WebSVN – Moodle – Autoría – /admin/mnet/access_control.php

Rev	Autor	Línea Nro.	Línea
1	efrain	1	`<?php`
		2
		3	`// Allows the admin to control user logins from remote moodles.`
		4
		5	`require_once(__DIR__ . '/../../config.php');`
		6	`require_once($CFG->libdir.'/adminlib.php');`
		7	`include_once($CFG->dirroot.'/mnet/lib.php');`
		8
		9	`$sort = optional_param('sort', 'username', PARAM_ALPHAEXT);`
		10	`$dir = optional_param('dir', 'ASC', PARAM_ALPHA);`
		11	`$page = optional_param('page', 0, PARAM_INT);`
		12	`$perpage = optional_param('perpage', 30, PARAM_INT);`
		13	`$action = trim(strtolower(optional_param('action', '', PARAM_ALPHA)));`
		14
		15	`admin_externalpage_setup('ssoaccesscontrol');`
		16
		17	`if (!extension_loaded('openssl')) {`
		18	`throw new \moodle_exception('requiresopenssl', 'mnet');`
		19	`}`
		20
		21	`$sitecontext = context_system::instance();`
		22	`$sesskey = sesskey();`
		23	`$formerror = array();`
		24
		25	`// grab the mnet hosts and remove the localhost`
		26	`$mnethosts = $DB->get_records_menu('mnet_host', array(), 'name', 'id, name');`
		27	`if (array_key_exists($CFG->mnet_localhost_id, $mnethosts)) {`
		28	`unset($mnethosts[$CFG->mnet_localhost_id]);`
		29	`}`
		30
		31
		32
		33	`// process actions`
		34	`if (!empty($action) and confirm_sesskey()) {`
		35
		36	`// boot if insufficient permission`
		37	`if (!has_capability('moodle/user:delete', $sitecontext)) {`
		38	`throw new \moodle_exception('nomodifyacl', 'mnet');`
		39	`}`
		40
		41	`// fetch the record in question`
		42	`$id = required_param('id', PARAM_INT);`
		43	`if (!$idrec = $DB->get_record('mnet_sso_access_control', array('id'=>$id))) {`
		44	`throw new \moodle_exception('recordnoexists', 'mnet', "$CFG->wwwroot/$CFG->admin/mnet/access_control.php");`
		45	`}`
		46
		47	`switch ($action) {`
		48
		49	`case "delete":`
		50	`$DB->delete_records('mnet_sso_access_control', array('id'=>$id));`
		51	`redirect('access_control.php', get_string('deleteuserrecord', 'mnet', array('user'=>$idrec->username, 'host'=>$mnethosts[$idrec->mnet_host_id])));`
		52	`break;`
		53
		54	`case "acl":`
		55
		56	`// require the access parameter, and it must be 'allow' or 'deny'`
		57	`$accessctrl = trim(strtolower(required_param('accessctrl', PARAM_ALPHA)));`
		58	`if ($accessctrl != 'allow' and $accessctrl != 'deny') {`
		59	`throw new \moodle_exception('invalidaccessparam', 'mnet', "$CFG->wwwroot/$CFG->admin/mnet/access_control.php");`
		60	`}`
		61
		62	`if (mnet_update_sso_access_control($idrec->username, $idrec->mnet_host_id, $accessctrl)) {`
		63	`if ($accessctrl == 'allow') {`
		64	`redirect('access_control.php', get_string('ssl_acl_allow','mnet', array('user' => $idrec->username,`
		65	`'host' => $mnethosts[$idrec->mnet_host_id])));`
		66	`} else if ($accessctrl == 'deny') {`
		67	`redirect('access_control.php', get_string('ssl_acl_deny','mnet', array('user' => $idrec->username,`
		68	`'host' => $mnethosts[$idrec->mnet_host_id])));`
		69	`}`
		70	`}`
		71	`break;`
		72
		73	`default:`
		74	`throw new \moodle_exception('invalidactionparam', 'mnet', "$CFG->wwwroot/$CFG->admin/mnet/access_control.php");`
		75	`}`
		76	`}`
		77
		78
		79
		80	`// process the form results`
		81	`if ($form = data_submitted() and confirm_sesskey()) {`
		82
		83	`// check permissions and verify form input`
		84	`if (!has_capability('moodle/user:delete', $sitecontext)) {`
		85	`throw new \moodle_exception('nomodifyacl', 'mnet', "$CFG->wwwroot/$CFG->admin/mnet/access_control.php");`
		86	`}`
		87	`if (empty($form->username)) {`
		88	`$formerror['username'] = get_string('enterausername','mnet');`
		89	`}`
		90	`if (empty($form->mnet_host_id)) {`
		91	`$formerror['mnet_host_id'] = get_string('selectahost','mnet');`
		92	`}`
		93	`if (empty($form->accessctrl)) {`
		94	`$formerror['accessctrl'] = get_string('selectaccesslevel','mnet'); ;`
		95	`}`
		96
		97	`// process if there are no errors`
		98	`if (count($formerror) == 0) {`
		99
		100	`// username can be a comma separated list`
		101	`$usernames = explode(',', $form->username);`
		102
		103	`foreach ($usernames as $username) {`
		104	`$username = trim(core_text::strtolower($username));`
		105	`if (!empty($username)) {`
		106	`if (mnet_update_sso_access_control($username, $form->mnet_host_id, $form->accessctrl)) {`
		107	`if ($form->accessctrl == 'allow') {`
		108	`redirect('access_control.php', get_string('ssl_acl_allow','mnet', array('user'=>$username, 'host'=>$mnethosts[$form->mnet_host_id])));`
		109	`} elseif ($form->accessctrl == 'deny') {`
		110	`redirect('access_control.php', get_string('ssl_acl_deny','mnet', array('user'=>$username, 'host'=>$mnethosts[$form->mnet_host_id])));`
		111	`}`
		112	`}`
		113	`}`
		114	`}`
		115	`}`
		116	`exit;`
		117	`}`
		118
		119	`echo $OUTPUT->header();`
		120
		121	`// Explain`
		122	`echo $OUTPUT->box(get_string('ssoacldescr','mnet'));`
		123	`// Are the needed bits enabled?`
		124	`$warn = '';`
		125	`if (empty($CFG->mnet_dispatcher_mode) \|\| $CFG->mnet_dispatcher_mode !== 'strict') {`
		126	`$warn = '<p>' . get_string('mnetdisabled','mnet') .'</p>';`
		127	`}`
		128
		129	`if (!is_enabled_auth('mnet')) {`
		130	`$warn .= '<p>' . get_string('authmnetdisabled','mnet').'</p>';`
		131	`}`
		132
		133	`if (!empty($warn)) {`
		134	`$warn = '<p>' . get_string('ssoaclneeds','mnet').'</p>' . $warn;`
		135	`echo $OUTPUT->box($warn);`
		136	`}`
		137	`// output the ACL table`
		138	`$columns = array("username", "mnet_host_id", "access", "delete");`
		139	`$headings = array();`
		140	`$string = array('username' => get_string('username'),`
		141	`'mnet_host_id' => get_string('remotehost', 'mnet'),`
		142	`'access' => get_string('accesslevel', 'mnet'),`
		143	`'delete' => get_string('delete'));`
		144	`foreach ($columns as $column) {`
		145	`if ($sort != $column) {`
		146	`$columnicon = "";`
		147	`$columndir = "ASC";`
		148	`} else {`
		149	`$columndir = $dir == "ASC" ? "DESC" : "ASC";`
		150	`$columnicon = $dir == "ASC" ? "down" : "up";`
		151	`$columnicon = " " . $OUTPUT->pix_icon('t/' . $columnicon, get_string('sort'));`
		152	`}`
		153	`$headings[$column] = "<a href=\"?sort=$column&dir=$columndir&\">".$string[$column]."</a>$columnicon";`
		154	`}`
		155	`$headings['delete'] = '';`
		156
		157	`$sortorder = get_safe_orderby([`
		158	`'username' => 'username',`
		159	`'mnet_host_id' => 'mnet_host_id',`
		160	`'access' => 'accessctrl',`
		161	`'default' => 'username',`
		162	`], $sort, $dir, false);`
		163
		164	`$acl = $DB->get_records('mnet_sso_access_control', null, $sortorder);`
		165	`$aclcount = $DB->count_records('mnet_sso_access_control');`
		166
		167	`if (!$acl) {`
		168	`echo $OUTPUT->heading(get_string('noaclentries','mnet'));`
		169	`$table = NULL;`
		170	`} else {`
		171	`$table = new html_table();`
		172	`$table->head = $headings;`
		173	`$table->align = array('left', 'left', 'center');`
		174	`$table->width = "95%";`
		175	`foreach ($acl as $aclrecord) {`
		176	`if ($aclrecord->accessctrl == 'allow') {`
		177	`$accesscolumn = get_string('allow', 'mnet')`
		178	`. " (<a href=\"?id={$aclrecord->id}&action=acl&accessctrl=deny&sesskey=".sesskey()."\">"`
		179	`. get_string('deny', 'mnet') . "</a>)";`
		180	`} else {`
		181	`$accesscolumn = get_string('deny', 'mnet')`
		182	`. " (<a href=\"?id={$aclrecord->id}&action=acl&accessctrl=allow&sesskey=".sesskey()."\">"`
		183	`. get_string('allow', 'mnet') . "</a>)";`
		184	`}`
		185	`$deletecolumn = "<a href=\"?id={$aclrecord->id}&action=delete&sesskey=".sesskey()."\">"`
		186	`. get_string('delete') . "</a>";`
		187	`$table->data[] = array (s($aclrecord->username), $aclrecord->mnet_host_id, $accesscolumn, $deletecolumn);`
		188	`}`
		189	`}`
		190
		191	`if (!empty($table)) {`
		192	`echo html_writer::table($table);`
		193	`echo '<p> </p>';`
		194	`$baseurl = new moodle_url('/admin/mnet/access_control.php', array('sort' => $sort, 'dir' => $dir, 'perpage' => $perpage));`
		195	`echo $OUTPUT->paging_bar($aclcount, $page, $perpage, $baseurl);`
		196	`}`
		197
		198
		199
		200	`// output the add form`
		201	`echo $OUTPUT->box_start();`
		202
		203	`?>`
		204	`<div class="mnetaddtoaclform">`
		205	`<form id="mnetaddtoacl" method="post">`
		206	`<input type="hidden" name="sesskey" value="<?php echo $sesskey; ?>" />`
		207	`<?php`
		208
		209	`// enter a username`
		210	`echo get_string('username') . ":\n";`
		211	`if (!empty($formerror['username'])) {`
		212	`echo '<span class="error"> * </span>';`
		213	`}`
		214	`echo html_writer::label(get_string('username'), 'menuusername', false, array('class' => 'accesshide'));`
		215	`echo '<input id="menuusername" type="text" name="username" size="20" maxlength="100" />';`
		216
		217	`// choose a remote host`
		218	`echo " " . html_writer::label(get_string('remotehost', 'mnet'), 'menumnet_host_id') . ":\n";`
		219	`if (!empty($formerror['mnet_host_id'])) {`
		220	`echo '<span class="error"> * </span>';`
		221	`}`
		222	`echo html_writer::select($mnethosts, 'mnet_host_id');`
		223
		224	`// choose an access level`
		225	`echo " " . html_writer::label(get_string('accesslevel', 'mnet'), 'menuaccessctrl') . ":\n";`
		226	`if (!empty($formerror['accessctrl'])) {`
		227	`echo '<span class="error"> * </span>';`
		228	`}`
		229	`$accessmenu['allow'] = get_string('allow', 'mnet');`
		230	`$accessmenu['deny'] = get_string('deny', 'mnet');`
		231	`echo html_writer::select($accessmenu, 'accessctrl');`
		232
		233	`// submit button`
		234	`echo '<input type="submit" value="' . get_string('addtoacl', 'mnet') . '" />';`
		235	`echo "</form></div>\n";`
		236
		237	`// print errors`
		238	`foreach ($formerror as $error) {`
		239	`echo "<br><span class=\"error\">$error<span>";`
		240	`}`
		241
		242	`echo $OUTPUT->box_end();`
		243	`echo $OUTPUT->footer();`

Proyectos de Subversion Moodle

(root)/admin/mnet/access_control.php – Rev 1