Since Chrome 142, public servers accessing resources on local networks
gets blocked by default. Users need to allow access for such requests
to proceed.
This patch introduces a new config setting `ltiallowlocalnetwork`.
This determines if the local-network-access flag should be added to LTI
iframes so that Chrome users get prompted when a local network access
is being made.
`\core\output\core_renderer::confirm()`'s `$displayoptions` parameter
now also accepts a `headinglevel` option that developers can use to
specify the heading level of the confirmation's heading. If not
specified, the confirmation heading will be rendered in an `h4` tag.
The update_overdue_attempts scheduled task iterated attempts from a recordset
and could act on stale attempt data if the web request finished an attempt
before cron processed it, causing duplicate submissions.
Change get_list_of_overdue_attempts() to return only attempt ids plus computed user
timeclose/timelimit, and refetch each attempt by id inside the task loop before
constructing quiz_attempt. This keeps quiz_attempt APIs unchanged and ensures cron
operates on current state
Starting in version 3.10, Moodle started to use a different format for
the $CFG->branch that has not been fixed here. This is to make sure that
we request the correct version of the plugin.
The Description field within the Subsection edit form has been deprecated since Moodle 5.2 onwards (see MDL-87279).
To ensure a smooth transition and avoid data loss for our users, the XD team have prepared a solution to notify them
of this upcoming change in stable versions.
When the course format switcher reloads the form, the `$returnto`
parameter is of type string: "0", rather of type integer per initial
load.
In this case the `empty(...)` check is verifying all of empty string,
0 (integer) and "0" (string). Hurrah for PHP type checking.
scoreGiven was being passed as a string (e.g. "8.0"), which caused
validation errors in some LMS implementations such as Rustici Engine.
According to the LTI specification, scoreGiven must be numeric if
present.
Co-authored-by: Jake Dallimore <jake@moodle.com>
https://github.com/packbackbooks/lti-1-3-php-library/issues/169 blocks
us from using the new build.1edtech certification tooling. This issue
commits that fix as a library customisation/hack for stables, so the
suite can be used for annual/bi-annual re-certification.
* Add a slight delay for displaying the message content of the YUI
alert dialogue's ARIA live container to allow screen readers to
announce the alert message accordingly.
Since MDL-41924, because we are not always including the whole category
of each question being used in a backup, we have been missing some child
questions.
This expands the query selecting questions belonging to categories
where only annotated questions are being included, to also select any
children of those questions.
Fixes a bug where filtering questions by tag the 'NONE'
option was not being respected. Automated testing was also added
to cover tag filtering conditions in the question bank
Restoring a whole course will now restore the backed-up questions to a
new qbank instance. This means the test to restore versions was not
restoring the deleted versions to the original question bank entires,
but to a new question bank entry in the new qbank.
Updating the test to just backup and restore the quiz resolves this.
When restoring a backup containing a question bank, we were always
trying to match questions to an existing category on the target course
if once existed. This meant that when duplicating a qbank on the same
course, or importing the same qbank to another course multiple times,
only one of the restored qbanks would end up with questions in it.
This adds a mechanism to record any activities in the backup which
support `FEATURE_PUBLISHES_QUESTIONS`. Then when we restore the
questions, we check if we will be restoring the original activity they
belong to, and skip trying to match them to an existing category. This
means a new copy of each question will be created, and moved to the new
copy of the qbank once it is created.
Adjusts the window size to accommodate wide tables.
This ensures that columns which were previously clipped
are now visible and accessible to the Behat driver.
This change ensures that the completion details page displays only the
activities that are visible to the user on the course home page.
Activities that are hidden, unavailable or located in hidden sections
are no longer shown in the completion details view.
Co-authored by: ewallah <info@ewallah.net>
Now that deleting a tagged question correctly deletes it tag instances,
the tag is no longer available for re-selection after all the tagged
questions are deleted.
In the migration from old-style question banks to mod_qbank, if a
question had the same tag from multiple contexts, when it was moved to
its new question bank context, the migration tried to set multiple tag
instances for the same tag to the same context, which caused a unique
key violation.
This add some checking to the
`question_move_question_tags_to_new_context` function to identify any
tag instances to be moved that will trigger this key violation, and
delte any duplicates before the move so we end up with a single instance
of the tag in the new context. This is done in a transaction that will
only be committed once the remaining tags have been moved.
This required adding the `tiuserid` field to the data returned by
`core_tag_tag::get_items_tag` so we can assemble the unique key without
having to do additional queries.
This also extends the test coverage for the `transfer_questions` task
to ensure tags are moved to the new contexts, and tags on stale questions
are deleted.
When we deleted a question, we were including the userid of the user who
performed the delete when checking for question tags. This means that if
user A tagged the question, and user B deleted the question, it might
leave the tags behind.
This fixes the issue by deleting tags regardless of the user, and adds
an upgrade step to find and remove orphaned tag instances.
Students shouldn't receive overdue notifications if there is nothing to
submit in Moodle.
Students shouldn't receive due soon notifications if they a) already
have a grade or b) meet activity completion status.
Users who could not manage activities on a course, but did have
permission to access particular question banks, could not access the
Question banks page.
This modifies the permission checks on that page to allow access if the
user can either manage activities, or has access to at least one
activity that publishes questions. Some additional changes to the output
were required to prevent non-editing users adding banks.
It also modifies the navigation hook to add the Question banks
navigation node if the user can access any activitiy that publishes
questions on the course. This is all based on cached modinfo and
permissions data so should remain performant.
Prevents calls to action to create an AI provider instance from
being displayed to users when there are no AI provider plugins
installed in the instance.
Co-Authored-By: Yusuf Wibisono <yusuf.wibisono@moodle.com>
Improve upgrade execution by gathering block instance IDs upfront
and processing deletions of related records in context, block_positions, user_preferences, and block_instances tables in batches.
When checking if the original context exists during a restore, we need
to check that we're looking at the context on the same site, not one on
a different site that happens to have the same ID.
This adds a new "nextversion" field to `question_bank_entries` to track
which version number the next version of the question should have. This
ensures that version numbers are not re-used if the latest version is
deleted.
To use this field, you must call
`\core_question\versions::get_next_version()`. This will initialise the
field to the correct value if it is currently null.
If you create a new version using this value, you must then call
`\core_question\versions::increment_next_version()` to increment the
counter.
If the latest version of a question is deleted, and then a new one
created, the new one will currently re-use the version number of the
deleted version. If the original version was backed up before it was
deleted, then restored later, we end up with two questions in one
question bank entry that have the same version.
To resolve this, when restoring a question, we check if there is already
a version with the same version number, then bump it and any higher
versions up by 1. We also check for any references specifically using
these versions and bump those up by 1. Any references using "always
latest" will be fine, as the latest version will still be the latest.
Additionally, if deleting a version made it hidden, and the backup
contains the same version in "ready" state, restoring the backup will
restore it to "ready" state.
Prior to this change, tooltips would only load for elements in the
initial page DOM without considering those elements subsequently added
dynamically (e.g. via AJAX).
Co-authored-by: Sebastian Gundersen <sebastian@sgundersen.com>
Editing maxmarks in quiz slots was not respecting the decimal separator
from the set language's locale, meaning if your language formats numbers
like 1,10 editing didn't work correctly.
This sets the correct parameter to ensure the locale is respected.
Added checks to link non-suspended user accounts to OAuth2, when logging
in. Also added an additional check to prevent users from using OAuth2
to login if their account is suspended in Moodle.
* When testing using phpunit/sqlsrv the ids of sections and cm are colliding
so we need to make sure we separate them as a reference to a cm can be the
same as a reference to a section
This fixes the CSS rule that reveals the "as new child of" drop target
shown when dragging a category over another category which has no
children.
We can't behat test the actual drag-drop reordering behaviour with behat
as reactive DragDrop components aren't testable, but we can trigger the
CSS to add a regression test for the drop target's appearance.
Refactor get_nearest_editable_subcategory to improve performance.
This refactor maintains functionality and signature of
get_nearest_editable_subcategory but improves perofrmance
for varied datasets. This makes rendering of the
my courses page.
* Set proper label via `aria-label`.
* Instead of changing the button's label to 'Show'/'Hide', set the
button's `aria-expanded` attribute accordingly.
* Remove unnecessary event handling for the toggle button when pressing
Enter or Space key. This is already natively supported and triggers
the click event.
* Adjust Behat tests accordingly.
Adjust tests to comply with updated PHPUnit lifecycle behaviour
- Initialise typed test properties (e.g. core_session memcached test) or make them nullable
- Add `isset()` checks to avoid accessing properties before initialisation
- Ensure resetAfterTest() is called before modifying DB or `$USER`
Avoids PHP warnings during Behat initialisation:
- file_put_contents(...): Failed to open stream: No such file or directory;
- rename(...): No such file or directory
Question banks were displaying in places they shouldn't, because
FEATURE_CAN_DISPLAY wasn't fully implemented. This broadens its
usage in the following areas:
- Availability info - Not relevant to qbank. However you could feasibly
have some module which isn't shown to students, but the teacher can
use
it to track completion, so dont display the link.
- Activities block - links to each activity's index page. We already
have
the Question banks page in the secondary nav. No need to have it here
too.
- Overview report - It doesn't make sense to display question banks
here,
as they're not an activity students can participate in, they wont have
dates etc.
- Externallib - Return with candisplay = false. The app needs to handle
this correctly.
- Visibility options, moodleform_mod, modvisible and visibility
selector.
Not relevant for qbank since it doesn't include the standard
coursemodule
options, but if an activity with without CAN_DISPLAY did display a
visibility setting, "Hidden" should be the only option.
- Activity names filter - we dont want automatic links to question
banks.
The idea is to prevent double escaping in s()
and mustache.escape() by using numeric html
entities to sanitise result of format_string(),
get_string() and similar.
Change the query used to check if a user has a capability but is
assigned a role that prohibits that capability. This is based on the
query added by Petr Skoda for MDL-57027.
If the `\core_shutdown_manager::initialize` method is called multiple
times, it should only succeed once.
Unfortunately whilst logging existed, the shutdown manager did not
actually exit.
Identified performance bottlenecks in clear_cached_data() from
mod/quiz/report/statistics/report.php. The delete_records() calls on
question_statistics, question_response_analysis, and quiz_statistics tables
use the hashcode column for filtering, which becomes inefficient with large
datasets.
* Check the accessibility of the questionnaire, especially when
there are dependent questions.
* Use generators for a more efficient and faster test execution.
Making a visual distinction for dependent questions compared to other
questions does not add much value in the perspective of users. We should
just stop adding the `.feedback_is_dependent` class for dependent
questions.
If we call `question_bank_helper::create_default_open_instance` with an
empty `$bankname` parameter, it will currently create a new instance
with no name. This leads to exceptions being thrown when we try to load
the course it belongs to.
This adds some validation to ensure the name being passed is not empty.
Once the issue is resolved, and the bank is created with a proper name,
the course will work as normal.
- The current context may be necessary when deleting a frontpage block displayed on every page with javascript disabled
- The current context may be necessary when a frontpage block is displayed on every page and the question bank is viewed
- Also handle a NULL currentcontext for question_page_type_list() correctly
AMOS BEGIN
CPY [ignorehiddencourses,enrol_database],[ignorehiddencourses,enrol_ldap]
CPY [ignorehiddencourses_desc,enrol_database],[ignorehiddencourses_desc,enrol_ldap]
AMOS END
When fixing categories with broken parents, if the resulting changes
would have led to categories with the same stamp or idnumber being in
the same context, the task failed due to violations of the unique keys
on contextid-stamp and contextid-idnumber.
This checks for violations before moving categories, and either
generates a new stamp or nulls the idnumber on the category being moved,
following the method used in MDL-85869.
In the calendar API, `raw_event_retrieval_strategy` accepts a list of
courses to return events for. If one or more users are also specified,
it will find the courses the are enrolled in, then call
`calendar_set_filters()` to return a sorted list of those courses, and
any groups within those courses that they can see events for. The list
of courses in then filtered to those passed to
`raw_event_retrieval_strategy`.
If the user is enrolled on lots of courses, but is only viewing the
caledar for one course, this results in a lot of redundant work to fetch
group data for their courses which is then not used. This either
involves a lot of extra complex queries, or results in an unncessary
cache hit for each course.
This change re-orders the code so that the list of enrolled courses is
filtered to just those courses being viewed, before it is passed to
`calendar_set_filters()`. This means we are only fetching group data for
those courses we will be showing events for.
This is similar to change in ec89abc5 which updated the icon state
if the corresponding checkbox was unchecked. Here we're doing the
same if the entire date/time element itself is disabled.
* Fix missing labels for the checkboxes that enable notification plugins
* Add an accessible name for the Default notification preferences table
* Fix missing table header for the preference column of the Default
notification preferences table.
* Accessibility Behat test coverage for the Notification settings
admin page
* Remove the unnecessary title attributes for the visually hidden labels
* Fix missing column heading for the preference column
* Fix incorrect label for the toggle controls
* Make the preference name a table heading with a row scope so that the
toggle controls will be programmatically associated to it.
* Apply a col scope for the processor column headings to
programmatically associate the toggle controls to their respective
columns.
Whilst `register_shutdown_function` works as a queue, `pcntl_signal`
does not.
To preserve the behaviour of existing signal handlers, as are typically
found in CLI wrappers like PHPUnit and Behat, we should store any
existing handler
Include the category and field names for accessible names of the delete
and action buttons to help assistive technology users better understand
the buttons' purpose.
* Use native HTML buttons for the edit and delete buttons. This provides
default button behaviours which helps keyboard users activate the
buttons using either the Space or Enter key.
* Move the accessible label out of the pix icon and to the action button
itself.
* Style buttons to ensure that they have a minimum clickable size of
24x24 pixels to sufficiently meet WCAG 2.2 SC 2.5.8 - Target Size
(Minimum) (Level AA).
Course urls may be null when navigation is set to true.
The return value from course_get_url being null was not being handled before
this change, which could lead to an exception causing the page not to load.
It also handles null urls in the course index in Boost so that they are
not a link to what ever the current page is.
If either the first or last section in a format did not a
return a url under the Classic theme there would still be
a link displayed with a link to the current page the user
is on.
After this change no link would be displayed in this case.
Backing up quizzes containing random questions from multiple different
categories was only including one of the categories in the backup.
This was due to doing $array + $array instead of array_merge(), meaning
items in the second array with keys that were already present in the
first did not get added to the result.
* Fix empty column heading in admin settings page
* Add accessible labels for the move buttons
* Fix drag and drop Behat test
* Add accessibility Behat coverage
When the login form is not shown but $CFG->loginautofocus is turned on,
we need to verify first that the username and password fields exist
before we move the focus. Otherwise, the JS will break.
Visually hidden links on login error/info disrupt tab order. We must
remove them.
Instead, announce the div containing the login error/info messages on
page reload.
The visually hidden signup link has also been removed.
And while doing so, fix $notices parameters that ought to be call-by-
reference to collect notices produced during calls to
process_submit_other_for_grading() and process_submit_for_grading().
If the page scrolls while the backdrop is displayed, it looks
incorrect because the backdrop does not scroll with page content.
To avoid this, don't show the backdrop until scrolling has finished.
Move previous validation from the data controller, added in 89dbe63d,
into the persistent class itself so that it can internally validate
itself rather than relying on callers.
This resolves problems with empty/null numeric fields contained within
course backups (e.g. during course copy).
To provide visual feedback and prevent multiple clicks
on no-submit buttons, all submit buttons within a modal
form will be disabled once any of them is clicked.
The title attribute with value "View profile" on profile links is
not necessary as the user's name on the link itself is sufficient
to convey the purpose of the link.
When course format is displayed as single section per page, the inplace editable
in the section page heading was incorrectly displaye, and the instructions panel
was not displayed.
Adding some specific styles to fix that behaviour.
When a form is validated, all validation buttons are automatically
locked to prevent them from being sent twice by mistake. When the form
returns a file instead of redirecting to a new HTML page, a mechanism
(\core_form\util::form_download_complete()) must be called to
reactivate the form's validation buttons.
This mechanism is called for CSV files (file lib/csvlib.class.php), but
not when downloading xls files. The mechanism is only called when
downloading grades in Excel format (file
grade/export/xls/grade_export_xls.php).
The patch proposes to call this mechanism globally for all Excel file
downloads (file lib/excellib.class.php), and not just for grade
downloads (file grade/export/xls/grade_export_xls.php).
* Show category drag handles when there are 2 or more categories
* Show custom field drag handles when there are a total of 2 or more
fields on the page.
unset_excluded_fields() was using isset() to determine if the field
targeted for removal is present in the provided data structure. However,
isset() returns false if the field exists, but contains null. This means
the field will not be unset when it should be.
This resolves this by changing the isset() to a property_exists() check
for objects, and array_key_exists() check for arrays. It also expands
the function to properly handle arrays of arrays, or arrays of values,
which was not fully covered before and is used by some third-party
question types.
Changes made in c530e4c4 left some stray elements in the templates,
which manifested themselves as displaying misplaced pipe characters
depending on unrelated site config (`$CFG->courselistshortnames`).
groups_print_activity_menu() and groups_get_activity_group() now include
an additional $participationonly parameter,
which is true by default. This can be set false when we want the user to
be able to select a non-participation group within
an activity, for example if a teacher wants to filter assignment
submissions by non-participation groups. It should never be
used when the menu is displayed to students, as this may allow them to
participate using non-participation groups.
groups_sort_menu_options() now has a $splitparticipation parameter,
which will split non-participation groups out into their own optgroup at
the end of the menu.
Updated the Google Drive integration to use the drive.file scope instead
of the broader drive scope. This change removes support for shared drives,
which rely on full access. As a result, unit tests were updated to reflect
this behavior by bypassing shared drive checks and expectations.
Standard after a POST submission is to redirect back to where user came
from (in this case), to avoid awkward page reload behaviour. Also fix
bug where deleting an attempt for a user, where the attempt didn't exist
would delete all attempts for that user.
Boost theme removes the last item action.
This adds an extra node so the profile run details page breadcrumb is clickable in both Classic and Boost themes.
* The pix icons must be decorative, and the label be put within
the menu trigger itself as a visually hidden text.
* Also make the pix icons beside the action menu items as decorative.
* Set the action label properly.
* Set the kebab icon as a decorative icon.
* Move the title attribute to the menu button itself instead of the
kebab icon.
When the bulk actions are first rendered, the item count in the
aria-live region will not be announced by screen readers as aria-live
regions need to be present in the DOM and changed before screen readers
can announce their content.
This commit ensures that the item selection count will be announced
when the bulk actions get added to the DOM by calling
`updateBulkItemSelection()` after rendering the bulk actions HTML. This
removes the non-breaking space in the template, effectively causing a
change in DOM without affecting the visuals, and allowing screen readers
to announce the contents of the item count.
Add a status role for the container containing the number of selected
items for bulk actions so that screen readers will announce this
number when an item gets selected for bulk action.
Remove processor checks when calling write_setting. This prevents
configuration errors displaying when processors are not yet configured
when admin defaults are applied.
- Fixing the exceptions shows an incorrectly formatted table
- The filler cell is only used to take space on the left rows but when the right rows are empty, it is not needed.
MDL-85659 introduced a reset of the Bootstrap _reboot.scss table styles.
This reset is applied to most tables (except those using the .table
class) and in some cases resulted in regressions such as unwanted
borders.
To address this, the .table-reboot class has been introduced as an
option to bypass the reset applied by MDL-85659 in undo.scss. Tables
affected by this regression can include this class, which is
intentionally styleless and preserves the original _reboot.scss styles
while preventing the addition of unwanted styling (borders).
MDL-85659 introduced a reset of the Bootstrap _reboot.scss table styles.
This reset is applied to most tables (except those using the .table
class) and in some cases resulted in regressions such as unwanted
borders.
To address this, the .table-reboot class has been introduced as an
option to bypass the reset applied by MDL-85659 in undo.scss. Tables
affected by this regression can include this class, which is
intentionally styleless and preserves the original _reboot.scss styles
while preventing the addition of unwanted styling (borders).
The change in the calendar button from an `<a>` tag to a native
`<button>` tag means the `\HTML_QuickForm_group::getValue()` will have
a different result and the `test_onquickformevent()` tests must be
adjusted accordingly.
- Since `Geoplugin` is not free anymore, a new admin setting called `GeoPlugin API key` has been added for user to input
their API key if they still want to use `Geoplugin` service.
- The `iplookup_find_location()` method has been improved to handle error responses more effectively.
Rounding time could lead to newest enrolments being excluded, resulting in
these courses not appearing under the "My courses" tab in the Dashboard until the rounded time aligned with the actual time.
enrol_get_all_users_courses() now uses the PSR-20 clock to provide stable
and testable time values.
Adds support for the timefinish attribute to the quiz attempt
generator allowing Behat scenarios to specify the exact completion
time of an attempt.
This is necessary to simulate a scenario where the student finished
the attempt few minutes ago for example.
This commit also adds two scenarios that automates MDLQA-307.
Migrating from Moodle 4.5 to Moodle 5.0 the adhoc task
\mod_qbank\task\transfer_question_categories should transfer question
categories into new question bank instances.
The code for rescuing 'lost' categories where the linked contextid
no longer exists was failing. It moved all these categories to the
system context, which could lead to unique key violations.
To fix this, we check for duplicates, and if neccessary change the
stamp, or remove the idnumber. Since these questions were formerly
'lost', this is OK.
Signed-off-by: Daniel Ziegenberg <daniel@ziegenberg.at>
Co-authored-by: Tim Hunt <T.J.Hunt@open.ac.uk>
Migrating from Moodle 4.5 to Moodle 5.0 queues an adhoc task
`\mod_qbank\task\transfer_question_categories` which is supposed to
spawn a lot of adhoc tasks `\mod_qbank\task\transfer_questions`.
However, the task `\mod_qbank\task\transfer_question_categories` is
built in a way that the adhoc tasks to spawn are stored in memory in an
array. So if the task at some point crashes which is not as unlikely as
one would think (temporary database connection loss, leftover rubbish in
question table, all kinds of possible errors, see MDL-86226 or
MDL-85869) all these `\mod_qbank\task\transfer_questions` tasks WILL NOT
BE SPAWNED ANYMORE leaving the whole platform in a mess from which you
will not be able to recover from: Question categories have been migrated
to new contexts, but the questions have not, because the adhoc tasks
never have been created.
We fix this by moving the creation of the adhoc tasks
`\mod_qbank\task\transfer_questions` inside the delegated database
transaction where the question categories are being moved. So after a
category is moved but before it get's deleted, we create the
corresponding `\mod_qbank\task\transfer_questions` task and queue it for
execution.
Signed-off-by: Daniel Ziegenberg <daniel@ziegenberg.at>
For no very obvious reason, the date in the 'You have just
submitted your assignemnt' message was formatted differently
from the default display used on-screen.
This commit makes it consistent.
* Make the calendar icon decorative.
* Mark up the calendar button accordingly:
- Render it as a `<button type="button">`
- Add label using `aria-label`.
- Use a more suitable label of "Date picker" rather than "Calendar"
- Add a `title` attribute to show a tooltip for sighted users.
- Disable/enable it accordingly by setting/removing the `disabled`
attribute.
Replace previous ad-hoc fixes for active item spacing in dropdown
menu items.
Changes to Javascript are due to the following bug in our SCSS
compiler, preventing a simpler `&:has([...])` selector:
https://github.com/scssphp/scssphp/issues/606
Co-authored-by: Mikel Martín <mikel@moodle.com>
* Set `alt` param as empty, but add `title` attribute for the sake of
sighted users.
* Add a visually hidden string that indicates the element is required.
Ensure we don't confuse the expression parser when supplied "Allowed
source" contains coincidental control characters in the URL, e.g. '/'
and '#'.
Note that `preg_quote(...)` isn't appropriate here, because the given
URL may indeed contain genuine control characters already.
The welcome message on login was incorrectly replacing the dashboard
page header.The change ensures the welcome message appears as a
paragraph while maintaining the dashboard page heading.
* Make the accessible labels of the previous and next month links more
informative by indicating the name of the previous/next months.
* Make titles on the previous and next month links reflect the actual
month and show titles only when the calendar is rendered within a block.
This is because the title attribute is only used for the sake for
sighted users who may need to know the meaning of the previous/next
month links, especially when the calendar is displayed in compact form
where the previous/next month name is not shown.
When a new module that publishes questions is created, it does not have
a default question category created until it is viewed. This means that
other parts of the system that want to use the bank while its empty
(such as bulk moving questions) cannot see it.
This adds a step to the common edit_module_post_actions() function so
that any module supporting the FEATURE_PUBLISHES_QUESTIONS feature will
have its default category created with the module instance.
This can be overridden by setting skipdefaultcategory to true
in the $moduleinfo argument to edit_post_module_actions().
A multianswer question with a missing database record no longer throws
an exception, so doesn't work for the "broken question" test, so switch
to ddwtos.
If a multianswer question has its question_multianswer record missing
for some reason, attempting to backup and restore a bank containing the
question will result a dml_missing_record exception.
The qtype_multianswer::get_question_options() method already copes with
the sequence from this record being empty, so we can just remove the
MUST_EXIST check and let it fall back to that.
Evidence recorded against course module competencies was not deleted
with the course module. This led to errors when attempting to view the
competency record on a learning plan.
This change will delete associated evidence records with the cm, and
will clean up any existing orphaned records on upgrade.
Co-Authored-By: Mark Johnson <mark.johnson@catalyst-eu.net>
The upgrade step for Microsoft OAuth2 issuers has been modified
to address an oversight in MDL-84432. The upgrade now only updates
service base urls for multi-tenant issuers.
Co-authored-by: Raju Tummoji <raju.tummoji@moodle.com>
This change addresses necessary adjustments to how OBV2.0 badges are
sent to backpacks, specifically to ensure compatibility and correct
functionality following recent updates to Canvas Credentials' conditions.
It ensures our badge integration continues to operate smoothly despite
these external changes.
MDL-85659 generated a regression on YUI tables that are displayed
without borders. This patch improves the fix including YUI tables
as an exception too.
This follows the recommendation on the ARIA Authoring Practices Guide
(APG) for modal dialogues:
> It is strongly recommended that the tab sequence of all dialogs
> include a visible element with role button that closes the dialog,
such as a close icon or cancel button.
https://www.w3.org/WAI/ARIA/apg/patterns/dialog-modal/
This change resolves issues with Oracle in Moodle 4.5. It has been ported to newer Moodle versions as it improves
the existing SQL and helps maintain consistency across different Moodle versions.
This changeset adds a new `\core\deprecation::emit_deprecation` method
with the same signature as the `emit_deprecation_if_found()` method.
It is intended to be used in places where something is guaranteed to
have been deprecated, and will throw appropriate debugging if the
deprecated attribute is not found.
The `emit_deprecation_if_found()` method should still be used where the
item being checked is not known to be deprecated or not, for example in
calling code.
This commit introduces a mandatory service selection step in our Behat tests
to ensure consistent behavior in environments with multiple third-party services.
Only allow the drag and drop functionality in the course index on pages
that provide alternatives to move course items such as the course
homepage and the course section view pages.
This is to meet the WCAG 2.2 Level AA Success Criterion 2.5.7 for
dragging movements.
See: https://www.w3.org/WAI/WCAG22/Understanding/dragging-movements
This check exists to determine whether a given tool URL is a cartridge,
specifically when the URL does not end in .xml. It hits the URL to
determine this. In tests, we have many mock tool URLs, which won't
resolve, and running this code causes large hangs and random failures.
Any tests covering cartridge support still work fine, provided they
continue to use URLs ending in .xml; this change only skips the check
during tests for other non-xml URLs.
The drag handle and actions menu should not be within the accessible
labels of the question items. In order to enhance the question edit
form with these, they need to be rendered via JS outside of container
of the questions' accessible name.
The label context data in the fieldset's legend tag should not be
escaped and allow raw HTML given that legend tags can contain
phrasing content and headings.
See developer.mozilla.org/en-US/docs/Web/HTML/Reference/Elements/legend.
When trying to resolve a corrupt cache where it is not possible to
complete the Moodle setup/bootstrap, it is necessary to ignore the
current cache to load the cache purging infrastructure.
This updates the logic and text of the notification that is shown while
the question transfer task is still pending, to include instances of the
new transfer_questions task. It also ensures the notification is shown
if a user tries to access the question editing screen from outside the
question bank.
On a large site, the task to transfer question categories to the new
mod_qbanks contexts could take a very long time, as of any transferred
categories contain questions using files, each file has to be updated
individually.
This change splits up the transfer into 2 stages. The first stage
(transfer_question_categories) updates the context IDs on each question
category and moves them to their new top category, then spawns an
instance of transfer_questions for each category that was moved.
transfer_questions then handles moving the files and tags for questions
in a single category at a time. This allows the transfer process to be
parallelised by using multi cron or ad-hoc task runners, so should speed
things up on larger sites.
When the assignment gets deleted between the creation of the ad-hoc task
mod_assign\task\send_assignment_due_soon_notification_to_user or
mod_assign\task\send_assignment_overdue_notification_to_user and its
execution, the ad-hoc task fails with a dml_missing_record_exception and
the task gets stuck.
In this case we do not want the task to fail and just return with an
appropriate mtrace.
Signed-off-by: Daniel Ziegenberg <daniel@ziegenberg.at>
To prevent the debugging messages from appearing during the upgrade,
I set a flag to hide them.
For the test file, I adjusted the parameters in
the unassign_capability() function, which seemed to be using
the parameter intended for assign_capability().
The required icon in mforms is not necessary. The div containing it
already has a title attribute that enables mouse users to hover on the
icon and see its meaning.
Screen reader users will know whether a field is required or not via
the `aria-required` attribute.
Labelling the required icon via `aria-label` does not pass the
a11y audit.
Given these, it only makes sense to make the required icon decorative
for mforms.
Co-authored-by: Jun Pataleta <jun@moodle.com>
When we build the options for a question category selector, the
"nochildrenof" option isn't correctly compared to the category ID. This
means we can select a category's own children as its new parent.
Previously, when the selected value in a choicelist was 0 but not in
the first position, the behavior was incorrect.
This commit fixes that issue, ensuring the choicelist behaves as expected
regardless of the position of the 0 value.
The quiz editing page includes an edit link for each question, and a
badge for questions in a shared bank that links to that bank.
It is possible that the user viewing the quiz does not have access to
edit the question or view the question bank, which means these links are
broken.
This change only adds the links if the user has permission for the pages
they link to.
Using $CFG->recovergradesdefault and/or $gradeitem->refresh_grades()
are problematic when viewing a quiz. When reenrolling a user with
previous attempts, a teacher can choose not to recover the user's grades,
even when recovergradesdefault=true. This must be respected when
the user views the quiz. For site with recovergradesdefault=false,
the users always see a grade of 0, which is wrong.
This change shows the correct grade score and feedback to users and
avoids unintentionally recovering the grades.
The Switch Banks UI was listing all question banks on the course where
the use had the managecategory permission, plus the other banks they had
used recently.
This conflicted with the check when it tried to load a selected bank,
which checked the useall/usemine permissions. This could lead to errors
if this permission had been removed.
This applies consistent checks to both lists with the useall/usermine
permissions instead.
Due to the changes in question sharing, it no longer makes sense to look
at parent contexts when establishing permissions in the question bank.
Questions now belong to a single activity module, and we should be able
to inherit and override permisions at that level like we do with any
other.
In the longer term, we probably want to replace question_edit_contexts
with something simpler, but for the time being this should apply the
correct permission checks where it's used without requiring a big
refactor of existing code.
Adds a unit test for the debugging message triggered when readfile_accel() detects
a non-empty output buffer. The readfile_accel() function directly manipulates the
output buffers, so calling it from within PHPUnit triggers an error like "Test code
or tested code closed output buffers other than its own".
As a workaround, the test runs a CLI script in a separate process, allowing buffer
behaviour to be isolated and debugging output to be captured for assertions.
Correct the error handling in readfile_accel to properly log errors when
working on a stored_file, rather than hiding the true error behind the
incorrect "Object of class stored_file could not be converted to
string."
Co-authored-by: Simey Lameze <simey@moodle.com>
Co-authored-by: Trisha Milan <trishamilan@catalyst-au.net>
Find question bank entries for all questions referenced by a question
slot, and for all questions matching a question bank referenced used for
a random question, and record their IDs so they can be included in
backups.
Historically, backups of an activity using questions would include all
questions for the entire context, where any question had been used. This
could lead to very large backup files, and exacerbated problems with
question duplication.
This changes the process for annotating categories to include in the
backup to find specific categories, rather than whole contexts. It
includes 3 groups of categories:
1. Those that belong to the backed up activity's context.
2. Those that contain a question used directly in a question_reference
belonging to the activity.
3. Those that contain a question used via a question_set_reference
belonging to the activity.
It also adds in any parent categories that are not included by the
above, so we have a complete hierarchy.
For group 1, the backup will include all questions belonging to these
categories, as before. For groups 2 and 3, it will only include
questions for question bank entries that have been annotated by the
activity.
The bulk move question dialogue presents 2 autocomplete fields for
selection of the target bank and category to move questions to. This was
loading all banks and categories the user could access, and filtering
categories based on the selected bank.
On large sites, this was not usable as there were too many banks and
categories to load leading to timeouts.
This refactors the dialogue to load just the current bank and cagtegory
initially, then load other options on demand via AJAX.
This updates the core_question_search_shared_banks external function
with additional parameters to make it applicable outside of the "Switch
bank" dialogue in the quiz, with the corresponding changes to the
question_banks_datasource Javascript module, and unit test coverage.
It also adds a new \core_question\output\question_category_selector
class for rendering a select list of question categories, migrating
the logic used in qbank_managecategories to a core namespace. There
is a fragment callback for rendering this via AJAX.
This defines new group which can be used
to limit execution of these tests to one plugin only.
For example to execute all tests for Label module use:
phpunit --testsuite=mod_label_testsuite
phpunit --group=plugin_checks --filter=mod_label
or
phpunit --filter=mod_label
If question_numerical record for a question has been deleted, when its
options are loaded its answers will not have a tolerance property. This
can lead to duplication.
Also, older questions may not have a question_numerical_options record.
To avoid this, we use 0 as a default tolerance for all answers if there
is no matching record, and do the same when reading the question
structure from backups. We also generate default values for the rest of
the options.
If we restore a question (or any other) which has had its
qtype_xxx_options record deleted, we get a notification output when we
try to build the options.
This may be called from an AJAX request (such as when we duplicate a
quiz), and outputting the notification breaks the AJAX response.
Returning false also means we don't get the answers attached to the
questiondata options, so the structure doesn't match the restored data,
and we get duplication.
This emits the errors via debugging instead, which allows it to be
supressed or logged, and allows get_question_options() to continue
running.
This adds an ad-hoc task to clean up duplicate subquestions created by
the bug.
When the upgrade is run, it will run a query to check if any
subquestions have been duplicated (if there are multiple questions with
the same parent, text and stamp), and queue the cleanup task if there
are.
For each stamp identified, the task will find instances of the question
that are not referred to in their parent's sequence field, confirm that
they have 0 usages, and delete them.
qtype_multichoice::get_question_options() will create a default options
object if no qtype_multichoice_options record exists. This means if we
restore a backup containing a multichoice question without any options
(see previous commit), it will always create a duplicate.
This change generates a default set of options for the backupdata if
none exists, so the identity hash will match if the same question exists
in the database without options, and we dont get duplicates.
Historically, multianswer would re-use question IDs from subquestions,
so it was necessary to delete qtype-specific data if the qtype changed.
Since versioning was introduced, editing creates new versions of the
qtype and subquestions. Deleting the data means the original versions of
the subquestions cannot function correctly, so we shouldn't do that
anymore.
When calling the core_question_move_questions external function, the
returned $returnurl paramater kept the original `cat`, `category` and
`lastchanged` parameters.
If the question was moved to another question bank, this meant the user
would be redirected to that bank, but the URL would still refer to the
category in the original bank. Opening the bulk move dialogue again
would then show the original bank and category selected by default, not
the current one.
This change ensures the cat parameter is updated to match the new
category, unsets the `category` parameter as it is redundant. If a single
question is moved, "lastchanged" is updated to that question, otherwise
it is unset.
This adds a callback for tool_generator and the required lang strings to
allow qbanks to be generated as part of test courses, by passing the
--additionalmodules=qbank argument to maketestcourse.php.
When using `clock::now()` the frozen cloxk and incrementing clock will now
always return a `DateTimeImmutable` that uses the configured Moodle system
time. In unit tests this will be Australia/Perth.
Before this change, it would sometimes be UCT.
We were using strlen() instead of core_text::strlen() when checking the
length of a question bank name created during the migration. This meant
that multibyte strings were counted as being too long, even though they
were within the character limit.
Changes during Bootstrap upgrade, in conjunction with both 8a8c8ab2 and
0c586b41, caused the layout to deviate from that expected elsewhere for
managing of Bootstrap dropdown elements. Thus the dynamically chosen
item was no longer being shown as selected. Fix that here.
Creating and editing random questions were using 2 different forms - one
dynamic form in a modal, and the other a regular form on a standalone
page. The "Switch bank" UI only works in a modal, so while it was
displayed on the edit page, it didn't function.
This combines the editing functionality with the existing modal form, so
the same UI can be used for both operations, and the "Switch bank"
functionality works.
Passing the same object means enrol_cohort does not recognise a change
in role when an edit or batch course upload operation is done.
* enrol/editinstance.php was modifying $instance before passing it to
enrol_plugin::update_instance() so the latter never sees a difference
versus $data. This is redundant since update_instance() is doing the
same thing a second time.
* admin/tool/uploadcourse/classes/course.php is passing the same object
as both arguments to enrol_plugin::update_instance().
There is an expectation that update_enrol_plugin_data() is to mutate its
$instance argument and then return it based on how derived classes in
enrol_guest and enrol_self behave, so cloning $instance within
update_enrol_plugin_data() before mutating it isn't an option.
When moving question categories during the migration to mod_qbank, set
references using questions in those categories were not updated with the
new context.
Furthermore, since top categories from system, category and course
contexts are deleted and not moved, and set references that filtered
based on a top category were left pointing to a non-existant category.
This change updates set references using the top category to point to
the new top category where its subcategories are moved, and updates set
references for all subcategories to set the new context.
move_question_set_references expected the set reference to use the old
filter format.
This change converts the filter to the new format if required, before
updating the category and context ids.
Fixes the test_sequential_score_posts() unit test in lineitem_test
by removing dynamic class property assignments, which were triggering
deprecation notices.
The 'in' rule currently behaves the same way that 'eq' does when used
with multi-selects, which is not correct. It should be modelled by
checking whether the selected values are a subset of the rule values
(i.e. selected values are 'in' the rule values). This patch implements
that for core form rules as well as for the admin settings show/hide.
Several behat features are updated as well, because these were verifying
the incorrect behaviour for multi-select in rules.
When a forum activity used a rubrics with a scale for grading, it was not treated as an advanced grading method, causing
the code to mishandle the grading object and not return any grades.
If this is not passed in to grade_update(), then it's not passed on to
update_raw_grade(), resulting in time() being used instead, which isn't
correct. The grade timemodified value should be set to the timestamp
provided by the tool in the score post JSON, not the time of the score
post itself.
Co-authored-by: Jayce Birrell <jayce.birrell@moodle.com>
This tests highlights a problem with the score handling logic and
will currently fail. On score post, the current time is used for
grade->timemodified instead of the score->timestamp provided by the
tool in the POST JSON.
Because of historical requirements involving fieldsets in question
type forms (see 958e7671), we should use ARIA label attribute on
grouped elements rather than normal labels in order to make them
accessible.
Co-authored-by: Jun Pataleta <jun@moodle.com>
The test_restore_course_with_same_stamp_questions() test assumes
that all question types using answers will also use the table
"question_answers" to store said answers. However, some 3rd party
qtypes might use custom tables and for those, the test would fail.
Removes the preventDefault() call that previously prevented the
save/cancel modal from automatically closing when the 'Save' action
is applied for a specific bulk action on the assignment submissions
page.
- Updated autocomplete behavior to announce dynamic changes
via ARIA live regions
- Fixed focus management for keyboard and screen reader navigation
- Added proper role/aria tags for interactive tag components
This uses the contexts from the categories of questions in the quiz to
narrow down the list of course modules we are querying to just those we
will need.
This extends the existing behat test for adding a question from a shared
bank to confirm that the source bank is displayed with the question on
the Questions page.
The bank name is already passed through format_string() before being
passed to the template, so additional encoding by the template is not
necessary, hence the template has been changed to use triple braces.
- Instead of creating the endpoints manually, use the OpenId
configuration endpoint to auto-configure endpoints
- Updates user field mappings so they map the new OpenId userinfo fields
The previous query updated all question references matching the original
question bank entry, regardless of whether they were part of the restore
or not. When we are dealing with duplicated questions, this means we
could accidentally change question references in the backed-up course as
well as the restored one.
This change filters the references to ensure they exist in a context
within the restored course, before updating them.
This commit replaces orphaned labels with spans for improved
accessibility. It also updates the XPATH partial named selector
for select_menu fields to target span elements.
The question and answer are displayed on a layout table and
does not really help with accessibility. We need to set a
presentation role for the table-related elements.
* In order to provide better context for screen reader users about the
answer fields in matching questions, the question text and the
corresponding item to be matched are included to the answer fields via
the aria-describedby attribute.
This change stops the encryption code setting created key files to
read-only during PHPunit runs, which means they will be safely
deleted when the system resets after a test.
This unit test is meant to test restoring duplicated questions that
exist in a shared question bank. However, due to improvements in the
restore process from the introduction of mod_qbank, having the questions
in a bank that is not in the restored course means the questions don't
get restored at all, and we can't test that the process is working.
This changes the test to use a bank in the target course instead.
The generatetext.js and associated templates have been adjusted to
match more closely with the generate image files. The generate image
way of displaying content was better suited to aria.
The autocompletes used in the competency report have been bastardised to
redirect on selection. Unfortunately this also applies when when making
null-op changes like deleting the initial "Please select a value"
option.
The autocomplete code removes all current options before creating an
option, and because of this redirect the browser is redirecting before
the new value can be entered, but we retain a reference to the field as
`$this->field`, which is now stale.
* Because we removed this status in mod_scorm, we cannot test it
anymore against any module as no module has custom_rules that leads
to COMPLETION_COMPLETE_FAIL
With container queries, responsive design is no longer limited to the full browser width. For example, we can now display
the report in a compact side panel, and it will automatically adapt its styling to suit smaller spaces.
After upgrading to Bootstrap 5 (Moodle v5), opening a modal no longer prevents the background content from scrolling.
This fix restores the intended behavior by mimicking Bootstrap 5's JavaScript logic that disables background scrolling
when a modal is open.
Set the lifetime to zero for files referenced in
the local/internal repository (private files and file system),
because they should not be cached.
Add `no-store` to the cache-control to ensure resources are
never cached, always fetching the latest version.
Since move to BS5 data-* attributes in 0c586b41 trying to open custom
menu dropdowns that had been moved to the "More" sub-menu was broken.
It appears that Bootstrap now handles open/close for us automatically
(so we were effectively closing the menu immediately after Bootstrap
opened it).
Where the button is rendered after all section content, we should
fix the ARIA label attribute to refer to the current section rather
than non-existing subsequent activity.
Recent PHP versions are now stricter on the `$locale` value passed
to `IntlDateFormatter` class and will throw exceptions for invalid
values (some of which may be present in our language packs).
See: https://github.com/php/php-src/issues/12912
We should not normally cache instances of a class. This can lead to poor
design to work around the limitations of PHP Serialization, and could
theoretically cause issues with PHP versions changing within a Moodle
version.
This function was slow because using case-insensitive LIKE on the large
user_preferences table means that Postgres does not use its index and
has to sequential-scan the table.
During the Bootstrap 5.0 upgrade the event handling within dynamic
tabs appears to have changed such that the "click" event happens
too late for the form change checker module to determine whether
there were any "dirty" forms on the tab being switched from.
This is related to, although not specifically caused by, changes
made in 0c586b41.
Since ad14d58d visually hidden text within tables was displayed as
block elements, which introduced artificial line breaks in headings
for column names and sorting icons.
Co-authored-by: Mikel Martín <mikel@moodle.com>
Fix pushing individual grades into the gradebook (as opposed to the
batch release of grades) when "Allow partial release of grades while
marking anonymously" is enabled.
This change reworks MDL-73626's fix for the same issue for releasing
multiple grades in a batch operation.
The `viewfullnames` capability check was overeager in restricting
the inclusion of user first and lastname properties in the returned
structure. Especially given that the same data was almost always
present in the fullname property of the same structure.
@@ -6,6 +6,260 @@ More detailed information on key changes can be found in the [Developer update n
The format of this change log follows the advice given at [Keep a CHANGELOG](https://keepachangelog.com).
## 5.0.5
### core
#### Changed
-`\core\output\core_renderer::confirm()`'s `$displayoptions` parameter now also accepts a `headinglevel` option that developers can use to specify the heading level of the confirmation's heading. If not specified, the confirmation heading will be rendered in an `h4` tag.
For more information see [MDL-87694](https://tracker.moodle.org/browse/MDL-87694)
### core_question
#### Fixed
- In order to prevent re-use of question version numbers after a version is deleted, the `nextversion` column was added to `question_bank_entries`. This serves as a counter incremented each time a version is created.
Do not query this field directly. Instead use `core_question\versions::get_next_version()` to read the value, which will initialise it based on the existing versions if it is not set yet. By default, it will increment the version number automatically, unless you pass `increment: false`. Because of this, it is advisable to call it inside a transaction, that is only committed after the version number is used in a `question_versions` record.
For more information see [MDL-86798](https://tracker.moodle.org/browse/MDL-86798)
## 5.0.4
### core
#### Added
- Added clean_string() that prevents double escaping in Mustache templates
For more information see [MDL-87066](https://tracker.moodle.org/browse/MDL-87066)
#### Changed
- The Hook Manager now uses localcache instead of caching via MUC.
For more information see [MDL-87107](https://tracker.moodle.org/browse/MDL-87107)
#### Fixed
-`restore_qtype_plugin::unset_excluded_fields` now returns the modified questiondata structure,
in order to support structures that contain arrays.
If your qtype plugin overrides `restore_qtype_plugin::remove_excluded_question_data` without
calling the parent method, you may need to modify your overridden method to use the returned
value.
For more information see [MDL-85975](https://tracker.moodle.org/browse/MDL-85975)
- When responding to pcntl signals, call existing signal handlers.
For more information see [MDL-87079](https://tracker.moodle.org/browse/MDL-87079)
### core_completion
#### Changed
- The `completion_info::clear_criteria` method takes an optional `$removetypecriteria` to determine whether to remove course type criteria from other courses that refer to the current course
For more information see [MDL-86332](https://tracker.moodle.org/browse/MDL-86332)
### core_course
#### Added
- The external function `core_course_get_course_contents` now includes the `candisplay` property for each returned module. If this is false, the module should not be displayed on the course page (for example, for question banks).
For more information see [MDL-85405](https://tracker.moodle.org/browse/MDL-85405)
### core_group
#### Added
-`groups_print_activity_menu()` and `groups_get_activity_group()` now include an additional `$participationonly` parameter, which is true by default. This can be set false when we want the user to be able to select a non-participation group within an activity, for example if a teacher wants to filter assignment submissions by non-participation groups. It should never be used when the menu is displayed to students, as this may allow them to participate using non-participation groups. Non-participation groups are labeled as such.
For more information see [MDL-81514](https://tracker.moodle.org/browse/MDL-81514)
### mod_glossary
#### Added
- Function mod_glossary_rating_can_see_item_ratings is now implemented for checking permissions to view ratings.
For more information see [MDL-86960](https://tracker.moodle.org/browse/MDL-86960)
## 5.0.3
### core
#### Added
- The Behat `::execute()` method now accepts an array-style callable in addition to the string `classname::method` format.
For more information see [MDL-86231](https://tracker.moodle.org/browse/MDL-86231)
- The `\externallib_advanced_testcase` has been replaced by `\core_external\tests\externallib_testcase` and is now autoloadable.
For more information see [MDL-86283](https://tracker.moodle.org/browse/MDL-86283)
#### Changed
- The `\core\output\local\dropdown\dialog` class constructor now accepts a `$definition['autoclose']` parameter to define autoclose behaviour of the element
For more information see [MDL-86015](https://tracker.moodle.org/browse/MDL-86015)
- The default PHPUnit configuration now enables the following properties, ensuring PHP warnings will cause test failures (restoring pre-PHPUnit version 10 behaviour):
* `failOnDeprecation`
* `failOnWarning`
For more information see [MDL-86311](https://tracker.moodle.org/browse/MDL-86311)
### core_badges
#### Added
- A number of new static methods have been added to `core_badges\backpack_api` to support the new Canvas Credentials backpack provider. These methods allow you to retrieve lists of providers and regions, check if Canvas Credentials fields should be displayed, and get a region URL or API URL based on a given region ID. The new methods include `get_providers`, `get_regions`, `display_canvas_credentials_fields`, `get_region_url`, `get_region_api_url`, `get_regionid_from_url`, and `is_canvas_credentials_region`.
For more information see [MDL-86174](https://tracker.moodle.org/browse/MDL-86174)
### core_courseformat
#### Added
- Add a new modinfo::get_instance_of() to retrieve an instance of a cm via its name and instance id. Add a new modinfo::sort_cm_array() to sort an array of cms in their order of appearance in the course page. Replaces calls to get_course_and_cm_from_instance() and get_instances_of() whenever it was just used to retrieve a single instance of a cm.
For more information see [MDL-86021](https://tracker.moodle.org/browse/MDL-86021)
### core_grades
#### Added
- New 'is_gradable()' function has been created to return whether the item has any gradeitem that is GRADE_TYPE_VALUE or GRADE_TYPE_SCALE.
For more information see [MDL-85837](https://tracker.moodle.org/browse/MDL-85837)
- - New grade_item::is_gradable function has been created to return whether the grade item is GRADE_TYPE_VALUE or GRADE_TYPE_SCALE.
For more information see [MDL-86173](https://tracker.moodle.org/browse/MDL-86173)
### core_message
#### Added
- The `contexturl` property to `\core\message\message` instances can now contain `\core\url` values in addition to plain strings
For more information see [MDL-83080](https://tracker.moodle.org/browse/MDL-83080)
### theme_boost
#### Added
- Tables affected by unwanted styling (e.g., borders) from the reset of Bootstrap _reboot.scss styles can now opt out and preserve the original behavior by adding the styleless .table-reboot class.
For more information see [MDL-86548](https://tracker.moodle.org/browse/MDL-86548)
## 5.0.2
### core
#### Added
- Add a new method has_valid_group in \core\report_helper that will return true or false depending if the user has a valid group. This is mainly false in case the user is not in any group in SEPARATEGROUPS. Used in report_log and report_loglive
For more information see [MDL-84464](https://tracker.moodle.org/browse/MDL-84464)
#### Changed
- The `\core\attribute\deprecated` attribute constructor `$replacement` parameter now defaults to null, and can be omitted
For more information see [MDL-84531](https://tracker.moodle.org/browse/MDL-84531)
- Added a new `\core\deprecation::emit_deprecation()` method which should be used in places where a deprecation is known to occur. This method will throw debugging if no deprecation notice was found, for example:
For more information see [MDL-85897](https://tracker.moodle.org/browse/MDL-85897)
### core_message
#### Added
- The web service `core_message_get_member_info` additionally returns `cancreatecontact` which is a boolean value for a user's permission to add a contact.
For more information see [MDL-72123](https://tracker.moodle.org/browse/MDL-72123)
### core_question
#### Added
- The question backup API has been improved to only include questions that are actually used or owned by backed up activities.
Any activities that use question references should be supported automatically. Activities that use *question set references* (for example, random quiz questions) need to add a call to `backup_question_set_reference_trait::annotate_set_reference_bank_entries()` alongside the call to `backup_question_set_reference_trait::add_question_set_references()` in their backup step. See `backup_quiz_activity_structure_step::define_structure()` for an example.
For more information see [MDL-41924](https://tracker.moodle.org/browse/MDL-41924)
#### Changed
- `core_question_search_shared_banks` will now search all question banks, not just those outside the current course.
This makes the service usable in cases outside of the current "Switch banks" UI, which require searching all banks on the site.
It also makes the autocomplete in the "Switch banks" UI more consistent, as it was previously excluding some of the banks listed in the UI (Question banks in this course), but not others (Recently viewed question banks).
This change has also adds a 'requiredcapabilties' parameter to the function, which accepts an list of abbreviated capabilities for checking access against question banks before they are returned.
For more information see [MDL-85069](https://tracker.moodle.org/browse/MDL-85069)
- `question_edit_contexts` now only considers the provided context when checking permissions, rather than all parent contexts as well. As questions now exist only at the activity module context level, permissions can be inherited or overridden as normal for each question bank. The previous pattern of checking for a permission in any parent context circumvented the override system, and no longer makes sense.
For more information see [MDL-85754](https://tracker.moodle.org/browse/MDL-85754)
## 5.0.1
### core
#### Added
- - Added is_site_registered_in_hub method in lib/classes/hub/api.php to
check if the site is registered or not.
- Added get_secret method in lib/classes/hub/registration.php to get site's secret.
For more information see [MDL-83448](https://tracker.moodle.org/browse/MDL-83448)
- Added a new optional param to adhoc_task_failed and scheduled_task_failed to allow skipping log finalisation when called from a separate task.
For more information see [MDL-84442](https://tracker.moodle.org/browse/MDL-84442)
- There is a new `core/page_title` Javascript module for manipulating the current page title
For more information see [MDL-84804](https://tracker.moodle.org/browse/MDL-84804)
### core_auth
#### Added
- A new method called `get_additional_upgrade_token_parameters` has been added to `oauth2_client` class. This will allow custom clients to override this one and add their extra parameters for upgrade token request.
For more information see [MDL-80380](https://tracker.moodle.org/browse/MDL-80380)
### core_question
#### Fixed
- The unit test repeated\_restore\_test::test\_restore\_course\_with\_same\_stamp\_questions was passing incorrectly on 5.x for question types that use answers.
Maintainers of third-party question types may want to re-run the test with the fix in place, or if they have copied parts of this test as the basis of a test in their own plugin, review the changes and see if they should be reflected in their own test.
For more information see [MDL-85556](https://tracker.moodle.org/browse/MDL-85556)
### core_user
#### Added
- New method `\core_user::get_dummy_fullname(...)` for returning dummy user fullname comprised of configured name fields only
For more information see [MDL-82132](https://tracker.moodle.org/browse/MDL-82132)
And this is the same example but passing the items in the creation:
{{< php >}}
```php
/** @var core_renderer $output*/
$output=$PAGE->get_renderer('core');
@@ -72,32 +72,64 @@ $menu = new action_menu([
]);
echo$output->render($menu);
{{< / php >}}
```
### Setup the menu trigger
By default, the action menu trigger is a cog icon. However, the class has methods to convert it to a kebab menu or even display any arbitrary content.
By default, the action menu trigger is a button that uses the `t/edit_menu` icon and is displayed with a caret. However, the class has methods to convert it to a kebab menu or even display any arbitrary content.
// This example displays an "Edit" label for the trigger.
$menu=newaction_menu();
$menu->set_menu_trigger(get_string('edit'));
{{< / php >}}
```
##### Trigger with an icon
This example displays an icon for the trigger. When rendering the menu trigger button as an icon button, ensure that the icon is rendered as a decorative image. If you are using a `pix_icon`, pass an empty `$alt` parameter to make the icon decorative.
The accessible name of the icon button should be set within the button element itself. You can set an accessible name for the icon trigger button either by:
* Using the `::set_action_label()` method.
```php
$menu=newaction_menu();
// Make sure the pix icon is rendered as a decorative image by passing an empty alt parameter.
$icon=$output->pix_icon('t/edit','');
$menu->set_menu_trigger($icon);
$menu->set_action_label(get_string('edit'));
```
* Or alternatively, by adding a visually hidden text alongside the icon.
```php
$menu=newaction_menu();
// Make sure the pix icon is rendered as a decorative image by passing an empty alt parameter.
$icon=$output->pix_icon('t/edit','');
// Add a visually hidden text label for the trigger button.
$string['settings:goodauth_help']='Select all authentication types to use as a factor for MFA. Any types not selected will not be treated as a FAIL in MFA.';
$string['settings:goodauth_help']='Select all authentication types that will gain the points from this factor. Other authentication types will not be treated as a fail in MFA, but will not gain this factor\'s weight points.';
$string['settings:shortdescription']='Allow users to bypass extra authentication steps based on their authentication type.';
$string['summarycondition']='has an authentication type of {$a}';
@@ -73,7 +73,7 @@ $string['setupfactor:instructionsverification'] = '3. Enter the verification cod
$string['setupfactor:intro']='To set up this method, you need to have a device with an authenticator app. If you don\'t have an app, you can download one. For example, <a href="https://2fas.com/" target="_blank">2FAS Auth</a>, <a href="https://freeotp.github.io/" target="_blank">FreeOTP</a>, Google Authenticator, Microsoft Authenticator or Twilio Authy.';
$string['setupfactor:key']='Secret key: ';
$string['setupfactor:link']='Or enter details manually.';
$string['setupfactor:link_help']='If you are on a mobile device and already have an authenticator app installed this link may work. Note that using TOTP on the same device as you login on can weaken the benefits of MFA.';
$string['setupfactor:link_help']='If you are on a mobile device and already have an authenticator app installed this link may work. Note that using TOTP on the same device as you login on can weaken the benefits of MFA.';
$string['setupfactor:linklabel']='Open app already installed on this device';
$string['settings:userverification_help']='Serves to ensure the person authenticating is in fact who they say they are. User verification can take various forms, such as password, PIN, fingerprint, etc.';
$string['setupfactor:instructionsregistersecuritykey']='2. Register a security key.';
$string['setupfactor:instructionssecuritykeyname']='1. Give your key a name.';
$string['setupfactor:intro']='A security key is a physical device that you can use to authenticate yourself. Security keys can be USB tokens, Bluetooth devices, or event built-in fingerprint scanners on your phone or computer.';
$string['defaultmoodlenetname_desc']='The name of the MoodleNet instance available via the activity chooser.';
$string['removalwarning_feature']='If you need to continue using MoodleNet, contact your site administrator about setting up a self-hosted MoodleNet instance.';
$string['removalwarning_service']='After the date, you will no longer be able to browse or add content from MoodleNet Central.';
$string['removalwarning_title']='The MoodleNet service will be shut down on 20 April 2026.';
$string['enablemoodlenet_desc']='If enabled, a user with the capability to create and manage activities can browse MoodleNet via the activity chooser and import MoodleNet resources into their course. In addition, a user with the capability to restore backups can select a backup file on MoodleNet and restore it into Moodle.';
$string['errorduringdownload']='An error occurred while downloading the file: {$a}';
@@ -89,13 +89,16 @@ $string['issuershowonloginpage'] = 'Show on login page';
$string['issuerrequireconfirmation_help']='Require that all users verify their email address before they can log in with OAuth. This applies to newly created accounts as part of the login process, or when an existing Moodle account is connected to an OAuth login via matching email addresses.';
$string['issuersmtpsystememail_help']='If specified, this email will be used to connect a system account for sending email via SMTP. This is required for some OAuth 2 services (e.g. Microsoft). Please check the documentation for your OAuth 2 service to see if this is required.';
$string['issuersservicesallow']='Allow services';
$string['issuersservicesnotallow']='Do not allow services';
$string['issuerusein']='This service will be used';
$string['issuerusein_help']='OAuth 2 services can be used for internal services, on the login page, or both, if required.';
$string['issuerusein_help']='OAuth 2 services can be used for internal services, on the login page, SMTP with XOAUTH2, or both login page and internal services, if required.';
$string['issueruseineverywhere']='Login page and internal services';
And "Allowlogin""icon"shouldexistinthe"Testingservice""table_row"
And "Allowservices""icon"shouldexistinthe"Testingservice""table_row"
And Ishouldsee"-"inthe"Testingservice""table_row"
And "Servicediscoverysuccessful""icon"shouldexistinthe"Testingservice""table_row"
And Iclickon"Configureendpoints""link"inthe"Testingservice""table_row"
And Ishouldsee"authorization_endpoint"
And Ishouldnotsee"discovery_endpoint"
And Ishouldsee"discovery_endpoint"
And Ishouldsee"device_authorization_endpoint"
And Inavigateto"Server>OAuth2services"insiteadministration
And Iclickon"Configureuserfieldmappings""link"inthe"Testingservice""table_row"
And Ishouldsee"firstname"inthe"givenName""table_row"
And Ishouldsee"firstname"inthe"given_name""table_row"
And Ishouldsee"lastname"inthe"family_name""table_row"
And Ishouldsee"idnumber"inthe"sub""table_row"
And Ishouldsee"email"inthe"email""table_row"
And Ishouldsee"lang"inthe"locale""table_row"
And Inavigateto"Server>OAuth2services"insiteadministration
And Iclickon"Edit""link"inthe"Testingservice""table_row"
And Isetthefollowingfieldstothesevalues:
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.