This change fixes 2 issues:
1 The focus lock for modals (e.g. within Tiny editor) did not
correctly loop round from the end of the modal to the start.
2 After clicking 'Browse repositories' button in a Tiny editor
modal, and closing the file picker, focus did not return to
the button as expected.
It is unnecessary to allow HTML to be added to the drop zone label text,
as this content is hidden and only accessible to screen readers.
Additionally, the content is currently not properly formatted, which
introduces a risk for potential XSS exploits. This change ensures that
only plain text (PARAM_TEXT) is allowed when adding content and that the
content is properly formatted before being output.
With the change from `aside` to `section` for blocks within the main
content region, the selector for instances of the calendar block not in
the main content region also needs to be updated to use a more generic
selector that can cover when either the blocks container containing the
calendar block is an `aside` or a `section`.
The `data-blockregion` attribute is a good selector for this purpose.
Unique labels for the block regions:
* `side-pre` blocks - "Blocks"
* `side-post` blocks - "Supplementary blocks"
* `content` blocks - "Main content blocks"
Blocks in the main content region (div role="main") should not also be
in an <aside> as it is a top-level landmark.
Blocks are contained in an <aside> which has a default ARIA role of
"complementary", a top-level landmark. So assigning a "complementary"
role for block instances is not needed. As blocks are already in a
<section> tag which has a default role of "region", there's no need
to override the ARIA role, unless specified by the block plugin.
Read more at:
https://www.w3.org/WAI/ARIA/apg/practices/landmark-regions/
The containers for the blocks in layout templates should not be using a
<section> tag (which has a default landmark role of "region") as the
blocks are already contained in an <aside> tag that has the default
"complementary" role which should be a top-level landmark.
Read more at:
https://www.w3.org/WAI/ARIA/apg/practices/landmark-regions/
The #region-main container should not be a <section> tag (which has a
default landmark role of "region") as it contains the container with
the "main" role which should be a top-level landmark.
Read more at:
https://www.w3.org/WAI/ARIA/apg/practices/landmark-regions/
This fixes various external methods that initialize page output
manually, e.g. `core_get_fragment`, which can mess with third party
proxies that modify data in transit because of the current default
response type header (text/html).
Co-authored-by: Mario Torres
The endorsement has been removed from the JSON because, according to
the OBv2.0specification, it must not be included in either the badge
or the assertion.
Including it results in a format error, rendering the badge invalid.
In timezones where daylight savings time is used, courses that start
on a Monday at 00:00 would display the week headings incorrectly
during the change forward.
When the time changes backwards, courses that have a start time of
Sunday at 23:00 also have a mislabeled week.
This attempts to use the DateTime() library, along with the user's
local timezone setting to display the correct day, rather than just
subtracting 86400.
After deploying to our production environment, we noticed that for large gradebooks, having a max of 200,000 grades per
page was still too high and resulted in the gradebook page crashing or failing to load entirely. This commit will make
this value configurable (e.g. ->maxgradesperpage = 70000) rather than a constant so that other institutions can tune it.
Co-authored-by: Leon Stringer <leon.stringer@ucl.ac.uk>
This removes the setting of the 'deleteall' param to every link
on the question edit page and inserts it into the url based
on if we actually want to delete all versions or not.
The "See questions" link for random questions was still using the old
format the filter conditions, so was only applying the category filter
on the list of questions displayed. This means that if a tag filter (or
any other filter) was set on the random question set, it was not applied
when viewing the list of questions.
This change takes all the filter conditions applied in random question's
slot and passes them to the question bank in the "See questions" link.
It's possible the first returned field contains a null value, while
subsequent fields may be non-null - in this case we should still
populate the fullname in column callback.
The function returns the number of modules completed by a user and
executes a COUNT aggregate function to avoid running many queries
to obtain this information, aiming to optimize performance.
Co-authored-by: Carlos Castillo <carlos.castillo@moodle.com>
Avoid mixing float/string types, where the decimal separator could
vary according to current locale (as per previous fix 5a1aef5a, which
was subsequently re-broken by b92886ad).
This makes the rendering of the question comments count additionally
check the core moodle/comment:post capability, since this capability
is required to make comments. Previously, this was not being checked
so users could open the modal to make a comment, which was causing
a javascript error due to expected elements being missing.
- Adds the "cat" field to the converted legacy filter, which was
missing.
- Does the conversion on the editrandom.php page as this was
throwing a warning.
Fix PHP fatal error "Call to undefined function
core\session\disk_free_space()" when disable_functions=disk_free_space.
Prior to PHP 8.0 this error was suppressed by '@'.
Co-authored-by: Federico Alvarez <32086536+fedealvz@users.noreply.github.com>
This changes prevent the admin to define an incorrect proxybypass value.
Dropped out formats in MDL-74289 are now fixed automatically.
e.g.: "192.168." becomes "192.168.0.0/16" and ".domain.tld" becomes "*.domain.tld".
The report performs a `LEFT JOIN` on the external service table/entity
so we need to account for that in column callbacks and actions.
Also the shortname field is nullable, so account for that too.
Prior to fd676913 the manage course categories tree element used
the 'i/empty' icon as a fixed width spacer (fa-fw). However this
icon is now shown as a square, which looks out of place here.
Change to a different icon that maps to the same fixed width spacer
in order to restore the previous behaviour.
Onedrive direct download URL does not accept authorization headers,
it will just return the `unauthenticated` content with 401 HTTP Code
We switched to a safer way. We fetch the item information and use
a new curl instance (without authorization headers)
to fetch the content via direct download URL
This makes the tags which are available to the user on the question
bank tag filter, use tags from all available contexts, not just
that course. This means they can filter by tags assigned to system
questions as well, for example.
This way of highlighting user tour content removes the need to
juggle z-index. It also resolves the problem of cloning the target
element into a separate container and breaking styling.
The issue is that Bootstrap’s dropdown component likely stops
event propagation after the first click to manage its own
dropdown behavior. This prevents your click event handler from
running on subsequent clicks.
To fix this, we can handle the event before Bootstrap’s code stops
the propagation by using capture option with addEventListener.
visibilityChanged in the dialogue base class does important things.
Therefore if ajaxException and exception also want to do something
else in response to the visibleChange event, it should use a
different method name, rather than a name that collides with the
base class method.
Even though Oracle support is planned to be dropped for 5.0, the
actual issue that drops it (MDL-83172) has not yet landed. So, it's
better to keep this in environment.xml for now and defer its removal
from environment.xml in MDL-83172.
We currently use MMM and MMMM which mean 'month in year', however in
some locales this is context-specific and should only be used in
conjunction with a day, for example "10 October 2024".
LLL and LLLL are for "stand-alone on the in year" and should be used
when a month is used without a day.
The "includesubcategories" parameter is passed in the URL as lowercase,
but the Javascript was looking for "includeSubcategories" in camel case.
This meant it was always being set as false (unchecked) even when the
URL said it was true.
This fixes the casing in the Javascript, and adds a behat test to
confirm the fix.
The current code may have a bug. If users set the audio bit rate to
a non-supported value, such as 1000,
Firefox will display an error in the console,
while Chrome will create the recorded audio file successfully,
but it will have no sound. I tested this on Ubuntu 24.04.
The minimum bit rate threshold varies depending on the audio format.
During my tests with Firefox version 131.0.3, which uses
the audio/Ogg format, I found that the minimum supported value
is 24000. In Chrome 129.0.6668.70, which uses the audio/MP4 format,
the minimum supported value is 2400.
Due to these differences, I decided to change the input from
a text field to a select field, offering options that support both
Ogg and MP4 audio formats.
The database conversion for the old value has been provided in
the lib/db/upgrade.php. The script will find the closest match to
the current data and update it accordingly.
Popovers were not being closed when clicking elsewhere resulting in
multiple popovers open at the same time that cannot be closed. That
was happening because the trigger for popovers was set to "focus" and
"click" at the same time. This patch removes the "click" as trigger.
Also, adds the click event listener to show the popover and avoid the
problem described in MDL-82570, that caused this regression.
Changes search indexing so that (except for test scripts) each indexing
run indexes only items up to 5 seconds ago, and the following indexing
will start from the same point. This ensures all items are indexed,
even if an item is written to the database one or two seconds after its
timecreated value.
The display logic for including the title in the activity header was
such that the title would only display if both the theme default and the
layout option for 'notitle' were undefined or false. It was not possible
to a theme to have 'notitle' default to true, but have a layout override
that as false to display the title.
This change re-writes the is_title_allowed method to encapsulte the new
logic, first checking if the current layout has the option set and using
that, and if not falling back to the theme default if that is set. If
neither is set, the title is displayed.
This also tweaks moodle_page::magic_get_layout_options to ensure the
theme is initialised before trying to return the layout options.
The list of subplugin types was loaded from the json/php subplugins
file, but then the actual list of subplugins was loaded from the cache
in the component, rendering any benefit of using the source json/php as
pointless.
When the user drags and drops a file into a course section that can
create more than one type of activity (for example a zip file) the modal
had repeated form elements ids. Now every radio option has its own id.
Before checking for and calling the module _refresh_events function in
course_module_calendar_event_update_process, the module lib.php file
needs to be included if it has not been already.
When upgraded to Moodle 4.4 or higher, for qbank_columnsortorder
the colsize values in the config_plugins were getting incorrectly set,
resulting in errors accessing the question bank. Changes done to fix
this code and to remove the corrupted colsize value from
config_plugins table.
Before this change, file type errors were reported like system errors. Now,
they are reported in a plain dialoue, which is more like how it works for
drag-drop upload.
Also, before this, after an upload errors, you were left with a blank
filepicker dialogue. Now, the upload form is redisplayed.
Ensure that provided columns and filters for each use appropriate
checks to determine their availability (based on user permissions,
etc), rather than conditionally adding them to the entity.
Fix 'feedback_get_incomplete_users' early return when there are no users with
the 'mod/feedback:complete' capability from 'false' to an empty array. That
will follow the function signature.
This was introduced in Tiny 7.1 to focus notifications, but it conflicts
with the German keyboard layout which uses Alt+F12 to access the open
curly brace.
This is an upstream problem with TinyMCE and should be fixed in a future
release.
The recommended workaround is to disable the shortcut.
Related to MDL-77077, but was a case missed there. Now, any unusable
keys (i.e. can't be used during the JWT decode), are dropped from the
keyset if they don't have the 'alg' prop, preventing a 'missing alg'
exception during keyset parsing. Since these cannot be used during
decode, these aren't needed anyway.
- It fixes the problem that when "pathtophp" setting is stored with
whitespaces, the "Run now" button will still show up in the tasks list,
but the task will never run
In the course index the course modules links had incorrenct "href" (only the anchor) when
being displayed in a page different than course page. This patch regenerates the href for
cms in the course index when needed.
@@ -6,6 +6,183 @@ More detailed information on key changes can be found in the [Developer update n
The format of this change log follows the advice given at [Keep a CHANGELOG](https://keepachangelog.com).
## 4.5.2
### core
#### Added
- A new core\ip_utils::normalize_internet_address() method is created to sanitize an IP address, a range of IP addresses, a domain name or a wildcard domain matching pattern.
Moodle previously allowed entries such as 192.168. or .moodle.org for certain variables (eg: $CFG->proxybypass). Since MDL-74289, these formats are no longer allowed. This method converts this informations into an authorized format. For example, 192.168. becomes 192.168.0.0/16 and .moodle.org becomes *.moodle.org.
Also a new core\ip_utils::normalize_internet_address_list() method is created. Based on core\ip_utils::normalize_internet_address(), this method normalizes a string containing a series of Internet addresses.
For more information see [MDL-79121](https://tracker.moodle.org/browse/MDL-79121)
#### Changed
- The `core_renderer::tag_list` function now has a new parameter named `displaylink`. When `displaylink` is set to `true`, the tag name will be displayed as a clickable hyperlink. Otherwise, it will be rendered as plain text.
For more information see [MDL-75075](https://tracker.moodle.org/browse/MDL-75075)
- The following test classes have been moved into autoloadable locations:
For more information see [MDL-83968](https://tracker.moodle.org/browse/MDL-83968)
### core_completion
#### Added
- The method `count_modules_completed` now delegate the logic to count the completed modules to the DBMS improving the performance of the method.
For more information see [MDL-83917](https://tracker.moodle.org/browse/MDL-83917)
### core_courseformat
#### Fixed
- HTML IDs relating to section collapse/expand have been changed in the course format templates.
- core_courseformat/local/content/section/header #collapssesection{{num}} has been changed to #collapsesectionid{{id}}
- core_courseformat/local/content/section/content #coursecontentcollapse{{num}} had been changed to #coursecontentcollapseid{{id}}
For more information see [MDL-82679](https://tracker.moodle.org/browse/MDL-82679)
### core_question
#### Added
- The `get_bulk_actions()` method on the base `plugin_features_base` class has been changed to allow a qbank view object to be passed through. This is nullable and therefore optional for qbank plugins which don't need to do so.
For more information see [MDL-79281](https://tracker.moodle.org/browse/MDL-79281)
### core_reportbuilder
#### Added
- The `core_reportbuilder_testcase` class has been moved to new autoloaded `core_reportbuilder\tests\core_reportbuilder_testcase` location, affected tests no longer have to manually require `/reportbuilder/tests/helpers.php`
For more information see [MDL-84000](https://tracker.moodle.org/browse/MDL-84000)
### core_tag
#### Changed
- The `core_tag\taglist` class now includes a new property called `displaylink`, which has a default value of `true`. When `displaylink` is set to `true`, the tag name will be displayed as a clickable hyperlink. If `displaylink` is set to `false`, the tag name will be rendered as plain text instead.
For more information see [MDL-75075](https://tracker.moodle.org/browse/MDL-75075)
### mod_assign
#### Fixed
- The unit test for the privacy provider has been marked as final.
A number of core tests had been incorrectly configured to extend this test
but should instead be extending `\mod_assign\tests\provider_testcase`.
Any community plugins extending the `\mod_assign\privacy\provider_test` test
class should be updated to extend `\mod_assign\tests\provider_testcase` instead.
For more information see [MDL-81520](https://tracker.moodle.org/browse/MDL-81520)
### mod_quiz
#### Changed
- The `quiz_question_tostring` method now includes a new boolean parameter, `displaytaglink`. This parameter specifies whether the tag name in the question bank should be displayed as a clickable hyperlink (`true`) or as plain text (`false`).
For more information see [MDL-75075](https://tracker.moodle.org/browse/MDL-75075)
### tool_behat
#### Added
- New Behat step `\behat_general::the_url_should_match()` has been added to allow checking the current URL. You can use it to check whether a user has been redirected to the expected location.
e.g. `And the url should match "/mod/forum/view\.php\?id=[0-9]+"`
For more information see [MDL-83617](https://tracker.moodle.org/browse/MDL-83617)
## 4.5.1
### core
#### Added
-`\core\output\activity_header` now uses the `is_title_allowed()` method when setting the title in the constructor.
This method has been improved to give priority to the 'notitle' option in the theme config for the current page layout, over the top-level option in the theme.
For example, the Boost theme sets `$THEME->activityheaderconfig['notitle'] = true;` by default, but in its `secure` pagelayout, it has `'notitle' = false`.
This prevents display of the title in all layouts except `secure`.
For more information see [MDL-75610](https://tracker.moodle.org/browse/MDL-75610)
#### Changed
- All uses of the following PHPUnit methods have been removed as these methods are
deprecated upstream without direct replacement:
-`withConsecutive`
-`willReturnConsecutive`
-`onConsecutive`
Any plugin using these methods must update their uses.
For more information see [MDL-81308](https://tracker.moodle.org/browse/MDL-81308)
### core_courseformat
#### Added
- Add core_courseformat\base::invalidate_all_session_caches to reset course editor cache for all users when course is changed. This method can be used as an alternative to core_courseformat\base::session_cache_reset for resetting the cache for the current user in case the change in the course should be reflected for all users.
For more information see [MDL-83185](https://tracker.moodle.org/browse/MDL-83185)
### core_enrol
#### Changed
- The `after_user_enrolled` hook now contains a `roleid` property to allow for listeners to determine which role was assigned during user enrolment (if any)
The base enrolment `enrol_plugin::send_course_welcome_message_to_user` method also now accepts a `$roleid` parameter in order to correctly populate the `courserole` placeholder
For more information see [MDL-83432](https://tracker.moodle.org/browse/MDL-83432)
### core_form
#### Changed
- The `cohort` form element now accepts new `includes` option, which is passed to the corresponding external service to determine which cohorts to return (self, parents, all)
For more information see [MDL-83641](https://tracker.moodle.org/browse/MDL-83641)
### core_reportbuilder
#### Changed
- The `get_active_conditions` method of the base report class has a new `$checkavailable` parameter to determine whether to check the returned conditions availability
For more information see [MDL-82809](https://tracker.moodle.org/browse/MDL-82809)
### mod_quiz
#### Changed
- The `\mod_quiz\attempt_walkthrough_from_csv_test` unit test has been marked as final and should not be extended by other tests.
All shared functionality has been moved to a new autoloadable test-case:
`\mod_quiz\tests\attempt_walkthrough_testcase`.
To support this testcase the existing `$files` instance property should be replaced with a new static method, `::get_test_files`.
Both the existing instance property and the new static method can co-exist.
For more information see [MDL-81521](https://tracker.moodle.org/browse/MDL-81521)
And Inavigateto"Plugins>Pluginsoverview"insiteadministration
Scenario: An administrator can view plugins overview page
Then "Pluginsoverview""text"shouldexist
And "Checkforavailableupdates""button"shouldexist
And "Allplugins""link"shouldexist
And "Additionalplugins""link"shouldexist
Scenario: An administrator can access list of activities when activity modules cog icon is pressed
When Iclickon"Settings""link"inthe"Activitymodules""table_row"
Then "Activities""text"shouldexist
And "Manageactivities""text"shouldexistinthe".breadcrumb""css_element"
And "Activitymodules""link"shouldexistinthe".breadcrumb""css_element"
Scenario: An administrator can access plugin settings
When Iclickon"Settings""link"inthe"Assignment""table_row"
Then "Assignmentsettings""text"shouldexist
And "Assignmentsettings""text"shouldexistinthe".breadcrumb""css_element"
And "Assignment""link"shouldexistinthe".breadcrumb""css_element"
And "Activitymodules""link"shouldexistinthe".breadcrumb""css_element"
Scenario: Plugins with dependencies cannot be uninstalled
When Inavigateto"Plugins>Pluginsoverview"insiteadministration
Then "Uninstall""link"shouldnotexistinthe"Database""table_row"
And "Requiredby:filter_data""text"shouldexistinthe"Database""table_row"
Scenario: Cancelling plugin uninstall does not uninstall the selected plugin
When Iclickon"Uninstall""link"inthe"Assignment""table_row"
Then "UninstallingAssignment""text"shouldexist
And "YouareabouttouninstallthepluginAssignment.Thiswillcompletelydeleteeverythinginthedatabaseassociatedwiththisplugin,includingitsconfiguration,logrecords,userfilesmanagedbythepluginetc.ThereisnowaybackandMoodleitselfdoesnotcreateanyrecoverybackup.AreyouSUREyouwanttocontinue?""text"shouldexist
And Iclickon"Cancel""button"
And "Uninstall""link"shouldexistinthe"Assignment""table_row"
- New Behat step `\behat_general::the_url_should_match()` has been added to allow checking the current URL. You can use it to check whether a user has been redirected to the expected location.
e.g. `And the url should match "/mod/forum/view\.php\?id=[0-9]+"`
For more information see [MDL-83617](https://tracker.moodle.org/browse/MDL-83617)
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
classapi_testextends\advanced_testcase{
finalclassapi_testextends\advanced_testcase{
/** @var \stdClass $cohort */
protected$cohort=null;
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.