Moodle version: 1.8.x and 1.9.x
purpose: allow admins to control whether users can self-register using pop3/imap -- in other words, allows admins to control automatic creation of new users when using pop3/imap authentication
description: when using external authority source, Moodle normally assumes that all users defined there are allowed to login. If a user logs in the first time, a new Moodle account is created. This modification allows to prohibit creation of new accounts even if a user is properly authorized by the external authority. By doing so, this hack allows controlling whether new users are automatically generated if they authenticate successfully or whether only existing users can login.
usage: open pop3 or imap configuration through the admin panel and set the desired value from the popup menu.
author: Robert Brenstein, rjb@robelko.com
date created: 16.12.2007
date updated: 08.09.2008
### file: /lib/authlib.php
add new function after function user_login($username, $password)
/**
* Returns true if this authentication plugin can create new users records
* in local Moodle database.
*
* @return bool
*/
function can_add_user_record() {
//override if needed
return true;
}
### file: /lib/moodlelib.php
in function authenticate_user_login($username, $password) change
} else {
// if user not found, create him
$user = create_user_record($username, $password, $auth);
}
to
} else {
// if user not found, create him
if (!$authplugin->can_add_user_record()) { // are we allowed to create new records?
add_to_log(0, 'login', 'error', 'index.php', $username);
error_log('[client '.$_SERVER['REMOTE_ADDR']."] $CFG->wwwroot External $auth user: $username ".$_SERVER['HTTP_USER_AGENT']);
return false;
} else {
$user = create_user_record($username, $password, $auth);
}
}
### file: /auth/pop3/auth.php
change
function process_config($config) {
// set to defaults if undefined
if (!isset ($config->host)) {
$config->host = '127.0.0.1';
}
if (!isset ($config->type)) {
$config->type = 'pop3notls';
}
if (!isset ($config->port)) {
$config->port = '143';
}
if (!isset ($config->mailbox)) {
$config->mailbox = 'INBOX';
}
if (!isset($config->changepasswordurl)) {
$config->changepasswordurl = '';
}
// save settings
set_config('host', $config->host, 'auth/pop3');
set_config('type', $config->type, 'auth/pop3');
set_config('port', $config->port, 'auth/pop3');
set_config('mailbox', $config->mailbox, 'auth/pop3');
set_config('changepasswordurl', $config->changepasswordurl, 'auth/pop3');
return true;
}
to
function process_config($config) {
// set to defaults if undefined
if (!isset ($config->host)) {
$config->host = '127.0.0.1';
}
if (!isset ($config->type)) {
$config->type = 'pop3notls';
}
if (!isset ($config->port)) {
$config->port = '143';
}
if (!isset ($config->mailbox)) {
$config->mailbox = 'INBOX';
}
if (!isset($config->changepasswordurl)) {
$config->changepasswordurl = '';
}
if (!isset($config->createusers))
{$config->createusers = 1; }
// save settings
set_config('host', $config->host, 'auth/pop3');
set_config('type', $config->type, 'auth/pop3');
set_config('port', $config->port, 'auth/pop3');
set_config('mailbox', $config->mailbox, 'auth/pop3');
set_config('changepasswordurl', $config->changepasswordurl, 'auth/pop3');
set_config('createusers', $config->createusers, 'auth/pop3');
return true;
}
and before function can_change_password() add
/**
* Returns true if this authentication plugin can create new users records
* in local Moodle database.
*
* @return bool
*/
function can_add_user_record() {
return $this->config->createusers;
}
### file: /auth/imap/auth.php
change
function process_config($config) {
// set to defaults if undefined
if (!isset ($config->host)) {
$config->host = '127.0.0.1';
}
if (!isset ($config->type)) {
$config->type = 'imap';
}
if (!isset ($config->port)) {
$config->port = '143';
}
if (!isset($config->changepasswordurl)) {
$config->changepasswordurl = '';
}
// save settings
set_config('host', $config->host, 'auth/imap');
set_config('type', $config->type, 'auth/imap');
set_config('port', $config->port, 'auth/imap');
set_config('changepasswordurl', $config->changepasswordurl, 'auth/imap');
return true;
}
to
function process_config($config) {
// set to defaults if undefined
if (!isset ($config->host)) {
$config->host = '127.0.0.1';
}
if (!isset ($config->type)) {
$config->type = 'imap';
}
if (!isset ($config->port)) {
$config->port = '143';
}
if (!isset($config->changepasswordurl)) {
$config->changepasswordurl = '';
}
if (!isset($config->createusers))
{$config->createusers = 1; }
// save settings
set_config('host', $config->host, 'auth/imap');
set_config('type', $config->type, 'auth/imap');
set_config('port', $config->port, 'auth/imap');
set_config('changepasswordurl', $config->changepasswordurl, 'auth/imap');
set_config('createusers', $config->createusers, 'auth/imap');
return true;
}
and before function can_change_password() add
/**
* Returns true if this authentication plugin can create new users records
* in local Moodle database.
*
* @return bool
*/
function can_add_user_record() {
return $this->config->createusers;
}
### file: /auth/pop3/config.html
after
if (!isset($config->changepasswordurl)) {
$config->changepasswordurl = '';
}
add
if (!isset($config->createusers)) {
$config->createusers = 1;
}
$yesno = array( get_string('no'), get_string('yes') );
add new block after a block with changepasswordurl
| : |
createusers, ''); ?>
|
|
### file: /auth/imap/config.html
after
if (!isset($config->changepasswordurl)) {
$config->changepasswordurl = '';
}
add
if (!isset($config->createusers)) {
$config->createusers = 1;
}
$yesno = array( get_string('no'), get_string('yes') );
and add a new block after a block with changepasswordurl
| : |
createusers, ''); ?>
|
|
### file: /moodledata/lang/en_utf8_local/auth.php
if file does not exist, create one with
else add the following lines to the existing file
$string['auth_imapcreateusers_key'] = 'Allow new IMAP users';
$string['auth_imapcreateusers'] = 'Specify whether all users in the above IMAP server are allowed to access this Moodle server (automatically create new user records if needed) or whether the IMAP server is used only to authenticate existing users.';
$string['auth_pop3createusers_key'] = 'Allow new POP3 users';
$string['auth_pop3createusers'] = 'Specify whether all users in the above POP3 server are allowed to access this Moodle server (automatically create new user records if needed) or whether the POP3 server is used only to authenticate existing users.';
If you use other languages packs, make a parallel addition in each language pack.
### file: /moodledata/lang/en_utf8_local/moodle.php
(optional) You may also consider to enhance
$string['invalidlogin'] = 'Invalid login, please try again';
by creating an entry in local moodle.php file if the option setting is 'no'. If this file does not exist yet, create it like in the case of /moodledata/lang/en_utf8_local/auth.php. The issue is that the error message is the same whether user makes a mistake or whether it is not allowed to access to the site. Unfortunately, there is no simple way to have different error message for each.