Commit bdbf1be8 authored by g.avgeris's avatar g.avgeris
Browse files

HowTo Modifications

- Howto Theme
- Login Screen for EFKA
- Core changes for GSIS Authentication
- Core Changes on Book Activity
parent 94f2d3fc
......@@ -47,3 +47,4 @@ atlassian-ide-plugin.xml
/node_modules/
/.vscode/
moodle-plugin-ci.phar
/rocket.chat/
......@@ -62,18 +62,20 @@ if ($action == 'edit') {
$likefacebook = $DB->sql_like('url', ':facebook');
$likegoogle = $DB->sql_like('url', ':google');
$likemicrosoft = $DB->sql_like('url', ':microsoft');
$likegov = $DB->sql_like('url', ':gsis'); // GOV
$params = [
'issuerid' => $issuerid,
'facebook' => '%facebook%',
'google' => '%google%',
'microsoft' => '%microsoft%',
'gsis' => '%gsis.gr%', // GOV
];
$select = "issuerid = :issuerid AND ($likefacebook OR $likegoogle OR $likemicrosoft)";
$select = "issuerid = :issuerid AND ($likefacebook OR $likegoogle OR $likemicrosoft OR $likegov)"; // GOV
// We're querying from the oauth2_endpoint table because the base URLs of FB and Microsoft can be empty in the issuer table.
$showrequireconfirm = $DB->record_exists_select('oauth2_endpoint', $select, $params);
}
$mform = new \tool_oauth2\form\issuer(null, ['persistent' => $issuer, 'showrequireconfirm' => $showrequireconfirm]);
}
if ($mform && $mform->is_cancelled()) {
......
......@@ -410,7 +410,11 @@ class auth extends \auth_plugin_base {
$errormsg = get_string('loginerror_nouserinfo', 'auth_oauth2');
$SESSION->loginerrormsg = $errormsg;
$client->log_out();
redirect(new moodle_url('/login/index.php'));
// GOV.GR
// Logout from TaxisNet as well
$logout_url = $client->get_issuer()->get_endpoint_url('logout') ."/" . $client->get_issuer()->get("clientid") . "/?url=" . new moodle_url('/login/index.php');
redirect($logout_url);
//redirect(new moodle_url('/login/index.php'));
}
if (empty($userinfo['username']) || empty($userinfo['email'])) {
// Trigger login failed event.
......@@ -422,7 +426,11 @@ class auth extends \auth_plugin_base {
$errormsg = get_string('loginerror_userincomplete', 'auth_oauth2');
$SESSION->loginerrormsg = $errormsg;
$client->log_out();
redirect(new moodle_url('/login/index.php'));
// GOV.GR
// Logout from TaxisNet as well
$logout_url = $client->get_issuer()->get_endpoint_url('logout') ."/" . $client->get_issuer()->get("clientid") . "/?url=" . new moodle_url('/login/index.php');
redirect($logout_url);
// redirect(new moodle_url('/login/index.php'));
}
$userinfo['username'] = trim(core_text::strtolower($userinfo['username']));
......@@ -466,6 +474,8 @@ class auth extends \auth_plugin_base {
redirect(new moodle_url('/login/index.php'));
} else if ($mappeduser && ($mappeduser->confirmed || !$issuer->get('requireconfirmation'))) {
// Update user fields.
// GOV.GR: Don't update email because if user has change it then it will be ovewritten with taxid
$userinfo["email"] = $mappeduser->email;
$userinfo = $this->update_user($userinfo, $mappeduser);
$userwasmapped = true;
} else {
......@@ -510,7 +520,11 @@ class auth extends \auth_plugin_base {
if (!$userwasmapped) {
// No defined mapping - we need to see if there is an existing account with the same email.
$moodleuser = \core_user::get_user_by_email($userinfo['email']);
// GOV.GR
// TaxisNet doesn't return email and cannot verify the user by email.
// We change get_user_by_email to get_user_by_username because the email of oauth 2.0 users is filled manually by the users.
// $moodleuser = \core_user::get_user_by_email($userinfo['email']);
$moodleuser = \core_user::get_user_by_username($userinfo['username']);
if (!empty($moodleuser)) {
if ($issuer->get('requireconfirmation')) {
$PAGE->set_url('/auth/oauth2/confirm-link-login.php');
......@@ -523,7 +537,10 @@ class auth extends \auth_plugin_base {
$this->print_confirm_required($emailconfirm, $message);
exit();
} else {
\auth_oauth2\api::link_login($userinfo, $issuer, $moodleuser->id, true);
// ****** GOV.GR *******
// Have to disable the link_login because raises an mooodle exception alreadylinked on 2nd login of user
// \auth_oauth2\api::link_login($userinfo, $issuer, $moodleuser->id, true);
$userinfo["email"] = $moodleuser->email;
$userinfo = $this->update_user($userinfo, $moodleuser);
// No redirect, we will complete this login.
}
......@@ -594,6 +611,12 @@ class auth extends \auth_plugin_base {
}
}
}
// GOV.GR
// Logout from TaxisNet before continue.
// I send the redirect_url to taxisnet logout url so to return on the page that user asked for
$redirecturl = $client->get_issuer()->get_endpoint_url('logout') ."/" .
$client->get_issuer()->get("clientid") .
"/?url=" . $redirecturl;
// We used to call authenticate_user - but that won't work if the current user has a different default authentication
// method. Since we now ALWAYS link a login - if we get to here we can directly allow the user in.
......
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* efka_messages block.
*
* @package block_efka_messages
* @copyright 1999 onwards Martin Dougiamas (http://dougiamas.com)
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
class block_efka_messages extends block_base{
function init() {
$this->title = get_string('efka_messages', 'block_efka_messages');
}
function applicable_formats() {
return array('site' => true,
'course' => true,
'mod' => true,
'mod-quiz' => true,
'mod-quiz-view' => true);
}
function get_content() {
global $CFG, $OUTPUT, $USER, $DB;
if ($this->content !== null) {
return $this->content;
}
$this->content = new stdClass;
// $this->content->items = array();
// $this->content->icons = array();
$courseid = $this->page->course->id;
if ($courseid <= 0) {
$courseid = SITEID;
}
if (empty($this->instance->pageid)) {
$this->instance->pageid = SITEID;
}
// if ($feedbacks = feedback_get_feedbacks_from_sitecourse_map($courseid)) {
// $baseurl = new moodle_url('/mod/feedback/view.php');
// foreach ($feedbacks as $feedback) {
// $url = new moodle_url($baseurl);
// $url->params(array('id'=>$feedback->cmid, 'courseid'=>$courseid));
// $this->content->items[] = '<a href="'.$url->out().'">'.$icon.$feedback->name.'</a>';
// }
// }
if (isguestuser()) {
return "";
}
if (empty($CFG->messaging)) {
return "";
}
$view = "efka_messages";
// if (! empty($this->config->username)) {
// $userid = $this->config->username;
// $user = $DB->get_record('user', ['username' => $this->config->username]);
// if ($user) {
// $userid = $user->id;
// }
// }
//$bucket = crc32 ($USER->);
$teachers = [ 1348, // Χαμάκος (Εκπαιδευτής)
1349, // ΣΑΡΑΚΙΝΙΩΤΗ (ΕΚΠΑΙΔΕΥΤΡΙΑ)
1358, // ΝΙΦΟΡΟΥ
1364 // ΚΑΝΑΚΑΡΗ
];
$bucket = $USER->id % count($teachers);
$userid = $teachers[$bucket];
$conversationid = \core_message\api::get_conversation_between_users([$USER->id, $userid]);
// \core_message\api::send_message_to_conversation()
$this->content->text = \core_message\helper::render_messaging_widget(false, $userid, $conversationid, $view);
return $this->content;
}
}
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Privacy Subsystem implementation for block_efka_messages.
*
* @package block_efka_messages
* @copyright 2018 Zig Tan <zig@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace block_efka_messages\privacy;
defined('MOODLE_INTERNAL') || die();
/**
* Privacy Subsystem for block_efka_messages implementing null_provider.
*
* @copyright 2018 Zig Tan <zig@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class provider implements \core_privacy\local\metadata\null_provider {
/**
* Get the language string identifier with the component's language
* file to explain why this plugin stores no data.
*
* @return string
*/
public static function get_reason() : string {
return 'privacy:metadata';
}
}
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* efka_messages block caps.
*
* @package block_efka_messages
* @copyright Mark Nelson <markn@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
$capabilities = array(
'block/efka_messages:myaddinstance' => array(
'captype' => 'write',
'contextlevel' => CONTEXT_SYSTEM,
'archetypes' => array(
'user' => CAP_ALLOW
),
'clonepermissionsfrom' => 'moodle/my:manageblocks'
),
'block/efka_messages:addinstance' => array(
'riskbitmask' => RISK_SPAM | RISK_XSS,
'captype' => 'write',
'contextlevel' => CONTEXT_BLOCK,
'archetypes' => array(
'editingteacher' => CAP_ALLOW,
'manager' => CAP_ALLOW
),
'clonepermissionsfrom' => 'moodle/site:manageblocks'
),
);
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* efka_messages block installation.
*
* @package block_efka_messages
* @copyright 1999 onwards Martin Dougiamas (http://dougiamas.com)
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
function xmldb_block_efka_messages_install() {
global $DB;
}
<?php
class block_efka_messages_edit_form extends block_edit_form {
protected function specific_definition($mform) {
// Section header title according to language file.
$mform->addElement('header', 'config_header', get_string('blocksettings', 'block'));
// A sample string variable with a default value.
$mform->addElement('text', 'config_username', get_string('username', 'block_efka_messages'));
$mform->setDefault('config_username', '8');
$mform->setType('config_username', PARAM_RAW);
}
}
\ No newline at end of file
function sendmessage(url, id) {
chatmsg = 'Μεταβείτε στο δωμάτιο ταυτοποίησης πατώντας <a target=\'_blank\' href=\''+url+'\'>εδώ</a>';
navigator.clipboard.writeText(chatmsg);
window.open('/message/index.php?user2='+id);
}
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Strings for component 'block_efka_messages', language 'en', branch 'MOODLE_20_STABLE'
*
* @package block_efka_messages
* @copyright 1999 onwards Martin Dougiamas {@link http://moodle.com}
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
$string['efka_messages'] = 'Ταυτοποίηση';
$string['efka_messages:addinstance'] = 'Προσθήκη block μηνύματος για ταυτοποίηση';
$string['efka_messages:myaddinstance'] = 'Προσθήκη block μηνύματος για ταυτοποίηση';
$string['pluginname'] = 'ΕΦΚΑ Μήνυμα Ταυτοποίησης';
$string['username'] = 'Username του εκπαιδευτή';
$string['privacy:metadata'] = 'Εμφανίζει στους συμμετέχοντες το μήνυμα για να μπουν στο δωμάτιο ταυτοποίησης';
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Strings for component 'block_efka_messages', language 'en', branch 'MOODLE_20_STABLE'
*
* @package block_efka_messages
* @copyright 1999 onwards Martin Dougiamas {@link http://moodle.com}
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
$string['efka_messages'] = 'Ταυτοποίηση';
$string['efka_messages:addinstance'] = 'Προσθήκη block μηνύματος για ταυτοποίηση';
$string['efka_messages:myaddinstance'] = 'Προσθήκη block μηνύματος για ταυτοποίηση';
$string['pluginname'] = 'ΕΦΚΑ Μήνυμα Ταυτοποίησης';
$string['username'] = 'Username του εκπαιδευτή';
$string['privacy:metadata'] = 'Εμφανίζει στους συμμετέχοντες το μήνυμα για να μπουν στο δωμάτιο ταυτοποίησης';
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Version details
*
* @package block_efka_messages
* @copyright 2021 onwards george Avgeris
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
$plugin->version = 2021051700; // The current plugin version (Date: YYYYMMDDXX).
$plugin->requires = 2021051100; // Requires this Moodle version.
$plugin->component = 'block_efka_messages'; // Full name of the plugin (used for diagnostics)
......@@ -489,17 +489,52 @@ class client extends \oauth2_client {
* @return array|false Moodle user fields for the logged in user (or false if request failed)
*/
public function get_userinfo() {
$url = $this->get_issuer()->get_endpoint_url('userinfo');
$response = $this->get($url);
//$url = $this->get_issuer()->get_endpoint_url('userinfo');
$url = $this->get_issuer()->get_endpoint_url('userinfo');
$params = array(
"user_oauth_approval" =>"true",
"scope.read" => "true"
);
// ------ DEBUG ----------- //
// echo "<br/><hr /><strong>get_userinfo:</strong><br/>";
// echo "url:<br /><pre>";
// print_r($url);
// echo "</pre><br/>";
// ------------------------ //
$response = $this->post($url, $params, 'application/xml' );
//$response = $this->post( $url, $this->build_post_data($params) );
// ------ DEBUG ----------- //
// echo "response:<br /><pre>";
// var_dump( $response );
// echo "</pre>";
// ------------------------ //
if (!$response) {
return false;
}
$response = new \SimpleXMLElement($response); // FOTIS
$response = json_encode($response); // FOTIS
$response = json_decode($response, TRUE); // FOTIS
$response = $response ["userinfo"]["@attributes"];
$response = json_encode($response);
//die(0);
$userinfo = new stdClass();
try {
$userinfo = json_decode($response);
} catch (\Exception $e) {
return false;
}
// Αν ο χρήστης που κάνει login δεν είναι δημόσιος υπάλληλος τότε η ΓΓΠΣ επιστρέφει JSON με taxid = "null"
// Τον κάνω αυτόματα logout για να μπορεί να συνδεθεί ξανά με διαφορετικά στοιχεία
if ($userinfo->taxid == "null") {
return false;
} // Simple taxisnet login has taxid = null. Don't allow these logins
$map = $this->get_userinfo_mapping();
......
<div class="form-group row {{#error}}has-danger{{/error}} fitem {{#advanced}}advanced{{/advanced}} {{{element.extraclasses}}}">
<div class="col-md-3">
<span class="float-sm-right text-nowrap">
{{#required}}<abbr class="initialism text-danger" title="{{#str}}required{{/str}}">{{#pix}}req, core, {{#str}}required{{/str}}{{/pix}}</abbr>{{/required}}
{{#advanced}}<abbr class="initialism text-info" title="{{#str}}advanced{{/str}}">!</abbr>{{/advanced}}
{{{helpbutton}}}
</span>
{{#text}}
<label for="{{element.id}}">
{{{label}}}
......
......@@ -628,7 +628,9 @@ abstract class oauth2_client extends curl {
* @param mixed $acceptheader mimetype (as string) or false to skip sending an accept header.
* @return bool
*/
protected function request($url, $options = array(), $acceptheader = 'application/json') {
// GOV.GR
// Set acceptheader to null because TaxisNet returns XML not JSON
protected function request($url, $options = array(), $acceptheader = null) {
$murl = new moodle_url($url);
if ($this->accesstoken) {
......
......@@ -38,13 +38,14 @@ $resendconfirmemail = optional_param('resendconfirmemail', false, PARAM_BOOL);
// be a security risk. For now we only allow it on Behat sites.
// If you wants to do the analysis, you may be able to remove the
// if (BEHAT_SITE_RUNNING).
if (defined('BEHAT_SITE_RUNNING') && BEHAT_SITE_RUNNING) {
// GOV.GR
// Αφαιρώ τον έλεγχο για να μπορεί να δημιουργηθεί Deep Link απο το ΕΜΔ στο Moodle
//if (defined('BEHAT_SITE_RUNNING') && BEHAT_SITE_RUNNING) {
$wantsurl = optional_param('wantsurl', '', PARAM_LOCALURL); // Overrides $SESSION->wantsurl if given.
if ($wantsurl !== '') {
$SESSION->wantsurl = (new moodle_url($wantsurl))->out(false);
}
}
//}
$context = context_system::instance();
$PAGE->set_url("$CFG->wwwroot/login/index.php");
$PAGE->set_context($context);
......@@ -129,6 +130,17 @@ if ($anchor && isset($SESSION->wantsurl) && strpos($SESSION->wantsurl, '#') ===
$SESSION->wantsurl = $wantsurl->out();
}
// Avgeris
function startsWith ($string, $startString)
{
$len = strlen($startString);
return (substr($string, 0, $len) === $startString);
}
// Only for QUIZ Servers
// GOV.GR
global $USER;
if ((!isloggedin() || $USER->id == 1) && !isset($_REQUEST["no"]) && !isset($frm->username)) redirect("/loginefka/");
/// Check if the user has actually submitted login data to us
if ($frm and isset($frm->username)) { // Login WITH cookies
......
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Change password page.
*
* @package core
* @subpackage auth
* @copyright 1999 onwards Martin Dougiamas http://dougiamas.com
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
require('../config.php');
require_once($CFG->dirroot.'/user/lib.php');
require_once('change_password_form.php');
require_once($CFG->libdir.'/authlib.php');
require_once($CFG->dirroot.'/webservice/lib.php');
require_once('lib.php');
$id = optional_param('id', SITEID, PARAM_INT); // current course
$return = optional_param('return', 0, PARAM_BOOL); // redirect after password change
$systemcontext = context_system::instance();
$PAGE->set_url('/loginefka/change_password.php', array('id'=>$id));
$PAGE->set_context($systemcontext);