From 2973a53c7cf102e12b21c4ed1fede7f2447033b2 Mon Sep 17 00:00:00 2001 From: cescobedo Date: Wed, 21 Jul 2021 07:55:03 +0200 Subject: [PATCH] MDL-63207 auth_ldap: Update user profile if field is empty --- auth/ldap/auth.php | 20 ++++++++++---------- auth/ldap/lang/en/auth_ldap.php | 4 +++- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/auth/ldap/auth.php b/auth/ldap/auth.php index 8ab37e4660e..a0b118fd789 100644 --- a/auth/ldap/auth.php +++ b/auth/ldap/auth.php @@ -1228,18 +1228,18 @@ class auth_plugin_ldap extends auth_plugin_base { empty($nuvalue) ? $nuvalue = array() : $nuvalue; $ouvalue = core_text::convert($oldvalue, 'utf-8', $this->config->ldapencoding); foreach ($ldapkeys as $ldapkey) { - // Skip update if $ldapkey does not exist in LDAP. - if (!isset($user_entry[$ldapkey][0])) { - $success = false; - error_log($this->errorlogtag.get_string('updateremfailfield', 'auth_ldap', - array('ldapkey' => $ldapkey, - 'key' => $key, - 'ouvalue' => $ouvalue, - 'nuvalue' => $nuvalue))); - continue; + // If the field is empty in LDAP there are two options: + // 1. We get the LDAP field using ldap_first_attribute. + // 2. LDAP don't send the field using ldap_first_attribute. + // So, for option 1 we check the if the field is retrieve it. + // And get the original value of field in LDAP if the field. + // Otherwise, let value in blank and delegate the check in ldap_modify. + if (isset($user_entry[$ldapkey][0])) { + $ldapvalue = $user_entry[$ldapkey][0]; + } else { + $ldapvalue = ''; } - $ldapvalue = $user_entry[$ldapkey][0]; if (!$ambiguous) { // Skip update if the values already match if ($nuvalue !== $ldapvalue) { diff --git a/auth/ldap/lang/en/auth_ldap.php b/auth/ldap/lang/en/auth_ldap.php index 9edd34abb4a..9b4d198813a 100644 --- a/auth/ldap/lang/en/auth_ldap.php +++ b/auth/ldap/lang/en/auth_ldap.php @@ -145,7 +145,6 @@ $string['start_tls'] = 'Use regular LDAP service (port 389) with TLS encryption' $string['start_tls_key'] = 'Use TLS'; $string['updateremfail'] = 'Error updating LDAP record. Error code: {$a->errno}; Error string: {$a->errstring}
Key ({$a->key}) - old moodle value: \'{$a->ouvalue}\' new value: \'{$a->nuvalue}\''; $string['updateremfailamb'] = 'Failed to update LDAP with ambiguous field {$a->key}; old moodle value: \'{$a->ouvalue}\', new value: \'{$a->nuvalue}\''; -$string['updateremfailfield'] = 'Failed to update LDAP with non-existent field (\'{$a->ldapkey}\'). Key ({$a->key}) - old Moodle value: \'{$a->ouvalue}\' new value: \'{$a->nuvalue}\''; $string['updatepasserror'] = 'Error in user_update_password(). Error code: {$a->errno}; Error string: {$a->errstring}'; $string['updatepasserrorexpire'] = 'Error in user_update_password() when reading password expiry time. Error code: {$a->errno}; Error string: {$a->errstring}'; $string['updatepasserrorexpiregrace'] = 'Error in user_update_password() when modifying expiry time and/or grace logins. Error code: {$a->errno}; Error string: {$a->errstring}'; @@ -165,3 +164,6 @@ $string['diag_emptycontext'] = 'Empty context found.'; $string['diag_contextnotfound'] = 'Context {$a} doesn\'t exist or can\'t be read by bind DN.'; $string['diag_rolegroupnotfound'] = 'Group {$a->group} for role {$a->localname} doesn\'t exist or can\'t be read by bind DN.'; $string['privacy:metadata'] = 'The LDAP server authentication plugin does not store any personal data.'; + +// Deprecated since Moodle 3.10. +$string['updateremfailfield'] = 'Failed to update LDAP with non-existent field (\'{$a->ldapkey}\'). Key ({$a->key}) - old Moodle value: \'{$a->ouvalue}\' new value: \'{$a->nuvalue}\''; -- 2.24.3 (Apple Git-128)