Moodle plugins directory: Controlled Mnet Access: Versions: 2.4 (Build 2013020801) | Moodle.org
Controlled Mnet Access
Blocks ::: block_user_mnet_hosts
Maintained by 
Valery Fremaux
User Mnet Host block is an extension of Mnet_Host bloc
allowing access controlled display of MNET accesses depending on some
custom dedicated user profile fields settings.
Controlled Mnet Access 2.4 (Build 2013020801)
Moodle 2.4
Released: Thursday, 12 September 2013, 4:20 PM
User Mnet Host block is an extension of Mnet_Host bloc
allowing access controlled display of MNET accesses depending on the
user's profile settings.
Access to hosts are easily manageable by access dedicated fields in user profile
so access configuration can be managed through user bulk imports.
# Version notes
#########################
2.4 (2013020801) Adds Mahara support, with a "pass all users" setting for Mahara portfolio.
Fixes a capability control for "access all sites". Now local block level capability.
Install ans setup
#################
1. Install the block as any other blocks copying the directory in /blocks dir
of your Moodle installation, then browse to notifications to register it.
2. On a configured MNET, browse to the plugin settings page and follow the link to :
"Synchronising access control fields to the network configuration".
Run the synchronisation to create expected fields.
Conditions for a user jumping
#############################
The user will only see nodes he is allowed to jump to depending on his profile settings.
Only SSO accessible nodes can be marked and synced.
Valuable patchs for improved experience
#######################################
User mnet control is much more consistant when unifying the profile on all MNET nodes.
This can be obtained adding a key patch that adds custom field propagation through MNET.
File patched : /auth/mnet/auth.php
Patch part 1 : Add custom profile fields to tranmitted userdata
Where :
in function user_authorize()
before :
$userdata['myhosts'] = array();
if ($courses = enrol_get_users_courses($user->id, false)) {
$userdata['myhosts'][] = array('name'=> $SITE->shortname, 'url' => $CFG->wwwroot, 'count' => count($courses));
}
Patch part 2 : Getting custom profile back and updating matching field definitions
Where :
in function update_mnet_session()
before
$localuser->{$key} = $val;
in loop :
// update the local user record with remote user data
foreach ((array) $remoteuser as $key => $val) {
Patch content :
// PATCH : capture profile fields, check if corresponding entry is defined and update data
if (preg_match('/^profile_field_(.*)/', $key, $matches)){
$fieldname = $matches[1];
if ($field = $DB->get_record('user_info_field', array('shortname' => $fieldname))){
$datum = new StdClass;
$datum->fieldid = $field->id;
$datum->userid = $localuser->id;
$datum->data = $val;
if ($oldrecord = $DB->get_record('user_info_data', array('fieldid' => $field->id, 'userid' => $localuser->id))){
$datum->id = $oldrecord->id;
$DB->update_record('user_info_data', $datum);
} else {
$DB->insert_record('user_info_data', $datum);
}
}
}
// /PATCH
Security note
#############
This block only provides significant targets to jump to to users. As users must have a global
moodle/site:mnetlogintoremote capability, once it is allowed, a user might be able to pass through
unpublished acceses.
A future provision for a back-check is foreseen, but still not developed.
Strict exclusion of some user should be obtained using SSO Access Control in Mnet admin, but might
not be usable for mass setup.
allowing access controlled display of MNET accesses depending on the
user's profile settings.
Access to hosts are easily manageable by access dedicated fields in user profile
so access configuration can be managed through user bulk imports.
# Version notes
#########################
2.4 (2013020801) Adds Mahara support, with a "pass all users" setting for Mahara portfolio.
Fixes a capability control for "access all sites". Now local block level capability.
Install ans setup
#################
1. Install the block as any other blocks copying the directory in /blocks dir
of your Moodle installation, then browse to notifications to register it.
2. On a configured MNET, browse to the plugin settings page and follow the link to :
"Synchronising access control fields to the network configuration".
Run the synchronisation to create expected fields.
Conditions for a user jumping
#############################
The user will only see nodes he is allowed to jump to depending on his profile settings.
Only SSO accessible nodes can be marked and synced.
Valuable patchs for improved experience
#######################################
User mnet control is much more consistant when unifying the profile on all MNET nodes.
This can be obtained adding a key patch that adds custom field propagation through MNET.
File patched : /auth/mnet/auth.php
Patch part 1 : Add custom profile fields to tranmitted userdata
Where :
in function user_authorize()
before :
$userdata['myhosts'] = array();
if ($courses = enrol_get_users_courses($user->id, false)) {
$userdata['myhosts'][] = array('name'=> $SITE->shortname, 'url' => $CFG->wwwroot, 'count' => count($courses));
}
Patch part 2 : Getting custom profile back and updating matching field definitions
Where :
in function update_mnet_session()
before
$localuser->{$key} = $val;
in loop :
// update the local user record with remote user data
foreach ((array) $remoteuser as $key => $val) {
Patch content :
// PATCH : capture profile fields, check if corresponding entry is defined and update data
if (preg_match('/^profile_field_(.*)/', $key, $matches)){
$fieldname = $matches[1];
if ($field = $DB->get_record('user_info_field', array('shortname' => $fieldname))){
$datum = new StdClass;
$datum->fieldid = $field->id;
$datum->userid = $localuser->id;
$datum->data = $val;
if ($oldrecord = $DB->get_record('user_info_data', array('fieldid' => $field->id, 'userid' => $localuser->id))){
$datum->id = $oldrecord->id;
$DB->update_record('user_info_data', $datum);
} else {
$DB->insert_record('user_info_data', $datum);
}
}
}
// /PATCH
Security note
#############
This block only provides significant targets to jump to to users. As users must have a global
moodle/site:mnetlogintoremote capability, once it is allowed, a user might be able to pass through
unpublished acceses.
A future provision for a back-check is foreseen, but still not developed.
Strict exclusion of some user should be obtained using SSO Access Control in Mnet admin, but might
not be usable for mass setup.
Version information
- Version build number
- 2013020801
- Version release name
- 2.4 (Build 2013020801)
- Can be updated from
- 2.2.0 (build 2012062000) (2012062000)
- Maturity
- Release candidate
- MD5 Sum
- e802da5c9d0d5b370181a198d659e172
- Supported software
- Moodle 2.4
- Latest release for Moodle 2.4
Version control information
- Version control system (VCS)
- GIT
- VCS repository URL
- VCS branch
- MOODLE_24_STABLE
Default installation instructions for plugins of the type Blocks
- Make sure you have all the required versions.
- Download and unpack the block folder.
- Place the folder (eg "myblock") in the "blocks" subdirectory.
- Visit http://yoursite.com/admin to complete the installation
- Turn editing on in any home or course page.
- Add the block to the page
- Visit the config link in the block for more options.