Currently, the password help text does not encourage passphrases.
This patch makes all 8(!) instances of the text do so.

Change-Id: I72b76c5c53d398c3f31dd27bdf3120150a2d62d2
Signed-off-by: Melissa Draper <melissa@catalyst.net.nz>

As demonstrated by http://xkcd.com/936/

 the current password policy encourages
passwords with low entropy. Young users especially struggle with the password
policy. This patch drops the mandatory number & 2 letters rule.

Change-Id: Ifb9f4a24f53ab86ddf52f69ca3e07611c41bec64
Signed-off-by: Melissa Draper <melissa@catalyst.net.nz>

When the view acl screen was changed to streamline the setting of
access permissions to multiple views/collections at once, secreturls
moved out of this screen. As it is still in the share tab, it is not
obvious to users that they should return to the list of views and
collections to find the secreturl screen. This text guides them there
with a handy link and explanation of the screens.

Change-Id: I47406747a374d5d210c46473a0b4c28134f829aa
Signed-off-by: Melissa Draper <melissa@catalyst.net.nz>

Bug #826453

Change-Id: I1e6c102b67ad0342a1d91494e84f74617722db93
Signed-off-by: Eugene Venter <eugene@catalyst.net.nz>

Bug #825595.

Add "Friends" search functionality to "Share with other users and
groups" section. The Friends search view is also the new default now,
instead of Users.

Change-Id: Id2c278a64e1c8d921cb8bea8179a8c39e6a47a50
Signed-off-by: Eugene Venter <eugene@catalyst.net.nz>

Add 'Displayname' column and updated search to include preferredname.

Bug #811799

Change-Id: Ie3d63bf412888b4bf3b0983eaf95396b2f099c00
Signed-off-by: Eugene Venter <eugene@catalyst.net.nz>

Change-Id: I5716ab99dc58b6d0c319d51eed9ee6796b68aa67
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

* changes:
  Add function to get groups with the properties expected by update_group()
  Allow per-group page editing permissions
  Enable submissions per-group, and decouple from 'course' groups
  Add subheadings to create/edit group settings
  Add more flexible group jointypes (bug #610690)
  Combine group create & edit pages
  Remove can_become_admin check when changing group roles
  Remove hardcoded references to 'tutor' role in core code (bug #827762)

This replaces the template form with a pieform. Due to pieform name convention,
the css style for 'language-select' has been renamed to 'languageselect'.

Change-Id: Ifd1aae9a81d7900113452b277199219998a4d80f
Signed-off-by: Ruslan Kabalin <ruslan.kabalin@luns.net.uk>

This will be useful for the webservice api.  The edit group page has
also been changed to use the same function.

Change-Id: I4010413fdf72d6aab635326b279ab60714478119
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

The roles which have edit permissions on group views is set for each
grouptype.  This changes the setting to be per-group.

Partially addresses bug #547362, bug #631189

Change-Id: I3f51f0ed44b7f479a094a2c5b2e2ee4807722e34
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

View submission was previously enabled on all (and only) course
grouptype groups (those groups with tutors).  After this change
view submission can be turned on and off on any group, and if a
group has no tutors (standard grouptype), then only the group
admins will be allowed to assess submitted views.

Change-Id: I6df7f9dfc1b9fadbe39887ead4c1aa5c7a9eaed6
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Change-Id: Ie13b7255462bb550024155a9c1fb0528fd88a95c
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

The four existing jointypes, 'open', 'controlled', 'request' and
'invite' are mutually exclusive, but they don't need to be so strict.
This patch introduces more flexibility in the way groups allow new
members to join.

* Group admins can always send membership invitations to a group, even
  if it's open or controlled
* Membership requests can be enabled for any group unless it has open
  membership.
* The grouptype now determines the set of roles available to a group,
  but no longer restricts the available join types.

The db upgrade will preserve existing behaviour apart from enabling
invitations on open, request, and controlled groups.

Change-Id: I8bb0940a37f3c0c36366c1d5b8d27e8b9914a7e3
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

This reduces duplication, but will also make it easier to do the major
upcoming group type update.

Change-Id: Ie2e5b81c412106af2fe0d1da6b7a595c79caf081
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

This function always returns true, and can be removed.  It's just a
leftover from the attempt to prevent non-staff becoming controlled
group admins (see bug #492009, bug #603044).

Change-Id: Ib58aa4966f2cd94465dd657c081b51a12464f153
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Change-Id: I7e72a77375cff65dd20189ba1b93cf9dbda3be42
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

When a logged-out user visits the profile of someone who hasn't had
a profile view generated, an attempt is made to fetch the id of the
non-existent view.  This happens e.g. when the user account was
created by an admin, and the owner hasn't logged in yet, and no
logged-in user has tried to visit the profile either.

Change-Id: I66086280fc0ee09da81e262f94faf476d05e76b4
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Created new lang string and update form to use it.
It will now display "Delete Account of: username / fullname"
Bug#812115

Change-Id: I0fa4781a8a23473a9c8ac8b3d81d05b2b7d06067
Signed-off-by: Christopher Tombleson <christopher@catalyst.net.nz>

This patch adds support for multiple file uploading added in HTML5 specs.
It allows the user to select multiple files when the file dialog box comes
up asking for a file to upload.

Change-Id: If8a3e26be29570b7366008c2675fc5539c7e8874
Signed-off-by: Francois <Marier&lt;francois@catalyst.net.nz>
Signed-off-by: Hugh Davenport <hugh@catalyst.net.nz>

Ensure that the target 'wantsurl' for redirection
is not back to itself, and is also within the
current site.

Change-Id: Ieb729e47b4cad3e52985e72065e6f8e8c8f338f7
Signed-off-by: Piers Harding <piers@catalyst.net.nz>

suppress errors issued when registered globals is off
ensure user object is flushed before user is reanimated

Change-Id: Icce1cbbb887ee2bf344ecc6fd98a1f279920aed7
Signed-off-by: Piers Harding <piers@catalyst.net.nz>

group.php functions are called in (at least) two places in the file
but previously only required immediately before the first instance.
This will cover all instances it's needed.

Change-Id: I708bf88125859288640da33f1c805aa5e76ad8ca
Signed-off-by: Melissa Draper <melissa@catalyst.net.nz>

This patch removes the 'temporary' code that was checking for the
existance of the session directories at each session creation. This
check is performed at install and at update, however if the session
directory goes away somehow between updates, there is currently
_no_ way to restore it without one of these two options. This may
need to be considered before merging in this change.

Change-Id: Ia6020c0b73ce9e172e718c9638a312b1f0162295
Signed-off-by: Melissa Draper <melissa@catalyst.net.nz>

Removed the standard spellchecker plugin and replace it with
the PHP spellchecker plugin.
Bug#828445

Change-Id: Ib70ce794c1e8d2fe3e28778942ac6ae751195f2d
Signed-off-by: Christopher Tombleson <christopher@catalyst.net.nz>

Add hooks so that plugins can update menu structure
via Plugin*::menu_items()
and local_right_nav_update()

Change-Id: I051e5e611b1d0a6b9a169fbf2f5a782c789dc93d
Signed-off-by: Piers Harding <piers@catalyst.net.nz>

This array structure was too deep and caused invalid records to
get added to the DB on MySQL (since it doesn't have CHECK
constraints) and errors on Postgres.

Bug introduced in e283a68a

 while
implementing the features described in bug #807278.

Change-Id: I65aa9b6de736294320e6d2bce2ea549a67ba2577
Signed-off-by: Francois Marier <francois@catalyst.net.nz>

Part of bug #807278

Profile page now behaves more like a normal page/view, with the
following exceptions:
- Not removable
- Title, description and tags not editable
- No advanced sharing options
- Cannot be part of a collection
- Not available in bulk access update options

Change-Id: Ia42cdaee7978fe2e737a89cd79b043feb02ceb0d
Signed-off-by: Eugene Venter <eugene@catalyst.net.nz>

Part of bug #807278

Add new site setting to force logged-in access to profile pages

Change-Id: I7e1634cba16759923e3aa4c64d129d1f5280665f
Signed-off-by: Eugene Venter <eugene@catalyst.net.nz>

Part of bug #807278

Change-Id: I3c01e88577262dd610f5df74f79f5150e3978dd9
Signed-off-by: Eugene Venter <eugene@catalyst.net.nz>