Other similar columns config.value and config_plugins.value are TEXT, so
it is surprising that this column is different, and that has lead to
bugs in the past, so we should make it consistent.
Some email body strings use first names as greetings,
some use full names, and some do not.
Using the first name for greeting makes it consistent and
a bit more "personal".
The Open ID Connect plugin uses null for the password,
which makes the internal password update fail to proceed.
Allowing null resolved the problem.
As a note, there is a potential issue if the authentication method has
a false return for the prevent_local_password because it will trigger
the hash_internal_user_password() where the $password can not be null.
Since this only addresses the oauth2 issue, we should ignore it.
Per the previous commit, default homepage configuration (set either
for the site or as a user preference) can now be extended by third
party hook callbacks, in which case a URL is stored.
Duplicate data provider keys were overwriting and/or duplicating
one another, leading to some cases being skipped.
Other "duplicate array key" errors were picked up by `phpcs` in
this dragnet across all tests, which have also been fixed.
While this change is not 100% required now, it's good habit
and we are checking for it since Moodle 4.4.
All the changes in this commit have been applied automatically
using the moodle.PHPUnit.TestReturnType sniff and are, exclusively
adding the ": void" return types when missing.
PHPUnit 9.6 has deprecated all the expect(Deprecation|Notice|Warning|Error)
assertions, so we have to move away from them.
In core, we only had 2 cases, one easily fixed by getting rid of it,
because, for php >= 80 it's an assert-able exception.
And the other replaced with code that, temporarily, sets a custom
error handler that converts any specified E_ to an asset-able
exception.
Note that tests playing with error handlers should, always, be
run in separate process, to avoid problems or conflicts with
PHPUnit / Moodle own error handlers.
To be integrated as part of MDL-81266
When running PHPUnit 9.6 we get the following deprecation warnings:
"assertObjectNotHasAttribute() is deprecated and will be removed in PHPUnit
10. Refactor your test to use assertObjectNotHasProperty() instead."
So we replace all instances of assertObjectNotHasAttribute with
assertObjectNotHasProperty.
PHPUnit justifies the change with:
> PHPUnit currently refers to "fields" (see above) as "attributes". This
> is (or will become) confusing considering the introduction of
> attributes in PHP 8 and their support in PHPUnit. PHPUnit will be
> changed to use the term "property" instead of "attribute" where "field"
> is meant.
Signed-off-by: Daniel Ziegenberg <daniel@ziegenberg.at>
This is a Moodle version of a proposed function `array_keys_filter`.
Since this method has not yet been created in upstream PHP, I have
elected to name it with a Moodle prefix as the signature is not known.
In the future, if and when this method is created, we can replace its
content with new method and deprecate it.
1. Modified the password related forms
2. Added a new constant in moodlelib.php called MAX_PASSWORD_CHARACTERS
3. Added a new method in moodlelib.php called exeeds_password_length
4. Updated the upgrade.text
Add a pepper to the users supplied password.
The pepper is stored in CFG and user to add extra security to
the password hash. By effectively breaking the information to
create the hashed password into two and storing it in more
than one place.
* Add parameter to drop zero time units. So a time interval like
"3d 0h 0s" will be returned as "3d" only.
* Add parameter to display full format for time units. E.g. Instead of
"3d 2h", it will be returned as "3 days 2 hours"
* Deprecate unused dateintervaldayshoursmins langconfig string.
Replace the bcrypt password hashing algorithm with SHA-512.
Existing bcrypt hashes will be updated to SHA-512 when a user
logs in next. Support for old md5 hashes has been removed.
Any reamining md5 hashes are replaced with SHA-512 hashes
from strong random passwords.
Since PHP 7.0 the random_bytes() is nativley available and Moodle
LMS requires greater than PHP 7, the native PHP funciton can be
used exclusively. Deprecating random_bytes_emulate.
Show performance information about locks (time taken to acquire lock,
time lock is held for) in the 'perfinfo' display.
Also show existing information (that was already calculated but not
shown before) about the session lock, which is not a 'core\lock' type
lock, but the information is similarly useful.
Applied the following changes to various testcase classes:
- Namespaced with component[\level2-API]
- Moved to level2-API subdirectory when required.
- Fixed incorrect use statements with leading backslash.
- Remove file phpdoc block
- Remove MOODLE_INTERNAL if not needed.
- Changed code to point to global scope when needed.
- Fix some relative paths and comments here and there.
- All them passing individually.
- Complete runs passing too.
Special mention to:
- In lib/tests/blocklib_test.php 2 helper classes have been
moved to tests/fixtures, because they needed to be namespace-free.