-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathlocallib.php
138 lines (115 loc) · 3.53 KB
/
locallib.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
<?php
/**
* Common functions
*
* @package auth_saml2sso
* @copyright 2018 Marco Ferrante
* @author Marco Ferrante <marco at csita.unige.it>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_saml2sso;
defined('MOODLE_INTERNAL') || die;
const AUTH_NAME = 'saml2sso';
const COMPONENT_NAME = 'auth_' . AUTH_NAME;
// Known auth mechanisms based on Moodle internal
// Only auth mechanism in which the username is handle from a central "istitutional"
// backend can be converted to SSO
const LOCAL_AUTH_PLUGINS = [
'cas' => false,
'db' => false,
'email' => true,
'ldap' => false,
'lti' => true,
'manual' => true,
'mnet' => true,
'nologin' => true,
'none' => true,
'oauth2' => true,
'oidc' => true,
'shibboleth' => false,
'webservice' => true,
];
function load_ssp_lib($path) {
if (empty($path)) {
return false;
}
if (!file_exists($path . DIRECTORY_SEPARATOR . 'src' . DIRECTORY_SEPARATOR . '_autoload.php')) {
return false;
}
require_once($path . DIRECTORY_SEPARATOR . 'src' . DIRECTORY_SEPARATOR . '_autoload.php');
return true;
}
require_once 'classes/event/user_migrated.php';
/**
* An helper to test if a plugin can sync users.
*
* @param type $plugin An auth plugin
* @return bool true if $plugin can sync users
*/
function can_sync_user($plugin) {
if ($plugin instanceof \auth_plugin_base
&& method_exists($plugin, 'sync_users')) {
// Check argument number?
return true;
}
return false;
}
function get_known_plugin($knownauthplugins = LOCAL_AUTH_PLUGINS) {
global $DB;
$authsavailable = \core_component::get_plugin_list('auth');
$fields = [];
// Check for authsources assigned in user table, even if the plugin is
// not present. This cope with unavailable plugins (eg. incomptabile ones)
$usedsauth = $DB->get_records_sql_menu('SELECT DISTINCT auth, COUNT(auth) FROM {user} WHERE deleted=0 GROUP BY auth');
foreach ($usedsauth as $auth => $count) {
if ($auth == AUTH_NAME) {
// Skip itself.
continue;
}
if (!empty($knownauthplugins[$auth])) {
continue;
}
if (empty($authsavailable[$auth])) {
$fields[$auth] = ['auth' => null, 'count' => $count];
continue;
}
$authplugin = \get_auth_plugin($auth);
$fields[$auth] = ['auth' => $authplugin->get_title(), 'count' => $count];
}
return $fields;
}
/**
* Migrate users.
*
* @param type $auth Plugin to migrate
* @return int the number of user migrate or false in case of error
*/
function takeover($auth) {
global $DB;
$known_plugins = get_known_plugin();
if (empty($known_plugins[$auth])) {
// Could not migrate.
debugging('user belongin to ' . $auth . ' cannot migrate', DEBUG_NORMAL);
return false;
}
$users = $DB->get_records('user', array('auth'=>$auth, 'deleted'=>0));
if (count($users) == 0) {
debugging('no user authenticate by ' . $auth . ' to migrate', DEBUG_NORMAL);
return false;
}
$count = 0;
foreach ($users as $userid => $user) {
if (!\core_user::is_real_user($userid)) {
// Admin.
continue;
}
$user->auth = AUTH_NAME;
user_update_user($user, false, false);
$event = \auth_saml2sso\event\user_migrated::create(array(
'userid' => $user->id
));
$event->trigger();
$count++;
}
return $count;
}