diff --git a/ldap_user/config/schema/ldap_user.schema.yml b/ldap_user/config/schema/ldap_user.schema.yml index 56247b6..51bf5e5 100644 --- a/ldap_user/config/schema/ldap_user.schema.yml +++ b/ldap_user/config/schema/ldap_user.schema.yml @@ -35,6 +35,9 @@ ldap_user.settings: acctCreation: label: 'Application of Drupal account settings to LDAP authenticated users' type: string + disableAdminPasswordField: + label: 'Disable the password field and auto-generate the password.' + type: boolean userUpdateCronQuery: label: 'The LDAP query to use for fetching and updating users periodically.' type: string diff --git a/ldap_user/ldap_user.module b/ldap_user/ldap_user.module index df5d2ab..83b5ae1 100644 --- a/ldap_user/ldap_user.module +++ b/ldap_user/ldap_user.module @@ -240,6 +240,15 @@ function ldap_user_form_user_register_form_alter(&$form, $form_state) { return; } + if (\Drupal::config('ldap_user.settings')->get('disableAdminPasswordField') == TRUE) { + $form['account']['pass']['#type'] = 'value'; + $form['account']['pass']['#value'] = user_password(40); + $form['account']['pass_disabled']['#type'] = 'fieldset'; + $form['account']['pass_disabled']['#title'] = t('Password'); + $form['account']['pass_disabled'][]['#markup'] = t('LDAP has disabled the password field and generated a random password.'); + } + + $form['ldap_user_fields']['#type'] = 'fieldset'; $form['ldap_user_fields']['#title'] = t('LDAP Options'); $form['ldap_user_fields']['#description'] = t('By enabling options in the LDAP user configuration, you can allow the creation of LDAP accounts and define the conflict resolution for associated accounts.'); diff --git a/ldap_user/src/Form/LdapUserAdminForm.php b/ldap_user/src/Form/LdapUserAdminForm.php index 99cabff..f899746 100644 --- a/ldap_user/src/Form/LdapUserAdminForm.php +++ b/ldap_user/src/Form/LdapUserAdminForm.php @@ -175,12 +175,11 @@ class LdapUserAdminForm extends ConfigFormBase implements LdapUserAttributesInte ], ]; - $account_options = []; - $account_options['ldap_user_orphan_do_not_check'] = $this->t('Do not check for orphaned Drupal accounts.'); - $account_options['ldap_user_orphan_email'] = $this->t('Perform no action, but email list of orphaned accounts. (All the other options will send email summaries also.)'); - foreach (user_cancel_methods()['#options'] as $option_name => $option_title) { - $account_options[$option_name] = $option_title; - } + $form['basic_to_drupal']['disableAdminPasswordField'] = [ + '#type' => 'checkbox', + '#title' => t('Disable the password fields at /admin/create/people and generate a random password.'), + '#default_value' => $config->get('disableAdminPasswordField'), + ]; $form['basic_to_drupal']['userUpdateMechanism'] = [ '#type' => 'fieldset', @@ -242,6 +241,13 @@ class LdapUserAdminForm extends ConfigFormBase implements LdapUserAttributesInte '#description' => $this->t('Warning: Use this feature at your own risk!'), ]; + $account_options = []; + $account_options['ldap_user_orphan_do_not_check'] = $this->t('Do not check for orphaned Drupal accounts.'); + $account_options['ldap_user_orphan_email'] = $this->t('Perform no action, but email list of orphaned accounts. (All the other options will send email summaries also.)'); + foreach (user_cancel_methods()['#options'] as $option_name => $option_title) { + $account_options[$option_name] = $option_title; + } + $form['basic_to_drupal']['orphanedAccounts']['orphanedDrupalAcctBehavior'] = [ '#type' => 'radios', '#title' => $this->t('Action to perform on Drupal accounts that no longer have corresponding LDAP entries'), @@ -623,6 +629,7 @@ class LdapUserAdminForm extends ConfigFormBase implements LdapUserAttributesInte ->set('userConflictResolve', $form_state->getValue('userConflictResolve')) ->set('manualAccountConflict', $form_state->getValue('manualAccountConflict')) ->set('acctCreation', $form_state->getValue('acctCreation')) + ->set('disableAdminPasswordField', $form_state->getValue('disableAdminPasswordField')) ->set('ldapUserSyncMappings', $processedSyncMappings) ->save(); $form_state->getValues();