MDL-17457 migrated all modules to new db/install.php; added upgrade.txt file for...
[moodle.git] / enrol / ldap / enrol.php
1 <?php  // $Id$
3 require_once("$CFG->dirroot/enrol/enrol.class.php");
5 class enrolment_plugin_ldap {
7     var $log;    
8     
9     var $enrol_localcoursefield = 'idnumber';
11 /**
12  * This function syncs a user's enrolments with those on the LDAP server.
13  */
14 function setup_enrolments(&$user) {
15     global $CFG, $DB;
17     //error_log('[ENROL_LDAP] setup_enrolments called');
19     // Connect to the external database
20     $ldap_connection = $this->enrol_ldap_connect();
21     if (!$ldap_connection) {
22         @ldap_close($ldap_connection);
23         notify("[ENROL_LDAP] LDAP-module cannot connect to server: {$CFG->enrol_ldap_host_url}");
24         return false;
25     }
26     
27     // we are connected OK, continue...
29     // Get all the possible roles
30     $roles = get_all_roles();
32     // Make sure the config settings have been upgraded.
33     $this->check_legacy_config();
35     // Get the entire list of role assignments that currently exist for this user.
36     $roleassignments = $DB->get_records('role_assignments', array('userid'=>$user->id));
37     if (!$roleassignments) {
38         $roleassignments = array();
39     }
40     
41     // Get the ones that came from LDAP
42     $ldap_assignments = array_filter($roleassignments, create_function('$x', 'return $x->enrol == \'ldap\';'));
44     //error_log('[ENROL_LDAP] ' . count($roleassignments) . ' roles currently associated with this user');
46     // Get enrolments for each type of role from LDAP.
47     foreach($roles as $role) {
48         $enrolments = $this->find_ext_enrolments(
49             $ldap_connection, 
50             $user->idnumber , 
51             $role);
53         //error_log('[ENROL_LDAP] LDAP reports ' . count($enrolments) . ' enrolments of type ' . $role->shortname . '.');
55         foreach ($enrolments as $enrol){
56     
57             $course_ext_id = $enrol[$CFG->enrol_ldap_course_idnumber][0];
58             if(empty($course_ext_id)){
59                 error_log("[ENROL_LDAP] The course external id is invalid!\n");
60                 continue; // next; skip this one!
61             }
62             
63             // create the course  ir required
64             $course_obj = $DB->get_record('course', array($this->enrol_localcoursefield, $course_ext_id));
66             if (empty($course_obj)){ // course doesn't exist
67                 if($CFG->enrol_ldap_autocreate){ // autocreate
68                     error_log("[ENROL_LDAP] CREATE User $user->username enrolled to a nonexistant course $course_ext_id \n");
69                     $newcourseid = $this->create_course($enrol);
70                     $course_obj = $DB->get_record('course', array('id'=>$newcourseid));
71                 } else {
72                     error_log("[ENROL_LDAP] User $user->username enrolled to a nonexistant course $course_ext_id \n");
73                 }
74             }
75             
76             // deal with enrolment in the moodle db
77             if (!empty($course_obj)) { // does course exist now?     
78         
79                 $context = get_context_instance(CONTEXT_COURSE, $course_obj->id);
80                 //$courseroles = get_user_roles($context, $user->id);
81             
82                 if (!$DB->get_record('role_assignments', array('roleid'=>$role->id, 'userid'=>$user->id, 'contextid'=>$context->id))) {
83                     //error_log("[ENROL_LDAP] Assigning role '{$role->name}' to {$user->id} ({$user->username}) in course {$course_obj->id} ({$course_obj->shortname})");
84                     if (!role_assign($role->id, $user->id, 0, $context->id, 0, 0, 0, 'ldap')){
85                         error_log("[ENROL_LDAP] Failed to assign role '{$role->name}' to $user->id ($user->username) into course $course_obj->id ($course_obj->shortname)");
86                     } 
87                 } else {
88                     //error_log("[ENROL_LDAP] Role '{$role->name}' already assigned to {$user->id} ({$user->username}) in course {$course_obj->id} ({$course_obj->shortname})");
89                 }
91                 // Remove the role from the list we created earlier.  This
92                 // way we can find those roles that are no longer required.
93                 foreach($ldap_assignments as $key => $roleassignment) {
94                     if ($roleassignment->roleid == $role->id
95                      && $roleassignment->contextid == $context->id) {
96                         unset($ldap_assignments[$key]);
97                         break;
98                     }
99                 }
100             }
101         }
102     }
104     // ok, if there's any thing still left in the $roleassignments array we
105     // made at the start, we want to remove any of the ldap ones.
106     foreach ($ldap_assignments as $ra) {
107         if($ra->enrol === 'ldap') {
108             error_log("Unassigning role_assignment with id '{$ra->id}' from user {$user->id} ({$user->username})");
109             role_unassign($ra->roleid, $user->id, 0, $ra->contextid, 'ldap');
110         }
111     }
113     @ldap_close($ldap_connection);
115     //error_log('[ENROL_LDAP] finished with setup_enrolments');
116     
117     return true;
120 /// sync enrolments with ldap, create courses if required.
121 function sync_enrolments($type, $enrol = false) {
122     global $CFG, $DB;
124     // Get the role. If it doesn't exist, that is bad.
125     $role = $DB->get_record('role', array('shortname'=>$type));
126     if (!$role) {
127         notify("No such role: $type");
128         return false;
129     }
131     // Connect to the external database
132     $ldap_connection = $this->enrol_ldap_connect();
133     if (!$ldap_connection) {
134         @ldap_close($ldap_connection);
135         notify("LDAP-module cannot connect to server: $CFG->ldap_host_url");
136         return false;
137     }
138     
139     // we are connected OK, continue...
140     $this->enrol_ldap_bind($ldap_connection);
142     //get all contexts and look for first matching user
143     $ldap_contexts = explode(";",$CFG->{'enrol_ldap_contexts_role'.$role->id});
145     // get all the fields we will want for the potential course creation
146     // as they are light. don't get membership -- potentially a lot of data. 
147     $ldap_fields_wanted = array( 'dn', $CFG->enrol_ldap_course_idnumber);
148     if (!empty($CFG->enrol_ldap_course_fullname)){
149         array_push($ldap_fields_wanted, $CFG->enrol_ldap_course_fullname);
150     }
151     if (!empty($CFG->enrol_ldap_course_shortname)){
152         array_push($ldap_fields_wanted, $CFG->enrol_ldap_course_shortname);
153     }
154     if (!empty($CFG->enrol_ldap_course_summary)){
155         array_push($ldap_fields_wanted, $CFG->enrol_ldap_course_summary);
156     }
157     if($enrol){
158         array_push($ldap_fields_wanted, $CFG->{'enrol_ldap_memberattribute_role'.$role->id});
159     }
161     // define the search pattern
162     if (!empty($CFG->enrol_ldap_objectclass)){ 
163         $ldap_search_pattern='(objectclass='.$CFG->enrol_ldap_objectclass.')';
164     } else {
165        $ldap_search_pattern="(objectclass=*)";
166         
167     }
169     // first, pack the sortorder...
170     fix_course_sortorder();
172     foreach ($ldap_contexts as $context) {
174         $context = trim($context);
175         if ($CFG->enrol_ldap_search_sub){
176             //use ldap_search to find first user from subtree
177             $ldap_result = @ldap_search($ldap_connection, 
178                                         $context, 
179                                         $ldap_search_pattern,
180                                         $ldap_fields_wanted);
182         } else {
183             //search only in this context
184             $ldap_result = @ldap_list($ldap_connection, 
185                                         $context, 
186                                         $ldap_search_pattern,
187                                         $ldap_fields_wanted,0,0);
188         }
189  
190         // check and push results
191         $records = $ldap_result
192             ? ldap_get_entries($ldap_connection,$ldap_result)
193             : array('count' => 0);
195         // ldap libraries return an odd array, really. fix it:
196         $flat_records=array();
197         for ($c=0;$c<$records['count'];$c++) {
198             array_push($flat_records, $records["$c"]); 
199         }
200         // free mem -- is there a leak? 
201         $records=0; $ldap_result=0;
203         if (count($flat_records)) {
206             foreach($flat_records as $course){
207                 $idnumber = $course{$CFG->enrol_ldap_course_idnumber}[0];
208                 print "== Synching $idnumber\n";
209                 // does the course exist in moodle already? 
210                 $course_obj = false;
211                 $course_obj = $DB->get_record('course', array($this->enrol_localcoursefield=>$idnumber));
212                 if (!is_object($course_obj)) {
213                     // ok, now then let's create it!
214                     print "Creating Course $idnumber...";
215                     $newcourseid = $this->create_course($course, true); // we are skipping fix_course_sortorder()
216                     $course_obj = $DB->get_record('course', array('id'=>$newcourseid));
217                     if (is_object($course_obj)) {
218                         print "OK!\n";
219                     } else {
220                         print "failed\n";
221                     }
222                 }
224                 // enrol&unenrol if required
225                 if($enrol && is_object($course_obj)){
227                     // Get a context object.
228                     $context = get_context_instance(CONTEXT_COURSE, $course_obj->id);
230                     // pull the ldap membership into a nice array
231                     // this is an odd array -- mix of hash and array -- 
232                     $ldapmembers=array();
234                     if(array_key_exists('enrol_ldap_memberattribute_role'.$role->id, $CFG)
235                      && !empty($CFG->{'enrol_ldap_memberattribute_role'.$role->id})
236                      && !empty($course[strtolower($CFG->{'enrol_ldap_memberattribute_role'.$role->id} ) ])){ // may have no membership!
238                         $ldapmembers = $course[strtolower($CFG->{'enrol_ldap_memberattribute_role'.$role->id} )]; 
239                         unset($ldapmembers['count']); // remove oddity ;)
240                     }
241                     
242                     // prune old ldap enrolments
243                     // hopefully they'll fit in the max buffer size for the RDBMS
244                     $sql = '
245                         SELECT enr.userid AS user, 1
246                         FROM {role_assignments} enr
247                         JOIN {user} usr ON usr.id=enr.userid
248                         WHERE enr.roleid = '.$role->id.'
249                          AND enr.contextid = '.$context->id.'
250                          AND enr.enrol = \'ldap\' ';
251                     if (!empty($ldapmembers)) {
252                         list($ldapml, $params) = $DB->get_in_or_equal($ldapmembers, SQL_PARAMS_NAMED, 'm0', false);
253                         $sql .= "AND usr.idnumber $ldapml";
254                     } else {
255                         print ("Empty enrolment for $course_obj->shortname \n");
256                         $params = array();
257                     }
258                     $todelete = $DB->get_records_sql($sql, $params);
259                     if(!empty($todelete)){
260                         foreach ($todelete as $member) {
261                             $member = $member->user;
263                             if (role_unassign($role->id, $member, 0, $context->id, 'ldap')) {
264                                 print "Unassigned $type from $member for course $course_obj->id ($course_obj->shortname)\n";
265                             } else {
266                                 print "Failed to unassign $type from $member for course $course_obj->id ($course_obj->shortname)\n";
267                             }
268                         }
269                     }
270                     
271                     // insert current enrolments 
272                     // bad we can't do INSERT IGNORE with postgres...
273                     foreach ($ldapmembers as $ldapmember) {
274                         $sql = 'SELECT id,1 FROM {user} '
275                                 ." WHERE idnumber=?";
276                         $member = $DB->get_record_sql($sql, array($ldapmember)); 
277 //                        print "sql: $sql \nidnumber = ".$ldapmember." \n".var_dump($member); 
278                         if(empty($member) || empty($member->id)){
279                             print "Could not find user $ldapmember, skipping\n";
280                             continue;
281                         }
282                         $member = $member->id;
283                         if (!$DB->get_record('role_assignments', array('roleid'=>$role->id, 
284                                              'contextid'=>$context->id, 'userid'=>$member, 'enrol'=>'ldap'))){
285                             if (role_assign($role->id, $member, 0, $context->id, 0, 0, 0, 'ldap')){
286                                 print "Assigned role $type to $member ($ldapmember) for course $course_obj->id ($course_obj->shortname)\n";
287                             } else {
288                                 print "Failed to assign role $type to $member ($ldapmember) for course $course_obj->id ($course_obj->shortname)\n";
289                             }
290                         }
291                     }
292                 }
293             }
294         }
295     }
296     
297     // we are done now, a bit of housekeeping
298     fix_course_sortorder();
299     
300     @ldap_close($ldap_connection);
301     return true;
305 /// Overide the get_access_icons() function
306 function get_access_icons($course) {
310 /// Overrise the base config_form() function
311 function config_form($frm) {
312     global $CFG;
314     $this->check_legacy_config();
315     
316     include("$CFG->dirroot/enrol/ldap/config.html");
319 /// Override the base process_config() function
320 function process_config($config) {
321     global $DB;
323     $this->check_legacy_config();
325     if (!isset ($config->enrol_ldap_host_url)) {
326         $config->enrol_ldap_host_url = '';
327     }
328     set_config('enrol_ldap_host_url', $config->enrol_ldap_host_url);
330     if (!isset ($config->enrol_ldap_version)) {
331         $config->enrol_ldap_version = '';
332     }
333     set_config('enrol_ldap_version', $config->enrol_ldap_version);
334     
335     if (!isset ($config->enrol_ldap_bind_dn)) {
336         $config->enrol_ldap_bind_dn = '';
337     }
338     set_config('enrol_ldap_bind_dn', $config->enrol_ldap_bind_dn);
340     if (!isset ($config->enrol_ldap_bind_pw)) {
341         $config->enrol_ldap_bind_pw = '';
342     }
343     set_config('enrol_ldap_bind_pw', $config->enrol_ldap_bind_pw);    
344     
345     if (!isset ($config->enrol_ldap_objectclass)) {
346         $config->enrol_ldap_objectclass = '';
347     }
348     set_config('enrol_ldap_objectclass', $config->enrol_ldap_objectclass);    
349     
350     if (!isset ($config->enrol_ldap_category)) {
351         $config->enrol_ldap_category  = '';
352     }
353     set_config('enrol_ldap_category', $config->enrol_ldap_category);    
354     
355     if (!isset ($config->enrol_ldap_template)) {
356         $config->enrol_ldap_template = '';
357     }
358     set_config('enrol_ldap_template', $config->enrol_ldap_template);    
359     
360     if (!isset ($config->enrol_ldap_course_fullname)) {
361         $config->enrol_ldap_course_fullname = '';
362     }
363     set_config('enrol_ldap_course_fullname', $config->enrol_ldap_course_fullname);    
365     if (!isset ($config->enrol_ldap_course_shortname)) {
366         $config->enrol_ldap_course_shortname = '';
367     }
368     set_config('enrol_ldap_course_shortname', $config->enrol_ldap_course_shortname);    
369     
370     if (!isset ($config->enrol_ldap_course_summary)) {
371         $config->enrol_ldap_course_summary = '';
372     }
373     set_config('enrol_ldap_course_summary', $config->enrol_ldap_course_summary);    
374     
375     if (!isset ($config->enrol_ldap_course_idnumber)) {
376         $config->enrol_ldap_course_idnumber = '';
377     }
378     set_config('enrol_ldap_course_idnumber', $config->enrol_ldap_course_idnumber); 
379     
380     if (!isset ($config->enrol_localcoursefield)) {
381         $config->enrol_localcoursefield = '';
382     }
383     set_config('enrol_localcoursefield', $config->enrol_localcoursefield);
384     
385     if (!isset ($config->enrol_ldap_user_memberfield)) {
386         $config->enrol_ldap_user_memberfield = '';
387     }
388     set_config('enrol_ldap_user_memberfield', $config->enrol_ldap_user_memberfield); 
389     
390     if (!isset ($config->enrol_ldap_search_sub)) {
391         $config->enrol_ldap_search_sub = '0';
392     }
393     set_config('enrol_ldap_search_sub', $config->enrol_ldap_search_sub); 
394     
395     if (!isset ($config->enrol_ldap_autocreate)) {
396         $config->enrol_ldap_autocreate = '0';
397     }
398     set_config('enrol_ldap_autocreate', $config->enrol_ldap_autocreate);
400     $roles = get_all_roles();
401     foreach ($roles as $role) {
402         if (!isset($config->{'enrol_ldap_contexts_role'.$role->id})) {
403             $config->{'enrol_ldap_contexts_role'.$role->id} = '';
404         }
405         
406         if (!isset($config->{'enrol_ldap_memberattribute_role'.$role->id})) {
407             $config->{'enrol_ldap_memberattribute_role'.$role->id} = '';
408         }
409         
410         set_config('enrol_ldap_contexts_role'.$role->id, $config->{'enrol_ldap_contexts_role'.$role->id});
411         set_config('enrol_ldap_memberattribute_role'.$role->id, $config->{'enrol_ldap_memberattribute_role'.$role->id});
412     }
414     return true;
417 function enrol_ldap_connect(){
418 /// connects to ldap-server
419     global $CFG;
421     $result = ldap_connect($CFG->enrol_ldap_host_url);
423     if ($result) {
424         if (!empty($CFG->enrol_ldap_version)) {
425             ldap_set_option($result, LDAP_OPT_PROTOCOL_VERSION, $CFG->enrol_ldap_version);
426         }
428         if (!empty($CFG->enrol_ldap_bind_dn)) {
429             $bind = ldap_bind( $result,
430                                  $CFG->enrol_ldap_bind_dn, 
431                                  $CFG->enrol_ldap_bind_pw );
432             if (!$bind) {
433                 notify("Error in binding to LDAP server");
434                 trigger_error("Error in binding to LDAP server $!");
435             }
437         }
438         return $result;
439     } else {
440         notify("LDAP-module cannot connect to server: $CFG->enrol_ldap_host_url");
441         return false;
442     }
445 function enrol_ldap_bind($ldap_connection){
446 /// makes bind to ldap for searching users
447 /// uses ldap_bind_dn or anonymous bind
449     global $CFG;
451     if ( ! empty($CFG->enrol_ldap_bind_dn) ){
452         //bind with search-user
453         if (!ldap_bind($ldap_connection, $CFG->enrol_ldap_bind_dn,$CFG->enrol_ldap_bind_pw)){
454             notify("Error: could not bind ldap with ldap_bind_dn/pw");
455             return false;
456         }
458     } else {
459         //bind anonymously 
460         if ( !ldap_bind($ldap_connection)){
461             notify("Error: could not bind ldap anonymously");
462             return false;
463         }  
464     }
466     return true;
469 function find_ext_enrolments ($ldap_connection, $memberuid, $role){
470 /// role is a record from the mdl_role table
471 /// return multidimentional array array with of courses (at least dn and idnumber)
472 /// 
474     global $CFG;
476     if(empty($memberuid)) { // No "idnumber" stored for this user, so no LDAP enrolments
477         return array();
478     } 
480     //default return value
481     $courses = array();
482     $this->enrol_ldap_bind($ldap_connection);
484     //get all contexts and look for first matching user
485     $ldap_contexts = explode(";",$CFG->{'enrol_ldap_contexts_role'.$role->id});
487     // get all the fields we will want for the potential course creation
488     // as they are light. don't get membership -- potentially a lot of data. 
489     $ldap_fields_wanted = array( 'dn', $CFG->enrol_ldap_course_idnumber);
490     if (!empty($CFG->enrol_ldap_course_fullname)){
491         array_push($ldap_fields_wanted, $CFG->enrol_ldap_course_fullname);
492     }
493     if (!empty($CFG->enrol_ldap_course_shortname)){
494         array_push($ldap_fields_wanted, $CFG->enrol_ldap_course_shortname);
495     }
496     if (!empty($CFG->enrol_ldap_course_summary)){
497         array_push($ldap_fields_wanted, $CFG->enrol_ldap_course_summary);
498     }
500     // define the search pattern
501     $ldap_search_pattern = "(".$CFG->{'enrol_ldap_memberattribute_role'.$role->id}."=".$memberuid.")";
502     if (!empty($CFG->enrol_ldap_objectclass)){ 
503         $ldap_search_pattern='(&(objectclass='.$CFG->enrol_ldap_objectclass.')'.$ldap_search_pattern.')';
504     }
506     foreach ($ldap_contexts as $context) {
507         $context == trim($context);
508         if (empty($context)) {
509             continue; // next;
510         }
511         
512         if ($CFG->enrol_ldap_search_sub){
513             //use ldap_search to find first user from subtree
514             $ldap_result = ldap_search($ldap_connection, 
515                                         $context, 
516                                         $ldap_search_pattern,
517                                         $ldap_fields_wanted);
519         } else {
520             //search only in this context
521             $ldap_result = ldap_list($ldap_connection, 
522                                         $context, 
523                                         $ldap_search_pattern,
524                                         $ldap_fields_wanted);
525         }
526  
527         // check and push results
528         $records = ldap_get_entries($ldap_connection,$ldap_result);        
530         // ldap libraries return an odd array, really. fix it:
531         $flat_records=array();
532         for ($c=0;$c<$records['count'];$c++) {
533             array_push($flat_records, $records["$c"]); 
534         }
535         
536         if (count($flat_records)) {
537             $courses = array_merge($courses, $flat_records);
538         }
539     }
541     return $courses;
544 // will create the moodle course from the template
545 // course_ext is an array as obtained from ldap -- flattened somewhat
546 // NOTE: if you pass true for $skip_fix_course_sortorder 
547 // you will want to call fix_course_sortorder() after your are done
548 // with course creation
549 function create_course ($course_ext,$skip_fix_course_sortorder=0){
550     global $CFG, $DB;
552     // override defaults with template course
553     if (!empty($CFG->enrol_ldap_template)){
554         $course = $DB->get_record("course", array('shortname'=>$CFG->enrol_ldap_template));
555         unset($course->id); // so we are clear to reinsert the record
556         unset($course->sortorder);
557     } else {
558         // set defaults
559         $course = new object();
560         $course->format = 'topics';
561     }
563     // override with required ext data
564     $course->idnumber  = $course_ext[$CFG->enrol_ldap_course_idnumber][0];
565     $course->fullname  = $course_ext[$CFG->enrol_ldap_course_fullname][0];
566     $course->shortname = $course_ext[$CFG->enrol_ldap_course_shortname][0];
567     if (   empty($course->idnumber)
568         || empty($course->fullname)
569         || empty($course->shortname) ) { 
570         // we are in trouble!
571         error_log("Cannot create course: missing required data from the LDAP record!");
572          error_log(var_export($course, true));
573         return false;
574     }
576     $course->summary = empty($CFG->enrol_ldap_course_summary) || empty($course_ext[$CFG->enrol_ldap_course_summary][0])
577         ? ''
578         : $course_ext[$CFG->enrol_ldap_course_summary][0];
580     $category = get_course_category($CFG->enrol_db_category);
582     // put at the end of category
583     $course->sortorder = $category->sortorder + MAX_COURSES_IN_CATEGORY - 1;
585     // override with local data
586     $course->startdate = time();
587     $course->timecreated = time();
588     $course->visible     = 1;
590     // store it and log
591     if ($newcourseid = $DB->insert_record("course", $course)) {  // Set up new course
592         $section = new object();
593         $section->course  = $newcourseid;   // Create a default section.
594         $section->section = 0;
595         $section->id = $DB->insert_record("course_sections", $section);
596         $page = page_create_object(PAGE_COURSE_VIEW, $newcourseid);
597         blocks_repopulate_page($page); // Return value no
599         if (!$skip_fix_course_sortorder){ 
600             fix_course_sortorder(); 
601         }
602         add_to_log($newcourseid, "course", "new", "view.php?id=$newcourseid", "enrol/ldap auto-creation");
603     } else {
604         error_log("Could not create new course from LDAP from DN:" . $course_ext['dn']);
605         notify("Serious Error! Could not create the new course!");
606         return false;
607     }
608     
609     return $newcourseid;
612 /**
613  * This function checks for the presence of old 'legacy' config settings.  If
614  * they exist, it corrects them.
615  *
616  * @uses $CFG
617  */
618 function check_legacy_config () {
619     global $CFG, $DB;
621     if (isset($CFG->enrol_ldap_student_contexts)) {
622         if ($student_role = $DB->get_record('role', array('shortname'=>'student'))) {
623             set_config('enrol_ldap_contexts_role'.$student_role->id, $CFG->enrol_ldap_student_contexts);
624         }
626         unset_config('enrol_ldap_student_contexts');
627     }
629     if (isset($CFG->enrol_ldap_student_memberattribute)) {
630         if (isset($student_role)
631          or $student_role = $DB->get_record('role', array('shortname'=>'student'))) {
632             set_config('enrol_ldap_memberattribute_role'.$student_role->id, $CFG->enrol_ldap_student_memberattribute);
633         }
635         unset_config('enrol_ldap_student_memberattribute');
636     }
638     if (isset($CFG->enrol_ldap_teacher_contexts)) {
639         if ($teacher_role = $DB->get_record('role', array('shortname'=>'teacher'))) {
640             set_config('enrol_ldap_contexts_role'.$teacher_role->id, $CFG->enrol_ldap_student_contexts);
641         }
643         unset_config('enrol_ldap_teacher_contexts');
644     }
645     
646     if (isset($CFG->enrol_ldap_teacher_memberattribute)) {
647         if (isset($teacher_role)
648          or $teacher_role = $DB->get_record('role', array('shortname'=>'teacher'))) {
649             set_config('enrol_ldap_memberattribute_role'.$teacher_role->id, $CFG->enrol_ldap_teacher_memberattribute);
650         }
652         unset_config('enrol_ldap_teacher_memberattribute');
653     }
656 } // end of class
658 ?>