13 April 2011, 16:03

Hello there!

We have a system written in php and we wish to integrate with mahara. We have succesfully wrote an auth plugin so users can login into mahara with they user names they have in our system and so on. We have 3 kind of users in our system(site admin, institutional admin, simple user) and now any of them can log in and simple users are just there in the institution and our site admin can log in with his user account into mahara too.

This is all good, but we have a little problem with the institutional admins... After studying your database one can easily found out that there is a field in the usr_institution table called admin and that's the responsible for the users 'adminness' in that institution.  We have also found out, that the so called auth->login() function runs after the users auto creation in mahara, so we decided to put a little code there that changes the admin column for the user in the database.

This runs nearly as expected, but there is a little problem. The problem is that if we do it this way, and the user logs in for the first time he (seemingly) does not get the admin rights for the institude, he only realises that change if he logs out and then logs in. I think the cause is that the changes take place after some reading from that table and the site remains in the state that was before the database change. We are trying to get around this because it's a little usability problem with our system this way...

This is the code in the overridden login():

        public function login() {
                global $strUserName ;
                global $pepruser ;
                global $USER ;

                if(!$pepruser->bDiak){
                        // Bejelentkezett felhasználó userneve
                        // Usernévhez tartozó rekord lekérdezése a userId miatt
                        $rUsrRecord = get_record('usr', 'username', $strUserName) ;
                        $nUsrId = $rUsrRecord->id;
                        // Maharás user pktr-es kezelési köre tiszk-e a pktrben
                        $bTiszke = $pepruser->intezmeny->tiszke ;
                        // Aktuális intézmény lekérdezése
                        $strInstitutionName = $this->institution ;
                        // Bejelentkezett user számára intézményszintű admin-jog adása
                        if(!$bTiszke){
                                execute_sql("UPDATE `mahara`.`usr_institution` SET `admin` = '1' WHERE `usr_institution`.`usr` = " . $nUsrId . " AND `usr_institution`.`institution` = '" . $strInstitutionName . "';");
                        }  
                }  
        }

We have just migrated to 1.3.5 and in a previus version we tried to get around the problem in the way that we inserted the appropriate rows in the usr and usr_institude tables at the end of the authenticate_user_account() function. We also had problems with that solution too and I don't think so that it could be a long lasting solution for our problem(Just mentioned that I can show code about that too).

I hope there is a solution to our problem, we are open for things and ideas...

pktr development team

17 April 2011, 9:43

I think you can achive what you want by calling $USER->reset_institutions(); after you set the admin flag in usr_institution table.

Saludos.
Iñaki.