Without this, people can craft URLs that other users might use not realising
what they do - and as a XSS vulnerability, it could do any number of things the
clicking-user has access to do on the site.
Change-Id: I82adc71e8706d8929011b4b24523d5b62b8ccea1
* The button to "Add group/grouping access restriction" under
common module settings should only be present if corresponding
availability plugins are enabled; and
* Prevent the same button behaving as a submit button, which
intercepted the user hitting return in the form and added a
restriction without deliberate action taken by the user.
This isn't really a deprecations where something is replaced
by another and all uses must adapt to. Instead it's just a
fallback functionality that will stop working in Moodle 4.2.
Because of that, I've tried to add TODO/@todo comments to
the places that will need to modified, always pointing to
MDL-71421 that is where the removal will happen.
Also, haven't added any debugging() output, after thinking
a lot about it, because this isn't anything that developers
can be using but a internal implementation detail (a fallback)
that we want to remove in some versions.
1) The GROUP BY statement must include all fields in the SELECT
not being aggregated or constant cols.
2) There was a missing space causing problems to databases
using named parameters.
In order to allow for correct seb:// or sebs:// calls without browser
warnings of insecure links, it is not possible to send a get request
with an attached cmid parameter to the unknown seb:// or sebs://
URL via a form button.
We've got to use a <a href> link outside a form to circumvent
browsers warning of an insecure link and call Safe Exam Browser
correctly.
Table names and database name now enclosed in backticks.
admin/cli/mysql_collation.php failed if $CFG->prefix was blank with
MySQL 8.0 because table 'groups' conflicted with a new reserved word.
Note that this quotes both mysql_collation.php and mysql_compressed_rows.php
but only the former was mal-functioning.
The case of mysql_compressed_rows.php is a little bit special because
not all tables are processed, only those having big rows. And the groups
table is not one of them. In any case, better add the quotes there for
any future case.
Also, when testing this patch https://tracker.moodle.org/browse/MDL-71512
was discovered and will need to be fixed to make core 100% compliant
with MySQL 8.0 and MariaDB 10.6 and up.
Previously missing were the two new properties added in 36bc7b07:
showactivitydates & showcompletionconditions - this change ensures
all properties are requested before exporting courses linked to
competencies.
- The mbstring extension is required since Moodle 3.9 onwards so
the upgrading steps have been removed because they are not
required any more.
- The pull-request for fixing some minor PHP7.4 problems has been
integrated so this patch is not required.
Other tests check behaviour of individual conditions, this tests that
when multiple core and custom conditions are required, each will be
updated as required and not cache until all are completed.
When an automatic completion condition may have had its state change,
we now unset the cached value for the user's completion in the relevant
activity, so up-to-date values are re-fetched and available to students.
The previous behaviour was that custom conditions would remain cached
until the activity reached overall completion.
File and folder names cannot end with dots on Windows. So replace the
trailing dots with underscore consistently with how some other zip tools
(such as 7-zip) handle this case.
Creates a new capability mod/assign:viewownsubmissionsummary which will
be required in order to display the submission summary to the user in
the assignment page.
Allow for conditions that are not set, consistent with other modules.
They will usually always be set in practice, but best to handle it,
which also helps with unit testing.
This adds the requirement for activities supporting custom completion to
specify the order all completion conditions should be displayed for that
activity. It also implements the sorting that takes place.
The quiz module now showa the quiz open and close dates at the top of
the page. So there is no need for the quizaccess_openclosedate plugin to
display these dates in the middle of the page.
The $extradetails parameter in the constructor of the
mod_feedback\output\summary class is no longer used by any of the codes
that instantiate the class. Therefore, it is removed.
The respective template is updated as well.
AMOS BEGIN
CPY [relativedatessubmissionduedateafter,mod_assign],[relativedatessubmissionduedateafter,core_course]
CPY [relativedatessubmissionduedatebefore,mod_assign],[relativedatessubmissionduedatebefore,core_course]
AMOS END
The define_after_data method was looking for a required_param
when it should have been an optional parameter. This was causing
error messages when creating a new datetime field.
Provide page for the reports in the course administration.
The page has a drop down to navigate to different reports.
The navigation is remembered just like the grade reports in
the course.
Signed-off-by: Sujith Haridasan <sujith@moodle.com>
Hidden courses can be used for training
but we do not want to generate insights for them
because students do not have access to hidden courses.
This was fixed in MDL-66806 for "Students at risk" model.
Fixed for "Students who have not accessed the course recently" in this issue.
1. pg_connection_status(false) fails on PHP8 because the argument is not a stream
2. skipeed the unittest that expected that pg_query() does not show an error if the resource is invalid
see also MDL-71482
Instead of using the file title when generating the source attribute,
we should be using only the name of the Google Drive file in order to
avoid having the original extension within the filename after the file
is imported and added into Moodle.
Current test works ok every day of the year but the day of
DST begin changes (last Sunday of March currently).
That day, 01:00 Europe/London simply doesn't exist, because
the time is moved forward by 60 minutes.
Hence the expectation for the next cron execution is not 1 "normal"
day (24h) but 1 less hour.
Note this only happens for the current test on DST begins, the
opposite change (DST ends), happening the last Sunday of October
is not affected, because, at all effects, 01:00 is a perfectly normal
and existing hour.
We update the dates with user/group overrides. The calculation of
the override in the quiz module is different from the assignment
module as the quiz_overrides table des not have a sortorder column.
See quiz_update_effective_access().
We update the dates with user/group overrides. The calculation of
the override in the lesson module is different from the assignment
module as the lesson_overrides table des not have a sortorder column.
See lesson::update_effective_access().
Replicates changes made to notification preferences in e41b3485.
The templates for each are similar enough than one can be used
from the other. Remove redundant styles for previous controls.
* When completion tracking is not enabled for the course, it does not
make sense for the course's showcompletionconditions setting to
be set according to the default value indicated by the
"moodlecourse | showcompletionconditions" admin setting. Setting
showcompletionconditions as enabled when completion tracking is disabled
makes even less sense. So in such a case, we should not be setting a
default value for showcompletionconditions and allow it to be null.
* When the course is edited and completion tracking is enabled, this
also would set the "Show completion conditions" field to default to the
value set in the "moodlecourse | showcompletionconditions" admin
setting.
* *_get_completion_state() callback functions have been deprecated and
should no longer be used. Plugins that define custom completion rules
must implement the mod_[modname]\completion\custom_completion class that
extends the \core_completion\activity_custom_completion base class.
The machinery to fix orphaned calendar events that were broken by MDL-67494.
The solution consists of:
1) Upgrade step that checks if this site has executed the problematic upgrade steps and
if positive, it will schedule a new run for calendar_fix_orphaned_events adhoc task.
2) Adhoc task that will self-spawn calling the recovery machinery, running until
all the orphaned calendar events are fixed. It also sets the maximum runtime of
60 seconds. It is also possible to override that number by specifing the desired
number setting the ->calendareventsmaxseconds in your config.php
3) CLI script that will look for all the calendar events which userids
where broken by a wrong upgrade step, affecting to Moodle 3.9.5
and up.
It performs checks to both:
a) Detect if the site was affected (ran the wrong upgrade step).
b) Look for orphaned calendar events, categorising them as:
- standard: site / category / course / group / user events
- subscription: events created via subscriptions.
- action: normal action events, created to show common important dates.
- override: user and group override events, particular, that some activities support.
- custom: other events, not being any of the above, common or particular.
By specifying it (--fix) try to recover as many broken events (missing userid) as
possible. Standard, subscription, action, override events in core are fully supported but
override or custom events should be fixed by each plugin as far as there isn't any standard
API (plugin-wise) to launch a rebuild of the calendar events.
4) Unit tests and helper functions to generate calendar events. We have decided to
keep the tests simple, testing only true and false and not using data generators because
the code is purely to recover the calendar events and won't turn into an API or something
and also due to the urgency of this issue.
The helpers have been created in calendar/tests/helpers.php since there are no data generators
for calendar.
This commits adds a fallback for plugins which does not have
custom_completion implementation.
For those cases, it will search for {modulename}_get_completion_state
callback in the plugin and call get_overall_completion() method in
cm_completion_details class to get the overall completion state for
a course module and user.
The preferences table did not meet accessibility guidelines regarding
colour contrast between hovered rows and the disabled switch
elements.
Ensure white background is used for all table cells, and replace the
highlighted columns used to differentiate processors with borders.
Before this change a teacher would be able to see users listed if:
* They have an active enrolment and can submit
* They have an an inactive enrolment for a role that can submit
After this change they will additonally be able to see users listed:
* That have an active enrolment and have submitted
* That have an inactive enrolment and have submitted
This means that if an assignment has it's context frozen all users
that have made some form of submission will still be listed.
It will also apply if the submission capability is removed from a
user.
If a user's enrolment is deleted they will not be listed.
The submission and grading counts have also been updated so
they will reflect the new rules.
Before this change if a student visited an assignment that is
frozen they would only see the title and description even if
they had made a submission to it.
After the change they will be able to see the status of their
submission and any feedback and grades they have recived.
It will also make the Moodle app recognise that submission
should not happen because the assignment is frozen.
Tests based on ones created by Andrew Nicols
- some engine error messages changed
- some warning levels changed
- the carriage return symbol randomly appears
- one phpunit assertion fails and not really representative of anything
Create a new profile field type, move all existing content of the fields
'icq', 'skype', 'aim', 'yahoo', 'msn' and 'url' in the mdl_user table to
theses new profile fields if needed.
AMOS BEGIN
MOV [aimid,core],[aimid,courseimage,profilefield_social]
MOV [yahooid,core],[yahooid,profilefield_social]
MOV [skypeid,core],[skypeid,profilefield_social]
MOV [icqnumber,core],[icqnumber,profilefield_social]
MOV [msnid,core],[msnid,profilefield_social]
MOV [webpage,core],[webpage,profilefield_social]
AMOS END
In PHP8.0 using `ksort` was producing incorrect results by sorting
keys differing only in case in the wrong order. This change makes
sorting consistent between PHP versions.
Co-Authored-By: Tim Hunt <T.J.Hunt@open.ac.uk>
Backup the table user_lastaccess which holds data for when a user last accessed a course.
And also restore to the table user_lastaccess from the .xml file created in the backup.
As part of the tests preparations, some backups are created, but
the tests aren't calling to their ->destroy() method at the end.
The destroy() method is needed to go cleaning and unsetting various
objects that, only then, will free resources, like memory, open files...
This isn't critical under Unix OSs... but Windows is really sensible
and keeps all open files locked, so any write operation on them fails.
- Some small namespace/use/MOODLE_INTERNAL/requires reorganization.
- Move file phpdocs to class phpdocs.
- Move external method names to be new "execute" default ones.
- Move unit tests to matching core_grades\external namespace.
- Add missing clean_returnvalue() calls.
This adds a new webservice that creates gradecategories as a batch,
and deprecates the old single creation call, which is superseded.
It also patches a few small issues in the single WS, for any integrations
currently relying on that webservice.
Some recent tests do set a date time element
to ##now## or tomorrow and, immediately after that
the look if, effectively, ##now## and #tomorrow#
have been set (with minutes resolution).
Problem is that, between the field is set and the field
is verified, it can happen that the time advances to
next minute (from H:M:59 to H:M+1:00) and then the
assertion fails.
To avoid this, we could have lowered the resolution to be
hours... but that doesn't solve the problem just makes it
to happen less often.
So, instead of that... we are setting the 2 now and tomorrow
cases to be "today noon" and "tomorrow noon" (12:00:00) so
we ensure they won't be ever in the risk of jumping of minute.
* The activity information output component is still being displayed
even in the case when the activity does not have dates to show and
completion tracking is not enabled.
This also causes a horizontal line to be rendered in activity view pages
below the activity heading which does not serve much purpose when
there's no activity information to be shown.
The activity information output component should only be displayed
if there's completion information to show or if there are activty dates
to show. Otherwise, there's no need to render it.
Even if a prediction is hidden from the report once is flagged,
it can be flagged several times if the user visits detailed view via URL.
We remove the checkbox to select a prediction and flag it
once it has already been flagged.
Some of the pre-existing behat tests were creating content into the
content bank using the generator but the H5P content-type libraries
weren't uploaded.
Since MDL-69331, libraries need to be deployed previously (so fake
H5P content-type won't be displayed if these libraries don't exist).
If a H5P content-type is disabled:
- The content bank won't display existing contents having it as a
main library.
- The content bank won't allow to create new contents using it.
The addition of the activity information moves the h5p content down
out of the window view on Firefox which causes the Check button to be
unclickable. This patch increases the window size to ensure that the
check button is visible and clickable.
Credits to Eloy <stronk7@moodle.org> for the thorough investigation
of the root cause of this issue :)
The form to upload/replace files has been moved to classes/form
(it's where it should have been added when it was created).
Besides, this class has been renamed because now, with the
namespace, contentbank and form don't need to be in the name ;-)
Augment all installed plugin's security helper if there is any.
Plugins function has to be defined as plugintype_pluginname_security_helper in pluginname/lib.php file.
Some errors raised when calling external services were ignored.
Displaying this information helps to debug and find the real reasons
why some action, like connecting to an external backpack, can't be
done.
The scopes parameter should be passed when creating the OAuth2 badges
client. As it is an optional parameter, when it's empty, it will
be initilised with the supported scopes for the backpack issuer.
It will happen, for instance, when a call is done to oauth2callback.php
because, as defined in RFC6749, OAuth2 authorization response only
supports code and state.
Render the activity information output component in the course homepage
only if either completion details or activity dates are to be displayed.
This can help reduce the number of files being included when loading the
course homepage (e.g. the activity information template for each
activity in the course homepage).
Ref: https://php.watch/versions/8.0/final-private-function#final-private
This applies #712 from upstream libraries.
Unrelated: I've also changed a occurrence of "private final"
by the correct (PSR-12) "final private" in the constructor
(the final&private combination is allowed in constructors)
in lib/classes/event/base.php, because it's the unique case
in core and phpcs was really insisting.
* Make sure the activity is visible to the user (cm_info::uservisible)
before showing the activity completion information.
* Add to-do status for overridden automatic completion
* Check the activity dates on the course homepage depending on
the value of the showactivitydates course setting
* Plus use the new Behat steps for checking activity dates
* activity_date_in_activity_should_contain_text()
- Checks the presence of the given text in the activity's date info.
* activity_dates_information_in_activity_should_exist()
- Checks the presence of activity dates information in the activity
information output component.
* activity_dates_information_in_activity_should_not_exist()
- Checks the absence of activity dates information in the activity
information output component.
* activity_completion_condition_displayed_as()
- Shows the status of an automatic completion condition for a given
activity
* activity_should_have_the_completion_condition()
- Checks that the activity displays the given completion condition
* manual_completion_button_displayed_as()
- Shows the status of the manual completion button for a given
activity
* the_manual_completion_button_for_activity_should_be_disabled()
- Checks that the manual completion button for the given activity is
disabled.
* there_should_be_no_completion_for_activity()
- Checks that the activity does not show completion information
* toggle_the_manual_completion_state()
- Toggles the manual completion button's state for a given activity
* overridden_manual_completion_button_displayed_as()
- Checks the manual completion state of an activity.
* overridden_activity_completion_condition_displayed_as()
- Checks if the activity with specified name is maked as complete.
* Add activity name for completion conditions labels. This would give
better information to screen reader users the activity that the list
of automatic completion conditions belong to. This would be useful
especially when the completion conditions are displayed on the course
homepage.
* Add data-region attributes to activity dates and completion
information divs.
* Reorganise activity dates and completion information divs so they
are only rendered when they have data to show.
Deprecate \core_course_renderer::course_section_cm_completion(). It is
not being used anymore and is being replaced by
\core_renderer::activity_information().
When an activity has manual completion tracking, pressing the manual
completion checkbox reloads the page after toggling the completion
state when the activity is linked to availability conditions.
The "Mark as done" button needs to mimic this behaviour as well.
The approach being taken here is to add a core_course/view JS module
for the course homepage which listens for the manualCompletionToggled
event and reloads the page when the activity module has availability
conditions tied to it.
Perhaps for future development, instead of reloading the page, the
container of the restricted course sections/activities can reloaded via
AJAX as well.
That way we can check that the expectations are
working ok for every database. Previously only the
ANY case was being tested.
Also, convert them to course badges and check, via
review_all_criteria() that the SQL structures returned
by award_criteria_cohort->get_completed_criteria_sql()
doesn't fail and return the expected counters.
When buildilng the 'WHERE' clause, the SQL generated
a query that selected any user who was a member of the
**last** group, not all of the groups.
I believe the query has to be re-worked so that it only
returns users who are in ALL of the groups. This can
be done by a GROUP BY and HAVING.
Try to correct broken ul/ol/li tags, as they have an outsized impact
on course layout. Uses basic regex and loops to track open and closed
tags.
Also adds a deep clean option to the HTML cleaner, that runs less
frequent, more intensive cleanings. This is because normally _cleanHTML
gets called after each keystroke, which could cause problems with
large content on weak systems.
Behat changes are a fix for setting multiline strings in Atto, and
creating a multiline match step.
'usercreated' and 'usermodified' fields can not be always mapped.
We are filling those fields with 'old' users when working on the same
site, or with current user when working on a different instance.
Custom rules are combined using the AND operator. However, the
'completionpass' and 'completionattemptsexhausted' rules are exceptions
because they are combined together with OR, and form a single new rule
that then will be combined with the rest of the rules using AND.
This commit combines the mentioned rules into a single rule named
'completionpassorattemptsexhausted'.
This includes 2 change to the order date(time) elements are filled,
each one addressing one type of problem, where current order is
problematic and can lead to unexpected dates.
1) Changing date, when current month only has X days and target
month has more than X days. Example, being 1 April, change
the date to 31 May.
This is solved by changing the order of introduction
from current D => M => Y to Y => M => D.
2) Changing date, when target month only has X days and current
month has more that X days. Example, being 31 March, change
the date to 28 Feb.
This is solved by always setting the D to 1, before the
Y => M => D sequence commented @ 1) begins.
Because of the order that dates and datetimes are filled by behat
sometimes there are some intermediate results that are impossible
and then the form (javascript) automatically reacts and fixes the
date, ultimate leading to a different date that the one we wanted
to set with Behat.
This is noticeable when switching between months (with some day
being the last day of the month) and the 2 months have a different
number of days. For example April date => March date (or the opposite).
This test covers all the critical changes (day, month and year),
back and forth. All times are Perth/Australia.
By rounding the current time it was possible that the most recently
created user enrolments (e.g. self enrolments) were being excluded.
This would manifest itself in a user being enrolled on a course,
but it not appearing under "My courses" navigation or on their own
Dashboard until the rounded time had caught up with the current
time.
The `isset` call always returned true for the 'replace' option,
because even if not specified it receives a non-null value. The
`strpos` call now does a strict equality check rather than
greater-than-or-equal (which always returns true).
This change removes references in code and comments to a few
deprecated functions that were accidentally missed in the larger
change.
The code changes only affect service_users.php. I made it support
custom user profile fields in this query, because it was easy
enough, rather than adding another TODO to fix later.
The activity information output component displays information about
an activity module that can contain:
1. Activity dates
2. Completion information
a. A manual completion button; or
b. A list of automatic completion conditions and their statuses.
This patch also includes a new JS module called
core_course/manual_completion_toggle for toggling the
completion state of activities that support manual completion.
Allow the core_completion_update_activity_completion_status_manually
web service function to be called from AJAX as well. This is needed
by the new manual completion toggle button in the
core_course/completion_manual template.
Due to Solr bug SOLR-15039, uploading files for indexing can fail if
it uses multipart upload. This changes it to use direct binary upload.
Unfortunately, the direct binary version in PHP curl only supports a
string, so we have to load the file into memory. I added extra code to
restrict the size of files indexed to (memory limit - 100MB), which is
usually 284MB unless configured differently because cron runs under
MEMORY_EXTRA.
Before resetting completion states during module update, we need to
rebuild the course cache first in order to properly reset the completion
states. Otherwise, calls to methods that fetch course module info
via cache (e.g. cm_info::create()) will fetch outdated information.
Note that there wasn't any case of multiple testcase classes in
1 file. All the cases reported in the issue were false positives
caused but other "mock/fixture" files being named _test.
So all this issue does is:
1) rename any _test suffixed class in test files, because we are
going to start renaming a lot of test classes to _test.
2) ensure that the 2 test case classes modified in this issue,
are already observing the filename = classname rule that will
be implemented soon (and verigy it works).
This patch adds some changes to guarantee that OpenBadges 2.1 (OBv2.1)
will return always the same JSON format that OBv2.0 (because the only
difference between both versions it's the BadgeConnect API).
By not redirecting when we are already on the purge caches page we
can preserve the submitted form data, allowing users to easily
repeat the previous action.
In MDL-70689, Eloy and Helen suggested some fixes to improve this patch.
As this is a followup issue to move the pending services, this
very first commit will fix pending things raised in the parent issue.
They are thrown in the following circumstances:
* The dynamic form class doesn't exist;
* It does exist but it's `check_access` method throws exception
Co-Authored-By: Andrew Nicols <andrew@nicols.co.uk>
This class would belong more appropriately within the 'user' API
(core_user) instead of within the 'core' API, since it is
directly related to user data.
Since the class has only just been added to Moodle, now is a good
time to move it.
This commit adds the missing logic for category events in
get_context() method. Without this fix, users will get errors
if they have category events with userid set to 0.
We should be able to fetch the grade completion status for modules
that do not have custom completion configured. This also improves
unit testing coverage.
* Fixed inverted $sameuser test data.
* Fixed caching expectation check. Caching only relies on whether the
user accessing the completion data is the same user or not.
* Fixed checking for the caching of other modules. Should have been
checking cm ID and not instance ID.
* Additional test case when whole course parameter is passed as
true, but the requesting user is different from the target user.
Core and mod_hvp are using the same namespace for some H5P
libraries. This is causing some random errors.
In order to get the expected behaviour in Moodle core, this patch
prepends H5P libraries in order to guarantee they are loaded first.
Plugins using same libraries will need to use a different namespace
if they overlap and a different version of these libraries should
be used.
The given condition in the if statement did not take into account cases
when the setting is locked by hierarchy. Settings which are locked by
hierarchy should should keep their current values which were inherited
from the parent.
Prior to this change the Grunt stylelint command was too greedy when
determining which files hsould be linted.
This change modifies the watch command to only watch relevant files and
subdirectories of each component directories. This means that unrelated
CSS and SCSS files are no longer watched for changes, and has the added
benefit of significantly increaseing the startup speed of grunt.
Without this patch applied the watch tasks were checking for matches in
the node_modules, and vendor directories.
Final deprecation for constant BADGE_BACKPACKURL (it has been removed)
and badges/backpack.js file (it has been removed too).
Besides, some methods have started the deprecation process too:
- badges_check_backpack_accessibility
- badges_setup_backpack_js()
- badges_local_backpack_js()
Apart from that, string 'addbackpack' has been deprecated here
because it's not used anywhere.
Backpack URLs (web and API) can have up to 255. However, the form
for creating/editing them, doesn't allow URLs with more than 50
characters. This patch align limitation to DB value (255).
Prior to this change all Grunt features were in a single Gruntfile.js
but this has become difficult to manage and maintain.
This commit moves the existing dependencies for component calculation
and babel moduel definition into a new .grunt directory, and
restructures the existing tasks in Gruntfile.js into separate task
configuration files.
This improves the maintainability of the Grunt build system and allows
for easier future expansion.
These recursive calls didn't work in PHP 7.3 and below, but in PHP
7.4 they also cause a fatal error which means if you have invalid
availability data, the whole page might die.
Upgrade mimetex to version 1.77. The steps followed
remained the same described in readme_moodle.txt.
This time we have made support for 64 bit architecture.
Hence all the binaries created now work with 64 bit only.
Following are the binaries which are upgraded:
1. Linux
2. Arm(aarch64)
3. Windows(exe)
4. Freebsd
5. Mac(darwin)
Signed-off-by: Sujith Haridasan <sujith@moodle.com>
Both in unit tests, but also in other areas (say blocks, for example)
it's possible that page->url has not been set yet.
So, let's change current code to always check if we have something
(page->url) to compare.
Note the use of has_set_url() is needed, because page->url is magic
method and it doesn't work as expected. Hate magics!
The link to the calendar page is missing in the navigation block in
classic which causes a behat failure in the 'Set availibility dates
for an assignment' feature. The fix includes adding the calendar block
to the Course page which can be used to navigate to the calendar page.
We used to display capabilities like "Manage any calendar entries",
"Delete evidence", "Manage competency frameworks", "View hidden courses"
and others as "Missing capabilities" for the mobile app service tokens.
This gave dangerous impression that the app will not work for students
without these capabilities granted. There are known cases of admins who
started to grant all these caps to the Authenticated user role because
they were afraid the app would not work for them.
The problem here is that the official mobile app service includes some
functions that have these capabilities declared as required. But they
are not really required to use the app. Either the app makes its own
clever checks of capabilities before calling the functions, or sometimes
the capabilities are not even correctly declared.
It is safer for everybody to display this information for custom
services only where the risk of the falsely missing caps is lower and
the information is more accurate.
Also, the help text has been improved so it does not suggest that these
capabilities must be always added. We do not know why the service has
them declared. In some cases, a service has capabilities declared just
because it makes use of them in the if-then fashion.
Additionally, the patch also displays the service short name because it
is actually needed to know.
The patch adds ability to filter the list of token by the token value,
the user and the service. Also the button to create a new token is made
more prominent and easier to spot.
No need to have a dedicated admin_setting_managewebservicetokens admin
setting subclass, and yet do not use almost any of its features. So the
patch merges the list and the forms handling into a single external
page.
Similarly, it feels like overkill to have a renderer method for a
simple confirmation widget - especially given that the URLs were
hard-coded in it. So that one was dropped.
The patch improves the display of the missing capabilities on the Manage
tokens page and the Select authorised users page. The list of
capabilities is rendered in a collapsible area and does not occupy too
much space by default.
Additionally on the later page, the patch improves the display of the
list of existing authorised users so that it respects the configured
identity fields.
The previous implementation falsely reported all implicit capabilities
inherited from the authenticated user archetype. That caused a lot of
capabilities reported as missing, even if they were correctly granted.
This new implementation uses a different logic. Instead of seeking for
explicitly assigned capabilities, it searches for capabilities that are
not assigned to any of the user's role across the system.
Please refer to the inline documentation. This should be still used for
informative reports only, not for actual permissions evaluation. The
context has been ignored here, as well as all the overrides etc. This
patch just makes it a lesser evil.
The purpose of this external function is to provide data for
asynchronous user selectors and similar widgets. It allows to search
users matching the given query in their name or other available identity
fields.
I suppose the original reasoning was that the web services protocols are
pluggable and that plugins can provide external function. But those are
not good reasons to put the whole Web services section under plugins.
Web services are not a plugin type and they always felt very
counter-intuitive there.
From the server administrtaion perspective, web services are similar to
scheduled tasks and therefore, they should live in the same section.
Using the external method for updating posts, the check for empty
subject/message content wasn't correct (disallowed the string '0'),
in addition to being impossible to set a posts message format
property to FORMAT_MOODLE (integer 0).
Modifies the 'string time to timestamp' behat trasformation to use
userdate() instead of date(). The userdate() method is generally used
throught Moodle for constructing formatted date strings and this change
will provide more consistency and prevent any potential behat failures.
Therefore, if the date format is defined in the given trasformation, it
has to be strftime compatible. Example:
'I should see "##tomorrow noon##%A, %d %B %Y, %I:%M %p##"'
Apart from adding new unit tests for covering new IMS OBv2.1 issuer,
some extra tests have been added to test existing issuers and confirm
they are still working as expected after the changes.
IMS OBv2.1 services have a registration endpoint to get client id
and secret.
This patch adds and implements the "register" method for the IMS
Open Badges Connect discovery system, to get the proper client id
and secret values.
In order to make easier to create and maintain new OAuth2 services,
a couple of classes have been added:
- discovery\* contains methods related to the discovery system. Until
now, only OpenID Connect was supported by Moodle so all the code was
centralised in api.php.
With this patch, as IMS OBv2.1 has a different discovery system, a new
abstract class (base_definition) has been added to be called and let
every discovery system (OpenID Connect, IMS Badge Connect...)
implement their own methods.
- service\* . Instead of keep adding methods to the api, the service
namespace has been created to store all the standard issuer services.
An interface (issuer_interface) has been created and all the services
should implement it.
This patch creates the "IMS OBv2.1" and "Custom" services and moves
the methods for "Google" service because it uses the OpenID connect
discovery system.
I've gone over a few of the mofified files (those
which were showing warnings and errors to CiBoT. Some of them
have been fixed completely, while others only have fixed
for the lines belonging to this issue (lib/tests/moodlelib_test.php)
for example.
This applies the "whitelist" => "include" changes to all the core
phpunit_coverage_info occurrences, so core won't emit any deprecation
warning (see previous commit).
At the same time, modified a bunch of comments in coverage files
to be more readable/understandable.
Following the changes in the schema, from "whitelists" to "includes",
we are deprecating these two properties from phpunit_coverage_info:
- whitelistfolders => includelistfolders
- whitelistfiles => includelistfiles
They will continue working over the deprecation period but the init/util
scripts will throw some warnings about them being deprecated for 3.11 and
the way to replace them.
Standard 2y deprecation applies with final removed to happen @ MDL-71067
Basically switch to 2-space indenting and small tweaks to comments,
so both the main phpunit.xml file and also the individual components
ones, all them based in the dist one will be consistent.
This performs all the changes needed in the util generator to
produce XML files compliant with the new schema (see previous
commit for description of changes).
- All the occurrences in code of filter => coverage.
- All the occurrences in code of whitelist => include.
- Apply all the changes to comply with the new schema.
- Remove processUncoveredFilesFromWhitelist attribute, useless (false
is its default value, and now have another name).
- Move from 4-spaces indented XML to 2-spaces indented.
- Small linefeed tweaks to generate better-looking XML.
PHPUnit 9 comes with various changes in the XML
configuration file, namely:
- the old "filter" section has been renamed to "coverage".
- "whitelist" has been renamed to "include"
- "exclude" is not a child of "include" anymore, but of "coverage".
- "include" cannot have configuration attributes anymore, only
"coverage" can"
Visually it means that the old section (invented example):
```
<filter>
<whitelist attributes_may_go_here="xx">
<directory suffix=".php">classes</directory>
<directory suffix=".php">externallib.php</directory>
<exclude>
<directory suffix="_test.php">.</directory>
</exclude>
</whitelist>
</filter>
```
Now looks like:
```
<coverage attributes_may_go_here="xx">
<include>
<directory suffix=".php">classes</directory>
<directory suffix=".php">externallib.php</directory>
</include>
<exclude>
<directory suffix="_test.php">.</directory>
</exclude>
</filter>
```
So, switching to the new xsd so we can validate the remaining changes.
The current ->setMethods() has been silently (won't emit any
warning) in PHPUnit 9. And will stop working (current plans)
in PHPUnit 10.
Basically the now deprecated method has been split into:
- onlyMethods(): To point to existing methods in the mocked artifact.
- addMethods(): To point to non existing (yet) methods in the mocked
artifact.
In practice that means that all our current setMethods() calls can be
converted to onlyMethods() (existing) and done. The addMethods() is
mostly useful on development phases, not final testing.
Finally note that <null> isn't accepted anymore as parameter to
double all the methods. Instead empty array [] must be used.
Link: https://github.com/sebastianbergmann/phpunit/issues/3770
The methods assertContains() and assertNotContains() now perform
strict (type and value) comparison, pretty much like assertSame()
does.
A couple of new assertContainsEquals() and assertNotContainsEquals()
methods have been created to provide old (non-strict) behavior, pretty
much like assertEquals() do.
Apart from replacing the calls needing a relaxed comparison to those
new methods, there are also a couple of alternative, about how to
fix this, depending of every case:
- If the test is making any array_values() conversion, then it's better
to remove that conversion and use assertArrayHasKey(), that is not
strict.
- Sometimes if may be also possible to, simply, cast the expectation
to the exact type coming in the array. I've not applied this technique
to any of the cases in core.
Link: https://github.com/sebastianbergmann/phpunit/issues/3426
Mocke at() matcher is being deprecated with phpunit9 and
will be removed with phpunit10.
Source: https://github.com/sebastianbergmann/phpunit/issues/4297
Luckily we are using those deprecated matchers only in completionlib
tests, so there aren't many cases to modify. Now, we are using
supported matchers (once, exactly, never...) and the tests have
been reorganised to better represent the expected behavior (how
many times stuff is called, with which params and return values).
Custom autoloaders are deprecated with PHPUnit 9 and will be removed
with PHPUnit 10.
Since PHPUnit 8.5 custom autoloaders don't do much because that
version removed the ability to launch unit tests by class name
and that's exactly the reason we had a custom autoloader (to map
class names to files within our tests). See MDL-67673 about
when direct use of classes was deprecated (8.5), now removed (9.5).
So, as far as it's unused, removing it now, test still can be
selectively using any of:
- a relative path to file (although there are some restrictions comming
with PHPUnit 9, see https://github.com/sebastianbergmann/phpunit/issues/4105
- using --filter, to point to any classname[::method]
- using --testsuite to run a complete suite
- using --config to point to custom components.
Also, commented out the lib/ajax/tests directory because it doesn't
exist / is empty and PHPUnit 9 emits error when a configured test
directory does not exist. See
https://github.com/sebastianbergmann/phpunit/issues/4493.
Alternative was to completely remove the configuration line, but
decided to keep it around in case some day we want to add some
test there.
Used by our custom assertTag() and assertNotTag() assertions, that some
day we should deprecate... the loading of XML content for further
processing has been moved to new classes within the PHPUnit utils. We
are just following the move here.
With stricter typed param checks in php73, the 7th param of the
getMockForAbstractClass() must be array, so previous code defaulting
to null now throws a TypeError.
In PHP 9.1, the use of expectException(PHPUnit\Framework\Error\*) has
been deprecated, that is, when a Notice/Warning/Error/Deprecated
problem is reported. Instead, these new assertions must be used:
- expectDeprecation() for E_DEPRECATED and E_USER_DEPRECATED
- expectNotice() for E_NOTICE, E_USER_NOTICE, and E_STRICT
- expectWarning() for E_WARNING and E_USER_WARNING
- expectError() for everything else
More info:
https://github.com/sebastianbergmann/phpunit/blob/9.0.0/ChangeLog-9.0.mdhttps://github.com/sebastianbergmann/phpunit/issues/3775
Regexp to find all them:
ag 'expectException.*(Notice|Warning|Error|Deprecated)
In PHPUnit 9.1, the following regexp-related assertions
have been deprecated and there are new alternatives for
all them:
- assertRegExp() -> assertMatchesRegularExpression()
- assertNotRegExp() -> assertDoesNotMatchRegularExpression()
This is about to, simply, move all cases to the new alternatives.
Source: https://github.com/sebastianbergmann/phpunit/blob/9.1.0/ChangeLog-9.1.md
Regexp to find all them:
ag 'assertRegExp|assertNotRegExp' -li
In PHPUnit 9.1, the following file-related assertions
have been deprecated and there are new alternatives for
all them:
- assertNotIsReadable() -> assertIsNotReadable()
- assertNotIsWritable() -> assertIsNotWritable()
- assertDirectoryNotExists() -> assertDirectoryDoesNotExist()
- assertDirectoryNotIsReadable()-> assertDirectoryIsNotReadable()
- assertDirectoryNotIsWritable()-> assertDirectoryIsNotWritable()
- assertFileNotExists() -> assertFileDoesNotExist()
- assertFileNotIsReadable() -> assertFileIsNotReadable()
- assertFileNotIsWritable() -> assertFileIsNotWritable()
This is about to, simply, move all cases to the new alternatives.
Source: https://github.com/sebastianbergmann/phpunit/blob/9.1.0/ChangeLog-9.1.md
Regexp to find all them:
ag 'assertNotIsReadable|assertNotIsWritable|assertDirectoryNotExists|\
assertDirectoryNotIsReadable|assertDirectoryNotIsWritable|\
assertFileNotExists|assertFileNotIsReadable|assertFileNotIsWritable'
Manage backpacks page wasn't displaying the navigation and administration
menus when using classic theme (it's unrelated to changes done here).
This patch fixes this unexpected behaviour (raised thanks to behat tests).
Since cm_info::customdata can be of any type, we need to cast it to an
array first before checking for custom completion rules. Otherwise,
an exception can be thrown (e.g. customdata has been set as an stdClass)
In all cases changes have been kept to a minimum while not making
the code completely horrible. For example, there are many instances
where it would probably be better to rewrite a query entirely, but
I have not done that (in order to reduce the risk of changes).
The $CFG->badges_site_backpack setting has been completely removed
because it's not required anymore. From now, the primary site
backpack will be the first one in the "Manage backpacks" list (so,
the one with lower sortorder value).
Before removing $CFG->badges_site_backpack setting, admins should be
able to re-order the existing site-backpacks (because then, the first
one will be treated as the default one).
This patch adds the sort order feature to the backpack list.
Setting "External backpack connection" has been moved from "Backpack
settings" to "Badges settings" in order to make easier to find and
configure it.
Some extra tests have been added to cover existing behaviour and
confirm is still working as expected.
When hovering over table rows with the `dimmed_text` class we
should consistently set the text/link colour.
Co-Authored-By: Mikel Martín <mikel@moodle.com>
Use the custom completion implementation for mod_choice to test
completion_info::get_state() to cover the case where the completion
state is being determined from the custom completion condition.
* Update completion_info::get_data() to add other completion
information from a new method called get_other_cm_completion_data().
This allows the storage of the completion statuses of the following
completion rules to completion_info objects:
- 'Students must receive a grade' completion rule.
- Any custom completion rule defined by an activity.
This allows detailed completion information to be fetched for course
modules.
It also allows custom completion statuses to be cached which will help
reduce DB queries when fetching completion statuses.
* Update update_state() to fetch overall completion state from the
module's activity_custom_completion implementation. Falls back to the
*_get_completion_state() callback function.
* Update internal_set_data() to include the other cm completion data
in the updated cache data for the module instance.
Move the current logic for determining the completion status for the
"Student must receive grade" completion rule to a function so it cann
be reused.
Unit test included.
* Unit tests for completion_info::get_data() and
completion_info::internal_get_state are mocked which causes failures
with the new implementation. It's more straightforward and realistic
to generate real course and modules to test these methods.
Tests cover
- get_overall_completion_state()
- is_available()
- validate_rule()
Tests don't cover
- methods that rely on static methods such as:
- is_defined()
- static methods in the class because they can't be mocked
- abstract methods that can be tested better by the plugins
that extend activity_custom_completion such as:
- get_state()
- get_defined_custom_rules()
- get_custom_rule_descriptions()
A number of behat fails have been creeping in with the customfield code
as behat is moving onto the next step before the current step finishes.
This change introduces some additional pending JS tracking to prevent
this.
Currently admin_setting_configselect has lazy-loading support via a
callback function (so you don't have to make pointless single-use
classes for each unusual setting), but this is not present in other
similar types.
This commit adds identical support to
admin_setting_configmulticheckbox.
Some of the current behat tests were wrong but not failing because of the bug in 'should not exist' step.
Once the bug is fixed, we must fix also wrong behats.
This text is not directly output to final users, it is used just in the textarea in both the site and the app.
Applying format, case issues like adding glossary links etc...
After uninstalling a plugin, the translated strings remain in
tool_customlang table, throwing an exception when trying to localise
any strings. Currently there is no mechanism to
clean up customlang tables and files during the uninstall process,
so with this patch the invalid components will be ignored.
Sortorder field in badge_external_backpack was updated with a wrong
value. This patch fixes this behaviour and adds sortorder as
sorting criteria for displaying the list of site backpacks.
In the phpunit method reviewed for covering this, a couple of
assertEquals() calls have been changed too to put the expected value
first.
It was deprecated in php72 and now it's gone.
Have used this regexp to find all the uses in core:
ag set_error_handler | uniq
And then checked all them manually, that parameter was not
being used in the 3 methods where we are removing it.
Implementing these functions as final does not prevent the object to be
cloned or serialized, so the comment to them was wrong.
However having these functions not public breaks in PHP 8.0.
It still does not make sense to clone or serialise file_system or external_settings classes
but there are a lot of classes in moodle that should not be cloned, no reason to have
a specific solution here.
PHP8.0 shows error that filter function accepts value by reference
The nested filtering was never working but also this function was never called on a tree with sub-levels,
so this logic is now removed
Set max-height on each container section rather than the container
itself, so that each can respond to the scrollBottom event within
the lazy loading module (which handles the overflow itself).
If a developer has debugging on then they will recieve all debugging
messages for locking whether wanted or not. We already have a setting
to display these messages.
pdftoppm (from poppler-utils package) is several orders of
magnitude quicker than ghostscript extracting PNG images
from PDF documents.
We add support for this tool and use it whenever set up,
or using gs as before if missing.
Revisited code with peer review comments. In particular:
1. Make default path for pdftoppm empty string.
2. Fix a typo on the method description for get_gs_command_for_image.
3. Added more information why is useful pdftoppm into string pathtopdftoppm_help.
4. Check that path for pdftoppm is executable to prevent errors. Otherwise, use gs.
High-resolution image for a badge (f3) should be sent to external
backpacks through JSON and WS methods.
Besides, when a badge is cloned, the high-resolution image should be
used to avoid the copied looks blurry.
The "Private files" link does not exist in the site navigation when
using the classic theme, so it is not possible to test the dedicated
page via Behat at this time.
As discussed in MDLSITE-6397, all Moodle code files should end with
single Unix-style end of line character. Files created and edited
through the XMLDB editor should follow this rule, too.
The filepicker wasn't displayed fot the H5P Atto button when a text
area database field was created because some options were missing
in the textarea field class.
* Old backups might have hidepicture defined and set to 1 in which case
we must make sure to exclude the group picture for these groups from
being restored.
Plus additional amendments to Fred's original commit:
1. Updating the version numbers
2. Merging the original two-step upgrade below into one for simplicity:
1. Deleting the pictures for groups with hidepicture set to 1; and
2. Dropping the hidepicture field itself.
3. Converted array() usages to the short syntax [].
If the drawer toggle button was clicked in quick succession to close
and then re-open, then the delayed Aria.hide method would be called
which hid the drawer content when it finished opening.
File badges/oauth2callback.php has been removed and now badges
API will use admin/oauth2callback.php because it makes no sense having
it twice.
Credits go to Andrew Nicols for raising it!
Adds behat support for selecting date and time from a datetime selector
element. The passed values should represent a textual date and time
description wrapped in '##' (e.g. '##first day of January 2020 08:00##',
'##1 Jan 2020 10:30##'). Also, the value 'disabled' is valid and can be
used to disable the datetime selector element.
Adds behat support for selecting a date from the date selector element.
The passed values should represent a textual date description wrapped
in '##' (e.g. '##first day of January 2020##', '##1 Jan 2020##'). Also,
the value 'disabled' is valid and can be used to disable the date
selector element.
Moves the logic from guess_type() to a separate protected method
get_field_instance_for_element(). This would be quite useful for
form field classes as they can now use this method when there is
a need to determine the type of a given node element.
Includes the data-fieldtype attribute to the checkbox inline form
element. This element does not extend the parent inline element
template due to its specific nature and therefore this attribute was
missing.
On behat, we have to use a more specific test step if we are looking
for a "Go" button on a modal. The reason is that the html of the modal
content is put after the html of the "Go to top" button, so behat
may find the "Go to top" button if we just look for "Go".
WAVE considers any text with the size of 10px or below really small.
Increasing the font size of the navbar counter by 1px should not make a
big negative impact on the design, but improves accessibility.
In MDL-63040, it was decided that the page header for the dashboad page
should be removed.
However, Based on Success Criteria 1.3.1 and 2.4.6 from the WebAIM's
WCAG 2 Checklist, all pages should have an <h1> element.
So I put an sr-only heading on the dashboard and all other pages, where
no page header is shown.
Changed the element selector to get all array elements,
whether named or unnamed. The previus selector was only
working for elements that thir names were like name="something[]".
It was not working for name="something[a]" elements.
This is not related to the issue but I noticed it while trying to debug
it.
Back when this line was introduced in 9c140a681e, the ZipArchive had
not yet exposed this flag as a constant. It was added later with PHP
7.0.8 and we can switch to using it now.
The original implementation was based on ZipArchive::getStream() which
turns out to be very slow and if the archive contains many files, the
unzipping performance is very slow.
The patch changes the implementation to use ZipArchive::extractTo()
unless the extracted entry path contains a folder name ending with dot
(such as some/path./to/file.txt). There is a known upstream bug in the
PHP ZIP extension #77214 (also #74619 and #69477) so that we fall back
to keep using the stream in those cases.
* When a label is passed to an (advanced) checkbox and no text
was provided, the label will be displayed on the right of the the
checkbox element. So there's no point in passing an empty string for
the label just to render the text to the right of the checkbox.
* When a label is passed to an (advanced) checkbox and no text
was provided, the label will be displayed on the right of the the
checkbox element. So there's no point in passing an empty string for
the label just to render the text to the right of the checkbox.
* The aria-describedby attribute can be a list of element IDs that
describe the element. On form validation, the ID of the error message
container is added to this attribute which may already be containing
another ID. So we need to properly add/remove the error message ID
so that we don't delete any existing ID(s) in the aria-describedby
attribute during form validation.
Save comment in the assignment when the Save changes
or Save and show next button are clicked at the bottom
of the page.
Signed-off-by: Sujith Haridasan <sujith@moodle.com>
Uses of the httpsreplace and customlang tools are known to be extremely
slow.
In our CI infrastructure on slwoer DBs, the customlang tool can take
over 90 seconds to load the page, whilst the httpsreplace tool can take
up to about 60 seconds.
These changes set appropriate timeout factors to increase the timeout
accordingly.
Also, change:
get_real_timeout(30000)
to:
get_real_timeout(30) * 1000
because the original functions are defined to use seconds, and
having the 1000 around will help us detecting cases in the case
of a hypothetical review of uses.
Displaying a default group picture in forum posts leads to confusion,
so better to not display a default group picture when the group
picture is not set for the group.
Also, change:
get_real_timeout(30000)
to:
get_real_timeout(30) * 1000
because the original functions are defined to use seconds, and
having the 1000 around will help us detecting cases in the case
of a hypothetical review of uses.
Credits for Alexander Bias, for sharing the patch!
The content bank was designed for making easier to reuse content.
So "Link to the file" should be the default option when using the
contentbank repository, in order to let teachers modify their
content in the content bank and update automatically it everywhere
is used.
If the request to the OAuth 2 token endpoint fails show the response
body the endpoint returned with its HTTP status (when debug: DEVELOPER).
If no response is available show any error returned by Curl. Previously
none of this information was available making troubleshooting difficult.
If a token refresh fails in \core\oauth2\refresh_system_tokens_task an
exception is now thrown so that the result is shown as "Fail" on
admin/tasklogs.php?filter=core\oauth2\refresh_system_tokens_task
get_magic_quotes_gpc() always return false since PHP 5.3 so (1 == get_magic_quotes_gpc()) is never verified.
This allows me to safetly delete what I dropped out.
An case was found where the webdriver stop() call could fail in an
AfterScenario hook, leading to a complete rerun if no other errors were
experienced.
- Update fetch_dropbox_data to allow different result nodes and version
- Update search to the new URL with new params
- Update the get entities function to account for the change in structure.
The emoji categories were modified in the newer versions of the
emoji-data library. Therefore, the category list in $categorysortorder
needs to be updated with the correct category names in order to properly
sort the categories in the generated emoji data file.
The emoji data generator script is enabled to detect inconsistencies
between the emoji category names used in the emoji-data library and the
ones used in Moodle. These inconsistencies should be fixed, as soon as
they are detected upon library upgrade.
Switch the order of operations performed when collating list of paths
from which a user can include attachments.
First collect all normalised/absolute paths then filter empty entries,
which fixes an issue where $CFG->localrequestdir could be defined but
not exist. This would lead to an empty string being passed to strpos
which triggered a PHP warning.
Co-authored-by: Peter Burnett <peterburnett@catalyst-au.net>
This ensures that the page reloads if the student uses
the Back or Forwards buttons within an attempt. This
avoids questions being in a stale state, or
the timer showing the wrong time.
Thanks to Jake Dallimore and Russell Boyatt for suggestions
which lead to this fix.
This fixes an issue on those systems that don't fully support unicode
characters within zip structures, which subsequently led to broken
links when browsing downloaded course content.
I can't expand this one in a sane fashion but the older JS is doing some
weird and wonderful things with focus.
The only way I could get this to behave correctly was to move away from
the field, move back to it, and then move away again. Other combinations
failed in different browsers for different reasons.
Expand all fieldsets rather than individual fieldsets.
This can fail in some situations where the page moves as the first
fieldset opens and HTML transitions take effect. This causes subsequent
fieldsets to move after WebDriver has calculated the click target.
These steps were creating content manually in an unnecessary fashion. I
had to debug some issues with features in these areas so took the time
to update them to make use of data generators, which are significantly
faster.
Behat should not trigger Synthetic browser events. It is incorrect to do
so as the UI should be used to trigger events correctly.
The W3C WebDriver specification explicitly states when and where these
events will be triggered from (the browser) and therefore there is no
ambiguity and no need to synthetically trigger them from Behat.
The W3C WebDriver leads to faster operation of individual steps which
highlights where WebDriver is moving to a new step faster than the
browser can process it.
The solution here is to use the `execute` function to interact with the
browsers as this makes use of the various wait and check steps.
These steps were completely pointless and were failing with the W3C
Webdriver becuase focus was never on the Update Profile button in the
first place.
At a minimum we should remove the Focus change step as it not valid, but
the following step is also pointless.
On Firefox there can be some issues with ensuring that all nodes are
visible in order to click them.
This is likely an upstream geckodriver bug and not one that can be
easily addressed across all of Moodle.
In this instance the "Next" button is just outside the Visible Window,
but it is in an iFrame which is fully visible. In this situation
Firefox is unable to click the button but does not error.
The W3C Specification does not require that a NodeElement be in the
current viewport before triggering a mouseOver. As a result the
mouseOver will generate an Exception because the element is not in the
viewport, and the X/Y co-ordinates are invalid.
To handle this the node is scrolled into view.
Normalise switching of window contexts by setting the main window name
to a null.
Where the window has no name (null/empty), then the root context is
selected.
This change introduces a new function to execute Javascript directly on
a node.
This should not, ordinarily, be used directly by steps, but may be
required in other parts of the Behat interaction.
The PHP WebDriver Mink Driver does not necessarily require Selenium. It
supports Selenium 3 upwards, and can be used directly with ChromeDriver,
EdgeDriver, SafariDriver, GeckoDriver, and others.
It therefore uses a slightly different configuraitno path.
This commit updates core Behat features to make use of the
php-webdriver/webdriver library instead of the legacy Instaclick
library.
Most of these changes relate to use of features of WebDriver which we
are required to use directly rather than through the Mink Driver.
This commit updates the composer dependencies to make use of the updated
version of moodlehq/moodle-behat-extension which depends upon the
php-webdriver/webdriver and relevant Mink WebDriver.
eg in Apache you could capture 403 errors and funnel them to this
error handler script and also transform them to 404s:
ErrorDocument 403 /error/index.php?code=404
When current language doesn't have accompanying videojs language file
we should fallback to displaying the player in English, otherwise the
web service returns empty and a Javascript exception is triggered.
This just deletes all the upgrade steps previous to 3.6.0. Some
small adjustments, like tweaking globals can also be applied
when needed.
Also includes an upgrade step to prevent upgrading from any
version < 2018120300 (v3.6.0) as anti-cheating measure.
Note that in this case, there wasn't any case of upgradelib
functions being used, hence we haven't to deprecate/remove
anything in codebase. When there is such a need, that is done
in separate commits (one for each function) and documented here.
See MDL-65809 commits for an example removing/deprecating a
good number of functions.
Upgrade step that resets the 'Data modification API' (convert_data)
setting to its default value if this setting is currently configured
to use a file located within the $CFG->dataroot directory.
Prevents configuring the 'Data modification API' (convert_data) setting
to use files located within the $CFG->dataroot directory as it exposes
the site to security risks.
This patch adds a solution for Postgres that allows overriding IN
statement limit of 16bit (65535 values) by wrapping items in VALUES
list. This only takes place in number of items exceeds 65535, otherwise
parent class get_in_or_equal() function is used.
If the activity uses a referenced H5P file from the content bank,
a link for displaying this specific content will be shown into the H5P
activity form instead of the generic one to the main content bank
page.
* The fact that non-existing strings are returned in certain format
starting with the bracket, is kind of side debugging effect. The value
is really undefined and should not be relied upon.
* The string could actually exist and be worded so that its first
character is also the square bracket.
The form_autocomplete is essentially a custom element. Unfortunately the
`setValue()` function in Mink has undesired actions so it is necessary
to write our own handling for it.
The standard Mink `setValue()` function focuses the element, sets a
value, and then blurs the element. In the case of the autocomplete this
can cause the autocomplete suggestions list to be closed in some
situations. Instead of using the setValue we click, and type the value,
but do not immediately blur.
Fixed a regression caused by MDL-64194 resulting in Dashboard - Course
overview pagination not working from second page of courses onwards.
Course overview block should now do the following:
- Display no pagination controls when user has no courses
- Display no pagination controls when less than 12 courses to display
- Only display pagination controls up to the number of courses user is
enrolled in
- Work correctly when on a page greater than the second page.
There was a typo - missing underscore. As a result, the new refresh
token was never updated in the database. Depending on the issuer and
whether or when theyu invalidate issued refresh tokens, this might or
might not make the token refresh stop working.
Creates a webservice that returns the addable blocks in a given page.
The webservice expects the page context id, page type and page layout as
parameters and returns the block name and block title for each available
block.
Starting from PHP 7, most language errors throw Error exceptions. We
want to deal with those equally as with any other exception so we need
to catch all Throwables here.
There are serveral ways a quiz attempt can be submitted:
1. The student click the Submit and finish button. In this case,
no problem. We record the current time as the finish time
for the quiz attempt.
2. The student is activly working away at the quiz, and the
count-down timer reachers zero. In this case, we also record
the current time. Note that, if the server is under high load,
then this could well end up being a few seconds after the
theoretical end time, so you could have a quiz with a 30 minute
time limit, with an attempt that lasted 30:07. However, this
is just an accurate reflection of what happened, so should
be recorded like this.
3. If the student is offline when the time expires, then
(depending on the quiz settings) the attempt may be
automatically submitted by cron, but this will happen with
at least some delay (to prevent race conditions between cron
and a student working online) and if cron is running slow
on the server, it could be a lot later. Previously, this led
to, say, a 30 minute quiz where an attempt seemed to have
lasted 67 minutes, which confused people.
Now, in this situation, the finsh time for the quiz attempt is
recorded as the time when the time limit ran out. This is not
just less confusing for teachers looking at the quiz report,
it is also more accurate. That is the latest time at which
students could have made any changes to their responses.
* Set appropriate heading element IDs
* Replace usages of deprecated HTML tag acronym with abbr instead.
* Add a label for the export fields fieldset.
* Move the CSV delimiter list outside the radio group.
* Fix div under a label element and duplicate labels
for the checkboxes of the fields to be exported by showing the field
name and type together.
* Group the fields to be exported as a fieldset.
* Move unsupported fields into a separate list.
* Move export options into its own section and group the options as a
fieldset.
First working version, supports phpunit (using build matrix):
- php72 (lowest), running mysql.
- php74 (highest), running postgres.
Also verifies that the branch has been "gruntified" and there
isn't any missing change (build js/css files).
TODO: Verify the remaining checks currently in .travis.yml, namely:
- CITEST
- Add caching
- Better health-check for DB images.
- Support from the tracker (satus badges and enable check).
- Support from CiBoT (status and enable check).
- Consider moving both the common setup (git, composer...)
and the database (mysql, postgres) to own actions for
easier tweaking.
Behat does not play well with confirmation dialogues and in some
situations it does not wait for the page to reload before starting the
next step.
This change adds a pending_js call which is only resolved if the cancel
button was pressed, otherwise it remains in-progress until the page
reloads resetting the entire state of it.
This commit updates the following steps to use the
`the_attribute_of_should_be_set` step under the hood:
- the [element] [type] should be disabled
- the [element] [type] should be enabled
- the [element] [type] should be readonly
- the [element] [type] should not be readonly
This reduces unnecssary code duplication.
This commit promotes the Inplace Editable field to a first-class form
element by introducing a new partial selector for inplace editable
fields, and teaching the field manager how to recognise these, then
introducing a new field type which can handle setting values for this
field.
Behat form fields are implemented in a way completely isolated from the
rest of the Behat Context system. Whereas regular step definitions have
access to execute steps, to call `find`, check for JS running, and other
related functionality, the Moodle implementation of a field type does
not have any access to this.
By moving the core functionality of behat_base to a new trait, and the
constants to a new interface, the functionality can also be used in
behat form fields in the same way as elsewhere.
This is similar to change made in MDL-69136 to allow an already-fetched
NodeElement to be provided to the get_node_in_container() function and
makes it easier to be deterministic when writing steps.
By default only lowest php version will be executed, and only pgsql.
This default behavior can be changed with a new variable:
MOODLE_PHP = [all]
MOODLE_DATABASE = [pgsql | mysqli | all]
The 'edit_instance_validation()' method checks for existing meta enrolment instances.
The fix replaces DB queries in a loop for each course with a single query for all courses.
Also, a new testing method 'test_edit_instance_validation_with_existing_courses()'
was added to /enrol/meta/tests/plugin_test.php to test if the new implementation
returns an error in case of trying to save the already linked courses in the 'customint1' field.
In some browsers the ajax grade select does not properly update the
grade after setting values. The previous solution was to press the
[enter] key, but doing this with the new key type step opens the select
box again. This is what happens when a real user presses enter on the
select.
This is the last possible field in the report, so pressing the tab key
to move to the next gradable element does not work.
The solution uses a shift-tab to move the focus away to the previous
gradale element. In this case it must also be moved to an earlier step
because the previously selected value must be checked in the Then
section of the test and if it is selected then its value cannot be
checked.
Note: The ddmarker question type was previously getting the number of
keypresses wrong. This was because it was using both keyDown/keyUp, and
also keyPress. As a result each keypress was essentially happening two
times.
A previous change as part of this commitset was intended to move the
modal to the document.body, but where the modal had been destroyed it
was instead added back to the body.
Before this change when a modal was shown and an element on the page
was fullscreen the modal would be created behind it.
This change ensures that the modal will be inside an element that is
fullscreen so that it will be correctly displayed.
- Main version (version, release, branch and maturity), guaranteeing
we are diverging from previous stable branch and won't overlap any more.
- Backup release, to match new branch.
- CI configuration files (.travis.yml in this case), to match new branch.
For changes needed to START working with parallel branches, see MDL-69475
In YouTube Data API v3, the API call to fetch the videos related to a
certain category expects the category ID to be passed to the
videoCategoryId parameter, instead of the category name. Therefore, the
category config should store the category ID.
When we read the MUC configuration, a file which exists but is empty
will not error, but will cause all configuration to be empty.
We already perform an {{is_array()}} check on the {{$configuration}}
variable, but the default value for {{$configuration}} is an empty
array. In the case where the file exists, but is empty, no errors occur
when the file is loaded, and the initial {{$configuration}} value is
not overwritten, leading to the file being replaced with an empty copy.
Having mixed $data in badge exporters is causing some issues.
As all these exporters are using $data as an object, $data can be
converted to object in the constructor, to avoid errors and get
the expected behaviour always.
Ensure that there is always one active element in the list of selected
autocomplete elements.
Without this we have issues beacuse clicking on the link makes the first
one active if one is not already active, and this turns a click event
into a drag event, which means that it is not deleted.
Returning a value of `false` in an event handler has the effect of
calling event.preventDefault() and event.stopPropagation().
This is neither obvious, nor desirable in this situation.
The documented values that jQuery.attr() accepts are String, Number, or
null. For some reason, when we pass a Boolean value, the subsequent
click handler does not work in some situations.
Changing this to take a Number, and unsetting it when empty, resolves
this issue.
The accessibleChange custom interaction event was only listening for
blur and focus, however some OS/browser combinations do not emit these
events until the element is explicitly blurred. This is notably
different on Firefox on some Operating Systems.
Recent changes in MDL-68167 explicitly moved the user participants page
filter module to use the accessibleChange event, which means that the
selections are now only triggered on an explicit blur when using
Firefox. This highlight a bug whereby, when the mouse is used to make a
selection, the event is not triggered until the element is blurred.
This change modifies the accessibleChange event to ignore the `change`
event where it was triggered by the keyboard and where that keybaord
event was not a [return] or [escape] keypress, but to otherwise respect
the native change event.
The `blur` event does not bubble, but the `focusout` events are not
available in all supported versions of Firefox.
Rather than switching event, this patch using event capture to
effectively achieve the same result and bubble the event up through the
DOM to the delegated listener.
There should be no functional change with this patch, except to support
Firefox fully.
version = 2020110900 release version
requires= 2020110300 current beta+ (week6roll1) version
Note that, because we are under parallel development period,
this is being done in the branch that is going to be released
(MOODLE_310_STABLE already existing) for Moodle 3.10.0 and
not in master, that is the one getting the bump under normal
(non-parallel) periods.
When 2 or more backpack were created without credentials,
a "Duplicate key value violates unique constraint" error
was raised because externalbackpackid was not taking the
correct value.
Other improvements have been done to the code too in order
to make it more readable.
Also, ensure that remove_dir() only processes directories,
because sometimes it was being called by shutdown managers
with files, leading to PHP warnings.
Co-authored-by: Eloy Lafuente (stronk7) <stronk7@moodle.org>
Co-authored-by: Jun Pataleta <jun@moodle.com>
With MariaDB 10.2.7 the driver was incorrectly returning '' (empty
string) as default for all the columns having null (meaning, no
default).
Also, cover the case in unit tests, it seems that we were already
testing other defaults but not the null case.
The content of the autocomplete selection div is purged by javascript
so we have to move its label outside of it. aria-labeledby is the way
to go.
Each time the suggestion box is expanded, autocomplete js renders the
autocomplete suggestions template. So the label cannot be outside the
suggestions ul.
* With the removal of the label element, Behat now has to click on the
answer text. In order to achieve this, the custom partial named selector
"qtype_multichoice > Answer" was now added and have replaced the
instances where the label of the answer's checkbox/radio button is
being clicked.
* Discard the use of the label element in order to be able to render
multiple choice answers as they are and have these act as the radio
button/checkbox' label through the aria-labelledby attribute.
* New JS module qtype_multichoice/answers that listens for click events
on the answer text container and selects the appropriate answer radio
button/checkbox.
- Add help for 'payment account' field in the enrol instance form
- Remove MOODLE_INTERNALs when not necessary
- Add $userid to deliver_order
- Check if provider classes implement the provider interface
- Rename get_cost to get_payable
- get_payable returns payable object
- Improve registerEventListeners and added init
- Rename payment\provider to payment\service_provider
Also create the infrastructure to let components know when they have to
deliver what they sold. We are going to use namespace functions instead
of traditional callbacks.
It was preventing JS click event handlers being reached on some
elements, such as course admin items in Classic
(eg download course content for teachers).
There was an error when creating the unique index. Apart from that,
the code has been reorganised to copy data in the new structure only
if password field hasn't been removed.
There are some unexpected differences between 310 and master,
better reconcile them now. Note this is not 100% critical but,
as far as nothing exclusively for 4.0 has landed to master yet
only branch/version differences should exist.
This includes:
- Breaking changes (return void + PHP 7.1 min requirement).
- Deprecations and removals.
- Specifically DbUnit and its replacement.
- Printer showing how to rerun tests removed.
That custom printer was using some hacks to be able to intercept
configuration switches, reflection and other tricks to be able to
print the:
To re-run:
vendor/bin/phpunit --verbose "core_setuplib_testcase" lib/tests/setuplib_test.php
line on every failed/exceptional/skipped test. After some internal
discussion it was agreed that the normal phpunit output:
1) core_setuplib_testcase::test_localcachedir
Time is lower that allowed start value
Failed asserting that 1601976686 is equal to 1601976687 or is greater than 1601976687.
/var/www/html/lib/phpunit/classes/advanced_testcase.php:446
/var/www/html/lib/tests/setuplib_test.php:170
/var/www/html/lib/phpunit/classes/advanced_testcase.php:80
has already all the information at hand about how to rerun a test:
- vendor/bin/phpunit lib/tests/setuplib_test.php
- vendor/bin/phpunit --filter core_setuplib_testcase::test_localcachedir
- vendor/bin/phpunit --filter ::test_localcachedir
- vendor/bin/phpunit --testsuite componentname_testsuite
- vendor/bin/phpunit --config <<compoenent directory>>
- use --cache-result to get failed tests rerun with ease.
- ...
So better, let's use standard phpunit output and done. Also, note that,
with the upgrade to phpunit 8.5, the printer was not working correctly
any more, causing some switches, like --verbose ... to be ignored. Sure
it could have been fixed but, as commented above, no real need for all
that "parapheranlia" to print the rerun information.
Apply the standard deprecation procedure to the old APIs, to
be removed in Moodle 4.2 (MDL-69882). Existing unit tests
cover the deprecation debugging.
Originally MDL-64600
In charge of taking over the, now removed/archived, phpunit/dbunit
package. It supports loading of CSV/XML files and strings and
PHP arrays, allowing to send the loaded information to database.
Perform some basic controls about the consistency of information,
surely not super-exhaustive but fair enough.
100% covered with unit test.
Planned like an "interim" replacement for phpunit/dbunit uses in
core that, ideally, should be moved to generators stuff at some
point.
Note, expect a few tests in core to fail with this commit, I've
changed some fixtures around. Next commit will fix existing uses.
Originally MDL-64600
It can be enabled if desired from CLI using the --cache-result
option (or modifying the phpunit.xml cacheResult to true).
That will create the .phpunit.result.cache files that,
later, can be used to easily repeat failed (defects) tests or
run the slow ones first and more. See the --order-by option
to know more about all the available criteria. For example:
./vendor/bin/phpunit --order-by=defects --stop-on-defect
(will run all the failed ones first, stopping on problem, useful
for TDD and other scenarios, not so much for complete runs or CI).
Also, added to .gitignore so they won't be committed ever.
The optional parameters of assertEquals() and assertNotEquals()
are deprecated in PHPUnit 8 (to be removed in PHPUnit 9):
- delta => use assertEqualsWithDelta()
- canonicalize => use assertEqualsCanonicalizing()
- ignoreCase => use assertEqualsIgnoringCase
- maxDepth => removed without replacement.
More info @ https://github.com/sebastianbergmann/phpunit/issues/3341
Initial search done with:
ag 'assert(Not)?Equals\(.*,.*,' --php
Then, running tests and fixing remaining cases.
Both assertContains() and assertNotContains() are deprecated in PHPUnit 8
for operations on strings. Also the optional case parameter is. All uses
must be changed to one of:
- assertStringContainsString()
- assertStringContainsStringIgnoringCase()
- assertStringNotContainsString()
- assertStringNotContainsStringIgnoringCase()
More info: https://github.com/sebastianbergmann/phpunit/issues/3422
Regexp to find all uses:
ag 'assert(Not)?Contains\('
With PHPUnit 8 a good number of assertions, all them related with
operations on non-public attributes have been deprecated. And will
be removed with PHPUnit 9.
The main point is that unit tests shouldn't be testing non-public
APIs (good practice) and those assertions were an error originally.
See https://github.com/sebastianbergmann/phpunit/issues/3338 for
the complete list and other details.
When possible (the attributes being checked are public), the change
is simple, just switching to normal assertions.
When the attributes are not public we need to find a workaround
to be able to test the same using public APIs, or use Reflection,
or remove the tests.
For the records, this is the regexp used to find all the cases:
ag '>(assertAttribute|attribute\(|readAttributte|getStaticAttribute| \
getObjectAttribute)' -G "test.php"
While this is not strictly required, because removal will
happen in PHPUnit 9.0, we are already getting rid of all
uses in core.
From release notes:https://phpunit.de/announcements/phpunit-8.html
The annotations `@expectedException`, `@expectedExceptionCode`,
`@expectedExceptionMessage`, and `@expectedExceptionMessageRegExp`
are now deprecated.
Using these annotations will trigger a deprecation warning
in PHPUnit 8 and in PHPUnit 9 these annotations will be removed.
Also, all uses of expectExceptionMessageRegExp() has been moved
to expectExceptionMessageMatches(). See https://github.com/sebastianbergmann/phpunit/issues/3957
TODO: Various weirdness found while doing the changes with these tests:
- vendor/bin/phpunit lib/tests/exporter_test.php (created MDL-69700)
- vendor/bin/phpunit competency/tests/external_test.php (same issue than prev one)
- vendor/bin/phpunit question/engine/tests/questionengine_test.php (created MDL-69624)
- vendor/bin/phpunit lib/tests/event_test.php (created MDL-69688)
While this is not strictly required, because removal will
happen in PHPUnit 9.0, we are already getting rid of all
uses in core.
From release notes:https://phpunit.de/announcements/phpunit-8.html
assertArraySubset() is deprecated and will be removed in PHPUnit 9.
While this is not strictly required, because removal will
happen in PHPUnit 9.0, we are already getting rid of all
uses in core.
From release notes:https://phpunit.de/announcements/phpunit-8.html
assertInternalType() is deprecated and will be removed in
PHPUnit 9. Refactor your test to use assertIsArray(), assertIsBool(),
assertIsFloat(), assertIsInt(), assertIsNumeric(), assertIsObject(),
assertIsResource(), assertIsString(), assertIsScalar(),
assertIsCallable(), or assertIsIterable() instead.
Constraints are now declared final, so we cannot extend them anymore.
Hence, instead of extending PHPUnit\Framework\Constraint\IsEqual we
are just wrapping it into our constraint.
All the setup/teardown/pre/post/conditions template methods
now are required to return void. This was warned with phpunit 7
and now is enforced.
At the same time, fix a few wrong function names,
provider data and param types, return statements...
This makes everything to break, but it's what we'll be fixing
in the next commits, heh. :-)
Generated with php72 (min version supported), following the
instructions @ https://docs.moodle.org/dev/Composer
Before this patch strings that were declared over multiple lines in
a template would not be parsed correctly.
{{#str}}value,
mod_forum{{/str}}
would have been been parsed to get_string('value', 'core')
{{#str}}
value, mod_forum
{{/str}}
would have been been parsed to get_string('', 'core')
* Lighten info container.
* Fix colour contrast for the question container by
- Lightening the background a bit
- Darkening the text colour a bit
- Making sure the link colour has good colour contrast against the
question text.
* Fix colour contrast for the comments container by
- Lightening the text colour a bit
- Darkening the link colour a bit for better colour contrast against
the feedback text.
The current red, blue, and green colours achieve the minimum colour
contrast against a white background. However, when they're against
coloured background, text with these colours will easily fail the
4.5:1 contrast ratio requirement for Level AA.
The updated colours now have the following contrast ratio against a
white background:
* Blue - #0f6fc5 (5.12:1, from 4.58:1)
* Green - #357a32 (5.27:1, from 4.63:1)
* Red - #ca3120 (5.29:1, from 4.59:1)
The current red, blue, and green colours achieve the minimum colour
contrast against a white background. However, when they're against
coloured background, text with these colours will easily fail the
4.5:1 contrast ratio requirement for Level AA.
The updated colours now have the following contrast ratio against a
white background:
* Blue - #0f6fc5 (5.12:1, from 4.58:1)
* Green - #357a32 (5.27:1, from 4.63:1)
* Red - #ca3120 (5.29:1, from 4.59:1)
Makes sure the guest user context exists when fetching
the recommended modules. If the context does not exist
an exception is being thrown describing the problem.
Without this, there's a code path that under the right circumstances is hit and
results in a query with `FROM (mdl_event) ev` in it - which is not valid syntax
under postgres.
* Deprecated serialise_tool_proxy() as no longer used.
* Use tool_proxy_return_structure for each proxy.
* Added tests for getting all proxies and orphaned proxies.
The remove_course_contents function did not delete data from
course_module_completion table in most cases, resulting in large
quantities of orphaned data.
The new API works on normal databases (by deleting data based on the
subquery) and also on MySQL (by deleting the data using a weird join
on the subquery).
Before there is a conversation, messages between users are sent
using core_message_send_instant_messages instead of
core_message_send_messages_to_conversation.
That method had an undefined $errormessage variable, ultimately
causing the problem detected on message_post_message()/message_send()
to never been returned by the external.
This just adds the same error than already existing conversations do,
but returning it as warning, for BC, JS will show it.
In this commit, we also reorganised how the Mobile box is displayed in the user profile.
We are allowing now site admins to see the user last access time.
Pass current user object to post builder as argument, so that the permission to view timed post
will check with current user, who is viewing the posts instead of user who made that post.
For clients that wish to consume the original value of the custom
field (e.g. timestamps for date fields), rather than the formatted
version, add a new "valueraw" property to the returned data.
Request additional offline access, allowing the repository to sign in
automatically each time, including across different user sessions, until
either the refresh token is invalidated or the user logs out of the
repository.
Changes:
- The client can now be instantiated with the new mode enabled.
- A user refresh token will be stored if returned as part of the
authorization_code grant but only if the user is authenticated and only
if the mode is enabled.
- If the mode permits it, attempt to exchange a stored refresh token for
a new access token during login checks, allowing access to continue
across sessions without the need to re-grant consent every time.
- Purge all refresh tokens for a given user, issuer and scope on client
log out. This makes sure logout persists across logins.
When plugins are removed from disk, an exception is thrown when
calling component_callback_exists.
This exception should be catched here in order to load properly
the activity chooser (otherwise, the exception will be displayed
and no activity will appear).
The patch introduces a new admin_setting fiela type that can be used for
specifying comma separated list of countries. The field has inbuilt
validation so that only valid country codes can be inserted.
- The backup details page uses a table to show a sumary of the backup
content. Used role attribute to denote the tabular format of the
summary.
- The backup details page displays activity name next to each activity
icon. Therefore the icons are only decorative and do not need to have
any title or even alt text.
- Form labels should be associated with form controls. A div element is
not a form control.
- The from attribute of the form labels should be equal to the id
attribute of an element. Therefore, we first create a label and an
input elements and associate them to each other, and then pass them to
backup_detail_pair() when a label is needed.
Existing mod_hvp pluging has a renderer to let Moodle instances
alter styles, Javascript, semantics (fields in the editor) and
content: https://github.com/h5p/moodle-mod_hvp/blob/stable/renderer.php
The approach for core_h5p is exactly the same, to let people
to reuse their existing code.
Rename the string identifier to filetypesnotallowed, copy all the
existing translations in AMOS and deprecate the original string to be
eventually removed.
AMOS BEGIN
CPY [filetypesnotwhitelisted,core_form],[filetypesnotallowed,core_form]
AMOS END
The code has been using terms that were found exclusive and potentially
derogatory. Fixing the terms and making the variables and methods
consistent with the related admin settings.
The name of the placeholder has been found exclusive and potentially
derogatory. Also the name of variable that was used to populate the
placeholder value. That was not the intention.
If the allcountrycodes filter contains only invalid values, ignore the
whole filter setting and make get_list_of_countries() return the full
list of all known countries, rather than empty list.
The link class attribute is a leftover from 7258bf0b, which was mostly
removed in 3b2f691f. It no longer serves a purpose and interferes with
the element focus outline.
When editing a user and checking the 'Delete picture' checkbox to delete
the old picture and uploading a new one at a time, the new one didn't appear
in the user profile. This happened due to the 'if/else' statement
in the 'core_user::update_picture()' method which allowed either to delete
the old picture or to upload a new one.
The fix removes the 'else' part of the 'if/else' statement to force
checking for a new uploaded picture no matter if a user checked
the 'Delete picture' checkbox or not.
There were inconsistencies with the text shown on the submit button,
depending on the where the button was shown.
* Inline reply forum displayed general "Submit".
* Experimental nested discussion view reply form displayed "Post"
(post/core string) which acts as a noun in other contexts and cannot
be used as such in many non-English languages.
* Advanced reply form displayed "Post to forum".
The patch fixes this and starts to show "Post to forum" in all three
places consistently.
While working on this, two more issues were noticed and fixed:
* Inline reply textarea's title was hard-coded English "post" text.
Changed to "Message" to provide advisory information related to the
element.
* Buttons contained title attribute with the same value as the explicit
button text. This goes against accessibility guidelines.
Calls to core_get_course_contents can cause PHP warnings in the server
log if there are any URL instances in the course with sketchy URLs.
This is because url_export_contents incorrectly returns null instead
of an empty array if there is an error.
It was found out that in certain situations there may be some content
in to output handlers buffers. Let's allow that to happen given that:
* default handler's buffer is not sent as a part of the file and an
error is reported into the server log.
* other handlers' buffer is sent with the assumption that it is required
for the correct serving of the file.
The localisation must happen only after loading the list of licenses
from cache so that the name is displayed in the current user's preferred
language, not in the language of the user who initiated the cache
rebuild.
The autocomplete AJAX is identical to the version in tool_lp, but also
includes support for excluding suggestions (i.e. cohorts already
synced with the current learning plan).
If two different plugin types (e.g. theme, local) implement
override_webservice_execution callbacks, then all of them except
the 'last' plugin type do not work correctly.
New function get_total_content_size() is introduced in the stored_file
class. The puprose of this function is to calculate and return the
total size (in bytes) of the content of an archive file.
When a given user doesn't have the capability to "Include user data"
during course copying, freeze the form element rather than not adding
it at all.
This caused problems as the element was required before preceding with
the course copy.
Use $gray-600 for a darker text colour in the course select box.
This also makes the colour consistent with the view selector which
also uses $gray-600.
Increase the opacity for the sass variable $navbar-light-color a
little bit in order to achieve an acceptable colour contrast against
the white background.
The $component = 'mod_h5pactivity' will be passed always to the H5P
player because it's required for being able to call these activities
from outside using embed code. The xAPI implementation checks whether
the information should be tracked or not.
When the Moodle component is passed to the player, xAPI tracking
is enabled so, if the component implements required xAPI API methods
(for instance, mod_h5pactivity does), grades and responses are sent.
Adding this component to the embed code will help to add
the embed code from a mod_h5pactivity to any other place (such as label,
page or book), and being able to track the responses to the original
mod_h5pactivity.
- Screen-readers should not see 'clear my choice' when it is not visible
- 'clear my choice' option should only become visible when a choice is
selected
When the Moodle component is passed to the player, xAPI tracking
is enabled so, if the component implements required xAPI API methods
(for instance, mod_h5pactivity does), grades and responses are sent.
Adding this component to the embed code will help to add
the embed code from a mod_h5pactivity to any other place (such as label,
page or book), and being able to track the responses to the original
mod_h5pactivity.
As well as fixing the bug, I also rewrote the test to use
data providers, which should lead to more useful failure messages.
And, I moved the magic number we used as the float tolerence to
be a named constant.
* Introduce the "actionmenulinkclasses" block in the action_menu_link
template so other templates importing it can have the option to override
its classes.
* Have the action menu trigger template use the action menu link
template to reduce code duplication.
With the static function variable $instance, calls to
\action_menu_link::export_for_template() from its subclasses are stored
in different variables. This causes duplicate IDs when different
implementations of action menu links are rendered on the action menu
trigger/link template. (e.g. action_menu_link and
action_menu_link_secondary both rendered on the same page).
To make the incrementing uniform for the action_menu_link class and its
implementations, the $instance variable is moved out of the
export_to_template() method and is now made to a static class variable.
Links and normal text should have at least a colour contrast ratio
of 3:1. To achieve this, $body-color will be using the darker
shade of gray $gray-900 (#212529).
Links and normal text should have at least a colour contrast ratio
of 3:1. To achieve this, $body-color will be using the darker
shade of gray $gray-900 (#212529).
Darkened the fills of completion icons in order to meet the required
minimum contrast ratio of 3:1.
* Changed gray fills (#999) to #949494.
* Changed blue fills (#76A1F0) to #6393ee
* Changed green fills (#9C3) to #79a128
Thanks to Barbara Ramiro <barbara@moodle.com> for the help in
updating the SVG icons!
* Darkened the link and clickable icon colours inside coloured events.
* Added borders around event colour indicators inside the month-view of
the calendar for better contrast against the white background.
If a scheduled task which uses a 'R' field is picked, then the reset of
updated task times will not necessarily be correctly determined as the
randomisation is picked during reset.
This can lead to some random test failures.
Actively specifying a test which does not make use of the 'R' random
field time addresses this issue.
Before this change in a frozen context a user would be able to delete
their own comments.
After this change a user will only be able to delete their own comments
if they still have the capability to post new comments or the capability
to delete comments from any user.
Under parallel development, when something is worth being commented
in upgrade.txt notes, it will be applied to all the development branches
using the "earliest" one to be released. So, if something changes
in 3.10 (and also is applied to master), the upgrade.txt notes will
show 3.10 in both branches.
Of course, if something only goes to one dev branch (say master), then the
master version will be used in the notes (4.0 in this case).
This commit introduces the following new flags:
--no-composer-self-update Disable composer self-update of the
composer.phar utility
--no-composer-upgrade Disable upgrade of development
dependencies using Composer.
--disable-composer Disable both composer self-update and
composer upgrade
Both ldap or the DB can return information in a non-consistent
ordering leading to events to be generated in different order.
And current tests are, right now, assuming a given order.
Note this is a rare random, but it's happening, so better
fix it, see the issue for some more details.
So we just do the tests ordering immune, verifying that all the
expected events have been triggered and done. Irrespectively of their order.
Currently, PHP getimagesize method doesn't support SVG images.
As some features, such as badges, processs and optimise the images
before using them, a new filetype group has been created to exclude
SVG from there: optimised_image.
SVG can't be removed from web_image because then users won't be
able to add SVG images to their courses using labels, pages...
The external database authentication plugin (auth_db) can update the
external database if mapped fields are set to Update external: On
update. This change adds error handling in case this update fails.
Also removed the scope attribute from the mini-calendar table
because according to https://www.w3.org/TR/WCAG20-TECHS/H63.html
it was not needed:
Note 1: For simple tables that have the headers in the first row
or column then it is sufficient to simply use the TH elements without
scope.
1) Remove any floatval() casting. They are breaking / killing
.10 versions (converting them to .1). Since Moodle 2.0 all the
backup::RELEASE have been 100% numerical values.
2) Use version_compare() always to compare backup::RELEASE values.
They are always versions and the function is aware of versions
> .9, able to clean/ignore alpha chars... and everything else.
Note that I've also changed a couple of cases in formats (topics and
weeks) that were correct, but just added the same comment and used
the same version_compare() comparison parameters style, so all uses
in core are consistent (and safe to be copied out there).
On installation (or also phpunit/behat unit) some CFG variables
were being used (on setting validation) before being set.
So this commit just verifies they are set before using them. Note that,
strictly speaking, only one of them ($CFG->searchenginequeryonly)
required the extra check, but I think it's better to apply it to all
them, as a reference and in case validations are run in any other order.
- Also bump travis to get builds against 310_STABLE.
- And backup release to match 3.10
Note this doesn't aim to be a complete change-set, but just the
minimum to switch to 3-digit $branches and keep installation, checks
and tests running and passing.
2020-08-17 00:12:30 +02:00
5989 changed files with 271835 additions and 101411 deletions
//$temp->add(new admin_setting_configcheckbox('backup/backup_auto_messages', new lang_string('messages', 'message'), new lang_string('backupmessageshelp','message'), 0));
//$temp->add(new admin_setting_configcheckbox('backup/backup_auto_blogs', new lang_string('blogs', 'blog'), new lang_string('backupblogshelp','blog'), 0));
@@ -437,6 +522,9 @@ if ($hassiteconfig or has_any_capability($capabilities, $systemcontext)) {
$temp->add(newadmin_setting_configselect('lang',newlang_string('lang','admin'),newlang_string('configlang','admin'),current_language(),get_string_manager()->get_list_of_translations()));// $CFG->lang might be set in installer already, default en is in setup.php
$string['theninfo']='Then. Checkings to ensure the outcomes are the expected ones';
$string['unknownexceptioninfo']='There was a problem with Selenium or your browser. Please ensure you are using the latest version of Selenium. Error:';
$string['viewsteps']='Filter';
$string['warndirrootconfigfound']='A configuration file was found at {$a}. This file is not automatically updated and may become stale. We recommend removing this file.';
$string['wheninfo']='When. Action that provokes an event';
$string['wrongbehatsetup']='Something is wrong with the behat setup and so step definitions cannot be listed: <b>{$a->errormsg}</b><br/><br/>Please check:<ul>
<li>$CFG->behat_dataroot, $CFG->behat_prefix and $CFG->behat_wwwroot are set in config.php with different values from $CFG->dataroot, $CFG->prefix and $CFG->wwwroot.</li>
@@ -21,5 +21,5 @@ Feature: Transform date time string arguments
And Iloginas"teacher1"
And Iamon"Course1"coursehomepage
And Ifollow"Testassignmentname"
And Ishouldsee"##yesterday##l,jFY##"
And Ishouldsee"##yesterday##%d%B%Y##"
And Ilogout
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.