moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-04 16:36:37 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDL-50925 auth_fc: Remove from core and into plugins DB

Browse source
This commit is contained in:
Andrew Nicols 2017-07-13 15:29:03 +08:00
parent 16a68a2f76
commit 032194970b
13 changed files with 2 additions and 718 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.eslintignore
View file

@ -6,7 +6,6 @@ vendor/
admin/tool/usertours/amd/src/tour.js admin/tool/usertours/amd/src/tour.js
admin/tool/usertours/amd/src/popper.js admin/tool/usertours/amd/src/popper.js
auth/cas/CAS/ auth/cas/CAS/
auth/fc/fcFPP.php
enrol/lti/ims-blti/ enrol/lti/ims-blti/
filter/algebra/AlgParser.pm filter/algebra/AlgParser.pm
filter/tex/mimetex.* filter/tex/mimetex.*

1
.stylelintignore
View file

@ -7,7 +7,6 @@ vendor/
admin/tool/usertours/amd/src/tour.js admin/tool/usertours/amd/src/tour.js
admin/tool/usertours/amd/src/popper.js admin/tool/usertours/amd/src/popper.js
auth/cas/CAS/ auth/cas/CAS/
auth/fc/fcFPP.php
enrol/lti/ims-blti/ enrol/lti/ims-blti/
filter/algebra/AlgParser.pm filter/algebra/AlgParser.pm
filter/tex/mimetex.* filter/tex/mimetex.*

71
auth/fc/Readme.txt
View file

@ -1,71 +0,0 @@
Moodle - FirstClass authentication module
-----------------------------------------
This module uses the FirstClass Flexible Provisining Protocol (FPP) to communicate between the FirstClass server
and the Moodle host.
Installation
------------
1. Enable FPP on the FirstClass server
FPP is not doumented in the FirstClass documentation and is not enable by default.
To enable the protocol you need to edit the file \FCPO\Server\Netinfo. Open the file and insert the
following lines.
// TCP port for Flexible Provisioning Protocol (FPP).
TCPFPPPORT = 3333
2. Create an account on the FirstClass server with privilege "Subadministrator".
Using the FPP protocoll this module logs in to the FirstClass server and issuess batch admin commands.
Batch admin command can only be issued in the context of a user with subadministrative privileges.
Default account name is "fcMoodle".
3. Check that the FPP protocoll is working by running a Telnet session. If everyting is working you
should get a "+0" answer from the server.
> telnet yourhost.domain.com 3333
+0
Check that the "fcMoodle" is working by entering the following sequens of commands:
> telnet yourhost.domain.com 3333
+0
fcMoodle
+0
the_password_you_gave_fcmoodle
+0
Get user some_user_id 1201
1201 0 some_user_id
+0
4. On the Moodle host go to the directory where you have installed Moodle.
Open the folder "auth", where all other authentication modules are installed,
and create a new directory with the name "fc".
Copy the files "config.html", "fcFPP.php" and "lib.php" to the "auth" directory.
Now you need to add som strings to the language file. This distribution contains
string for the English (en) and Swedish (sv) translation.
Open the file "auth.php" in the folder "lang/sv" and paste the text from the file
"auth.php - sv.txt" at the end of the file above the line "?>"
Open the file "auth.php" in the folder "lang/en" and paste the text from the file
"auth.php - en.txt" at the end of the file above the line "?>"

216
auth/fc/auth.php
View file

@ -1,216 +0,0 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Authentication Plugin: FirstClass Authentication
* Authentication using a FirstClass server.
* @package auth_fc
* @author Martin Dougiamas
* @license http://www.gnu.org/copyleft/gpl.html GNU Public License
*/
defined('MOODLE_INTERNAL') || die();
require_once($CFG->libdir.'/authlib.php');
require_once 'fcFPP.php';
/**
* FirstClass authentication plugin.
*/
class auth_plugin_fc extends auth_plugin_base {
/**
* Constructor.
*/
public function __construct() {
$this->authtype = 'fc';
$this->config = get_config('auth_fc');
}
/**
* Old syntax of class constructor. Deprecated in PHP7.
*
* @deprecated since Moodle 3.1
*/
public function auth_plugin_fc() {
debugging('Use of class name as constructor is deprecated', DEBUG_DEVELOPER);
self::__construct();
}
/**
* Returns true if the username and password work and false if they are
* wrong or don't exist.
*
* @param string $username The username
* @param string $password The password
* @return bool Authentication success or failure.
*/
function user_login ($username, $password) {
global $CFG;
$retval = false;
// Don't allow blank usernames or passwords
if (!$username or !$password) {
return $retval;
}
$fpp = new fcFPP($this->config->host, $this->config->fppport);
if ($fpp->open()) {
if ($fpp->login($username, $password)) {
$retval = true;
}
}
$fpp->close();
return $retval;
}
/**
* Get user information from FirstCLass server and return it in an array.
* Localize this routine to fit your needs.
*/
function get_userinfo($username) {
/*
Moodle FirstCLass fieldID in UserInfo form
------ -----------------------------------
firstname 1202
lastname 1204
email 1252
icq -
phone1 1206
phone2 1207 (Fax)
institution -
department -
address 1205
city -
country -
lang -
timezone 8030 (Not used yet. Need to figure out how FC codes timezones)
description Get data from users resume. Pictures will be removed.
*/
$userinfo = array();
$fpp = new fcFPP($this->config->host, $this->config->fppport);
if ($fpp->open()) {
if ($fpp->login($this->config->userid, $this->config->passwd)) {
$userinfo['firstname'] = $fpp->getUserInfo($username,"1202");
$userinfo['lastname'] = $fpp->getUserInfo($username,"1204");
$userinfo['email'] = strtok($fpp->getUserInfo($username,"1252"),',');
$userinfo['phone1'] = $fpp->getUserInfo($username,"1206");
$userinfo['phone2'] = $fpp->getUserInfo($username,"1207");
$userinfo['description'] = $fpp->getResume($username);
}
}
$fpp->close();
foreach($userinfo as $key => $value) {
if (!$value) {
unset($userinfo[$key]);
}
}
return $userinfo;
}
/**
* Get users group membership from the FirstClass server user and check if
* user is member of one of the groups of creators.
*/
function iscreator($username) {
if (! $this->config->creators) {
return null;
}
$fcgroups = array();
$fpp = new fcFPP($this->config->host, $this->config->fppport);
if ($fpp->open()) {
if ($fpp->login($this->config->userid, $this->config->passwd)) {
$fcgroups = $fpp->getGroups($username);
}
}
$fpp->close();
if ((! $fcgroups)) {
return false;
}
$creators = explode(";", $this->config->creators);
foreach($creators as $creator) {
if (in_array($creator, $fcgroups)) {
return true;
}
}
return false;
}
function prevent_local_passwords() {
return true;
}
/**
* Returns true if this authentication plugin is 'internal'.
*
* @return bool
*/
function is_internal() {
return false;
}
/**
* Returns true if this authentication plugin can change the user's
* password.
*
* @return bool
*/
function can_change_password() {
return false;
}
/**
* Sync roles for this user
*
* @param $user object user object (without system magic quotes)
*/
function sync_roles($user) {
$iscreator = $this->iscreator($user->username);
if ($iscreator === null) {
return; //nothing to sync - creators not configured
}
if ($roles = get_archetype_roles('coursecreator')) {
$creatorrole = array_shift($roles); // We can only use one, let's use the first one
$systemcontext = context_system::instance();
if ($iscreator) { // Following calls will not create duplicates
role_assign($creatorrole->id, $user->id, $systemcontext->id, 'auth_fc');
} else {
//unassign only if previously assigned by this plugin!
role_unassign($creatorrole->id, $user->id, $systemcontext->id, 'auth_fc');
}
}
}
}

6
auth/fc/db/install.php
View file

@ -1,6 +0,0 @@
<?php
function xmldb_auth_fc_install() {
global $CFG, $DB;
}

49
auth/fc/db/upgrade.php
View file

@ -1,49 +0,0 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* First Class authentication plugin upgrade code
*
* @package auth_fc
* @copyright 2017 Stephen Bourget
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
/**
* Function to upgrade auth_fc.
* @param int $oldversion the version we are upgrading from
* @return bool result
*/
function xmldb_auth_fc_upgrade($oldversion) {
global $CFG, $DB;
// Automatically generated Moodle v3.2.0 release upgrade line.
// Put any upgrade step following this.
if ($oldversion < 2017020700) {
// Convert info in config plugins from auth/fc to auth_fc.
upgrade_fix_config_auth_plugin_names('fc');
upgrade_fix_config_auth_plugin_defaults('fc');
upgrade_plugin_savepoint(true, 2017020700, 'auth', 'fc');
}
// Automatically generated Moodle v3.3.0 release upgrade line.
// Put any upgrade step following this.
return true;
}

226
auth/fc/fcFPP.php
View file

@ -1,226 +0,0 @@
<?php
/************************************************************************/
/* fcFPP: Php class for FirstClass Flexible Provisining Protocol */
/* ============================================================= */
/* */
/* Copyright (c) 2004 SKERIA Utveckling, Teknous */
/* http://skeria.skelleftea.se */
/* */
/* Flexible Provisioning Protocol is a real-time, IP based protocol */
/* which provides direct access to the scriptable remote administration */
/* subsystem of the core FirstClass Server. Using FPP, it is possible to*/
/* implement automated provisioning and administration systems for */
/* FirstClass, avoiding the need for a point and click GUI. FPP can also*/
/* be used to integrate FirstClass components into a larger unified */
/* system. */
/* */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License or any */
/* later version. */
/************************************************************************/
/* Author: Torsten Anderson, torsten.anderson@skeria.skelleftea.se
*/
class fcFPP
{
var $_hostname; // hostname of FirstClass server we are connection to
var $_port; // port on which fpp is running
var $_conn = 0; // socket we are connecting on
var $_debug = FALSE; // set to true to see some debug info
// class constructor
public function __construct($host="localhost", $port="3333")
{
$this->_hostname = $host;
$this->_port = $port;
$this->_user = "";
$this->_pwd = "";
}
function fcFPP($host="localhost", $port="3333")
{
debugging('Use of class name as constructor is deprecated', DEBUG_DEVELOPER);
self::__construct($host, $port);
}
// open a connection to the FirstClass server
function open()
{
if ($this->_debug) echo "Connecting to host ";
$host = $this->_hostname;
$port = $this->_port;
if ($this->_debug) echo "[$host:$port]..";
// open the connection to the FirstClass server
$conn = fsockopen($host, $port, $errno, $errstr, 5);
if (!$conn)
{
print_error('auth_fcconnfail','auth_fc', '', array('no'=>$errno, 'str'=>$errstr));
return false;
}
// We are connected
if ($this->_debug) echo "connected!";
// Read connection message.
$line = fgets ($conn); //+0
$line = fgets ($conn); //new line
// store the connection in this class, so we can use it later
$this->_conn = & $conn;
return true;
}
// close any open connections
function close()
{
// get the current connection
$conn = &$this->_conn;
// close it if it's open
if ($conn)
{
fclose($conn);
// cleanup the variable
unset($this->_conn);
return true;
}
return;
}
// Authenticate to the FirstClass server
function login($userid, $passwd)
{
// we did have a connection right?!
if ($this->_conn)
{
# Send username
fputs($this->_conn,"$userid\r\n");
$line = fgets ($this->_conn); //new line
$line = fgets ($this->_conn); //+0
$line = fgets ($this->_conn); //new line
# Send password
fputs($this->_conn,"$passwd\r\n");
$line = fgets ($this->_conn); //new line
$line = fgets ($this->_conn); //+0
$line = fgets ($this->_conn); //+0 or message
if ($this->_debug) echo $line;
if (preg_match ("/^\+0/", $line)) { //+0, user with subadmin privileges
$this->_user = $userid;
$this->_pwd = $passwd;
return TRUE;
} elseif (strpos($line, 'You are not allowed')) { // Denied access but a valid user and password
// "Sorry. You are not allowed to login with the FPP interface"
return TRUE;
} else { //Invalid user or password
return FALSE;
}
}
return FALSE;
}
// Get the list of groups the user is a member of
function getGroups($userid) {
$groups = array();
// we must be logged in as a user with subadmin privileges
if ($this->_conn AND $this->_user) {
# Send BA-command to get groups
fputs($this->_conn,"GET USER '" . $userid . "' 4 -1\r");
$line = "";
while (!$line) {
$line = trim(fgets ($this->_conn));
}
$n = 0;
while ($line AND !preg_match("/^\+0/", $line) AND $line != "-1003") {
list( , , $groups[$n++]) = explode(" ",$line,3);
$line = trim(fgets ($this->_conn));
}
if ($this->_debug) echo "getGroups:" . implode(",",$groups);
}
return $groups;
}
// Check if the user is member of any of the groups.
// Return the list of groups the user is member of.
function isMemberOf($userid, $groups) {
$usergroups = array_map("strtolower",$this->getGroups($userid));
$groups = array_map("strtolower",$groups);
$result = array_intersect($groups,$usergroups);
if ($this->_debug) echo "isMemberOf:" . implode(",",$result);
return $result;
}
function getUserInfo($userid, $field) {
$userinfo = "";
if ($this->_conn AND $this->_user) {
# Send BA-command to get data
fputs($this->_conn,"GET USER '" . $userid . "' " . $field . "\r");
$line = "";
while (!$line) {
$line = trim(fgets ($this->_conn));
}
$n = 0;
while ($line AND !preg_match("/^\+0/", $line)) {
list( , , $userinfo) = explode(" ",$line,3);
$line = trim(fgets ($this->_conn));
}
if ($this->_debug) echo "getUserInfo:" . $userinfo;
}
return str_replace('\r',' ',trim($userinfo,'"'));
}
function getResume($userid) {
$resume = "";
$pattern = "/\[.+:.+\..+\]/"; // Remove references to pictures in resumes
if ($this->_conn AND $this->_user) {
# Send BA-command to get data
fputs($this->_conn,"GET RESUME '" . $userid . "' 6\r");
$line = "";
while (!$line) {
$line = trim(fgets ($this->_conn));
}
$n = 0;
while ($line AND !preg_match("/^\+0/", $line)) {
$resume .= preg_replace($pattern,"",str_replace('\r',"\n",trim($line,'6 ')));
$line = trim(fgets ($this->_conn));
//print $line;
}
if ($this->_debug) echo "getResume:" . $resume;
}
return $resume;
}
}
?>

38
auth/fc/lang/en/auth_fc.php
View file

@ -1,38 +0,0 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Strings for component 'auth_fc', language 'en'.
*
* @package auth_fc
* @copyright 1999 onwards Martin Dougiamas {@link http://moodle.com}
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
$string['auth_fcconnfail'] = 'Connection failed with Errno: {$a->no} and Error String: {$a->str}';
$string['auth_fccreators'] = 'List of groups whose members are allowed to create new courses. Separate multiple groups with \';\'. Names must be spelled exactly as on FirstClass server. System is case-sensitive.';
$string['auth_fccreators_key'] = 'Creators';
$string['auth_fcdescription'] = 'This method uses a FirstClass server to check whether a given username and password is valid.';
$string['auth_fcfppport'] = 'Server port (3333 is the most common)';
$string['auth_fcfppport_key'] = 'Port';
$string['auth_fcchangepasswordurl'] = 'Password-change URL';
$string['auth_fcpasswd'] = 'Password for the account above.';
$string['auth_fcpasswd_key'] = 'Password';
$string['auth_fcuserid'] = 'Userid for FirstClass account with privilege \'Subadministrator\' set.';
$string['auth_fcuserid_key'] = 'User ID';
$string['auth_fchost'] = 'The FirstClass server address. Use the IP number or DNS name.';
$string['auth_fchost_key'] = 'Host';
$string['pluginname'] = 'FirstClass server';

61
auth/fc/settings.php
View file

@ -1,61 +0,0 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Admin settings and defaults.
*
* @package auth_fc
* @copyright 2017 Stephen Bourget
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die;
if ($ADMIN->fulltree) {
// Introductory explanation.
$settings->add(new admin_setting_heading('auth_fc/pluginname', '', new lang_string('auth_fcdescription', 'auth_fc')));
// Host.
$settings->add(new admin_setting_configtext('auth_fc/host', get_string('auth_fchost_key', 'auth_fc'),
get_string('auth_fchost', 'auth_fc'), '127.0.0.1', PARAM_HOST));
// Port.
$settings->add(new admin_setting_configtext('auth_fc/fppport', get_string('auth_fcfppport_key', 'auth_fc'),
get_string('auth_fcfppport', 'auth_fc'), '3333', PARAM_INT));
// User ID.
$settings->add(new admin_setting_configtext('auth_fc/userid', get_string('auth_fcuserid_key', 'auth_fc'),
get_string('auth_fcuserid', 'auth_fc'), 'fcMoodle', PARAM_RAW));
// Password.
$settings->add(new admin_setting_configpasswordunmask('auth_fc/passwd', get_string('auth_fcpasswd_key', 'auth_fc'),
get_string('auth_fcpasswd', 'auth_fc'), ''));
// Creators.
$settings->add(new admin_setting_configtext('auth_fc/creators', get_string('auth_fccreators_key', 'auth_fc'),
get_string('auth_fccreators', 'auth_fc'), '', PARAM_RAW));
// Password change URL.
$settings->add(new admin_setting_configtext('auth_fc/changepasswordurl',
get_string('auth_fcchangepasswordurl', 'auth_fc'),
get_string('changepasswordhelp', 'auth'), '', PARAM_URL));
// Display locking / mapping of profile fields.
$authplugin = get_auth_plugin('fc');
display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields,
get_string('auth_fieldlocks_help', 'auth'), false, false);
}

10
auth/fc/thirdpartylibs.xml
View file

@ -1,10 +0,0 @@
<?xml version="1.0"?>
<libraries>
<library>
<location>fcFPP.php</location>
<name>fcFPP</name>
<license>GPL</license>
<version></version>
<licenseversion>2.0+</licenseversion>
</library>
</libraries>

8
auth/fc/upgrade.txt
View file

@ -1,8 +0,0 @@
This files describes API changes in /auth/fc/*,
information provided here is intended especially for developers.
=== 3.3 ===
* The config.html file was migrated to use the admin settings API.
The identifier for configuration data stored in config_plugins table was converted from 'auth/fc' to 'auth_fc'.

29
auth/fc/version.php
View file

@ -1,29 +0,0 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Version details
*
* @package auth_fc
* @copyright 1999 onwards Martin Dougiamas (http://dougiamas.com)
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
$plugin->version = 2017051500; // The current plugin version (Date: YYYYMMDDXX)
$plugin->requires = 2017050500; // Requires this Moodle version
$plugin->component = 'auth_fc'; // Full name of the plugin (used for diagnostics)

4
lib/classes/plugin_manager.php
View file

@ -1646,7 +1646,7 @@ class core_plugin_manager {
// Moodle 2.3 supports upgrades from 2.2.x only. // Moodle 2.3 supports upgrades from 2.2.x only.
$plugins = array( $plugins = array(
'qformat' => array('blackboard', 'learnwise'), 'qformat' => array('blackboard', 'learnwise'),
'auth' => array('radius'), 'auth' => array('radius', 'fc'),
'block' => array('course_overview'), 'block' => array('course_overview'),
'enrol' => array('authorize'), 'enrol' => array('authorize'),
'report' => array('search'), 'report' => array('search'),
@ -1701,7 +1701,7 @@ class core_plugin_manager {
), ),
'auth' => array( 'auth' => array(
'cas', 'db', 'email', 'fc', 'imap', 'ldap', 'lti', 'manual', 'mnet', 'cas', 'db', 'email', 'imap', 'ldap', 'lti', 'manual', 'mnet',
'nntp', 'nologin', 'none', 'oauth2', 'pam', 'pop3', 'shibboleth', 'webservice' 'nntp', 'nologin', 'none', 'oauth2', 'pam', 'pop3', 'shibboleth', 'webservice'
), ),