search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'MDL-43697-310' of https://github.com/praxisdigital/moodle into MOODLE_3...
[moodle.git] / auth / cas / settings.php
blob3e7fed289810c261fbd2f320439e299e22f43b55
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
16
17 /**
18 * Admin settings and defaults.
19 *
20 * @package auth_cas
21 * @copyright 2017 Stephen Bourget
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
23 */
24
25 defined('MOODLE_INTERNAL') || die;
26
27 if ($ADMIN->fulltree) {
28
29 if (!function_exists('ldap_connect')) {
30 $notify = new \core\output\notification(get_string('auth_casnotinstalled', 'auth_cas'),
31 \core\output\notification::NOTIFY_WARNING);
32 $settings->add(new admin_setting_heading('auth_casnotinstalled', '', $OUTPUT->render($notify)));
33 } else {
34 // We use a couple of custom admin settings since we need to massage the data before it is inserted into the DB.
35 require_once($CFG->dirroot.'/auth/ldap/classes/admin_setting_special_lowercase_configtext.php');
36 require_once($CFG->dirroot.'/auth/ldap/classes/admin_setting_special_contexts_configtext.php');
37
38 // Include needed files.
39 require_once($CFG->dirroot.'/auth/cas/auth.php');
40 require_once($CFG->dirroot.'/auth/cas/languages.php');
41
42 // Introductory explanation.
43 $settings->add(new admin_setting_heading('auth_cas/pluginname', '',
44 new lang_string('auth_casdescription', 'auth_cas')));
45
46 // CAS server configuration label.
47 $settings->add(new admin_setting_heading('auth_cas/casserversettings',
48 new lang_string('auth_cas_server_settings', 'auth_cas'), ''));
49
50 // Authentication method name.
51 $settings->add(new admin_setting_configtext('auth_cas/auth_name',
52 get_string('auth_cas_auth_name', 'auth_cas'),
53 get_string('auth_cas_auth_name_description', 'auth_cas'),
54 get_string('auth_cas_auth_service', 'auth_cas'),
55 PARAM_RAW_TRIMMED));
56
57 // Authentication method logo.
58 $opts = array('accepted_types' => array('.png', '.jpg', '.gif', '.webp', '.tiff', '.svg'));
59 $settings->add(new admin_setting_configstoredfile('auth_cas/auth_logo',
60 get_string('auth_cas_auth_logo', 'auth_cas'),
61 get_string('auth_cas_auth_logo_description', 'auth_cas'), 'logo', 0, $opts));
62
63
64 // Hostname.
65 $settings->add(new admin_setting_configtext('auth_cas/hostname',
66 get_string('auth_cas_hostname_key', 'auth_cas'),
67 get_string('auth_cas_hostname', 'auth_cas'), '', PARAM_RAW_TRIMMED));
68
69 // Base URI.
70 $settings->add(new admin_setting_configtext('auth_cas/baseuri',
71 get_string('auth_cas_baseuri_key', 'auth_cas'),
72 get_string('auth_cas_baseuri', 'auth_cas'), '', PARAM_RAW_TRIMMED));
73
74 // Port.
75 $settings->add(new admin_setting_configtext('auth_cas/port',
76 get_string('auth_cas_port_key', 'auth_cas'),
77 get_string('auth_cas_port', 'auth_cas'), '', PARAM_INT));
78
79 // CAS Version.
80 $casversions = array();
81 $casversions[CAS_VERSION_1_0] = 'CAS 1.0';
82 $casversions[CAS_VERSION_2_0] = 'CAS 2.0';
83 $settings->add(new admin_setting_configselect('auth_cas/casversion',
84 new lang_string('auth_cas_casversion', 'auth_cas'),
85 new lang_string('auth_cas_version', 'auth_cas'), CAS_VERSION_2_0, $casversions));
86
87 // Language.
88 if (!isset($CASLANGUAGES) || empty($CASLANGUAGES)) {
89 // Prevent warnings on other admin pages.
90 // $CASLANGUAGES is defined in /auth/cas/languages.php.
91 $CASLANGUAGES = array();
92 $CASLANGUAGES[PHPCAS_LANG_ENGLISH] = 'English';
93 $CASLANGUAGES[PHPCAS_LANG_FRENCH] = 'French';
94 }
95 $settings->add(new admin_setting_configselect('auth_cas/language',
96 new lang_string('auth_cas_language_key', 'auth_cas'),
97 new lang_string('auth_cas_language', 'auth_cas'), PHPCAS_LANG_ENGLISH, $CASLANGUAGES));
98
99 // Proxy.
100 $yesno = array(
101 new lang_string('no'),
102 new lang_string('yes'),
103 );
104 $settings->add(new admin_setting_configselect('auth_cas/proxycas',
105 new lang_string('auth_cas_proxycas_key', 'auth_cas'),
106 new lang_string('auth_cas_proxycas', 'auth_cas'), 0 , $yesno));
107
108 // Logout option.
109 $settings->add(new admin_setting_configselect('auth_cas/logoutcas',
110 new lang_string('auth_cas_logoutcas_key', 'auth_cas'),
111 new lang_string('auth_cas_logoutcas', 'auth_cas'), 0 , $yesno));
112
113 // Multi-auth.
114 $settings->add(new admin_setting_configselect('auth_cas/multiauth',
115 new lang_string('auth_cas_multiauth_key', 'auth_cas'),
116 new lang_string('auth_cas_multiauth', 'auth_cas'), 0 , $yesno));
117
118 // Server validation.
119 $settings->add(new admin_setting_configselect('auth_cas/certificate_check',
120 new lang_string('auth_cas_certificate_check_key', 'auth_cas'),
121 new lang_string('auth_cas_certificate_check', 'auth_cas'), 0 , $yesno));
122
123 // Certificate path.
124 $settings->add(new admin_setting_configfile('auth_cas/certificate_path',
125 get_string('auth_cas_certificate_path_key', 'auth_cas'),
126 get_string('auth_cas_certificate_path', 'auth_cas'), ''));
127
128 // CURL SSL version.
129 $sslversions = array();
130 $sslversions[''] = get_string('auth_cas_curl_ssl_version_default', 'auth_cas');
131 if (defined('CURL_SSLVERSION_TLSv1')) {
132 $sslversions[CURL_SSLVERSION_TLSv1] = get_string('auth_cas_curl_ssl_version_TLSv1x', 'auth_cas');
133 }
134 if (defined('CURL_SSLVERSION_TLSv1_0')) {
135 $sslversions[CURL_SSLVERSION_TLSv1_0] = get_string('auth_cas_curl_ssl_version_TLSv10', 'auth_cas');
136 }
137 if (defined('CURL_SSLVERSION_TLSv1_1')) {
138 $sslversions[CURL_SSLVERSION_TLSv1_1] = get_string('auth_cas_curl_ssl_version_TLSv11', 'auth_cas');
139 }
140 if (defined('CURL_SSLVERSION_TLSv1_2')) {
141 $sslversions[CURL_SSLVERSION_TLSv1_2] = get_string('auth_cas_curl_ssl_version_TLSv12', 'auth_cas');
142 }
143 if (defined('CURL_SSLVERSION_SSLv2')) {
144 $sslversions[CURL_SSLVERSION_SSLv2] = get_string('auth_cas_curl_ssl_version_SSLv2', 'auth_cas');
145 }
146 if (defined('CURL_SSLVERSION_SSLv3')) {
147 $sslversions[CURL_SSLVERSION_SSLv3] = get_string('auth_cas_curl_ssl_version_SSLv3', 'auth_cas');
148 }
149 $settings->add(new admin_setting_configselect('auth_cas/curl_ssl_version',
150 new lang_string('auth_cas_curl_ssl_version_key', 'auth_cas'),
151 new lang_string('auth_cas_curl_ssl_version', 'auth_cas'), '' , $sslversions));
152
153 // Alt Logout URL.
154 $settings->add(new admin_setting_configtext('auth_cas/logout_return_url',
155 get_string('auth_cas_logout_return_url_key', 'auth_cas'),
156 get_string('auth_cas_logout_return_url', 'auth_cas'), '', PARAM_URL));
157
158 // LDAP server settings.
159 $settings->add(new admin_setting_heading('auth_cas/ldapserversettings',
160 new lang_string('auth_ldap_server_settings', 'auth_ldap'), ''));
161
162 // Host.
163 $settings->add(new admin_setting_configtext('auth_cas/host_url',
164 get_string('auth_ldap_host_url_key', 'auth_ldap'),
165 get_string('auth_ldap_host_url', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
166
167 // Version.
168 $versions = array();
169 $versions[2] = '2';
170 $versions[3] = '3';
171 $settings->add(new admin_setting_configselect('auth_cas/ldap_version',
172 new lang_string('auth_ldap_version_key', 'auth_ldap'),
173 new lang_string('auth_ldap_version', 'auth_ldap'), 3, $versions));
174
175 // Start TLS.
176 $settings->add(new admin_setting_configselect('auth_cas/start_tls',
177 new lang_string('start_tls_key', 'auth_ldap'),
178 new lang_string('start_tls', 'auth_ldap'), 0 , $yesno));
179
180
181 // Encoding.
182 $settings->add(new admin_setting_configtext('auth_cas/ldapencoding',
183 get_string('auth_ldap_ldap_encoding_key', 'auth_ldap'),
184 get_string('auth_ldap_ldap_encoding', 'auth_ldap'), 'utf-8', PARAM_RAW_TRIMMED));
185
186 // Page Size. (Hide if not available).
187 $settings->add(new admin_setting_configtext('auth_cas/pagesize',
188 get_string('pagesize_key', 'auth_ldap'),
189 get_string('pagesize', 'auth_ldap'), '250', PARAM_INT));
190
191 // Bind settings.
192 $settings->add(new admin_setting_heading('auth_cas/ldapbindsettings',
193 new lang_string('auth_ldap_bind_settings', 'auth_ldap'), ''));
194
195 // User ID.
196 $settings->add(new admin_setting_configtext('auth_cas/bind_dn',
197 get_string('auth_ldap_bind_dn_key', 'auth_ldap'),
198 get_string('auth_ldap_bind_dn', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
199
200 // Password.
201 $settings->add(new admin_setting_configpasswordunmask('auth_cas/bind_pw',
202 get_string('auth_ldap_bind_pw_key', 'auth_ldap'),
203 get_string('auth_ldap_bind_pw', 'auth_ldap'), ''));
204
205 // User Lookup settings.
206 $settings->add(new admin_setting_heading('auth_cas/ldapuserlookup',
207 new lang_string('auth_ldap_user_settings', 'auth_ldap'), ''));
208
209 // User Type.
210 $settings->add(new admin_setting_configselect('auth_cas/user_type',
211 new lang_string('auth_ldap_user_type_key', 'auth_ldap'),
212 new lang_string('auth_ldap_user_type', 'auth_ldap'), 'default', ldap_supported_usertypes()));
213
214 // Contexts.
215 $settings->add(new auth_ldap_admin_setting_special_contexts_configtext('auth_cas/contexts',
216 get_string('auth_ldap_contexts_key', 'auth_ldap'),
217 get_string('auth_ldap_contexts', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
218
219 // Search subcontexts.
220 $settings->add(new admin_setting_configselect('auth_cas/search_sub',
221 new lang_string('auth_ldap_search_sub_key', 'auth_ldap'),
222 new lang_string('auth_ldap_search_sub', 'auth_ldap'), 0 , $yesno));
223
224 // Dereference aliases.
225 $optderef = array();
226 $optderef[LDAP_DEREF_NEVER] = get_string('no');
227 $optderef[LDAP_DEREF_ALWAYS] = get_string('yes');
228
229 $settings->add(new admin_setting_configselect('auth_cas/opt_deref',
230 new lang_string('auth_ldap_opt_deref_key', 'auth_ldap'),
231 new lang_string('auth_ldap_opt_deref', 'auth_ldap'), LDAP_DEREF_NEVER , $optderef));
232
233 // User attribute.
234 $settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_cas/user_attribute',
235 get_string('auth_ldap_user_attribute_key', 'auth_ldap'),
236 get_string('auth_ldap_user_attribute', 'auth_ldap'), '', PARAM_RAW));
237
238 // Member attribute.
239 $settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_cas/memberattribute',
240 get_string('auth_ldap_memberattribute_key', 'auth_ldap'),
241 get_string('auth_ldap_memberattribute', 'auth_ldap'), '', PARAM_RAW));
242
243 // Member attribute uses dn.
244 $settings->add(new admin_setting_configselect('auth_cas/memberattribute_isdn',
245 get_string('auth_ldap_memberattribute_isdn_key', 'auth_ldap'),
246 get_string('auth_ldap_memberattribute_isdn', 'auth_ldap'), 0, $yesno));
247
248 // Object class.
249 $settings->add(new admin_setting_configtext('auth_cas/objectclass',
250 get_string('auth_ldap_objectclass_key', 'auth_ldap'),
251 get_string('auth_ldap_objectclass', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
252
253 // Course Creators Header.
254 $settings->add(new admin_setting_heading('auth_cas/coursecreators',
255 new lang_string('coursecreators'), ''));
256
257 // Course creators attribute field mapping.
258 $settings->add(new admin_setting_configtext('auth_cas/attrcreators',
259 get_string('auth_ldap_attrcreators_key', 'auth_ldap'),
260 get_string('auth_ldap_attrcreators', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
261
262 // Course creator group field mapping.
263 $settings->add(new admin_setting_configtext('auth_cas/groupecreators',
264 get_string('auth_ldap_groupecreators_key', 'auth_ldap'),
265 get_string('auth_ldap_groupecreators', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
266
267 // User Account Sync.
268 $settings->add(new admin_setting_heading('auth_cas/syncusers',
269 new lang_string('auth_sync_script', 'auth'), ''));
270
271 // Remove external user.
272 $deleteopt = array();
273 $deleteopt[AUTH_REMOVEUSER_KEEP] = get_string('auth_remove_keep', 'auth');
274 $deleteopt[AUTH_REMOVEUSER_SUSPEND] = get_string('auth_remove_suspend', 'auth');
275 $deleteopt[AUTH_REMOVEUSER_FULLDELETE] = get_string('auth_remove_delete', 'auth');
276
277 $settings->add(new admin_setting_configselect('auth_cas/removeuser',
278 new lang_string('auth_remove_user_key', 'auth'),
279 new lang_string('auth_remove_user', 'auth'), AUTH_REMOVEUSER_KEEP, $deleteopt));
280 }
281
282 // Display locking / mapping of profile fields.
283 $authplugin = get_auth_plugin('cas');
284 $help = get_string('auth_ldapextrafields', 'auth_ldap');
285 $help .= get_string('auth_updatelocal_expl', 'auth');
286 $help .= get_string('auth_fieldlock_expl', 'auth');
287 $help .= get_string('auth_updateremote_expl', 'auth');
288 $help .= '<hr />';
289 $help .= get_string('auth_updateremote_ldap', 'auth');
290 display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields, $help, true, true,
291 $authplugin->get_custom_user_profile_fields());
292
293 }
Read-only mirror of the Moodle CVS