MDL-42097 fix handling of passwords when creating new users

ralferlebach · Dec 5, 2013 · 0b3bd8c · 0b3bd8c
1 parent ec6219a
commit 0b3bd8c
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 6 deletions.
diff --git a/user/editadvanced.php b/user/editadvanced.php
@@ -169,20 +169,31 @@
     $createpassword = false;
 
     if ($usernew->id == -1) {
-        //TODO check out if it makes sense to create account with this auth plugin and what to do with the password
         unset($usernew->id);
         $createpassword = !empty($usernew->createpassword);
         unset($usernew->createpassword);
         $usernew = file_postupdate_standard_editor($usernew, 'description', $editoroptions, null, 'user', 'profile', null);
         $usernew->mnethostid = $CFG->mnet_localhost_id; // always local user
         $usernew->confirmed  = 1;
         $usernew->timecreated = time();
-        if ($createpassword) {
-            $usernew->password = '';
+        if ($authplugin->is_internal()) {
+            if ($createpassword or empty($usernew->newpassword)) {
+                $usernew->password = '';
+            } else {
+                $usernew->password = hash_internal_user_password($usernew->newpassword);
+            }
         } else {
-            $usernew->password = hash_internal_user_password($usernew->newpassword);
+            $usernew->password = AUTH_PASSWORD_NOT_CACHED;
         }
         $usernew->id = user_create_user($usernew, false);
+
+        if (!$authplugin->is_internal() and $authplugin->can_change_password() and !empty($usernew->newpassword)) {
+            if (!$authplugin->user_update_password($usernew, $usernew->newpassword)) {
+                // Do not stop here, we need to finish user creation.
+                debugging(get_string('cannotupdatepasswordonextauth', '', '', $usernew->auth), DEBUG_NONE);
+            }
+        }
+
     } else {
         $usernew = file_postupdate_standard_editor($usernew, 'description', $editoroptions, $usercontext, 'user', 'profile', 0);
         // Pass a true old $user here.

diff --git a/user/editadvanced_form.php b/user/editadvanced_form.php
@@ -55,7 +55,12 @@ function definition() {
             $authinst = get_auth_plugin($auth);
             $passwordurl = $authinst->change_password_url();
             if (!($authinst->can_change_password() && empty($passwordurl))) {
-                $cannotchangepass[] = $auth;
+                if (!$userid and $authinst->is_internal()) {
+                    // This is unlikely but we can not create account without password
+                    // when plugin uses passwords, we need to set it initially at least.
+                } else {
+                    $cannotchangepass[] = $auth;
+                }
             }
             if (is_enabled_auth($auth)) {
                 $auth_options[$enabled][$auth] = get_string('pluginname', "auth_{$auth}");
@@ -70,6 +75,7 @@ function definition() {
         $mform->addHelpButton('suspended', 'suspended', 'auth');
 
         $mform->addElement('checkbox', 'createpassword', get_string('createpassword','auth'));
+        $mform->disabledIf('createpassword', 'auth', 'in', $cannotchangepass);
 
         if (!empty($CFG->passwordpolicy)){
             $mform->addElement('static', 'passwordpolicyinfo', '', print_password_policy());
@@ -201,7 +207,11 @@ function validation($usernew, $files) {
                     $err['newpassword'] = $errmsg;
                 }
             } else if (!$user) {
-                $err['newpassword'] = get_string('required');
+                $auth = get_auth_plugin($usernew->auth);
+                if ($auth->is_internal()) {
+                    // Internal accounts require password!
+                    $err['newpassword'] = get_string('required');
+                }
             }
         }