Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 3.11.x will end 14 Nov 2022 (12 months plus 6 months extension).
  • Bug fixes for security issues in 3.11.x will end 13 Nov 2023 (18 months plus 12 months extension).
  • PHP version: minimum PHP 7.3.0 Note: minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is supported too.

Differences Between: [Versions 39 and 311]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Admin settings and defaults.
  19   *
  20   * @package auth_cas
  21   * @copyright  2017 Stephen Bourget
  22   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   */
  24  
  25  defined('MOODLE_INTERNAL') || die;
  26  
  27  if ($ADMIN->fulltree) {
  28  
  29      if (!function_exists('ldap_connect')) {
  30          $notify = new \core\output\notification(get_string('auth_casnotinstalled', 'auth_cas'),
  31              \core\output\notification::NOTIFY_WARNING);
  32          $settings->add(new admin_setting_heading('auth_casnotinstalled', '', $OUTPUT->render($notify)));
  33      } else {
  34          // We use a couple of custom admin settings since we need to massage the data before it is inserted into the DB.
  35          require_once($CFG->dirroot.'/auth/ldap/classes/admin_setting_special_lowercase_configtext.php');
  36          require_once($CFG->dirroot.'/auth/ldap/classes/admin_setting_special_contexts_configtext.php');
  37  
  38          // Include needed files.
  39          require_once($CFG->dirroot.'/auth/cas/auth.php');
  40          require_once($CFG->dirroot.'/auth/cas/languages.php');
  41  
  42          // Introductory explanation.
  43          $settings->add(new admin_setting_heading('auth_cas/pluginname', '',
  44                  new lang_string('auth_casdescription', 'auth_cas')));
  45  
  46          // CAS server configuration label.
  47          $settings->add(new admin_setting_heading('auth_cas/casserversettings',
  48                  new lang_string('auth_cas_server_settings', 'auth_cas'), ''));
  49  
  50          // Authentication method name.
  51          $settings->add(new admin_setting_configtext('auth_cas/auth_name',
  52                  get_string('auth_cas_auth_name', 'auth_cas'),
  53                  get_string('auth_cas_auth_name_description', 'auth_cas'),
  54                  get_string('auth_cas_auth_service', 'auth_cas'),
  55                  PARAM_RAW_TRIMMED));
  56  
  57          // Authentication method logo.
  58          $opts = array('accepted_types' => array('.png', '.jpg', '.gif', '.webp', '.tiff', '.svg'));
  59          $settings->add(new admin_setting_configstoredfile('auth_cas/auth_logo',
  60                   get_string('auth_cas_auth_logo', 'auth_cas'),
  61                   get_string('auth_cas_auth_logo_description', 'auth_cas'), 'logo', 0, $opts));
  62  
  63  
  64          // Hostname.
  65          $settings->add(new admin_setting_configtext('auth_cas/hostname',
  66                  get_string('auth_cas_hostname_key', 'auth_cas'),
  67                  get_string('auth_cas_hostname', 'auth_cas'), '', PARAM_RAW_TRIMMED));
  68  
  69          // Base URI.
  70          $settings->add(new admin_setting_configtext('auth_cas/baseuri',
  71                  get_string('auth_cas_baseuri_key', 'auth_cas'),
  72                  get_string('auth_cas_baseuri', 'auth_cas'), '', PARAM_RAW_TRIMMED));
  73  
  74          // Port.
  75          $settings->add(new admin_setting_configtext('auth_cas/port',
  76                  get_string('auth_cas_port_key', 'auth_cas'),
  77                  get_string('auth_cas_port', 'auth_cas'), '', PARAM_INT));
  78  
  79          // CAS Version.
  80          $casversions = array();
  81          $casversions[CAS_VERSION_1_0] = 'CAS 1.0';
  82          $casversions[CAS_VERSION_2_0] = 'CAS 2.0';
  83          $settings->add(new admin_setting_configselect('auth_cas/casversion',
  84                  new lang_string('auth_cas_casversion', 'auth_cas'),
  85                  new lang_string('auth_cas_version', 'auth_cas'), CAS_VERSION_2_0, $casversions));
  86  
  87          // Language.
  88          if (!isset($CASLANGUAGES) || empty($CASLANGUAGES)) {
  89              // Prevent warnings on other admin pages.
  90              // $CASLANGUAGES is defined in /auth/cas/languages.php.
  91              $CASLANGUAGES = array();
  92              $CASLANGUAGES[PHPCAS_LANG_ENGLISH] = 'English';
  93              $CASLANGUAGES[PHPCAS_LANG_FRENCH] = 'French';
  94          }
  95          $settings->add(new admin_setting_configselect('auth_cas/language',
  96                  new lang_string('auth_cas_language_key', 'auth_cas'),
  97                  new lang_string('auth_cas_language', 'auth_cas'), PHPCAS_LANG_ENGLISH, $CASLANGUAGES));
  98  
  99          // Proxy.
 100          $yesno = array(
 101              new lang_string('no'),
 102              new lang_string('yes'),
 103          );
 104          $settings->add(new admin_setting_configselect('auth_cas/proxycas',
 105                  new lang_string('auth_cas_proxycas_key', 'auth_cas'),
 106                  new lang_string('auth_cas_proxycas', 'auth_cas'), 0 , $yesno));
 107  
 108          // Logout option.
 109          $settings->add(new admin_setting_configselect('auth_cas/logoutcas',
 110                  new lang_string('auth_cas_logoutcas_key', 'auth_cas'),
 111                  new lang_string('auth_cas_logoutcas', 'auth_cas'), 0 , $yesno));
 112  
 113          // Multi-auth.
 114          $settings->add(new admin_setting_configselect('auth_cas/multiauth',
 115                  new lang_string('auth_cas_multiauth_key', 'auth_cas'),
 116                  new lang_string('auth_cas_multiauth', 'auth_cas'), 0 , $yesno));
 117  
 118          // Server validation.
 119          $settings->add(new admin_setting_configselect('auth_cas/certificate_check',
 120                  new lang_string('auth_cas_certificate_check_key', 'auth_cas'),
 121                  new lang_string('auth_cas_certificate_check', 'auth_cas'), 0 , $yesno));
 122  
 123          // Certificate path.
 124          $settings->add(new admin_setting_configfile('auth_cas/certificate_path',
 125                  get_string('auth_cas_certificate_path_key', 'auth_cas'),
 126                  get_string('auth_cas_certificate_path', 'auth_cas'), ''));
 127  
 128          // CURL SSL version.
 129          $sslversions = array();
 130          $sslversions[''] = get_string('auth_cas_curl_ssl_version_default', 'auth_cas');
 131          if (defined('CURL_SSLVERSION_TLSv1')) {
 132              $sslversions[CURL_SSLVERSION_TLSv1] = get_string('auth_cas_curl_ssl_version_TLSv1x', 'auth_cas');
 133          }
 134          if (defined('CURL_SSLVERSION_TLSv1_0')) {
 135              $sslversions[CURL_SSLVERSION_TLSv1_0] = get_string('auth_cas_curl_ssl_version_TLSv10', 'auth_cas');
 136          }
 137          if (defined('CURL_SSLVERSION_TLSv1_1')) {
 138              $sslversions[CURL_SSLVERSION_TLSv1_1] = get_string('auth_cas_curl_ssl_version_TLSv11', 'auth_cas');
 139          }
 140          if (defined('CURL_SSLVERSION_TLSv1_2')) {
 141              $sslversions[CURL_SSLVERSION_TLSv1_2] = get_string('auth_cas_curl_ssl_version_TLSv12', 'auth_cas');
 142          }
 143          if (defined('CURL_SSLVERSION_SSLv2')) {
 144              $sslversions[CURL_SSLVERSION_SSLv2] = get_string('auth_cas_curl_ssl_version_SSLv2', 'auth_cas');
 145          }
 146          if (defined('CURL_SSLVERSION_SSLv3')) {
 147              $sslversions[CURL_SSLVERSION_SSLv3] = get_string('auth_cas_curl_ssl_version_SSLv3', 'auth_cas');
 148          }
 149          $settings->add(new admin_setting_configselect('auth_cas/curl_ssl_version',
 150                  new lang_string('auth_cas_curl_ssl_version_key', 'auth_cas'),
 151                  new lang_string('auth_cas_curl_ssl_version', 'auth_cas'), '' , $sslversions));
 152  
 153          // Alt Logout URL.
 154          $settings->add(new admin_setting_configtext('auth_cas/logout_return_url',
 155                  get_string('auth_cas_logout_return_url_key', 'auth_cas'),
 156                  get_string('auth_cas_logout_return_url', 'auth_cas'), '', PARAM_URL));
 157  
 158          // LDAP server settings.
 159          $settings->add(new admin_setting_heading('auth_cas/ldapserversettings',
 160                  new lang_string('auth_ldap_server_settings', 'auth_ldap'), ''));
 161  
 162          // Host.
 163          $settings->add(new admin_setting_configtext('auth_cas/host_url',
 164                  get_string('auth_ldap_host_url_key', 'auth_ldap'),
 165                  get_string('auth_ldap_host_url', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
 166  
 167          // Version.
 168          $versions = array();
 169          $versions[2] = '2';
 170          $versions[3] = '3';
 171          $settings->add(new admin_setting_configselect('auth_cas/ldap_version',
 172                  new lang_string('auth_ldap_version_key', 'auth_ldap'),
 173                  new lang_string('auth_ldap_version', 'auth_ldap'), 3, $versions));
 174  
 175          // Start TLS.
 176          $settings->add(new admin_setting_configselect('auth_cas/start_tls',
 177                  new lang_string('start_tls_key', 'auth_ldap'),
 178                  new lang_string('start_tls', 'auth_ldap'), 0 , $yesno));
 179  
 180  
 181          // Encoding.
 182          $settings->add(new admin_setting_configtext('auth_cas/ldapencoding',
 183                  get_string('auth_ldap_ldap_encoding_key', 'auth_ldap'),
 184                  get_string('auth_ldap_ldap_encoding', 'auth_ldap'), 'utf-8', PARAM_RAW_TRIMMED));
 185  
 186          // Page Size. (Hide if not available).
 187          $settings->add(new admin_setting_configtext('auth_cas/pagesize',
 188                  get_string('pagesize_key', 'auth_ldap'),
 189                  get_string('pagesize', 'auth_ldap'), '250', PARAM_INT));
 190  
 191          // Bind settings.
 192          $settings->add(new admin_setting_heading('auth_cas/ldapbindsettings',
 193                  new lang_string('auth_ldap_bind_settings', 'auth_ldap'), ''));
 194  
 195          // User ID.
 196          $settings->add(new admin_setting_configtext('auth_cas/bind_dn',
 197                  get_string('auth_ldap_bind_dn_key', 'auth_ldap'),
 198                  get_string('auth_ldap_bind_dn', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
 199  
 200          // Password.
 201          $settings->add(new admin_setting_configpasswordunmask('auth_cas/bind_pw',
 202                  get_string('auth_ldap_bind_pw_key', 'auth_ldap'),
 203                  get_string('auth_ldap_bind_pw', 'auth_ldap'), ''));
 204  
 205          // User Lookup settings.
 206          $settings->add(new admin_setting_heading('auth_cas/ldapuserlookup',
 207                  new lang_string('auth_ldap_user_settings', 'auth_ldap'), ''));
 208  
 209          // User Type.
 210          $settings->add(new admin_setting_configselect('auth_cas/user_type',
 211                  new lang_string('auth_ldap_user_type_key', 'auth_ldap'),
 212                  new lang_string('auth_ldap_user_type', 'auth_ldap'), 'default', ldap_supported_usertypes()));
 213  
 214          // Contexts.
 215          $settings->add(new auth_ldap_admin_setting_special_contexts_configtext('auth_cas/contexts',
 216                  get_string('auth_ldap_contexts_key', 'auth_ldap'),
 217                  get_string('auth_ldap_contexts', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
 218  
 219          // Search subcontexts.
 220          $settings->add(new admin_setting_configselect('auth_cas/search_sub',
 221                  new lang_string('auth_ldap_search_sub_key', 'auth_ldap'),
 222                  new lang_string('auth_ldap_search_sub', 'auth_ldap'), 0 , $yesno));
 223  
 224          // Dereference aliases.
 225          $optderef = array();
 226          $optderef[LDAP_DEREF_NEVER] = get_string('no');
 227          $optderef[LDAP_DEREF_ALWAYS] = get_string('yes');
 228  
 229          $settings->add(new admin_setting_configselect('auth_cas/opt_deref',
 230                  new lang_string('auth_ldap_opt_deref_key', 'auth_ldap'),
 231                  new lang_string('auth_ldap_opt_deref', 'auth_ldap'), LDAP_DEREF_NEVER , $optderef));
 232  
 233          // User attribute.
 234          $settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_cas/user_attribute',
 235                  get_string('auth_ldap_user_attribute_key', 'auth_ldap'),
 236                  get_string('auth_ldap_user_attribute', 'auth_ldap'), '', PARAM_RAW));
 237  
 238          // Member attribute.
 239          $settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_cas/memberattribute',
 240                  get_string('auth_ldap_memberattribute_key', 'auth_ldap'),
 241                  get_string('auth_ldap_memberattribute', 'auth_ldap'), '', PARAM_RAW));
 242  
 243          // Member attribute uses dn.
 244          $settings->add(new admin_setting_configselect('auth_cas/memberattribute_isdn',
 245                  get_string('auth_ldap_memberattribute_isdn_key', 'auth_ldap'),
 246                  get_string('auth_ldap_memberattribute_isdn', 'auth_ldap'), 0, $yesno));
 247  
 248          // Object class.
 249          $settings->add(new admin_setting_configtext('auth_cas/objectclass',
 250                  get_string('auth_ldap_objectclass_key', 'auth_ldap'),
 251                  get_string('auth_ldap_objectclass', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
 252  
 253          // Course Creators Header.
 254          $settings->add(new admin_setting_heading('auth_cas/coursecreators',
 255                  new lang_string('coursecreators'), ''));
 256  
 257          // Course creators attribute field mapping.
 258          $settings->add(new admin_setting_configtext('auth_cas/attrcreators',
 259                  get_string('auth_ldap_attrcreators_key', 'auth_ldap'),
 260                  get_string('auth_ldap_attrcreators', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
 261  
 262          // Course creator group field mapping.
 263          $settings->add(new admin_setting_configtext('auth_cas/groupecreators',
 264                  get_string('auth_ldap_groupecreators_key', 'auth_ldap'),
 265                  get_string('auth_ldap_groupecreators', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
 266  
 267          // User Account Sync.
 268          $settings->add(new admin_setting_heading('auth_cas/syncusers',
 269                  new lang_string('auth_sync_script', 'auth'), ''));
 270  
 271          // Remove external user.
 272          $deleteopt = array();
 273          $deleteopt[AUTH_REMOVEUSER_KEEP] = get_string('auth_remove_keep', 'auth');
 274          $deleteopt[AUTH_REMOVEUSER_SUSPEND] = get_string('auth_remove_suspend', 'auth');
 275          $deleteopt[AUTH_REMOVEUSER_FULLDELETE] = get_string('auth_remove_delete', 'auth');
 276  
 277          $settings->add(new admin_setting_configselect('auth_cas/removeuser',
 278                  new lang_string('auth_remove_user_key', 'auth'),
 279                  new lang_string('auth_remove_user', 'auth'), AUTH_REMOVEUSER_KEEP, $deleteopt));
 280      }
 281  
 282      // Display locking / mapping of profile fields.
 283      $authplugin = get_auth_plugin('cas');
 284      $help  = get_string('auth_ldapextrafields', 'auth_ldap');
 285      $help .= get_string('auth_updatelocal_expl', 'auth');
 286      $help .= get_string('auth_fieldlock_expl', 'auth');
 287      $help .= get_string('auth_updateremote_expl', 'auth');
 288      $help .= '<hr />';
 289      $help .= get_string('auth_updateremote_ldap', 'auth');
 290      display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields, $help, true, true,
 291              $authplugin->get_custom_user_profile_fields());
 292  
 293  }