Skip to content

Commit

Permalink
enrol/ldap: MDL-22784 Conversion of the LDAP enrolment plugin to the …
Browse files Browse the repository at this point in the history 
…new enrolment infrastructure.

We've moved some of the LDAP auth plugin "knowledge" of different LDAP
servers to a common library, and we've added support for nested groups
enrolments for selected LDAP servers.

Lots of changes in the language pack, as all the plugin messages have been
internationali[sz]ed (it also includes renaming of quite a few string
identifiers).

During plugin settings migration, we rename 'version' setting to
'ldap_version', as we store the plugin version itself as a setting in the
plugin config table and the two collided.

Performance is not great for larga data sets but this can be improved later
(20000 users, 4000 courses and 100 users/course take around 1h25m on a somewhat
tuned postgresql-8.4 on a 2.66GHz Core2 Duo w/ 4 GB of RAM).

AMOS BEGIN
  MOV [description,enrol_ldap],[pluginname_desc,enrol_ldap]
  MOV [enrol_ldap_autocreate,enrol_ldap],[autocreate,enrol_ldap]
  MOV [enrol_ldap_autocreate_key,enrol_ldap],[autocreate_key,enrol_ldap]
  MOV [enrol_ldap_autocreation_settings,enrol_ldap],[autocreation_settings,enrol_ldap]
  MOV [enrol_ldap_bind_dn,enrol_ldap],[bind_dn,enrol_ldap]
  MOV [enrol_ldap_bind_dn_key,enrol_ldap],[bind_dn_key,enrol_ldap]
  MOV [enrol_ldap_bind_pw,enrol_ldap],[bind_pw,enrol_ldap]
  MOV [enrol_ldap_bind_pw_key,enrol_ldap],[bind_pw_key,enrol_ldap]
  MOV [enrol_ldap_bind_settings,enrol_ldap],[bind_settings,enrol_ldap]
  MOV [enrol_ldap_category,enrol_ldap],[category,enrol_ldap]
  MOV [enrol_ldap_category_key,enrol_ldap],[category_key,enrol_ldap]
  MOV [enrol_ldap_contexts,enrol_ldap],[contexts,enrol_ldap]
  MOV [enrol_ldap_course_fullname,enrol_ldap],[course_fullname,enrol_ldap]
  MOV [enrol_ldap_course_fullname_key,enrol_ldap],[course_fullname_key,enrol_ldap]
  MOV [enrol_ldap_course_idnumber,enrol_ldap],[course_idnumber,enrol_ldap]
  MOV [enrol_ldap_course_idnumber_key,enrol_ldap],[course_idnumber_key,enrol_ldap]
  MOV [enrol_ldap_course_search_sub,enrol_ldap],[course_search_sub,enrol_ldap]
  MOV [enrol_ldap_course_settings,enrol_ldap],[course_settings,enrol_ldap]
  MOV [enrol_ldap_course_shortname,enrol_ldap],[course_shortname,enrol_ldap]
  MOV [enrol_ldap_course_shortname_key,enrol_ldap],[course_shortname_key,enrol_ldap]
  MOV [enrol_ldap_course_summary,enrol_ldap],[course_summary,enrol_ldap]
  MOV [enrol_ldap_course_summary_key,enrol_ldap],[course_summary_key,enrol_ldap]
  MOV [enrol_ldap_editlock,enrol_ldap],[editlock,enrol_ldap]
  MOV [enrol_ldap_ldap_encoding,enrol_ldap],[ldap_encoding,enrol_ldap]
  MOV [enrol_ldap_ldap_encoding_key,enrol_ldap],[ldap_encoding_key,enrol_ldap]
  MOV [enrol_ldap_general_options,enrol_ldap],[general_options,enrol_ldap]
  MOV [enrol_ldap_group_memberofattribute,enrol_ldap],[group_memberofattribute,enrol_ldap]
  MOV [enrol_ldap_group_memberofattribute_key,enrol_ldap],[group_memberofattribute_key,enrol_ldap]
  MOV [enrol_ldap_host_url,enrol_ldap],[host_url,enrol_ldap]
  MOV [enrol_ldap_host_url_key,enrol_ldap],[host_url_key,enrol_ldap]
  MOV [enrol_ldap_idnumber_attribute,enrol_ldap],[idnumber_attribute,enrol_ldap]
  MOV [enrol_ldap_idnumber_attribute_key,enrol_ldap],[idnumber_attribute_key,enrol_ldap]
  MOV [enrol_ldap_memberattribute,enrol_ldap],[memberattribute,enrol_ldap]
  MOV [enrol_ldap_memberattribute_isdn,enrol_ldap],[memberattribute_isdn,enrol_ldap]
  MOV [enrol_ldap_memberattribute_isdn_key,enrol_ldap],[memberattribute_isdn_key,enrol_ldap]
  MOV [enrol_ldap_nested_groups,enrol_ldap],[nested_groups,enrol_ldap]
  MOV [enrol_ldap_nested_groups_key,enrol_ldap],[nested_groups_key,enrol_ldap]
  MOV [enrol_ldap_nested_groups_settings,enrol_ldap],[nested_groups_settings,enrol_ldap]
  MOV [enrol_ldap_objectclass,enrol_ldap],[objectclass,enrol_ldap]
  MOV [enrol_ldap_objectclass_key,enrol_ldap],[objectclass_key,enrol_ldap]
  MOV [enrol_ldap_opt_deref,enrol_ldap],[opt_deref,enrol_ldap]
  MOV [enrol_ldap_opt_deref_key,enrol_ldap],[opt_deref_key,enrol_ldap]
  MOV [enrol_ldap_roles,enrol_ldap],[roles,enrol_ldap]
  MOV [enrol_ldap_search_sub_key,enrol_ldap],[search_sub_key,enrol_ldap]
  MOV [enrol_ldap_server_settings,enrol_ldap],[server_settings,enrol_ldap]
  MOV [enrol_ldap_template,enrol_ldap],[template,enrol_ldap]
  MOV [enrol_ldap_template_key,enrol_ldap],[template_key,enrol_ldap]
  MOV [enrol_ldap_updatelocal,enrol_ldap],[updatelocal,enrol_ldap]
  MOV [enrol_ldap_user_attribute,enrol_ldap],[user_attribute,enrol_ldap]
  MOV [enrol_ldap_user_attribute_key,enrol_ldap],[user_attribute_key,enrol_ldap]
  MOV [enrol_ldap_user_contexts,enrol_ldap],[user_contexts,enrol_ldap]
  MOV [enrol_ldap_user_contexts_key,enrol_ldap],[user_contexts_key,enrol_ldap]
  MOV [enrol_ldap_user_search_sub,enrol_ldap],[user_search_sub,enrol_ldap]
  MOV [enrol_ldap_user_settings,enrol_ldap],[user_settings,enrol_ldap]
  MOV [enrol_ldap_user_type,enrol_ldap],[user_type,enrol_ldap]
  MOV [enrol_ldap_user_type_key,enrol_ldap],[user_type_key,enrol_ldap]
  MOV [enrol_ldap_version,enrol_ldap],[version,enrol_ldap]
  MOV [enrol_ldap_version_key,enrol_ldap],[version_key,enrol_ldap]
  MOV [search_sub_key,enrol_ldap],[course_search_sub_key,enrol_ldap]
AMOS END
  • Loading branch information
@iarenaza
iarenaza committed Jul 19, 2010
1 parent 744a74e commit 5704585
Show file tree
Hide file tree
Showing 12 changed files with 1,867 additions and 1,145 deletions.
64 changes: 64 additions & 0 deletions enrol/ldap/cli/sync.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
<?php

// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.

/**
* CLI sync for full LDAP synchronisation.
*
* @package enrol_ldap
* @author Iñaki Arenaza - based on code by Martin Dougiamas, Martin Langhoff and others
* @copyright 1999 onwards Martin Dougiamas {@link http://moodle.com}
* @copyright 2010 Iñaki Arenaza <[email protected]>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/

/**
*
* This script is meant to be called from a cronjob to sync moodle with the LDAP
* backend in those setups where the LDAP backend acts as 'master' for enrolment.
*
* Example cron entry:
* # 5 minutes past 4am
* 5 4 * * * /usr/bin/php5 -c /etc/php5/cli/php.ini /var/www/moodle/enrol/ldap/cli/sync.php
*
* Notes:
* - If you have a large number of users, you may want to raise the memory limits
* by passing -d momory_limit=256M
* - For debugging & better logging, you are encouraged to use in the command line:
* -d log_errors=1 -d error_reporting=E_ALL -d display_errors=0 -d html_errors=0
*
*/

if(isset($_SERVER['REMOTE_ADDR'])) {
error_log("enrol/ldap/cli/sync.php can not be called from web server!");
echo "enrol/ldap/cli/sync.php can not be called from web server!";
exit;
}

require_once(dirname(dirname(dirname(dirname(__FILE__)))).'/config.php');

// Ensure errors are well explained
$CFG->debug = DEBUG_NORMAL;

if (!enrol_is_enabled('ldap')) {
error_log('[ENROL LDAP] '.get_string('pluginnotenabled', 'enrol_ldap'));
die;
}

// Update enrolments -- these handlers should autocreate courses if required
$enrol = enrol_get_plugin('ldap');
$enrol->sync_enrolments();

Loading

0 comments on commit 5704585

Please sign in to comment.