MDL-51889 enrol_guest: always check password before re-enabling

fladi · Dec 29, 2015 · be6fb6b · be6fb6b
1 parent afbb53d
commit be6fb6b
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 9 deletions.
diff --git a/enrol/guest/classes/enrol_guest_edit_form.php b/enrol/guest/classes/enrol_guest_edit_form.php
@@ -58,7 +58,11 @@ public function definition() {
         $mform->addElement('passwordunmask', 'password', get_string('password', 'enrol_guest'));
         $mform->addHelpButton('password', 'password', 'enrol_guest');
 
-        if ($plugin->get_config('requirepassword')) {
+        // If we have a new instance and the password is required - make sure it is set. For existing
+        // instances we do not force the password to be required as it may have been set to empty before
+        // the password was required. We check in the validation function whether this check is required
+        // for existing instances.
+        if (empty($instance->id) && $plugin->get_config('requirepassword')) {
             $mform->addRule('password', get_string('required'), 'required', null);
         }
 
@@ -84,20 +88,25 @@ public function validation($data, $files) {
         $checkpassword = false;
 
         if ($data['id']) {
-            if ($data['status'] == ENROL_INSTANCE_ENABLED) {
-                if ($instance->password !== $data['password']) {
-                    $checkpassword = true;
-                }
+            // Check the password if we are enabling the plugin again.
+            if (($instance->status == ENROL_INSTANCE_DISABLED) && ($data['status'] == ENROL_INSTANCE_ENABLED)) {
+                $checkpassword = true;
             }
-        } else {
-            if ($data['status'] == ENROL_INSTANCE_ENABLED) {
+
+            // Check the password if the instance is enabled and the password has changed.
+            if (($data['status'] == ENROL_INSTANCE_ENABLED) && ($instance->password !== $data['password'])) {
                 $checkpassword = true;
             }
+        } else {
+            $checkpassword = true;
         }
 
         if ($checkpassword) {
+            $require = $plugin->get_config('requirepassword');
             $policy  = $plugin->get_config('usepasswordpolicy');
-            if ($policy) {
+            if ($require && trim($data['password']) === '') {
+                $errors['password'] = get_string('required');
+            } else if (!empty($data['password']) && $policy) {
                 $errmsg = '';
                 if (!check_password_policy($data['password'], $errmsg)) {
                     $errors['password'] = $errmsg;

diff --git a/enrol/guest/lib.php b/enrol/guest/lib.php
@@ -371,7 +371,8 @@ public function can_hide_show_instance($instance) {
                 }
             }
 
-            if ($this->get_config('usepasswordpolicy')) {
+            // Only check the password if it is set.
+            if (!empty($instance->password) && $this->get_config('usepasswordpolicy')) {
                 if (!check_password_policy($instance->password, $errmsg)) {
                     return false;
                 }