summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--shib_auth.module61
1 files changed, 32 insertions, 29 deletions
diff --git a/shib_auth.module b/shib_auth.module
index abe5d5d..ddf0b9c 100644
--- a/shib_auth.module
+++ b/shib_auth.module
@@ -389,39 +389,42 @@ function shib_login_authmap($uname, $umail_single, $uid, $alreadyloggedin = Fals
$account = user_external_load($authmap_username['name']);
if (isset($account->uid)) {
//We don't login user again, if there is already one logged in (made redirect loops when linking an account)
- user_external_login_register($account->name, 'shib_auth');
- if ($user->uid) {
- //set auth variable to shib_auth
- $_SESSION['shib_auth_authentication'] = 'shib_auth';
- //Shibboleth mail address override was enabled in the admin config
- if (shib_auth_config('enable_custom_mail') == 0) {
- //check if there isn't any user with this e-mail (whose name is different)
- $email_for_other_user = db_select('users', 'c')
- ->fields('c')
- ->condition('mail', $umail_single, '=')
- ->condition('uid', $user->uid, '<>')
- ->execute()
- ->fetchObject();
-
- if ($email_for_other_user) {
- shib_auth_error('[shib_login_authmap] Error saving user account. E-mail address is already used.');
- }
- //if everything is allright, modify the mail address of the user.
- else {
- $user = shib_auth_save_mail($user, $umail_single);
- if (!$user) {
- // Something really bad happened
- shib_auth_error('[shib_login_authmap] Fatal error while saving mail address');
- return;
+ if (!user_is_blocked($account->name)) {
+ user_external_login_register($account->name, 'shib_auth');
+ if ($user->uid) {
+ //set auth variable to shib_auth
+ $_SESSION['shib_auth_authentication'] = 'shib_auth';
+ //Shibboleth mail address override was enabled in the admin config
+ if (shib_auth_config('enable_custom_mail') == 0) {
+ //check if there isn't any user with this e-mail (whose name is different)
+ $email_for_other_user = db_select('users', 'c')
+ ->fields('c')
+ ->condition('mail', $umail_single, '=')
+ ->condition('uid', $user->uid, '<>')
+ ->execute()
+ ->fetchObject();
+
+ if ($email_for_other_user) {
+ shib_auth_error('[shib_login_authmap] Error saving user account. E-mail address is already used.');
+ }
+ //if everything is allright, modify the mail address of the user.
+ else {
+ $user = shib_auth_save_mail($user, $umail_single);
+ if (!$user) {
+ // Something really bad happened
+ shib_auth_error('[shib_login_authmap] Fatal error while saving mail address');
+ return;
+ }
}
}
+ //forward user to login url, if set
+ if (shib_auth_config('login_url')!='' && !$alreadyloggedin && $_GET['q']!= shib_auth_config('login_url')) {
+ drupal_goto(shib_auth_config('login_url'));
+ }
}
- //forward user to login url, if set
- if (shib_auth_config('login_url')!='' && !$alreadyloggedin && $_GET['q']!= shib_auth_config('login_url')) {
- drupal_goto(shib_auth_config('login_url'));
- }
+ else shib_auth_error('Couldn\'t login user: ' . $authmap_username['name']);
}
- else shib_auth_error('Couldn\'t login user: ' . $authmap_username['name']);
+ else shib_auth_error('Couldn\'t login user: ' . $authmap_username['name']. ' has not been activated, or is blocked');
}
else shib_auth_error('Couldn\'t login user: ' . $authmap_username['name']);
//redirect user to a predefined page, or a page, she wanted to see before clicking on login