MDL-72791 customfield: correct access checks for course search data.
[moodle.git] / admin / auth_config.php
blob503dd91cc1fb7265487a1f62e8ccfa443ad97759
1 <?php
2 /**
3 * Edit configuration for an individual auth plugin
4 */
6 require_once '../config.php';
7 require_once $CFG->libdir.'/adminlib.php';
9 $auth = required_param('auth', PARAM_PLUGIN);
10 $PAGE->set_pagetype('admin-auth-' . $auth);
12 admin_externalpage_setup('authsetting'.$auth);
14 $authplugin = get_auth_plugin($auth);
15 $err = array();
17 $returnurl = "$CFG->wwwroot/$CFG->admin/settings.php?section=manageauths";
19 debugging("Use of config.html files in authentication plugins have been deprecated. " .
20 " Please migrate your plugin to use the admin settings API", DEBUG_DEVELOPER);
22 // save configuration changes
23 if ($frm = data_submitted() and confirm_sesskey()) {
25 $authplugin->validate_form($frm, $err);
27 if (count($err) == 0) {
29 // save plugin config
30 if ($authplugin->process_config($frm)) {
32 // save field lock configuration
33 foreach ($frm as $name => $value) {
34 if (preg_match('/^lockconfig_(.+?)$/', $name, $matches)) {
35 $plugin = "auth/$auth";
36 $name = $matches[1];
37 set_config($name, $value, $plugin);
40 redirect($returnurl);
41 exit;
43 } else {
44 foreach ($err as $key => $value) {
45 $focus = "form.$key";
48 } else {
49 $frmlegacystyle = get_config('auth/'.$auth);
50 $frmnewstyle = get_config('auth_'.$auth);
51 $frm = (object)array_merge((array)$frmlegacystyle, (array)$frmnewstyle);
54 $user_fields = $authplugin->userfields;
55 //$user_fields = array("firstname", "lastname", "email", "phone1", "phone2", "institution", "department", "address", "city", "country", "description", "idnumber", "lang");
57 /// Get the auth title (from core or own auth lang files)
58 $authtitle = $authplugin->get_title();
59 /// Get the auth descriptions (from core or own auth lang files)
60 $authdescription = $authplugin->get_description();
62 // output configuration form
63 echo $OUTPUT->header();
65 // choose an authentication method
66 echo "<form id=\"authmenu\" method=\"post\" action=\"auth_config.php\">\n";
67 echo "<div>\n";
68 echo "<input type=\"hidden\" name=\"sesskey\" value=\"".sesskey()."\" />\n";
69 echo "<input type=\"hidden\" name=\"auth\" value=\"".$auth."\" />\n";
71 // auth plugin description
72 echo $OUTPUT->box_start();
73 echo $OUTPUT->heading($authtitle);
74 echo $OUTPUT->box_start('informationbox');
75 echo $authdescription;
76 echo $OUTPUT->box_end();
77 echo "<hr />\n";
78 $authplugin->config_form($frm, $err, $user_fields);
79 echo $OUTPUT->box_end();
80 echo '<p style="text-align: center"><input type="submit" value="' . get_string("savechanges") . "\" /></p>\n";
81 echo "</div>\n";
82 echo "</form>\n";
84 $PAGE->requires->string_for_js('unmaskpassword', 'core_form');
85 $PAGE->requires->yui_module('moodle-auth-passwordunmask', 'M.auth.passwordunmask');
87 echo $OUTPUT->footer();
88 exit;
90 /// Functions /////////////////////////////////////////////////////////////////
93 /**
94 * auth field locking
95 * Good enough for most auth plugins
96 * but some may want a custom one if they are offering
97 * other options
98 * Note: lockconfig_ fields have special handling.
100 * @param string $auth authentication plugin shortname
101 * @param array $user_fields user profile fields
102 * @param string $helptext help text to be displayed at top of form
103 * @param boolean $retrieveopts Map fields or lock only.
104 * @param boolean $updateopts Allow remote updates
105 * @param array $customfields list of custom profile fields
106 * @deprecated since Moodle 3.3
108 function print_auth_lock_options($auth, $user_fields, $helptext, $retrieveopts, $updateopts, $customfields = array()) {
109 global $DB, $OUTPUT;
110 debugging("The function 'print_auth_lock_options' has been deprecated, " .
111 "Please migrate your code to use the admin settings API and use the function 'display_auth_lock_options' instead. ",
112 DEBUG_DEVELOPER);
114 echo '<tr><td colspan="3">';
115 if ($retrieveopts) {
116 echo $OUTPUT->heading(get_string('auth_data_mapping', 'auth'));
117 } else {
118 echo $OUTPUT->heading(get_string('auth_fieldlocks', 'auth'));
120 echo '</td></tr>';
122 $lockoptions = array ('unlocked' => get_string('unlocked', 'auth'),
123 'unlockedifempty' => get_string('unlockedifempty', 'auth'),
124 'locked' => get_string('locked', 'auth'));
125 $updatelocaloptions = array('oncreate' => get_string('update_oncreate', 'auth'),
126 'onlogin' => get_string('update_onlogin', 'auth'));
127 $updateextoptions = array('0' => get_string('update_never', 'auth'),
128 '1' => get_string('update_onupdate', 'auth'));
130 $pluginconfig = get_config("auth/$auth");
132 // Helptext is on a field with rowspan.
133 if (empty($helptext)) {
134 $helptext = '&nbsp;';
137 // If we have custom fields then merge them with user fields.
138 if (!empty($customfields)) {
139 $user_fields = array_merge($user_fields, $customfields);
142 if (!empty($customfields)) {
143 $customfieldname = $DB->get_records('user_info_field', null, '', 'shortname, name');
145 foreach ($user_fields as $field) {
146 // Define some vars we'll work with.
147 if (!isset($pluginconfig->{"field_map_$field"})) {
148 $pluginconfig->{"field_map_$field"} = '';
150 if (!isset($pluginconfig->{"field_updatelocal_$field"})) {
151 $pluginconfig->{"field_updatelocal_$field"} = '';
153 if (!isset($pluginconfig->{"field_updateremote_$field"})) {
154 $pluginconfig->{"field_updateremote_$field"} = '';
156 if (!isset($pluginconfig->{"field_lock_$field"})) {
157 $pluginconfig->{"field_lock_$field"} = '';
160 // Define the fieldname we display to the user.
161 $fieldname = $field;
162 if ($fieldname === 'lang') {
163 $fieldname = get_string('language');
164 } elseif (!empty($customfields) && in_array($field, $customfields)) {
165 // If custom field then pick name from database.
166 $fieldshortname = str_replace('profile_field_', '', $fieldname);
167 $fieldname = $customfieldname[$fieldshortname]->name;
168 if (core_text::strlen($fieldshortname) > 67) {
169 // If custom profile field name is longer than 67 characters we will not be able to store the setting
170 // such as 'field_updateremote_profile_field_NOTSOSHORTSHORTNAME' in the database because the character
171 // limit for the setting name is 100.
172 continue;
174 } else {
175 $fieldname = get_string($fieldname);
177 if ($retrieveopts) {
178 $varname = 'field_map_' . $field;
180 echo '<tr valign="top"><td align="right">';
181 echo '<label for="lockconfig_'.$varname.'">'.$fieldname.'</label>';
182 echo '</td><td>';
184 echo "<input id=\"lockconfig_{$varname}\" name=\"lockconfig_{$varname}\" type=\"text\" size=\"30\" value=\"{$pluginconfig->$varname}\" />";
185 echo '<div style="text-align: right">';
186 echo '<label for="menulockconfig_field_updatelocal_'.$field.'">'.get_string('auth_updatelocal', 'auth') . '</label>&nbsp;';
187 echo html_writer::select($updatelocaloptions, "lockconfig_field_updatelocal_{$field}", $pluginconfig->{"field_updatelocal_$field"}, false);
188 echo '<br />';
189 if ($updateopts) {
190 echo '<label for="menulockconfig_field_updateremote_'.$field.'">'.get_string('auth_updateremote', 'auth') . '</label>&nbsp;';
191 echo html_writer::select($updateextoptions, "lockconfig_field_updateremote_{$field}", $pluginconfig->{"field_updateremote_$field"}, false);
192 echo '<br />';
194 echo '<label for="menulockconfig_field_lock_'.$field.'">'.get_string('auth_fieldlock', 'auth') . '</label>&nbsp;';
195 echo html_writer::select($lockoptions, "lockconfig_field_lock_{$field}", $pluginconfig->{"field_lock_$field"}, false);
196 echo '</div>';
197 } else {
198 echo '<tr valign="top"><td align="right">';
199 echo '<label for="menulockconfig_field_lock_'.$field.'">'.$fieldname.'</label>';
200 echo '</td><td>';
201 echo html_writer::select($lockoptions, "lockconfig_field_lock_{$field}", $pluginconfig->{"field_lock_$field"}, false);
203 echo '</td>';
204 if (!empty($helptext)) {
205 echo '<td rowspan="' . count($user_fields) . '">' . $helptext . '</td>';
206 $helptext = '';
208 echo '</tr>';