Huong Nguyen [Fri, 8 Dec 2023 02:21:33 +0000 (09:21 +0700)]
Moodle release 3.11.18
Sara Arjona [Thu, 7 Dec 2023 15:22:22 +0000 (16:22 +0100)]
weekly release 3.11.17+
Paul Holden [Thu, 7 Dec 2023 09:16:19 +0000 (09:16 +0000)]
MDL-79980 mod_survey: remove responses link if user cannot access.
Brendan Heywood [Thu, 7 Dec 2023 03:46:45 +0000 (11:46 +0800)]
MDL-80309 tasks: Clean up mtrace logs
Paul Holden [Mon, 6 Nov 2023 16:38:06 +0000 (16:38 +0000)]
MDL-79980 mod_survey: respect activity group mode getting report.
Stephan Robotta [Fri, 20 Oct 2023 13:41:34 +0000 (15:41 +0200)]
MDL-41465 reports: In separate group mode, limit to same group users
Huong Nguyen [Tue, 5 Dec 2023 01:47:01 +0000 (08:47 +0700)]
MDL-79759 repository_url: Remove types properties
David Woloszyn [Tue, 14 Nov 2023 04:36:47 +0000 (15:36 +1100)]
MDL-79759 repository_url: Limit css imports and remove fragments
There are checks to urls that attempt to limit recurrsion when
parse_file is called. This is problematic for css import urls that
can call an indefinite amount of nested import urls. An import limit
has been introduced to address this. Fragments have also been removed.
Stevani Andolo [Thu, 30 Nov 2023 03:00:24 +0000 (11:00 +0800)]
MDL-80174 tool_log: ensure "other" data is safely unserialized.
Paul Holden [Mon, 27 Nov 2023 20:35:33 +0000 (20:35 +0000)]
MDL-80268 badges: require capability to view awarded badges.
Paul Holden [Mon, 6 Nov 2023 21:16:22 +0000 (21:16 +0000)]
MDL-79797 backup: ensure block config is safely unserialized.
Ilya Tregubov [Fri, 1 Dec 2023 05:12:48 +0000 (13:12 +0800)]
weekly release 3.11.17+
Huong Nguyen [Fri, 24 Nov 2023 05:23:59 +0000 (12:23 +0700)]
weekly release 3.11.17+
Andrew Nicols [Sat, 17 Jun 2023 11:39:46 +0000 (13:39 +0200)]
MDL-78496 environment: Moodle 4.4 requirements
The only changes to requirements since Moodle 4.3 are increases to:
* the minimum PHP version required; and
* the minimum required Moodle version.
Sara Arjona [Thu, 16 Nov 2023 15:23:00 +0000 (16:23 +0100)]
weekly release 3.11.17+
Angelia Dela Cruz [Wed, 11 Oct 2023 02:59:24 +0000 (10:59 +0800)]
MDL-79603 mod_scorm: Behat coverage for Scorm package display options
Ilya Tregubov [Fri, 10 Nov 2023 01:17:34 +0000 (09:17 +0800)]
weekly release 3.11.17+
Andrew Nicols [Tue, 7 Nov 2023 08:14:14 +0000 (16:14 +0800)]
MDL-79981 core: Add ability to manually run and filter phpunit on GHA
Jun Pataleta [Thu, 2 Nov 2023 09:12:11 +0000 (17:12 +0800)]
MDL-80029 grade: Behat test fixes
* Feature: We can use a minimum grade different than zero
- Use correct minimum input values.
- Use data generators for faster test execution.
* Scenario: Disable category overriding
- Use the field name to ensure that the correct field is being tested.
Cherry-picked from MDL-79062.
Jun Pataleta [Fri, 27 Oct 2023 01:43:22 +0000 (09:43 +0800)]
weekly release 3.11.17+
Angelia Dela Cruz [Thu, 26 Oct 2023 09:35:23 +0000 (17:35 +0800)]
MDL-79768 fix: Fixed random failing Behat due to time difference
Angelia Dela Cruz [Thu, 19 Oct 2023 06:03:09 +0000 (14:03 +0800)]
MDL-79768 mod_data: Test for student can see upcoming data activity
Sara Arjona [Fri, 20 Oct 2023 10:16:45 +0000 (12:16 +0200)]
weekly release 3.11.17+
Angelia Dela Cruz [Thu, 12 Oct 2023 06:22:21 +0000 (14:22 +0800)]
MDL-79689 mod_assign: Behat for enabling anonymous submissions
Angelia Dela Cruz [Fri, 13 Oct 2023 08:48:50 +0000 (16:48 +0800)]
MDL-79691 mod_h5pactivity: Behat coverage for H5P activity grades reset
Andrew Nicols [Fri, 13 Oct 2023 07:43:43 +0000 (15:43 +0800)]
MDL-79698 core: Correct duplicate array key in test provider
Ilya Tregubov [Fri, 13 Oct 2023 05:39:52 +0000 (13:39 +0800)]
weekly release 3.11.17+
Angelia Dela Cruz [Wed, 11 Oct 2023 09:16:46 +0000 (17:16 +0800)]
MDL-79653 gradingform_guide: Behat coverage for deleting marking guide
Andrew Nicols [Tue, 10 Oct 2023 15:56:19 +0000 (23:56 +0800)]
MDL-79638 phpunit: Add unit test for increment resets
Andrew Nicols [Tue, 10 Oct 2023 15:25:58 +0000 (23:25 +0800)]
MDL-79638 phpunit: Adjust version checks for mysql/mariadb hack
This hack was introduced to work around a bug in MySQL 5.6.14 and
MariaDB at the time.
https://bugs.mysql.com/bug.php?id=69882
It was addressed a few months later in 5.6.16, and 5.7.4.
MariaDB merged version 5.6.16 of MySQL's InnoDB engine in MariaDB
10.0.11 and got the patch from there.
Moodle has required MySQL 5.7, and MariaDB 10.2.29 since Moodle 3.11 and
it is therefore safe to remove these hacks for these versions.
Jun Pataleta [Sat, 7 Oct 2023 03:30:05 +0000 (11:30 +0800)]
Moodle release 3.11.17
Sara Arjona [Fri, 6 Oct 2023 12:02:42 +0000 (14:02 +0200)]
weekly release 3.11.16+
Paul Holden [Mon, 11 Sep 2023 11:17:57 +0000 (12:17 +0100)]
MDL-79310 enrol: restrict searched users to those user can view.
Paul Holden [Mon, 11 Sep 2023 11:44:58 +0000 (12:44 +0100)]
MDL-79310 forumreport_summary: report only on users who can be viewed.
Paul Holden [Mon, 11 Sep 2023 11:30:33 +0000 (12:30 +0100)]
MDL-79310 mod_forum: ensure only visible users can be exported.
Mikel Martín [Wed, 27 Sep 2023 12:07:14 +0000 (14:07 +0200)]
MDL-79509 mod_wiki: Improve comment editing
Paul Holden [Tue, 27 Jun 2023 09:01:31 +0000 (10:01 +0100)]
MDL-72249 message: stricter cleaning of processor type parameter.
Paul Holden [Thu, 21 Sep 2023 20:43:41 +0000 (21:43 +0100)]
MDL-79426 gradeimport_csv: safely preview CSV content during import.
Paul Holden [Wed, 27 Sep 2023 22:45:23 +0000 (23:45 +0100)]
MDL-79455 tool_uploadcourse: clean course data fields individually.
Paul Holden [Thu, 21 Sep 2023 21:22:38 +0000 (22:22 +0100)]
MDL-79455 tool_uploadcourse: safe preview of uploaded course data.
Paul Holden [Mon, 18 Sep 2023 12:43:14 +0000 (13:43 +0100)]
MDL-79409 mod_imscp: appropriate unserialization of package structure.
Paul Holden [Mon, 18 Sep 2023 13:01:36 +0000 (14:01 +0100)]
MDL-79408 mod_lesson: safer unserializing/comparison of properties.
David Woloszyn [Wed, 6 Sep 2023 06:01:22 +0000 (16:01 +1000)]
MDL-77846 core: Make endpoint revision number checks stricter
In some places we prevented cache poisoning, in others we did not. We
also did not place any restriction on the minimum value for a revision.
This change introduces a new set of functions for configonly endpoints
which validates the revision numbers passed in. If the revision is
either too old, or too new, it is rejected and the file content is not
cached. The content is still served, but caching headers are not sent,
and any local storage caching is prevented.
The current time is used as the maximum version, with 60 seconds added
to allow for any clock skew between cluster nodes. Previously some
locations used one hour, but there should never be such a large clock
skew on a correctly configured system.
Co-authored-by: Andrew Nicols <andrew@nicols.co.uk>
Huong Nguyen [Mon, 18 Sep 2023 09:30:46 +0000 (16:30 +0700)]
MDL-66730 core_course: Improve permission check for category moving
Co-authored-by: Erica Bithell <egb10@cam.ac.uk>
Paul Holden [Thu, 27 Jul 2023 12:01:53 +0000 (13:01 +0100)]
MDL-78820 h5p: use fullname of current user as the xAPI actor name.
meirzamoodle [Thu, 10 Aug 2023 04:34:55 +0000 (11:34 +0700)]
MDL-78969 oauth2: remove auto-login after successful confirmation
With the new flow, users can go to the login page from the confirmed page,
and if the user successfully logs in, the user will be directed to the confirmed page.
To avoid that, the confirmed page can only be seen by users who are not logged in.
Jun Pataleta [Tue, 3 Oct 2023 23:49:27 +0000 (07:49 +0800)]
weekly release 3.11.16+
Eloy Lafuente (stronk7) [Sun, 1 Oct 2023 21:23:30 +0000 (23:23 +0200)]
MDL-79247 forum: Workaround same-time discussion modified dates bug
Within the forum_get_discussion_neighbours() function of forum
when the discussions timemodified (last post) is the same, there
is a bug that does strange things when calculating the prev and
next discussions.
Note that, in real life, this is really hard to achieve, but in tests,
when multiple discussions and post can be created by generators in the
same second (specially when the test machine is quick), chances of
facing that problem are higher.
By adding 1 second wait, we ensure that the discussions won't have
the same timemodified (last post) and workaround the problem.
No mater of that, the problem deserves an issue to be created
so we guarantee from code that it also works ok when the same
timemodified (last post) situation happens.
Eloy Lafuente (stronk7) [Sun, 1 Oct 2023 16:29:20 +0000 (18:29 +0200)]
MDL-79247 forum: Make discussion list ordering deterministic
Note that normally this doesn't matter much, but there are situations
when we want the discussion list ordering fully consistent /
deterministic.
Specifically, when discussions (or forum posts )are created in the
same second, or when the discussion titles are repeated, or 2
discussions have the same number of votes... (any criteria in general),
in the context of testing, we don't want the order
to be non-consistent, so we need to provide an extra sorting
criterion to make it fully deterministic.
So, in this case, we are adding a sort by discussion.id <<DIRECTION>>
that is an unique value, primary key... so cheap to calculate and,
that way, when the 1st sorting column has repeated values, the id
will decide.
Jun Pataleta [Fri, 29 Sep 2023 14:07:32 +0000 (22:07 +0800)]
weekly release 3.11.16+
Sara Arjona [Fri, 15 Sep 2023 15:34:28 +0000 (17:34 +0200)]
weekly release 3.11.16+
Petr Skoda [Thu, 14 Sep 2023 16:44:18 +0000 (18:44 +0200)]
MDL-79360 filter: fix nolink tag regression from MDL-77525
Eloy Lafuente (stronk7) [Tue, 12 Sep 2023 16:54:17 +0000 (18:54 +0200)]
weekly release 3.11.16+
Angelia Dela Cruz [Tue, 29 Aug 2023 09:31:45 +0000 (17:31 +0800)]
MDL-79195 core_course: Activity and resource description display behat
Jun Pataleta [Sat, 9 Sep 2023 12:45:08 +0000 (20:45 +0800)]
MDL-78806 mod_assign: Use new Behat step for checking page title
Jun Pataleta [Sat, 9 Sep 2023 12:44:19 +0000 (20:44 +0800)]
MDL-78806 behat: Create a step that for checking the page title
Create a Behat step "the page title should contain ':title'" to check
the page title.
Jun Pataleta [Fri, 8 Sep 2023 14:35:24 +0000 (22:35 +0800)]
weekly release 3.11.16+
Angelia Dela Cruz [Mon, 4 Sep 2023 01:03:30 +0000 (09:03 +0800)]
MDL-79220 mod_glossary: Behat for glossary entry with attachment
Andrew Nicols [Mon, 4 Sep 2023 01:00:26 +0000 (09:00 +0800)]
MDL-79246 gradingform_rubric: Use i_click_on for behat clicks
Eloy Lafuente (stronk7) [Fri, 10 Mar 2023 13:06:50 +0000 (14:06 +0100)]
MDL-76459 xmldb: Add environmental check to verify $CFG->prefix
While, right now, sites using long (> 10 chars) $CFG->prefix
can continue working (because we still don't have any table
> 28 chars), as soon as some new table with long name is added,
it won't work with PostgreSQL anymore (if the 63 limit is raised).
Hence, this environmental check will verify on both install and
upgrade that the $CFG->prefix is always <= 10 chars.
Sites with longer prefixes will need to rename all their tables
(and maybe other objects, depending on the dbtype) to use a shorter
prefix.
Andrew Nicols [Sat, 2 Sep 2023 00:18:44 +0000 (08:18 +0800)]
weekly release 3.11.16+
Michael Hawkins [Thu, 31 Aug 2023 05:13:03 +0000 (13:13 +0800)]
MDL-77831 core: Updated security.txt expiry and added additional info
Angelia Dela Cruz [Wed, 30 Aug 2023 11:22:59 +0000 (19:22 +0800)]
MDL-79207 core_course: Behat coverage for activity and resource deletion
Jun Pataleta [Sat, 26 Aug 2023 03:03:35 +0000 (11:03 +0800)]
weekly release 3.11.16+
Simey Lameze [Fri, 25 Aug 2023 00:38:43 +0000 (08:38 +0800)]
MDL-79015 behat: make verification step more specific
Angelia Dela Cruz [Thu, 10 Aug 2023 05:48:10 +0000 (13:48 +0800)]
MDL-78965 mod_quiz: Behat coverage for quiz with certainty-based marking
Angelia Dela Cruz [Tue, 15 Aug 2023 10:11:17 +0000 (18:11 +0800)]
MDL-79015 mod_lesson: Behat coverage for lesson with access restriction
Angelia Dela Cruz [Tue, 8 Aug 2023 09:36:36 +0000 (17:36 +0800)]
MDL-78941 mod_quiz: Behat coverage for student flagging quiz questions
Paul Holden [Mon, 21 Aug 2023 19:29:36 +0000 (20:29 +0100)]
MDL-79017 core: re-factor method to unserialize array.
We can use the existing helper for object unserialization as the
base for this method, rather than manual string parsing.
Ilya Tregubov [Fri, 18 Aug 2023 03:24:08 +0000 (11:24 +0800)]
weekly release 3.11.16+
Simey Lameze [Thu, 17 Aug 2023 13:11:59 +0000 (21:11 +0800)]
MDL-78684 behat: fix behat failures
Simey Lameze [Wed, 16 Aug 2023 03:03:46 +0000 (11:03 +0800)]
MDL-77695 behat: use automatic completion to award badges
Andrew Nicols [Wed, 16 Aug 2023 12:01:26 +0000 (20:01 +0800)]
MDL-78938 course: Wrap manual completion toggle in pending
This commit makes two changes to reduce random failures in behat:
- wrap the toggling of manually configured completion in pendingjs
- set the loading spinner content without forcing the completion toggle
ws to wait for the loading spinner to update.
Andrew Nicols [Tue, 15 Aug 2023 16:24:06 +0000 (00:24 +0800)]
MDL-78938 report_progres: Wrap completion status update in pending
Shamim Rezaie [Fri, 11 Aug 2023 13:20:22 +0000 (23:20 +1000)]
Moodle release 3.11.16
Huong Nguyen [Thu, 10 Aug 2023 15:51:02 +0000 (22:51 +0700)]
weekly release 3.11.15+
meirzamoodle [Thu, 3 Aug 2023 21:30:21 +0000 (04:30 +0700)]
MDL-78685 auth_oauth2: Added logged-in status check
Jun Pataleta [Thu, 17 Nov 2022 13:38:25 +0000 (21:38 +0800)]
MDL-78620 auth_cas: Pass base service URL for the CAS client
Since phpCAS v1.6.0, a required base service URL parameterneeds to be
passed to phpCAS::client(). This is basically the protocol, hostname,
and port number (optional) of the site connecting to the CAS server
in order for it to perform service URL discovery.
Jun Pataleta [Thu, 17 Nov 2022 08:41:57 +0000 (16:41 +0800)]
MDL-78620 auth_cas: Bump thirdpartylibs version to 1.6.0
Jun Pataleta [Thu, 17 Nov 2022 09:09:51 +0000 (17:09 +0800)]
MDL-78620 auth_cas: Update phpCAS to v1.6.0
David Woloszyn [Thu, 6 Oct 2022 05:20:44 +0000 (16:20 +1100)]
MDL-78620 lib: Set Moodle files after phpCAS upgrade
David Woloszyn [Mon, 19 Sep 2022 01:38:10 +0000 (11:38 +1000)]
MDL-78620 lib: Upgrade phpCAS to 1.5.0
cescobedo [Mon, 17 Jan 2022 11:43:03 +0000 (12:43 +0100)]
MDL-78620 auth_cas: Set Moodle files after phpCAS upgrade
cescobedo [Mon, 17 Jan 2022 11:32:43 +0000 (12:32 +0100)]
MDL-78620 auth_cas: Upgrade phpCAS to 1.4.0
Michael Hawkins [Thu, 20 Jul 2023 05:25:17 +0000 (13:25 +0800)]
MDL-78763 tool_policy: Initialise returnurl as a moodle_url in viewall
Paul Holden [Fri, 21 Jul 2023 16:06:34 +0000 (17:06 +0100)]
MDL-78792 message: access checks in processor fragment callback.
raortegar [Wed, 26 Jul 2023 06:37:40 +0000 (13:37 +0700)]
MDL-74289 lib: Improve the proxy bypass matching
Simey Lameze [Wed, 2 Aug 2023 02:16:00 +0000 (10:16 +0800)]
MDL-78843 behat: update get_forum_id to search for idnumber or name
This commit also converts manual steps to create discussions on the
Annoucements forum to data generator.
Paul Holden [Tue, 4 Jul 2023 23:00:59 +0000 (00:00 +0100)]
MDL-78647 files: safer unserializing of file reference data.
Shamim Rezaie [Wed, 12 Jul 2023 04:26:52 +0000 (14:26 +1000)]
MDL-66212 tool_lpimport: properly check capabilities
The moodle/competency:competencymanage capability should be checked
before showing the import and export pages.
Matt Porritt [Fri, 7 Jul 2023 06:31:05 +0000 (16:31 +1000)]
MDL-78340 Blocks: Dashboards now respect block permission overrides
Patch makes user dashboard respect permission overrides
that have been set on individual blocks on the system
dashboard (indexsys.php). When a user dashboard is created
either when the user visits their dashboard for the first
time or after an admin reset. When blcoks are copied to
the new dashbaord overriden permissions are also copied.
Rajneel Totaram [Thu, 20 Apr 2023 06:54:37 +0000 (18:54 +1200)]
MDL-71728 mod_quiz: check if user can access this page
David Woloszyn [Fri, 21 Jul 2023 05:19:21 +0000 (15:19 +1000)]
MDL-74544 lib: Set Moodle files after JQuery UI upgrade
David Woloszyn [Fri, 21 Jul 2023 05:18:47 +0000 (15:18 +1000)]
MDL-74544 lib: Upgrade JQuery UI to 1.13.2
Sara Arjona [Fri, 4 Aug 2023 10:40:20 +0000 (12:40 +0200)]
weekly release 3.11.15+
Jun Pataleta [Thu, 3 Aug 2023 03:08:40 +0000 (11:08 +0800)]
MDL-78498 mod_forum: Prevent race condition in forum recent activity
* Using the generator to create the forum discussions, the timecreated
of a discussion can be set before the user's last course access which
will prevent forum_print_recent_activity() from including this generated
discussion in the recent activity results. To work around this, generate
the forum discussion 1 second after the current time to make sure that
the user's last course access will always be before the discussion's
creation time.
* This patch also includes some optimisations by:
- Removing the unnecessary @javascript tag for the
`Time limit expires` scenario
- Bringing the discussion generation to each scenario to allow each
scenario to customise the data passed to the generator like for the
`Time limit expires` scenario.
- Navigating directly to the forum instance.
Simey Lameze [Tue, 18 Jul 2023 08:35:30 +0000 (16:35 +0800)]
MDL-78498 behat: add support for private replies
This commit adds support for private replies in the
'the following forum replies exist in course' custom step.
Angelia Dela Cruz [Mon, 19 Jun 2023 08:46:29 +0000 (16:46 +0800)]
MDL-78498 Behat: Use data generators for forum posts and replies
This commit does few things:
* Replace manual forum posts and replies to use data generator.
* It also changes the code to handle social forums.
* Other behat clean-ups and optimization.
Co-authored-by: Simey Lameze <simey@moodle.com>
Angelia Dela Cruz [Wed, 12 Jul 2023 07:00:31 +0000 (15:00 +0800)]
MDL-78684 Behat: Replace gradebook navigation to use page resolvers
This commit also does other things such as:
- Replace manual steps to setup gradebook by data generators
- Added support for outcomes and scales page resolvers
- Behat clean up
Huong Nguyen [Fri, 21 Jul 2023 13:56:40 +0000 (20:56 +0700)]
weekly release 3.11.15+