Adds a 'type' parameter to download.php, which, if equal to 'sitemap',
will serve up a sitemap file from dataroot.  The download.php links
are then used in the generation of the sitemap index.

Change-Id: I8b7af1a6820cf32542f3ae1bdfc8940c309939b0
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

If for some reason the sitemap generator is called twice in a day, it
fails the second time while trying to overwrite the previous version.
This can be fixed by removing all sitemaps for the current day before
attempting to regenerate them.

Change-Id: I48c3ff5c99948e4c5ab93007f068f0319dfac2f8
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

The cron process can't write to the docroot, so we'll have to write
sitemaps to dataroot and make them accessible another way.

Change-Id: If3b09f7322f59beed9eba1ac3d6f63c667909dfa
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

When sitemap generation is disabled, we don't need to include all the
relevant libraries and log the message about disabled sitemap
generation.

Change-Id: I1f7e92f58dcb455bbfaab7745ce28e496ee7276b
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

* changes:
  Add navigation for staff to access the user search page
  Add admin report on access lists of user pages (bug #919009)

* changes:
  jquery: New upstream version 1.7.1 (bug #923192)
  jquery: don't hardcode the version number in lib/web.php
  jquery: remove minified copy from core

Although this is currently just for user searches, using the terms
"Site Information" for site staff, and "Institution Information" for
institution staff will allow us to add site/institution statistics
under the same menu.

Change-Id: I40bae94406a1a6f16b428e3821f3be1ec41ae52d
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Adds a new "User reports" page to the admin section, accessible by
admins, which produces a list of all the pages owned by a given set of
users, and a list of who is on the access list for each page.

The users are selected using the checkboxes on the admin user search
page, and the page is reachable from admin user search using a new
"View reports" button on that page.

The CSV download that previously appeared on the Bulk actions page is
more appropriate on a reports page, so CSV download is also moved from
Bulk actions to User reports.  Email and remoteuser fields are only
displayed to site and institution administrators.

Because some sites will not want to allow staff to see the page access
lists of all users in their institutions, access to this page by staff
is controlled by a new "Staff report access" site setting.

Change-Id: Id02b58416e3dfb28fd39c1170426ddefe6669efe
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

* changes:
  Fix error when cancelling the edit group form (bug #924644)
  Fix error when creating publicly viewable groups (bug #917383)

* changes:
  Let buttons disguised as links be used in navigation tabs
  Move bulk actions user list into a separate template
  Allow get_accesslists() to return views for >1 user
  Allow staff to access the admin user search page (bug #919009)

When you have multiple journals allowed in your account settings and
then delete all journals and want to switch back to a single journal,
the error message "You cannot disable multiple journals unless you
only have one journal" still comes up though no journal exists.

This message is confusing, it's simpler to hide the option altogether
for users with no journals.

Change-Id: I397422d4ad043c86621180837a16e1440b1243cd
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

* changes:
  jquery rating: add a pager hook for reskining
  jquery rating: New upstream release 3.14 (bug #923192)
  jquery rating: add README.Mahara file

Commit 725ba929 tries to reload
certain admin-settable fields from the database into a LiveUser when
committing, but fails to convert the suspended date to a timestamp
when doing so.  This causes the date to be displayed incorrectly to
suspended users when they log in.

The same problem was fixed for expiry dates in commit f7dcdf81

, bug

Change-Id: I3ce83f53183cbd9003226466149f54e878749d1e
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Some recent changes to the main stylesheets have resulted in themes
not being correctly applied when "Small page headers" are turned on.
First, the addition of a body#micro rule for background colour in the
raw theme was inherited by all the child themes, when it needs to be
overridden.  Also, some rules were using the main-column id rather
than the main-column class.

Change-Id: Iea21ff4dff71ebc85a2020bca900da1e344dfa8d
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

In commit 93c012f2

, the forum and group name were added to the body
of forum post email notifications, each wrapped in a call to
clean_html (htmlpurifier).  This crashes cron due to out-of-memory
errors whenever there are more than a few subscribers, and stops
notifications from being sent out at all.

The forum and group name only need to be rendered once per forum post,
so this could be fixed by moving the clean_html call up to the
activity constructor, rather than doing it in the get_emailmessage,
get_htmlmessage functions.  These functions get called for every
single subscriber notification, to ensure the string is displayed in
the subscriber's language.

But because group and forum names are never rendered as html, we don't
need to use htmlpurifier - html escaping is more appropriate and less
memory-hungry.

Change-Id: I0a4133b0a11e0e0004bdab1c29984ab4fc5dfbbf
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Commit 011c5039 changed lot of thumb.php urls to use the
type=profileiconbyid parameter (which takes an artefact id) rather
than type=profileicon (which takes a user id, and which cannot be
cached).

Unfortunately, when a user has no locally stored profile icon, use of
type=profileiconbyid stops their remote gravatar image from being
displayed.

This commit updates the thumb.php urls that were changed in commit
011c5039 to use the profile_icon_url() function, which respects
remote avatars when no local profileicon is available.

In some cases this requires a new size of the no_userphoto.png image,
so three new sizes are added in the raw theme.  The four no_userphoto
images in the custom theme were duplicates of those in raw, and are
removed.

Finally, the type=profileiconbyid change from commit 011c5039

 in the
viewacl.tpl template has been reverted back to type=profileicon.
Because this url is constructed in javascript, it is not worth the
trouble to use a profile_icon_url call here until the number of
requests to thumb.php really becomes a problem.

Change-Id: I7dce7090842999fe090dc2d8c481cb4aca7720d5
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Change-Id: Ic8cd74935bc836ad2615b5ef689d89a7638bb9cb
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Submission of the create group form with the 'publicly viewable group'
checkbox ticked produces the error "The 'public' parameter is not an
integer".  This is caused by an error in the check for form
submission due to a change in the form names in commit 5436cc00

.

Change-Id: Idfb4b2ec10e646aa4b6ee3b517fbb13210a1ed01
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

The artefact_get_owner_info function did not set a url for site-owned
artefacts.  Worse, because the $url variable was sometimes left
unchanged on a loop iteration, site artefacts could end up being
displayed with the site name linked to an unrelated user profile page,
or group homepage, for example.

Change-Id: If25038e77b7019b40482bbe06ea4da70dab7a683
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

When users are automatically created from an LDAP server, the student
id & display name fields are set in the user table, but not updated as
profile fields in the artefact table, so they're not displayed in the
Edit profile page.

Passing the student id & display name from the auth plugin's
get_user_info function into create_user will ensure they're set as
profile fields as well.

Change-Id: I3ae769394d2f65577f26759309affdfd59070302
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

The in-page-tabs style, used for group and profile tabs among other
things, is only styled correctly when the tab contains a link.  In the
user reports area it's more convenient to use a button, to submit a
lot of post variables, so this patch applies the same style to the
existing input.linkbtn (button disguised as a link) selector.

Change-Id: I14dab9618eec9197d5b14438dc8489648c26df2f
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

This allows the html to be reused on other pages

Change-Id: Iad7195ff5048242515613075aa03ff5eba6a0707
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

This function, and get_views_and_collections() currently only return
views and access records for a single user, group, or institution.  In
the admin reporting area, we want to be able to fetch access lists for
several users at once.

Change-Id: I0c40f7d10742efba75e44664a571e0455bcbea95
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Staff members will be able to search through all users in their
institutions, but they cannot edit a user unless they are also an
administrator for them (institution or site administrator).

Links from the usernames to the account settings page are only
displayed when the logged-in user is an administrator for the listed
user.

The "edit selected users" button is only displayed to site and
institutional admins, and the bulk actions page it links to now
explicitly states which users have been filtered out due to lack of
institutional admin privileges.

Email addresses are removed from the list for staff users.

If the logged-in user is an admin in one institution, and staff in
another, email is displayed and usernames linked only for the
'adminned' users.  The bulk actions page is still reachable, but any
selected users who are not adminned by the logged-in user will be
removed.

Change-Id: Ia65a960df9af7c5794002007e7580ba5f9a4c9d7
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Change-Id: I660fe25d3d9c08bf44dab0dd9a84410083666909
Signed-off-by: Rich Trott <rtrott@gmail.com>

Change-Id: I6521e8c1aedf5f74de648b0732cc43ea9dae28ae
Signed-off-by: Francois Marier <francois@catalyst.net.nz>