/**
* Function to enable SSO (it runs before user_login() is called)
* If a valid CHOCOLATECHIP cookie is not found, the user will be forced to the
* master bakery login page where have to authenticate the user.
*
* @return logged in USER
*/
function loginpage_hook()
{
global $CFG, $USER, $DB;
global $key, $cookieDomain, $slaveURL, $masterURL, $defaultCountry;
$key = $this->config->skey;
$cookieDomain = $this->config->cookiedomain;
$masterURL = $this->config->masterurl;
$slaveURL = $this->config->slaveurl;
$defaultCountry = $this->config->defaultcountry;
$mdBakery['slave'] = validateCookie();
if (!empty($mdBakery['slave'])) {
$username = $mdBakery['slave']['name'];
$user = authenticate_user_login($username, null);
if ($user) {
complete_user_login($user);
$urltogo = $CFG->wwwroot . '/';
$userMail = $USER->email;
// If dummie change init url through edit user form
$userInit = $USER->idnumber;
// Don't check for username because of user freedom for Firstname and Lastname display
if ($userMail != $mdBakery['slave']['mail'] || $userInit != $mdBakery['slave']['init']) {
$emptyString = " ";
// Or just "default" string
$user->idnumber = $mdBakery['slave']['init'];
$fName = ucfirst($mdBakery['slave']['name']);
$user->firstname = $fName;
$user->lastname = $emptyString;
$user->email = $mdBakery['slave']['mail'];
$user->city = $emptyString;
$user->country = $defaultCountry;
$DB->update_record('user', $user);
}
redirect($urltogo);
}
} else {
if (isloggedin() && !isguestuser()) {
require_logout();
} else {
// $master_redirect = $masterURL . 'user/login?return_dest=' . urlencode($slaveURL . 'login/index.php');
// header('Location: ' . $master_redirect);
}
}
}
function logoutpage_hook()
{
if (isset($this->config->dosinglelogout) && $this->config->dosinglelogout) {
set_moodle_cookie('nobody');
require_logout();
redirect($GLOBALS['CFG']->wwwroot . '/auth/saml/index.php?logout=1');
}
}
function __logout()
{
$authsequence = get_enabled_auth_plugins();
// auths, in sequence
foreach ($authsequence as $authname) {
$authplugin = get_auth_plugin($authname);
$authplugin->logoutpage_hook();
}
require_logout();
}
/**
* Test require_logout.
*/
public function test_require_logout()
{
$this->resetAfterTest();
$user = $this->getDataGenerator()->create_user();
$this->setUser($user);
$this->assertTrue(isloggedin());
// Logout user and capture event.
$sink = $this->redirectEvents();
require_logout();
$events = $sink->get_events();
$sink->close();
$event = array_pop($events);
// Check if user is logged out.
$this->assertFalse(isloggedin());
// Test Event.
$this->assertInstanceOf('\\core\\event\\user_loggedout', $event);
$this->assertSame($user->id, $event->objectid);
$this->assertSame('user_logout', $event->get_legacy_eventname());
$this->assertEventLegacyData($user, $event);
$expectedlogdata = array(SITEID, 'user', 'logout', 'view.php?id=' . $event->objectid . '&course=' . SITEID, $event->objectid, 0, $event->objectid);
$this->assertEventLegacyLogData($expectedlogdata, $event);
}
/**
* Function to enable SSO (it runs before user_login() is called)
* If a valid Drupal session is not found, the user will be forced to the
* login page where some other plugin will have to authenticate the user
*
* @return int return FALSE
*/
function loginpage_hook()
{
global $CFG, $USER, $SESSION, $DB;
// Check if we have a Drupal session.
$drupalsession = $this->get_drupal_session();
if ($drupalsession == null) {
debugging("No drupal session detected, sending to drupal for login.", DEBUG_DEVELOPER);
// redirect to drupal login page with destination
if (isset($SESSION->wantsurl) and strpos($SESSION->wantsurl, $CFG->wwwroot) == 0) {
// the URL is set and within Moodle's environment
$urltogo = $SESSION->wantsurl;
unset($SESSION->wantsurl);
$path = ltrim(parse_url($urltogo, PHP_URL_PATH), '/');
$args = parse_url($urltogo, PHP_URL_QUERY);
if ($args) {
$args = '?' . $args;
}
// FIX so not hard coded.
redirect($this->config->host_uri . "/user/login?moodle_url=true&destination=" . $path . $args);
}
return;
// just send user to login page
}
// Verify the authenticity of the Drupal session ID
// Create JSON cookie used to connect to drupal services.
// So we connect to system/connect and we should get a valid drupal user.
$apiObj = new RemoteAPI($this->config->host_uri, 1, $drupalsession);
// Connect to Drupal with this session
$ret = $apiObj->Connect();
if (is_null($ret)) {
//should we just return?
if (isloggedin() && !isguestuser()) {
// the user is logged-off of Drupal but still logged-in on Moodle
// so we must now log-off the user from Moodle...
require_logout();
}
return;
}
debugging("<pre>Live session detected the user returned is\r\n" . print_r($ret, true) . "</pre>", DEBUG_DEVELOPER);
$uid = $ret->user->uid;
if ($uid < 1) {
//No anon
return;
}
// The Drupal session is valid; now check if Moodle is logged in...
if (isloggedin() && !isguestuser()) {
return;
}
$drupaluser = $apiObj->Index("user/{$uid}");
debugging("<pre>The full user data about this user is:\r\n" . print_r($drupaluser, true) . "</pre>", DEBUG_DEVELOPER);
//create/update looks up the user and writes updated information to the DB
$this->create_update_user($drupaluser);
$user = get_complete_user_data('idnumber', $uid);
debugging("<pre>the user that should have been created or updated is:\r\n" . print_r($user, true) . "</pre>", DEBUG_DEVELOPER);
// Complete the login
complete_user_login($user);
// redirect
if (isset($SESSION->wantsurl) and strpos($SESSION->wantsurl, $CFG->wwwroot) == 0) {
// the URL is set and within Moodle's environment
$urltogo = $SESSION->wantsurl;
unset($SESSION->wantsurl);
} else {
// no wantsurl stored or external link. Go to homepage.
$urltogo = $CFG->wwwroot . '/';
unset($SESSION->wantsurl);
}
redirect($urltogo);
}
/**
* Perform a Google SAML Logout by visiting a page on logout
*/
function logoutpage_hook()
{
require_logout();
global $DB, $USER;
$record = $DB->get_record('block_gdata_gapps', array('userid' => $USER->id));
if (empty($record) || !empty($record->remove)) {
return;
}
// TODO: if the Google SAML SSO Link Failed don't bother redirecting
// Google doesn't have an SSO logout procedure as far as I know right now.
// So we visit this and it logs us out of all of the google's services
redirect('https://mail.google.com/a/' . $this->config->domainname . '/?logout');
}
/**
* Call error() function, if global $openid_tmp_login set or $force
* parameter true, function also logs-out current user.
* Called from actions.php
*
* @param string $msg - the string to send to error()
* @param boolean $force - flag to logout user (if true)
*/
function logout_tmpuser_error($msg, $force = false)
{
global $USER, $openid_tmp_login;
if ($force || !empty($openid_tmp_login)) {
error_log("auth/openid/locallib.php::logout_tmpuser_error({$msg}, {$force}): reseting temp OpenID login");
require_logout();
}
error($msg);
}
/**
* Store changed settings, this function updates the errors variable in $ADMIN
* @param object $formdata from form (without magic quotes)
* @return int number of changed settings
*/
function admin_write_settings($formdata)
{
global $CFG, $SITE, $COURSE;
$olddbsessions = !empty($CFG->dbsessions);
$formdata = (array) stripslashes_recursive($formdata);
$data = array();
foreach ($formdata as $fullname => $value) {
if (strpos($fullname, 's_') !== 0) {
continue;
// not a config value
}
$data[$fullname] = $value;
}
$adminroot =& admin_get_root();
$settings = admin_find_write_settings($adminroot, $data);
$count = 0;
foreach ($settings as $fullname => $setting) {
$original = serialize($setting->get_setting());
// comparison must work for arrays too
$error = $setting->write_setting($data[$fullname]);
if ($error !== '') {
$adminroot->errors[$fullname] = new object();
$adminroot->errors[$fullname]->data = $data[$fullname];
$adminroot->errors[$fullname]->id = $setting->get_id();
$adminroot->errors[$fullname]->error = $error;
}
if ($original !== serialize($setting->get_setting())) {
$count++;
$callbackfunction = $setting->updatedcallback;
if (function_exists($callbackfunction)) {
$callbackfunction($fullname);
}
}
}
if ($olddbsessions != !empty($CFG->dbsessions)) {
require_logout();
}
// now update $SITE - it might have been changed
$SITE = get_record('course', 'id', $SITE->id);
$COURSE = clone $SITE;
// now reload all settings - some of them might depend on the changed
admin_get_root(true);
return $count;
}
function logoutpage_hook()
{
global $SESSION, $CFG;
$logout_url = $CFG->wwwroot . '/auth/onelogin_saml/index.php?logout=1';
if (!isset($SESSION->isSAMLSessionControlled)) {
$logout_url .= '&normal';
}
require_logout();
set_moodle_cookie('nobody');
redirect($logout_url);
}
/**
* Store changed settings, this function updates the errors variable in $ADMIN
*
* @param object $formdata from form
* @return int number of changed settings
*/
function cat_write_settings($formdata, $settingspage)
{
global $CFG, $SITE, $DB;
$olddbsessions = !empty($CFG->dbsessions);
$formdata = (array) $formdata;
$data = array();
foreach ($formdata as $fullname => $value) {
if (strpos($fullname, 's_') !== 0) {
continue;
// NHot a config value.
}
$data[$fullname] = $value;
}
$settings = array();
foreach ($settingspage->settings as $setting) {
$fullname = $setting->get_full_name();
if (array_key_exists($fullname, $data)) {
$settings[$fullname] = $setting;
}
}
$count = 0;
foreach ($settings as $fullname => $setting) {
$error = $setting->write_setting($data[$fullname]);
if ($error == '') {
$count++;
$callbackfunction = $setting->updatedcallback;
if (function_exists($callbackfunction)) {
$callbackfunction($fullname);
}
}
}
if ($olddbsessions != !empty($CFG->dbsessions)) {
require_logout();
}
// Now update $SITE - just update the fields, in case other people have a
// a reference to it (e.g. $PAGE, $COURSE).
$newsite = $DB->get_record('course', array('id' => $SITE->id));
foreach (get_object_vars($newsite) as $field => $value) {
$SITE->{$field} = $value;
}
return $count;
}
function logoutpage_hook()
{
global $SESSION;
set_moodle_cookie('nobody');
require_logout();
if (isset($this->config->logoffurl)) {
if (ob_get_level() !== 0) {
ob_end_clean();
}
// in case we are inside a buffer
// 301: move permanently
// 302: found
// 303: see other
// 307: temporary redirect
header("Location: " . $this->config->logoffurl, true, 301);
exit;
// flush header
}
}
function logoutpage_hook()
{
global $SESSION;
unset($SESSION->isSAMLSessionControlled);
//if($this->config->dologout) {
set_moodle_cookie('nobody');
require_logout();
redirect($GLOBALS['CFG']->wwwroot . '/auth/onelogin_saml/index.php?logout=1');
//}
}
function lockdownbrowser_MonitorActionLogout($parameters)
{
if (!isloggedin()) {
lockdownbrowser_MonitorServiceError(2004, "Must be logged in to perform the requested action");
}
require_logout();
lockdownbrowser_MonitorServiceStatus(1001, "Logout succeeded");
}
function logoutpage_hook()
{
global $CFG, $USER;
auth_plugin_teosso::err('in logoutpage_hook');
if ($USER->auth == 'teosso' && $this->config->dologout) {
set_moodle_cookie('nobody');
require_logout();
redirect($this->config->signout_url);
}
}
/**
* Store changed settings, this function updates the errors variable in $ADMIN
*
* @param object $formdata from form
* @return int number of changed settings
*/
function admin_write_settings($formdata)
{
global $CFG, $SITE, $DB;
$olddbsessions = !empty($CFG->dbsessions);
$formdata = (array) $formdata;
$data = array();
foreach ($formdata as $fullname => $value) {
if (strpos($fullname, 's_') !== 0) {
continue;
// not a config value
}
$data[$fullname] = $value;
}
$adminroot = admin_get_root();
$settings = admin_find_write_settings($adminroot, $data);
$count = 0;
foreach ($settings as $fullname => $setting) {
$original = serialize($setting->get_setting());
// comparison must work for arrays too
$error = $setting->write_setting($data[$fullname]);
if ($error !== '') {
$adminroot->errors[$fullname] = new stdClass();
$adminroot->errors[$fullname]->data = $data[$fullname];
$adminroot->errors[$fullname]->id = $setting->get_id();
$adminroot->errors[$fullname]->error = $error;
}
if ($original !== serialize($setting->get_setting())) {
$count++;
$callbackfunction = $setting->updatedcallback;
if (function_exists($callbackfunction)) {
$callbackfunction($fullname);
}
}
}
if ($olddbsessions != !empty($CFG->dbsessions)) {
require_logout();
}
// Now update $SITE - just update the fields, in case other people have a
// a reference to it (e.g. $PAGE, $COURSE).
$newsite = $DB->get_record('course', array('id' => $SITE->id));
foreach (get_object_vars($newsite) as $field => $value) {
$SITE->{$field} = $value;
}
// now reload all settings - some of them might depend on the changed
admin_get_root(true);
return $count;
}
function RWSLOMUser()
{
global $USER;
global $CFG;
global $DB;
global $RWSECAS;
if (!$RWSECAS) {
require_logout();
RWSSStat("1001");
}
if (respondusws_floatcompare($CFG->version, 2010122500, 2) >= 0) {
if (isloggedin()) {
$r_aus = get_enabled_auth_plugins();
foreach ($r_aus as $r_aun) {
$r_aup = get_auth_plugin($r_aun);
if (strcasecmp($r_aup->authtype, RWSCAS) == 0) {
$r_csp = $r_aup;
RWSPLOCas($r_csp);
} else {
$r_aup->prelogout_hook();
}
}
}
if (respondusws_floatcompare($CFG->version, 2014051200, 2) >= 0) {
$r_ssi = session_id();
$r_evt = \core\event\user_loggedout::create(array('userid' => $USER->id, 'objectid' => $USER->id, 'other' => array('sessionid' => $r_ssi)));
if ($r_ses = $DB->get_record('sessions', array('sid' => $r_ssi))) {
$r_evt->add_record_snapshot('sessions', $r_ses);
}
\core\session\manager::terminate_current();
$r_evt->trigger();
} else {
$r_prms = $USER;
events_trigger('user_logout', $r_prms);
if (respondusws_floatcompare($CFG->version, 2013111800, 2) >= 0) {
\core\session\manager::terminate_current();
} else {
session_get_instance()->terminate_current();
}
unset($r_prms);
}
} else {
RWSSErr("2006,{$CFG->version},2010122500");
}
RWSSStat("1001");
}
redirect($CFG->wwwroot . '/' . $CFG->admin . '/index.php');
}
// Bounds for block widths
// more flexible for theme designers taken from theme config.php
$lmin = empty($THEME->block_l_min_width) ? 100 : $THEME->block_l_min_width;
$lmax = empty($THEME->block_l_max_width) ? 210 : $THEME->block_l_max_width;
$rmin = empty($THEME->block_r_min_width) ? 100 : $THEME->block_r_min_width;
$rmax = empty($THEME->block_r_max_width) ? 210 : $THEME->block_r_max_width;
define('BLOCK_L_MIN_WIDTH', $lmin);
define('BLOCK_L_MAX_WIDTH', $lmax);
define('BLOCK_R_MIN_WIDTH', $rmin);
define('BLOCK_R_MAX_WIDTH', $rmax);
// check if major upgrade needed - also present in login/index.php
if ((int) $CFG->version < 2006101100) {
//1.7 or older
@require_logout();
redirect("{$CFG->wwwroot}/{$CFG->admin}/");
}
// Trigger 1.9 accesslib upgrade?
if ((int) $CFG->version < 2007092000 && isset($USER->id) && is_siteadmin($USER->id)) {
// this test is expensive, but is only triggered during the upgrade
redirect("{$CFG->wwwroot}/{$CFG->admin}/");
}
if ($CFG->forcelogin) {
require_login();
} else {
user_accesstime_log();
}
if ($CFG->rolesactive) {
// if already using roles system
if (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM))) {
function logoutpage_hook()
{
global $SESSION;
set_moodle_cookie('nobody');
require_logout();
if (isset($this->config->logoffurl)) {
// 301: move permanently
// 302: found
// 303: see other
// 307: temporary redirect
header("Location: " . $this->config->logoffurl, true, 301);
// redirect($this->config->logoffurl);
}
}
