Updating user's Authentication Method

Do we think that switching to an auth method to one in a different institution should enrol that user in the institution. I think this would be a better approach so that you can hit two birds with one stone if you are just wanting to move one user (otherwise you would have to first add the user to the institution, then change the method).

Also, if we hide methods from other institutions, the admin might not know why they are not there.

This still looks to be an issue: I can assign an auth method to a user that shouldn't be allowed it.

Eg. I have 2 institutions
- Institution A has internal auth only
- Institution B has internal auth and xmlrpc

A can have a user only in Institution A being allowed to have it's auth set to xmlrpc

There either needs to be a check to stop invalid auth options being assigned to a user or implement Hugh's idea that assigning a user with the auth also assigns them to the institution.

The easier (and more sane from UI perspective) would be to alert admin that they are trying to assign an invalid auth type with a message something like:
 "you are trying to assign auth type to user from Institution X, which they do not belong to"

I believe this affects site admins only. However, if a user has an auth method from a different institution, the institution admin can't administer them as far as I know, which is a problem.

Patch for "master" branch: https://reviews.mahara.org/8528

Patch for "master" branch: https://reviews.mahara.org/8836

Bug description: Disable auth for institutions a user is not in
--------------------------------------------------------------
Environment tested: Master
Browser tested: Chrome

-------------------------------------
Manual Test Script
-------------------------------------

Preconditions:

1. The following Institutions exist
--a. Institution 1
--b. Institution 2
--c. Institution 3
2. UserA exists and is a member of Institution 1
3. UserB exists and is a member of Institution 1 and 2

Test Script: Admin edit user Account Method 1

1. Site admin logs in
2. Browse to Admin menu > Users > User search
3. Click on student UserA name that is in Institution 1
4. Click on the Account settings tab at the top of the page
5. Scroll down to "Authentication method" drop down field
6. Confirm that the selections are No Institution and Institution 1 ✔
7. Browse back to Admin menu > Users > User search
8. Click on student UserB name that is in Institution 1
9. Click on the Account settings tab at the top of the page
10. Scroll down to "Authentication method" drop down field
11. Confirm that the selections are No Institution, Institution 1 and Institution 2 ✔

Test Script: Admin edit user Account Method 2

1. Site admin logs in
2. Browse to Admin menu > Users > User search
3. Select the check box to the left of UserA name
4. Click Edit selected users button (bottom of table)
5. Click the Change authentication method link/tab at the top of the page
6. Confirm that the selections available in the drop down field are No Institution and Institution 1 ✘

Actual result: Institution 1, 2, 3 and no Institution selection options are displayed

Expected result: only display the institutions that the user is associated with

Reviewed: https://reviews.mahara.org/8528
Committed: https://git.mahara.org/mahara/mahara/commit/de3e355d5c8307d16cf20b60e8a089bd9a045f75
Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit de3e355d5c8307d16cf20b60e8a089bd9a045f75
Author: Rebecca Blundell <email address hidden>
Date: Mon Feb 19 10:58:05 2018 +1300

Bug 568804: Disable auth for inst a user is not in

behatnotneeded

Change-Id: Ie69d2e9c91280c894bd67363c39301833cdb3ed2