Commit Graph

1317 Commits

Author SHA1 Message Date
Sara Arjona 1520ae2cbd Merge branch 'MDL-69308_311' of https://github.com/stronk7/moodle into MOODLE_311_STABLE 2021-01-14 12:03:36 +01:00
Eloy Lafuente (stronk7) 5aed7f4217 MDL-69308 upgrade: remove all the < 3.6.0 upgrade steps
This just deletes all the upgrade steps previous to 3.6.0. Some
small adjustments, like tweaking globals can also be applied
when needed.

Also includes an upgrade step to prevent upgrading from any
version < 2018120300 (v3.6.0) as anti-cheating measure.

Note that in this case, there wasn't any case of upgradelib
functions being used, hence we haven't to deprecate/remove
anything in codebase. When there is such a need, that is done
in separate commits (one for each function) and documented here.

See MDL-65809 commits for an example removing/deprecating a
good number of functions.
2021-01-13 19:28:39 +01:00
Mihail Geshoski 19e4e865ac MDL-68486 auth_shibboleth: Reset convert_data if it uses dataroot file
Upgrade step that resets the 'Data modification API' (convert_data)
setting to its default value if this setting is currently configured
to use a file located within the $CFG->dataroot directory.
2021-01-13 12:34:45 +08:00
Mihail Geshoski 2116878465 MDL-68486 auth_shibboleth: Prevent using dataroot files in convert_data
Prevents configuring the 'Data modification API' (convert_data) setting
to use files located within the $CFG->dataroot directory as it exposes
the site to security risks.
2021-01-13 12:34:45 +08:00
Marina Glancy fe9a2acbcc MDL-70242 auth_oauth2: set page context and url 2020-11-26 12:51:53 +01:00
Jun Pataleta 4b0988f014 Merge branch 'MDL-68349-310' of git://github.com/marinaglancy/moodle into MOODLE_310_STABLE 2020-11-10 10:14:37 +08:00
Eloy Lafuente (stronk7) 4aa83d92bf MDL-70146 upgrade: add 3.10.0 separation line to all upgrade scripts 2020-11-07 23:26:09 +01:00
Eloy Lafuente (stronk7) b0a1b4ce8b MDL-70089 versions: bump all versions and requires near release
version = 2020110900 release version
requires= 2020110300 current beta+ (week6roll1) version

Note that, because we are under parallel development period,
this is being done in the branch that is going to be released
(MOODLE_310_STABLE already existing) for Moodle 3.10.0 and
not in master, that is the one getting the bump under normal
(non-parallel) periods.
2020-11-03 19:34:52 +01:00
Marina Glancy 937c7eeef1 MDL-68349 auth_db: user_created event should be triggered later 2020-10-30 14:21:06 +01:00
Eloy Lafuente (stronk7) 46606b3ddd MDL-67673 phpunit: Remove deprecated assertEquals() params
The optional parameters of assertEquals() and assertNotEquals()
are deprecated in PHPUnit 8 (to be removed in PHPUnit 9):

- delta => use assertEqualsWithDelta()
- canonicalize => use assertEqualsCanonicalizing()
- ignoreCase => use assertEqualsIgnoringCase
- maxDepth => removed without replacement.

More info @ https://github.com/sebastianbergmann/phpunit/issues/3341

Initial search done with:

ag 'assert(Not)?Equals\(.*,.*,' --php

Then, running tests and fixing remaining cases.
2020-10-21 12:46:05 +02:00
Eloy Lafuente (stronk7) 35bc26b516 MDL-67673 phpunit: Remove deprecated assertContains() uses on strings
Both assertContains() and assertNotContains() are deprecated in PHPUnit 8
for operations on strings. Also the optional case parameter is. All uses
must be changed to one of:

- assertStringContainsString()
- assertStringContainsStringIgnoringCase()
- assertStringNotContainsString()
- assertStringNotContainsStringIgnoringCase()

More info: https://github.com/sebastianbergmann/phpunit/issues/3422

Regexp to find all uses:

ag 'assert(Not)?Contains\('
2020-10-21 12:46:05 +02:00
Eloy Lafuente (stronk7) d81a94807b MDL-67673 phpunit: Fix the return type of template methods
All the setup/teardown/pre/post/conditions template methods
now are required to return void. This was warned with phpunit 7
and now is enforced.

At the same time, fix a few wrong function names,
provider data and param types, return statements...
2020-10-21 12:46:04 +02:00
Dani Palou e16b858ff9 MDL-68098 ws: Add unit tests to test mathjax in WS 2020-09-23 12:08:52 +02:00
Dani Palou f4bdb898c7 MDL-68098 ws: Fix WebServices broken by filters HTML 2020-09-23 12:08:40 +02:00
Sara Arjona c83543095a Merge branch 'MDL-69521_310' of https://github.com/stronk7/moodle into MOODLE_310_STABLE 2020-09-09 08:08:29 +02:00
Eloy Lafuente (stronk7) 8452418666 MDL-69521 core: Move all comments in code from 4.1 to 3.11 2020-09-08 19:01:36 +02:00
Eloy Lafuente (stronk7) 5ba67416e6 Merge branch 'MDL-69510-310' of https://github.com/snake/moodle into MOODLE_310_STABLE 2020-09-08 15:28:33 +02:00
Paul Holden 95e0ff974c MDL-69492 auth_ldap: normalise member distinguished name config. 2020-09-04 08:25:58 +01:00
Paul Holden db361e09e7 MDL-69492 auth_cas: normalise member distinguished name config. 2020-09-04 08:25:58 +01:00
Andrew Nicols f558127d0e MDL-69391 behat: Grammar correction in feature 2020-09-03 11:35:08 +08:00
Andrew Nicols fc1d22ea70 Merge branch 'MDL-69391-310' of git://github.com/junpataleta/moodle into MOODLE_310_STABLE 2020-09-03 11:35:04 +08:00
Jun Pataleta fe346f0afb MDL-69391 auth: Colour contrast accessibility test for login page 2020-09-03 11:11:29 +08:00
Jake Dallimore b96e85feac MDL-69510 admin: make ldap configuration warnings clear 2020-09-03 10:26:00 +08:00
Farhan Karmali d179137f1b MDL-67419 admin: New admin setting for lang during user creation 2020-09-02 08:54:47 +08:00
Jun Pataleta db8fea04f5 MDL-69389 auth: Add wcag141 test for the login page accessibility test 2020-08-26 11:05:27 +08:00
Eloy Lafuente (stronk7) e010b2e75c MDL-69271 auth_ldap: Don't assume any ordering, just verify matches
Both ldap or the DB can return information in a non-consistent
ordering leading to events to be generated in different order.

And current tests are, right now, assuming a given order.

Note this is a rare random, but it's happening, so better
fix it, see the issue for some more details.

So we just do the tests ordering immune, verifying that all the
expected events have been triggered and done. Irrespectively of their order.
2020-08-20 07:35:59 +08:00
Leon Stringer c66bf80bd8 MDL-65847 auth_db: user_update() handle errors
The external database authentication plugin (auth_db) can update the
external database if mapped fields are set to Update external: On
update.  This change adds error handling in case this update fails.
2020-08-19 00:36:21 +02:00
Andrew Nicols 39a736ef9a MDL-67687 behat: Login page accessibility ensurance 2020-08-05 07:41:45 +08:00
Andrew Nicols b284293402 MDL-69138 behat: Update session->visit() to use visit step 2020-07-22 16:43:08 +08:00
Mihail Geshoski ecf15a63b4 MDL-60827 oauth2: Consider requireconfirmation setting on login 2020-07-06 10:04:42 +08:00
Eloy Lafuente (stronk7) b764343e5a MDL-69044 upgrade: add 3.9.0 separation line to all upgrade scripts 2020-06-14 13:08:09 +02:00
Eloy Lafuente (stronk7) 115cc0214f MDL-68973 versions: bump all versions and requires near release
version = 2020061500 release version
requires= 2020060900 current rc1 (week7roll1) version
2020-06-09 16:23:09 +02:00
Mathew May a2fc851738 MDL-68244 auth_email: Update unit test, remove hard assertion 2020-05-25 16:37:49 +08:00
Brendan Heywood d71752df93 MDL-67818 auth_none: Moved to improved Check API
AMOS BEGIN
 MOV [check_noauth_details,auth_none],[checknoauthdetails,auth_none]
 MOV [check_noauth_error,auth_none],[checknoautherror,auth_none]
 MOV [check_noauth_name,auth_none],[checknoauthname,auth_none]
 MOV [check_noauth_ok,auth_none],[checknoauthok,auth_none]
AMOS END
2020-04-06 22:08:33 +10:00
Brendan Heywood 00c2153be1 MDL-67818 check: Added Check API and refactored security checks
AMOS BEGIN
 MOV [check_noauth_details,report_security],[check_noauth_details,auth_none]
 MOV [check_noauth_error,report_security],[check_noauth_error,auth_none]
 MOV [check_noauth_name,report_security],[check_noauth_name,auth_none]
 MOV [check_noauth_ok,report_security],[check_noauth_ok,auth_none]
AMOS END
2020-04-06 12:28:37 +10:00
Dani Palou 5a56d34063 MDL-67641 auth: Fix shortname type in get_signup_settings WS 2020-03-04 08:11:11 +01:00
Paul Holden 1e89b1d686 MDL-59303 auth_shibboleth: consistent readme URL. 2020-02-07 14:25:15 +00:00
Eloy Lafuente (stronk7) 49d1ce3ac2 MDL-67118 auth_ldap: add pagesize/subcontexts test provider
With that provider we'll be explicitly covering that any
pagesize and subcontexts search is returning results consistently
so the internal paging/servercontrols work as expected.
2020-01-16 19:16:14 +01:00
Eloy Lafuente (stronk7) 988f9bf5b5 MDL-67118 auth_ldap: paged results functions deprecated php74 and up
Starting with php74 the following functions are deprecated:
- ldap_control_paged_result()
- ldap_control_paged_result_response()

Starting with php73, ldap servercontrols were included. One of those
servercontrols, LDAP_CONTROL_PAGEDRESULTS, is the one in charge of
controlling paged results.

So, we are going to add some conditional code here:

1) if php < 7.3, use old paged result functions.
2) if php >= 7.3, switch to LDAP_CONTROL_PAGEDRESULTS servercontrol.

With a TODO about removing 1) in Moodle 4.1, once php73 becomes required.
2020-01-16 19:16:14 +01:00
Andrew Nicols 48dffcb9e1 Merge branch 'MDL-67382-master' of git://github.com/vmdef/moodle 2020-01-13 12:59:28 +08:00
Sara Arjona a26cfe71d3 MDL-65809 upgrade: clean < 3.5.0 upgrade steps
This just deletes all the upgrade steps previous to 3.5.0. Some
small adjustments, like tweaking globals can also be applied
when needed.

Also includes an upgrade step to prevent upgrading from any
version < 2018051700 (v3.5.0) as anti-cheating measure.

Previous commits have removed/deprecated all the upgradelib functions
not used anymore in codebase. Deletion has been documented in corresponding
upgrade.txt files:

- upgrade_fix_block_instance_configuration()
- upgrade_theme_is_from_family(), upgrade_find_theme_location()
and linkcoursesectionsupgradescriptwasrun setting
- upgrade_block_positions
- upgrade_fix_config_auth_plugin_names()
 and upgrade_fix_config_auth_plugin_defaults()
- format_xxx_upgrade_remove_numsections(), format_xxx_upgrade_hide_extra_sections()
and format_xxx_upgrade_add_empty_sections()
- filter_mathjaxloader_upgrade_cdn_cloudflare()
and filter_mathjaxloader_upgrade_mathjaxconfig_equal()
- get_assignments_with_rescaled_null_grades()

These have been kept because continue being used by restore:

- \core\task\refresh_mod_calendar_events_task
2019-12-20 12:20:43 +01:00
Sara Arjona 089e918033 MDL-65809 upgrade: remove upgrade_fix_config_auth_plugin_names
These functions were used only by deleted upgrade steps
so it's safe to proceed with straight deletion, considering
them internal. Deletion has been documented in corresponding
upgrade.txt files:

- upgrade_fix_config_auth_plugin_names()
- upgrade_fix_config_auth_plugin_defaults()
2019-12-20 12:20:43 +01:00
Víctor Déniz Falcón 1cfbaab373 MDL-67382 auth_cas: update phpCAS to 1.3.8 2019-12-13 12:34:06 +00:00
Eloy Lafuente (stronk7) 492d047d11 MDL-67284 upgrade: add 3.8.0 separation line to all upgrade scripts 2019-11-17 11:40:19 +01:00
Eloy Lafuente (stronk7) d5be859063 MDL-67199 versions: bump all versions and requires near release
version = 2019111800 release version
requires= 2019111200 current beta (week7roll1) version
2019-11-12 17:57:08 +01:00
Jun Pataleta c4e1c9d167 MDL-66598 auth_oauth2: OAuth2 upgrade step
This basically does two things:
1. Updates all non-Facebook/Google/Microsoft issuers and sets their
'requireconfirmation' field to 1 so that future OAuth2 logins on these
issuers will always have an email confirmation sent to them.
2. Deletes the linked logins of users with non-Facebook/Google/Microsoft
OAuth2 issuers.
2019-11-07 18:42:07 +08:00
Jun Pataleta 8a3316bd9b MDL-66598 auth_oauth2: Add warning messages in confirm emails 2019-11-07 18:42:07 +08:00
Johan Dobbelstein 5b39bf184d MDL-66582 auth: Fix empty auth_logo in CAS/Shibboleth auth plugins
* set $idp['iconurl'] = null if no auth_logo
* lib/templates/loginform.mustache will skip NULL iconurls
* lib/ajax/service?info=tool_mobile_get_public_config will validate the NULL values
2019-10-31 12:03:39 +01:00
Tim Hunt 9bcc357107 MDL-66335 behat: new step to log in and go straight to a particular page
I did not think thought through if this new URL parameter would be a
potential security hole. The simple cop-out option is to make it only
work on Behat sites for now.
2019-10-14 11:21:22 +01:00
Mark Johnson f3c9599e1f MDL-65335 auth: Make oauth2 enabled check more efficient 2019-09-20 08:54:40 +01:00