2 // This file is part of Moodle - http://moodle.org/
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
18 * Admin settings and defaults.
21 * @copyright 2017 Stephen Bourget
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
25 defined('MOODLE_INTERNAL') ||
die;
27 if ($ADMIN->fulltree
) {
29 if (!function_exists('ldap_connect')) {
30 $settings->add(new admin_setting_heading('auth_casnotinstalled', '', get_string('auth_casnotinstalled', 'auth_cas')));
32 // We use a couple of custom admin settings since we need to massage the data before it is inserted into the DB.
33 require_once($CFG->dirroot
.'/auth/ldap/classes/admin_setting_special_lowercase_configtext.php');
34 require_once($CFG->dirroot
.'/auth/ldap/classes/admin_setting_special_contexts_configtext.php');
36 // Include needed files.
37 require_once($CFG->dirroot
.'/auth/cas/auth.php');
38 require_once($CFG->dirroot
.'/auth/cas/languages.php');
40 // Introductory explanation.
41 $settings->add(new admin_setting_heading('auth_cas/pluginname', '',
42 new lang_string('auth_casdescription', 'auth_cas')));
44 // CAS server configuration label.
45 $settings->add(new admin_setting_heading('auth_cas/casserversettings',
46 new lang_string('auth_cas_server_settings', 'auth_cas'), ''));
49 $settings->add(new admin_setting_configtext('auth_cas/hostname',
50 get_string('auth_cas_hostname_key', 'auth_cas'),
51 get_string('auth_cas_hostname', 'auth_cas'), '', PARAM_RAW_TRIMMED
));
54 $settings->add(new admin_setting_configtext('auth_cas/baseuri',
55 get_string('auth_cas_baseuri_key', 'auth_cas'),
56 get_string('auth_cas_baseuri', 'auth_cas'), '', PARAM_RAW_TRIMMED
));
59 $settings->add(new admin_setting_configtext('auth_cas/port',
60 get_string('auth_cas_port_key', 'auth_cas'),
61 get_string('auth_cas_port', 'auth_cas'), '', PARAM_INT
));
64 $casversions = array();
65 $casversions[CAS_VERSION_1_0
] = 'CAS 1.0';
66 $casversions[CAS_VERSION_2_0
] = 'CAS 2.0';
67 $settings->add(new admin_setting_configselect('auth_cas/casversion',
68 new lang_string('auth_cas_casversion', 'auth_cas'),
69 new lang_string('auth_cas_version', 'auth_cas'), CAS_VERSION_2_0
, $casversions));
72 if (!isset($CASLANGUAGES) ||
empty($CASLANGUAGES)) {
73 // Prevent warnings on other admin pages.
74 // $CASLANGUAGES is defined in /auth/cas/languages.php.
75 $CASLANGUAGES = array();
76 $CASLANGUAGES[PHPCAS_LANG_ENGLISH
] = 'English';
77 $CASLANGUAGES[PHPCAS_LANG_FRENCH
] = 'French';
79 $settings->add(new admin_setting_configselect('auth_cas/language',
80 new lang_string('auth_cas_language_key', 'auth_cas'),
81 new lang_string('auth_cas_language', 'auth_cas'), PHPCAS_LANG_ENGLISH
, $CASLANGUAGES));
85 new lang_string('no'),
86 new lang_string('yes'),
88 $settings->add(new admin_setting_configselect('auth_cas/proxycas',
89 new lang_string('auth_cas_proxycas_key', 'auth_cas'),
90 new lang_string('auth_cas_proxycas', 'auth_cas'), 0 , $yesno));
93 $settings->add(new admin_setting_configselect('auth_cas/logoutcas',
94 new lang_string('auth_cas_logoutcas_key', 'auth_cas'),
95 new lang_string('auth_cas_logoutcas', 'auth_cas'), 0 , $yesno));
98 $settings->add(new admin_setting_configselect('auth_cas/multiauth',
99 new lang_string('auth_cas_multiauth_key', 'auth_cas'),
100 new lang_string('auth_cas_multiauth', 'auth_cas'), 0 , $yesno));
102 // Server validation.
103 $settings->add(new admin_setting_configselect('auth_cas/certificate_check',
104 new lang_string('auth_cas_certificate_check_key', 'auth_cas'),
105 new lang_string('auth_cas_certificate_check', 'auth_cas'), 0 , $yesno));
108 $settings->add(new admin_setting_configfile('auth_cas/certificate_path',
109 get_string('auth_cas_certificate_path_key', 'auth_cas'),
110 get_string('auth_cas_certificate_path', 'auth_cas'), ''));
113 $sslversions = array();
114 $sslversions[''] = get_string('auth_cas_curl_ssl_version_default', 'auth_cas');
115 if (defined('CURL_SSLVERSION_TLSv1')) {
116 $sslversions[CURL_SSLVERSION_TLSv1
] = get_string('auth_cas_curl_ssl_version_TLSv1x', 'auth_cas');
118 if (defined('CURL_SSLVERSION_TLSv1_0')) {
119 $sslversions[CURL_SSLVERSION_TLSv1_0
] = get_string('auth_cas_curl_ssl_version_TLSv10', 'auth_cas');
121 if (defined('CURL_SSLVERSION_TLSv1_1')) {
122 $sslversions[CURL_SSLVERSION_TLSv1_1
] = get_string('auth_cas_curl_ssl_version_TLSv11', 'auth_cas');
124 if (defined('CURL_SSLVERSION_TLSv1_2')) {
125 $sslversions[CURL_SSLVERSION_TLSv1_2
] = get_string('auth_cas_curl_ssl_version_TLSv12', 'auth_cas');
127 if (defined('CURL_SSLVERSION_SSLv2')) {
128 $sslversions[CURL_SSLVERSION_SSLv2
] = get_string('auth_cas_curl_ssl_version_SSLv2', 'auth_cas');
130 if (defined('CURL_SSLVERSION_SSLv3')) {
131 $sslversions[CURL_SSLVERSION_SSLv3
] = get_string('auth_cas_curl_ssl_version_SSLv3', 'auth_cas');
133 $settings->add(new admin_setting_configselect('auth_cas/curl_ssl_version',
134 new lang_string('auth_cas_curl_ssl_version_key', 'auth_cas'),
135 new lang_string('auth_cas_curl_ssl_version', 'auth_cas'), '' , $sslversions));
138 $settings->add(new admin_setting_configtext('auth_cas/logout_return_url',
139 get_string('auth_cas_logout_return_url_key', 'auth_cas'),
140 get_string('auth_cas_logout_return_url', 'auth_cas'), '', PARAM_URL
));
142 // LDAP server settings.
143 $settings->add(new admin_setting_heading('auth_cas/ldapserversettings',
144 new lang_string('auth_ldap_server_settings', 'auth_ldap'), ''));
147 $settings->add(new admin_setting_configtext('auth_cas/host_url',
148 get_string('auth_ldap_host_url_key', 'auth_ldap'),
149 get_string('auth_ldap_host_url', 'auth_ldap'), '', PARAM_RAW_TRIMMED
));
155 $settings->add(new admin_setting_configselect('auth_cas/ldap_version',
156 new lang_string('auth_ldap_version_key', 'auth_ldap'),
157 new lang_string('auth_ldap_version', 'auth_ldap'), 3, $versions));
160 $settings->add(new admin_setting_configselect('auth_cas/start_tls',
161 new lang_string('start_tls_key', 'auth_ldap'),
162 new lang_string('start_tls', 'auth_ldap'), 0 , $yesno));
166 $settings->add(new admin_setting_configtext('auth_cas/ldapencoding',
167 get_string('auth_ldap_ldap_encoding_key', 'auth_ldap'),
168 get_string('auth_ldap_ldap_encoding', 'auth_ldap'), 'utf-8', PARAM_RAW_TRIMMED
));
170 // Page Size. (Hide if not available).
171 $settings->add(new admin_setting_configtext('auth_cas/pagesize',
172 get_string('pagesize_key', 'auth_ldap'),
173 get_string('pagesize', 'auth_ldap'), '250', PARAM_INT
));
176 $settings->add(new admin_setting_heading('auth_cas/ldapbindsettings',
177 new lang_string('auth_ldap_bind_settings', 'auth_ldap'), ''));
180 $settings->add(new admin_setting_configtext('auth_cas/bind_dn',
181 get_string('auth_ldap_bind_dn_key', 'auth_ldap'),
182 get_string('auth_ldap_bind_dn', 'auth_ldap'), '', PARAM_RAW_TRIMMED
));
185 $settings->add(new admin_setting_configpasswordunmask('auth_cas/bind_pw',
186 get_string('auth_ldap_bind_pw_key', 'auth_ldap'),
187 get_string('auth_ldap_bind_pw', 'auth_ldap'), ''));
189 // User Lookup settings.
190 $settings->add(new admin_setting_heading('auth_cas/ldapuserlookup',
191 new lang_string('auth_ldap_user_settings', 'auth_ldap'), ''));
194 $settings->add(new admin_setting_configselect('auth_cas/user_type',
195 new lang_string('auth_ldap_user_type_key', 'auth_ldap'),
196 new lang_string('auth_ldap_user_type', 'auth_ldap'), 'default', ldap_supported_usertypes()));
199 $settings->add(new auth_ldap_admin_setting_special_contexts_configtext('auth_cas/contexts',
200 get_string('auth_ldap_contexts_key', 'auth_ldap'),
201 get_string('auth_ldap_contexts', 'auth_ldap'), '', PARAM_RAW_TRIMMED
));
203 // Search subcontexts.
204 $settings->add(new admin_setting_configselect('auth_cas/search_sub',
205 new lang_string('auth_ldap_search_sub_key', 'auth_ldap'),
206 new lang_string('auth_ldap_search_sub', 'auth_ldap'), 0 , $yesno));
208 // Dereference aliases.
210 $optderef[LDAP_DEREF_NEVER
] = get_string('no');
211 $optderef[LDAP_DEREF_ALWAYS
] = get_string('yes');
213 $settings->add(new admin_setting_configselect('auth_cas/opt_deref',
214 new lang_string('auth_ldap_opt_deref_key', 'auth_ldap'),
215 new lang_string('auth_ldap_opt_deref', 'auth_ldap'), LDAP_DEREF_NEVER
, $optderef));
218 $settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_cas/user_attribute',
219 get_string('auth_ldap_user_attribute_key', 'auth_ldap'),
220 get_string('auth_ldap_user_attribute', 'auth_ldap'), '', PARAM_RAW
));
223 $settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_cas/memberattribute',
224 get_string('auth_ldap_memberattribute_key', 'auth_ldap'),
225 get_string('auth_ldap_memberattribute', 'auth_ldap'), '', PARAM_RAW
));
227 // Member attribute uses dn.
228 $settings->add(new admin_setting_configtext('auth_cas/memberattribute_isdn',
229 get_string('auth_ldap_memberattribute_isdn_key', 'auth_ldap'),
230 get_string('auth_ldap_memberattribute_isdn', 'auth_ldap'), '', PARAM_RAW
));
233 $settings->add(new admin_setting_configtext('auth_cas/objectclass',
234 get_string('auth_ldap_objectclass_key', 'auth_ldap'),
235 get_string('auth_ldap_objectclass', 'auth_ldap'), '', PARAM_RAW_TRIMMED
));
237 // Course Creators Header.
238 $settings->add(new admin_setting_heading('auth_cas/coursecreators',
239 new lang_string('coursecreators'), ''));
241 // Course creators attribute field mapping.
242 $settings->add(new admin_setting_configtext('auth_cas/attrcreators',
243 get_string('auth_ldap_attrcreators_key', 'auth_ldap'),
244 get_string('auth_ldap_attrcreators', 'auth_ldap'), '', PARAM_RAW_TRIMMED
));
246 // Course creator group field mapping.
247 $settings->add(new admin_setting_configtext('auth_cas/groupecreators',
248 get_string('auth_ldap_groupecreators_key', 'auth_ldap'),
249 get_string('auth_ldap_groupecreators', 'auth_ldap'), '', PARAM_RAW_TRIMMED
));
251 // User Account Sync.
252 $settings->add(new admin_setting_heading('auth_cas/syncusers',
253 new lang_string('auth_sync_script', 'auth'), ''));
255 // Remove external user.
256 $deleteopt = array();
257 $deleteopt[AUTH_REMOVEUSER_KEEP
] = get_string('auth_remove_keep', 'auth');
258 $deleteopt[AUTH_REMOVEUSER_SUSPEND
] = get_string('auth_remove_suspend', 'auth');
259 $deleteopt[AUTH_REMOVEUSER_FULLDELETE
] = get_string('auth_remove_delete', 'auth');
261 $settings->add(new admin_setting_configselect('auth_cas/removeuser',
262 new lang_string('auth_remove_user_key', 'auth'),
263 new lang_string('auth_remove_user', 'auth'), AUTH_REMOVEUSER_KEEP
, $deleteopt));
266 // Display locking / mapping of profile fields.
267 $authplugin = get_auth_plugin('cas');
268 $help = get_string('auth_ldapextrafields', 'auth_ldap');
269 $help .= get_string('auth_updatelocal_expl', 'auth');
270 $help .= get_string('auth_fieldlock_expl', 'auth');
271 $help .= get_string('auth_updateremote_expl', 'auth');
273 $help .= get_string('auth_updateremote_ldap', 'auth');
274 display_auth_lock_options($settings, $authplugin->authtype
, $authplugin->userfields
, $help, true, true,
275 $authplugin->get_custom_user_profile_fields());