST_ENROL_LDAP_HOST_URL, 3, 'rfc2307', TEST_ENROL_LDAP_BIND_DN, TEST_ENROL_LDAP_BIND_PW, LDAP_DEREF_NEVER, $debuginfo, false)) {
$this->markTestSkipped('Can not connect to LDAP test server: '.$debuginfo);
}
$this->enable_plugin();
// Create new empty test container.
$topdn = 'dc=moodletest,'.TEST_ENROL_LDAP_DOMAIN;
$this->recursive_delete($connection, TEST_ENROL_LDAP_DOMAIN, 'dc=moodletest');
$o = array();
$o['objectClass'] = array('dcObject', 'organizationalUnit');
$o['dc'] = 'moodletest';
$o['ou'] = 'MOODLETEST';
if (!ldap_add($connection, 'dc=moodletest,'.TEST_ENROL_LDAP_DOMAIN, $o)) {
$this->markTestSkipped('Can not create test LDAP container.');
}
// Configure enrol plugin.
/** @var \enrol_ldap_plugin $enrol */
$enrol = enrol_get_plugin('ldap');
$enrol->set_config('host_url', TEST_ENROL_LDAP_HOST_URL);
$enrol->set_config('start_tls', 0);
$enrol->set_config('ldap_version', 3);
$enrol->set_config('ldapencoding', 'utf-8');
$enrol->set_config('pagesize', $pagesize);
$enrol->set_config('bind_dn', TEST_ENROL_LDAP_BIND_DN);
$enrol->set_config('bind_pw', TEST_ENROL_LDAP_BIND_PW);
$enrol->set_config('course_search_sub', $subcontext);
$enrol->set_config('memberattribute_isdn', 0);
$enrol->set_config('user_contexts', '');
$enrol->set_config('user_search_sub', 0);
$enrol->set_config('user_type', 'rfc2307');
$enrol->set_config('opt_deref', LDAP_DEREF_NEVER);
$enrol->set_config('objectclass', '(objectClass=posixGroup)');
$enrol->set_config('course_idnumber', 'cn');
$enrol->set_config('course_shortname', 'cn');
$enrol->set_config('course_fullname', 'cn');
$enrol->set_config('course_summary', '');
$enrol->set_config('ignorehiddencourses', 0);
$enrol->set_config('nested_groups', 0);
$enrol->set_config('autocreate', 0);
$enrol->set_config('unenrolaction', ENROL_EXT_REMOVED_KEEP);
$roles = get_all_roles();
foreach ($roles as $role) {
$enrol->set_config('contexts_role'.$role->id, '');
$enrol->set_config('memberattribute_role'.$role->id, '');
}
// Create group for teacher enrolments.
$teacherrole = $DB->get_record('role', array('shortname'=>'teacher'));
$this->assertNotEmpty($teacherrole);
$o = array();
$o['objectClass'] = array('organizationalUnit');
$o['ou'] = 'teachers';
ldap_add($connection, 'ou=teachers,'.$topdn, $o);
$enrol->set_config('contexts_role'.$teacherrole->id, 'ou=teachers,'.$topdn);
$enrol->set_config('memberattribute_role'.$teacherrole->id, 'memberuid');
// Create group for student enrolments.
$studentrole = $DB->get_record('role', array('shortname'=>'student'));
$this->assertNotEmpty($studentrole);
$o = array();
$o['objectClass'] = array('organizationalUnit');
$o['ou'] = 'students';
ldap_add($connection, 'ou=students,'.$topdn, $o);
$enrol->set_config('contexts_role'.$studentrole->id, 'ou=students,'.$topdn);
$enrol->set_config('memberattribute_role'.$studentrole->id, 'memberuid');
// Create some users and courses.
$user1 = $this->getDataGenerator()->create_user(array('idnumber'=>'user1', 'username'=>'user1'));
$user2 = $this->getDataGenerator()->create_user(array('idnumber'=>'user2', 'username'=>'user2'));
$user3 = $this->getDataGenerator()->create_user(array('idnumber'=>'user3', 'username'=>'user3'));
$user4 = $this->getDataGenerator()->create_user(array('idnumber'=>'user4', 'username'=>'user4'));
$user5 = $this->getDataGenerator()->create_user(array('idnumber'=>'user5', 'username'=>'user5'));
$user6 = $this->getDataGenerator()->create_user(array('idnumber'=>'user6', 'username'=>'user6'));
$course1 = $this->getDataGenerator()->create_course(array('idnumber'=>'course1', 'shortname'=>'course1'));
$course2 = $this->getDataGenerator()->create_course(array('idnumber'=>'course2', 'shortname'=>'course2'));
$course3 = $this->getDataGenerator()->create_course(array('idnumber'=>'course3', 'shortname'=>'course3'));
// Set up some ldap data.
$o = array();
$o['objectClass'] = array('posixGroup');
$o['cn'] = 'course1';
$o['gidNumber'] = '1';
$o['memberUid'] = array('user1', 'user2', 'user3', 'userx');
ldap_add($connection, 'cn='.$o['cn'].',ou=students,'.$topdn, $o);
$o = array();
$o['objectClass'] = array('posixGroup');
$o['cn'] = 'course1';
$o['gidNumber'] = '2';
$o['memberUid'] = array('user5');
ldap_add($connection, 'cn='.$o['cn'].',ou=teachers,'.$topdn, $o);
$o = array();
$o['objectClass'] = array('posixGroup');
$o['cn'] = 'course2';
$o['gidNumber'] = '3';
$o['memberUid'] = array('user1', 'user2', 'user3', 'user4');
ldap_add($connection, 'cn='.$o['cn'].',ou=students,'.$topdn, $o);
$o = array();
$o['objectClass'] = array('posixGroup');
$o['cn'] = 'course4';
$o['gidNumber'] = '4';
$o['memberUid'] = array('user1', 'user2');
ldap_add($connection, 'cn='.$o['cn'].',ou=students,'.$topdn, $o);
$o = array();
$o['objectClass'] = array('posixGroup');
$o['cn'] = 'course4';
$o['gidNumber'] = '5';
$o['memberUid'] = array('user5', 'user6');
ldap_add($connection, 'cn='.$o['cn'].',ou=teachers,'.$topdn, $o);
// Test simple test without creation.
$this->assertEquals(0, $DB->count_records('user_enrolments'));
$this->assertEquals(0, $DB->count_records('role_assignments'));
$this->assertEquals(4, $DB->count_records('course'));
$enrol->sync_enrolments(new \null_progress_trace());
$this->assertEquals(8, $DB->count_records('user_enrolments'));
$this->assertEquals(8, $DB->count_records('role_assignments'));
$this->assertEquals(4, $DB->count_records('course'));
$this->assertIsEnrolled($course1->id, $user1->id, $studentrole->id);
$this->assertIsEnrolled($course1->id, $user2->id, $studentrole->id);
$this->assertIsEnrolled($course1->id, $user3->id, $studentrole->id);
$this->assertIsEnrolled($course1->id, $user5->id, $teacherrole->id);
$this->assertIsEnrolled($course2->id, $user1->id, $studentrole->id);
$this->assertIsEnrolled($course2->id, $user2->id, $studentrole->id);
$this->assertIsEnrolled($course2->id, $user3->id, $studentrole->id);
$this->assertIsEnrolled($course2->id, $user4->id, $studentrole->id);
// Test course creation.
$enrol->set_config('autocreate', 1);
$enrol->sync_enrolments(new \null_progress_trace());
$this->assertEquals(12, $DB->count_records('user_enrolments'));
$this->assertEquals(12, $DB->count_records('role_assignments'));
$this->assertEquals(5, $DB->count_records('course'));
$course4 = $DB->get_record('course', array('idnumber'=>'course4'), '*', MUST_EXIST);
$this->assertIsEnrolled($course4->id, $user1->id, $studentrole->id);
$this->assertIsEnrolled($course4->id, $user2->id, $studentrole->id);
$this->assertIsEnrolled($course4->id, $user5->id, $teacherrole->id);
$this->assertIsEnrolled($course4->id, $user6->id, $teacherrole->id);
// Test unenrolment.
ldap_delete($connection, 'cn=course1,ou=students,'.$topdn);
$o = array();
$o['objectClass'] = array('posixGroup');
$o['cn'] = 'course1';
$o['gidNumber'] = '1';
ldap_add($connection, 'cn='.$o['cn'].',ou=students,'.$topdn, $o);
$enrol->set_config('unenrolaction', ENROL_EXT_REMOVED_KEEP);
$enrol->sync_enrolments(new \null_progress_trace());
$this->assertEquals(12, $DB->count_records('user_enrolments'));
$this->assertEquals(12, $DB->count_records('role_assignments'));
$this->assertEquals(5, $DB->count_records('course'));
$enrol->set_config('unenrolaction', ENROL_EXT_REMOVED_SUSPEND);
$enrol->sync_enrolments(new \null_progress_trace());
$this->assertEquals(12, $DB->count_records('user_enrolments'));
$this->assertEquals(12, $DB->count_records('role_assignments'));
$this->assertEquals(5, $DB->count_records('course'));
$this->assertIsEnrolled($course1->id, $user1->id, $studentrole->id, ENROL_USER_SUSPENDED);
$this->assertIsEnrolled($course1->id, $user2->id, $studentrole->id, ENROL_USER_SUSPENDED);
$this->assertIsEnrolled($course1->id, $user3->id, $studentrole->id, ENROL_USER_SUSPENDED);
ldap_delete($connection, 'cn=course1,ou=students,'.$topdn);
$o = array();
$o['objectClass'] = array('posixGroup');
$o['cn'] = 'course1';
$o['gidNumber'] = '1';
$o['memberUid'] = array('user1', 'user2', 'user3');
ldap_add($connection, 'cn='.$o['cn'].',ou=students,'.$topdn, $o);
$enrol->sync_enrolments(new \null_progress_trace());
$this->assertEquals(12, $DB->count_records('user_enrolments'));
$this->assertEquals(12, $DB->count_records('role_assignments'));
$this->assertEquals(5, $DB->count_records('course'));
$this->assertIsEnrolled($course1->id, $user1->id, $studentrole->id, ENROL_USER_ACTIVE);
$this->assertIsEnrolled($course1->id, $user2->id, $studentrole->id, ENROL_USER_ACTIVE);
$this->assertIsEnrolled($course1->id, $user3->id, $studentrole->id, ENROL_USER_ACTIVE);
ldap_delete($connection, 'cn=course1,ou=students,'.$topdn);
$o = array();
$o['objectClass'] = array('posixGroup');
$o['cn'] = 'course1';
$o['gidNumber'] = '1';
ldap_add($connection, 'cn='.$o['cn'].',ou=students,'.$topdn, $o);
$enrol->set_config('unenrolaction', ENROL_EXT_REMOVED_SUSPENDNOROLES);
$enrol->sync_enrolments(new \null_progress_trace());
$this->assertEquals(12, $DB->count_records('user_enrolments'));
$this->assertEquals(9, $DB->count_records('role_assignments'));
$this->assertEquals(5, $DB->count_records('course'));
$this->assertIsEnrolled($course1->id, $user1->id, 0, ENROL_USER_SUSPENDED);
$this->assertIsEnrolled($course1->id, $user2->id, 0, ENROL_USER_SUSPENDED);
$this->assertIsEnrolled($course1->id, $user3->id, 0, ENROL_USER_SUSPENDED);
ldap_delete($connection, 'cn=course1,ou=students,'.$topdn);
$o = array();
$o['objectClass'] = array('posixGroup');
$o['cn'] = 'course1';
$o['gidNumber'] = '1';
$o['memberUid'] = array('user1', 'user2', 'user3');
ldap_add($connection, 'cn='.$o['cn'].',ou=students,'.$topdn, $o);
$enrol->sync_enrolments(new \null_progress_trace());
$this->assertEquals(12, $DB->count_records('user_enrolments'));
$this->assertEquals(12, $DB->count_records('role_assignments'));
$this->assertEquals(5, $DB->count_records('course'));
$this->assertIsEnrolled($course1->id, $user1->id, $studentrole->id, ENROL_USER_ACTIVE);
$this->assertIsEnrolled($course1->id, $user2->id, $studentrole->id, ENROL_USER_ACTIVE);
$this->assertIsEnrolled($course1->id, $user3->id, $studentrole->id, ENROL_USER_ACTIVE);
ldap_delete($connection, 'cn=course1,ou=students,'.$topdn);
$o = array();
$o['objectClass'] = array('posixGroup');
$o['cn'] = 'course1';
$o['gidNumber'] = '1';
ldap_add($connection, 'cn='.$o['cn'].',ou=students,'.$topdn, $o);
$enrol->set_config('unenrolaction', ENROL_EXT_REMOVED_UNENROL);
$enrol->sync_enrolments(new \null_progress_trace());
$this->assertEquals(9, $DB->count_records('user_enrolments'));
$this->assertEquals(9, $DB->count_records('role_assignments'));
$this->assertEquals(5, $DB->count_records('course'));
$this->assertIsNotEnrolled($course1->id, $user1->id);
$this->assertIsNotEnrolled($course1->id, $user2->id);
$this->assertIsNotEnrolled($course1->id, $user3->id);
// Individual user enrolments-
ldap_delete($connection, 'cn=course1,ou=students,'.$topdn);
$o = array();
$o['objectClass'] = array('posixGroup');
$o['cn'] = 'course1';
$o['gidNumber'] = '1';
$o['memberUid'] = array('user1', 'user2', 'user3');
ldap_add($connection, 'cn='.$o['cn'].',ou=students,'.$topdn, $o);
$enrol->sync_user_enrolments($user1);
$this->assertEquals(10, $DB->count_records('user_enrolments'));
$this->assertEquals(10, $DB->count_records('role_assignments'));
$this->assertEquals(5, $DB->count_records('course'));
$this->assertIsEnrolled($course1->id, $user1->id, $studentrole->id, ENROL_USER_ACTIVE);
ldap_delete($connection, 'cn=course1,ou=students,'.$topdn);
$o = array();
$o['objectClass'] = array('posixGroup');
$o['cn'] = 'course1';
$o['gidNumber'] = '1';
$o['memberUid'] = array('user2', 'user3');
ldap_add($connection, 'cn='.$o['cn'].',ou=students,'.$topdn, $o);
$enrol->set_config('unenrolaction', ENROL_EXT_REMOVED_KEEP);
$enrol->sync_user_enrolments($user1);
$this->assertEquals(10, $DB->count_records('user_enrolments'));
$this->assertEquals(10, $DB->count_records('role_assignments'));
$this->assertEquals(5, $DB->count_records('course'));
$this->assertIsEnrolled($course1->id, $user1->id, $studentrole->id, ENROL_USER_ACTIVE);
$enrol->set_config('unenrolaction', ENROL_EXT_REMOVED_SUSPEND);
$enrol->sync_user_enrolments($user1);
$this->assertEquals(10, $DB->count_records('user_enrolments'));
$this->assertEquals(10, $DB->count_records('role_assignments'));
$this->assertEquals(5, $DB->count_records('course'));
$this->assertIsEnrolled($course1->id, $user1->id, $studentrole->id, ENROL_USER_SUSPENDED);
ldap_delete($connection, 'cn=course1,ou=students,'.$topdn);
$o = array();
$o['objectClass'] = array('posixGroup');
$o['cn'] = 'course1';
$o['gidNumber'] = '1';
$o['memberUid'] = array('user1', 'user2', 'user3');
ldap_add($connection, 'cn='.$o['cn'].',ou=students,'.$topdn, $o);
$enrol->sync_user_enrolments($user1);
$this->assertEquals(10, $DB->count_records('user_enrolments'));
$this->assertEquals(10, $DB->count_records('role_assignments'));
$this->assertEquals(5, $DB->count_records('course'));
$this->assertIsEnrolled($course1->id, $user1->id, $studentrole->id, ENROL_USER_ACTIVE);
ldap_delete($connection, 'cn=course1,ou=students,'.$topdn);
$o = array();
$o['objectClass'] = array('posixGroup');
$o['cn'] = 'course1';
$o['gidNumber'] = '1';
$o['memberUid'] = array('user2', 'user3');
ldap_add($connection, 'cn='.$o['cn'].',ou=students,'.$topdn, $o);
$enrol->set_config('unenrolaction', ENROL_EXT_REMOVED_SUSPENDNOROLES);
$enrol->sync_user_enrolments($user1);
$this->assertEquals(10, $DB->count_records('user_enrolments'));
$this->assertEquals(9, $DB->count_records('role_assignments'));
$this->assertEquals(5, $DB->count_records('course'));
$this->assertIsEnrolled($course1->id, $user1->id, 0, ENROL_USER_SUSPENDED);
ldap_delete($connection, 'cn=course1,ou=students,'.$topdn);
$o = array();
$o['objectClass'] = array('posixGroup');
$o['cn'] = 'course1';
$o['gidNumber'] = '1';
$o['memberUid'] = array('user1', 'user2', 'user3');
ldap_add($connection, 'cn='.$o['cn'].',ou=students,'.$topdn, $o);
$enrol->sync_user_enrolments($user1);
$this->assertEquals(10, $DB->count_records('user_enrolments'));
$this->assertEquals(10, $DB->count_records('role_assignments'));
$this->assertEquals(5, $DB->count_records('course'));
$this->assertIsEnrolled($course1->id, $user1->id, $studentrole->id, ENROL_USER_ACTIVE);
ldap_delete($connection, 'cn=course1,ou=students,'.$topdn);
$o = array();
$o['objectClass'] = array('posixGroup');
$o['cn'] = 'course1';
$o['gidNumber'] = '1';
$o['memberUid'] = array('user2', 'user3');
ldap_add($connection, 'cn='.$o['cn'].',ou=students,'.$topdn, $o);
$enrol->set_config('unenrolaction', ENROL_EXT_REMOVED_UNENROL);
$enrol->sync_user_enrolments($user1);
$this->assertEquals(9, $DB->count_records('user_enrolments'));
$this->assertEquals(9, $DB->count_records('role_assignments'));
$this->assertEquals(5, $DB->count_records('course'));
$this->assertIsNotEnrolled($course1->id, $user1->id);
$this->recursive_delete($connection, TEST_ENROL_LDAP_DOMAIN, 'dc=moodletest');
ldap_close($connection);
// NOTE: multiple roles in one course is not supported, sorry
}
public function assertIsEnrolled($courseid, $userid, $roleid, $status=null) {
global $DB;
$context = \context_course::instance($courseid);
$instance = $DB->get_record('enrol', array('courseid'=>$courseid, 'enrol'=>'ldap'));
$this->assertNotEmpty($instance);
$ue = $DB->get_record('user_enrolments', array('enrolid'=>$instance->id, 'userid'=>$userid));
$this->assertNotEmpty($ue);
if (isset($status)) {
$this->assertEquals($status, $ue->status);
}
if ($roleid) {
$this->assertTrue($DB->record_exists('role_assignments', array('contextid'=>$context->id, 'userid'=>$userid, 'roleid'=>$roleid, 'component'=>'enrol_ldap')));
} else {
$this->assertFalse($DB->record_exists('role_assignments', array('contextid'=>$context->id, 'userid'=>$userid, 'component'=>'enrol_ldap')));
}
}
public function assertIsNotEnrolled($courseid, $userid) {
$context = \context_course::instance($courseid);
$this->assertFalse(is_enrolled($context, $userid));
}
protected function enable_plugin() {
$enabled = enrol_get_plugins(true);
$enabled['ldap'] = true;
$enabled = array_keys($enabled);
set_config('enrol_plugins_enabled', implode(',', $enabled));
}
protected function disable_plugin() {
$enabled = enrol_get_plugins(true);
unset($enabled['ldap']);
$enabled = array_keys($enabled);
set_config('enrol_plugins_enabled', implode(',', $enabled));
}
protected function recursive_delete($connection, $dn, $filter) {
if ($res = ldap_list($connection, $dn, $filter, array('dn'))) {
$info = ldap_get_entries($connection, $res);
ldap_free_result($res);
if ($info['count'] > 0) {
if ($res = ldap_search($connection, "$filter,$dn", 'cn=*', array('dn'))) {
$info = ldap_get_entries($connection, $res);
ldap_free_result($res);
foreach ($info as $i) {
if (isset($i['dn'])) {
ldap_delete($connection, $i['dn']);
}
}
}
if ($res = ldap_search($connection, "$filter,$dn", 'ou=*', array('dn'))) {
$info = ldap_get_entries($connection, $res);
ldap_free_result($res);
foreach ($info as $i) {
if (isset($i['dn']) and $info[0]['dn'] != $i['dn']) {
ldap_delete($connection, $i['dn']);
}
}
}
ldap_delete($connection, "$filter,$dn");
}
}
}
/**
* Test that normalisation of the use objectclass is completed successfully.
*
* @dataProvider objectclass_fetch_provider
* @param string $usertype The supported user type
* @param string $expected The expected filter value
*/
public function test_objectclass_fetch($usertype, $expected): void {
$this->resetAfterTest();
// Set the user type - this must be performed before the plugin is instantiated.
set_config('user_type', $usertype, 'enrol_ldap');
// Fetch the plugin.
$instance = enrol_get_plugin('ldap');
// Use reflection to sneak a look at the plugin.
$rc = new \ReflectionClass('enrol_ldap_plugin');
$rcp = $rc->getProperty('userobjectclass');
// Fetch the current userobjectclass value.
$value = $rcp->getValue($instance);
$this->assertEquals($expected, $value);
}
/**
* Data provider for the test_objectclass_fetch testcase.
*
* @return array of testcases.
*/
public function objectclass_fetch_provider() {
return array(
// This is the list of values from ldap_getdefaults() normalised.
'edir' => array(
'edir',
'(objectClass=user)'
),
'rfc2307' => array(
'rfc2307',
'(objectClass=posixaccount)'
),
'rfc2307bis' => array(
'rfc2307bis',
'(objectClass=posixaccount)'
),
'samba' => array(
'samba',
'(objectClass=sambasamaccount)'
),
'ad' => array(
'ad',
'(samaccounttype=805306368)'
),
'default' => array(
'default',
'(objectClass=*)'
),
);
}
}
enrol/ldap/upgrade.txt
+8
View File
@@ -0,0 +1,8 @@
This files describes API changes in the enrol_ldap code.
=== 3.8 ===
* enrol/ldap/cli/sync.php script has been removed. You should use enrol_ldap\task\sync_enrolments task instead.
=== 3.3 ===
* enrol/ldap/cli/sync.php script has been deprecated in favour of enrol_ldap\task\sync_enrolments task.
enrol/ldap/version.php
+30
View File
@@ -0,0 +1,30 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* LDAP enrolment plugin version specification.
*
* @package enrol_ldap
* @author Iñaki Arenaza
* @copyright 2010 Iñaki Arenaza <iarenaza@eps.mondragon.edu>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
$plugin->version = 2024042200; // The current plugin version (Date: YYYYMMDDXX).
$plugin->requires = 2024041600; // Requires this Moodle version.
$plugin->component = 'enrol_ldap'; // Full name of the plugin (used for diagnostics)