Search moodle.org's
Developer Documentation
Developer Documentation
- Bug fixes for general core bugs in 3.10.x will end 8 November 2021 (12 months).
- Bug fixes for security issues in 3.10.x will end 9 May 2022 (18 months).
- PHP version: minimum PHP 7.2.0 Note: minimum PHP version has increased since Moodle 3.8. PHP 7.3.x and 7.4.x are supported too.
/admin/mnet/ -> access_control.php (source)
Differences Between: [Versions 310 and 311] [Versions 310 and 400] [Versions 310 and 401] [Versions 310 and 402] [Versions 310 and 403] [Versions 39 and 310]
1 <?php 2 3 // Allows the admin to control user logins from remote moodles. 4 5 require_once(__DIR__ . '/../../config.php'); 6 require_once($CFG->libdir.'/adminlib.php'); 7 include_once($CFG->dirroot.'/mnet/lib.php'); 8 9 $sort = optional_param('sort', 'username', PARAM_ALPHA); 10 $dir = optional_param('dir', 'ASC', PARAM_ALPHA); 11 $page = optional_param('page', 0, PARAM_INT); 12 $perpage = optional_param('perpage', 30, PARAM_INT); 13 $action = trim(strtolower(optional_param('action', '', PARAM_ALPHA))); 14 15 admin_externalpage_setup('ssoaccesscontrol'); 16 17 if (!extension_loaded('openssl')) { 18 print_error('requiresopenssl', 'mnet'); 19 } 20 21 $sitecontext = context_system::instance(); 22 $sesskey = sesskey(); 23 $formerror = array(); 24 25 // grab the mnet hosts and remove the localhost 26 $mnethosts = $DB->get_records_menu('mnet_host', array(), 'name', 'id, name'); 27 if (array_key_exists($CFG->mnet_localhost_id, $mnethosts)) { 28 unset($mnethosts[$CFG->mnet_localhost_id]); 29 } 30 31 32 33 // process actions 34 if (!empty($action) and confirm_sesskey()) { 35 36 // boot if insufficient permission 37 if (!has_capability('moodle/user:delete', $sitecontext)) { 38 print_error('nomodifyacl','mnet'); 39 } 40 41 // fetch the record in question 42 $id = required_param('id', PARAM_INT); 43 if (!$idrec = $DB->get_record('mnet_sso_access_control', array('id'=>$id))) { 44 print_error('recordnoexists','mnet', "$CFG->wwwroot/$CFG->admin/mnet/access_control.php"); 45 } 46 47 switch ($action) { 48 49 case "delete": 50 $DB->delete_records('mnet_sso_access_control', array('id'=>$id)); 51 redirect('access_control.php', get_string('deleteuserrecord', 'mnet', array('user'=>$idrec->username, 'host'=>$mnethosts[$idrec->mnet_host_id]))); 52 break; 53 54 case "acl": 55 56 // require the access parameter, and it must be 'allow' or 'deny' 57 $accessctrl = trim(strtolower(required_param('accessctrl', PARAM_ALPHA))); 58 if ($accessctrl != 'allow' and $accessctrl != 'deny') { 59 print_error('invalidaccessparam', 'mnet', "$CFG->wwwroot/$CFG->admin/mnet/access_control.php"); 60 } 61 62 if (mnet_update_sso_access_control($idrec->username, $idrec->mnet_host_id, $accessctrl)) { 63 if ($accessctrl == 'allow') { 64 redirect('access_control.php', get_string('ssl_acl_allow','mnet', array('user' => $idrec->username, 65 'host' => $mnethosts[$idrec->mnet_host_id]))); 66 } else if ($accessctrl == 'deny') { 67 redirect('access_control.php', get_string('ssl_acl_deny','mnet', array('user' => $idrec->username, 68 'host' => $mnethosts[$idrec->mnet_host_id]))); 69 } 70 } 71 break; 72 73 default: 74 print_error('invalidactionparam', 'mnet', "$CFG->wwwroot/$CFG->admin/mnet/access_control.php"); 75 } 76 } 77 78 79 80 // process the form results 81 if ($form = data_submitted() and confirm_sesskey()) { 82 83 // check permissions and verify form input 84 if (!has_capability('moodle/user:delete', $sitecontext)) { 85 print_error('nomodifyacl','mnet', "$CFG->wwwroot/$CFG->admin/mnet/access_control.php"); 86 } 87 if (empty($form->username)) { 88 $formerror['username'] = get_string('enterausername','mnet'); 89 } 90 if (empty($form->mnet_host_id)) { 91 $formerror['mnet_host_id'] = get_string('selectahost','mnet'); 92 } 93 if (empty($form->accessctrl)) { 94 $formerror['accessctrl'] = get_string('selectaccesslevel','mnet'); ; 95 } 96 97 // process if there are no errors 98 if (count($formerror) == 0) { 99 100 // username can be a comma separated list 101 $usernames = explode(',', $form->username); 102 103 foreach ($usernames as $username) { 104 $username = trim(core_text::strtolower($username)); 105 if (!empty($username)) { 106 if (mnet_update_sso_access_control($username, $form->mnet_host_id, $form->accessctrl)) { 107 if ($form->accessctrl == 'allow') { 108 redirect('access_control.php', get_string('ssl_acl_allow','mnet', array('user'=>$username, 'host'=>$mnethosts[$form->mnet_host_id]))); 109 } elseif ($form->accessctrl == 'deny') { 110 redirect('access_control.php', get_string('ssl_acl_deny','mnet', array('user'=>$username, 'host'=>$mnethosts[$form->mnet_host_id]))); 111 } 112 } 113 } 114 } 115 } 116 exit; 117 } 118 119 echo $OUTPUT->header(); 120 121 // Explain 122 echo $OUTPUT->box(get_string('ssoacldescr','mnet')); 123 // Are the needed bits enabled? 124 $warn = ''; 125 if (empty($CFG->mnet_dispatcher_mode) || $CFG->mnet_dispatcher_mode !== 'strict') { 126 $warn = '<p>' . get_string('mnetdisabled','mnet') .'</p>'; 127 } 128 129 if (!is_enabled_auth('mnet')) { 130 $warn .= '<p>' . get_string('authmnetdisabled','mnet').'</p>'; 131 } 132 133 if (!empty($warn)) { 134 $warn = '<p>' . get_string('ssoaclneeds','mnet').'</p>' . $warn; 135 echo $OUTPUT->box($warn); 136 } 137 // output the ACL table 138 $columns = array("username", "mnet_host_id", "access", "delete"); 139 $headings = array(); 140 $string = array('username' => get_string('username'), 141 'mnet_host_id' => get_string('remotehost', 'mnet'), 142 'access' => get_string('accesslevel', 'mnet'), 143 'delete' => get_string('delete')); 144 foreach ($columns as $column) { 145 if ($sort != $column) { 146 $columnicon = ""; 147 $columndir = "ASC"; 148 } else { 149 $columndir = $dir == "ASC" ? "DESC" : "ASC"; 150 $columnicon = $dir == "ASC" ? "down" : "up"; 151 $columnicon = " " . $OUTPUT->pix_icon('t/' . $columnicon, get_string('sort')); 152 } 153 $headings[$column] = "<a href=\"?sort=$column&dir=$columndir&\">".$string[$column]."</a>$columnicon"; 154 } 155 $headings['delete'] = ''; 156 $acl = $DB->get_records('mnet_sso_access_control', null, "$sort $dir", '*'); //, $page * $perpage, $perpage); 157 $aclcount = $DB->count_records('mnet_sso_access_control'); 158 159 if (!$acl) { 160 echo $OUTPUT->heading(get_string('noaclentries','mnet')); 161 $table = NULL; 162 } else { 163 $table = new html_table(); 164 $table->head = $headings; 165 $table->align = array('left', 'left', 'center'); 166 $table->width = "95%"; 167 foreach ($acl as $aclrecord) { 168 if ($aclrecord->accessctrl == 'allow') { 169 $accesscolumn = get_string('allow', 'mnet') 170 . " (<a href=\"?id={$aclrecord->id}&action=acl&accessctrl=deny&sesskey=".sesskey()."\">" 171 . get_string('deny', 'mnet') . "</a>)"; 172 } else { 173 $accesscolumn = get_string('deny', 'mnet') 174 . " (<a href=\"?id={$aclrecord->id}&action=acl&accessctrl=allow&sesskey=".sesskey()."\">" 175 . get_string('allow', 'mnet') . "</a>)"; 176 } 177 $deletecolumn = "<a href=\"?id={$aclrecord->id}&action=delete&sesskey=".sesskey()."\">" 178 . get_string('delete') . "</a>"; 179 $table->data[] = array (s($aclrecord->username), $aclrecord->mnet_host_id, $accesscolumn, $deletecolumn); 180 } 181 } 182 183 if (!empty($table)) { 184 echo html_writer::table($table); 185 echo '<p> </p>'; 186 $baseurl = new moodle_url('/admin/mnet/access_control.php', array('sort' => $sort, 'dir' => $dir, 'perpage' => $perpage)); 187 echo $OUTPUT->paging_bar($aclcount, $page, $perpage, $baseurl); 188 } 189 190 191 192 // output the add form 193 echo $OUTPUT->box_start(); 194 195 ?> 196 <div class="mnetaddtoaclform"> 197 <form id="mnetaddtoacl" method="post"> 198 <input type="hidden" name="sesskey" value="<?php echo $sesskey; ?>" /> 199 <?php 200 201 // enter a username 202 echo get_string('username') . ":\n"; 203 if (!empty($formerror['username'])) { 204 echo '<span class="error"> * </span>'; 205 } 206 echo html_writer::label(get_string('username'), 'menuusername', false, array('class' => 'accesshide')); 207 echo '<input id="menuusername" type="text" name="username" size="20" maxlength="100" />'; 208 209 // choose a remote host 210 echo " " . html_writer::label(get_string('remotehost', 'mnet'), 'menumnet_host_id') . ":\n"; 211 if (!empty($formerror['mnet_host_id'])) { 212 echo '<span class="error"> * </span>'; 213 } 214 echo html_writer::select($mnethosts, 'mnet_host_id'); 215 216 // choose an access level 217 echo " " . html_writer::label(get_string('accesslevel', 'mnet'), 'menuaccessctrl') . ":\n"; 218 if (!empty($formerror['accessctrl'])) { 219 echo '<span class="error"> * </span>'; 220 } 221 $accessmenu['allow'] = get_string('allow', 'mnet'); 222 $accessmenu['deny'] = get_string('deny', 'mnet'); 223 echo html_writer::select($accessmenu, 'accessctrl'); 224 225 // submit button 226 echo '<input type="submit" value="' . get_string('addtoacl', 'mnet') . '" />'; 227 echo "</form></div>\n"; 228 229 // print errors 230 foreach ($formerror as $error) { 231 echo "<br><span class=\"error\">$error<span>"; 232 } 233 234 echo $OUTPUT->box_end(); 235 echo $OUTPUT->footer();
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
