Skip to content

GitLab

Switch branch/tag
  1. 19 Jan, 2018 1 commit
  3. 09 Jan, 2018 3 commits
  5. 03 Jan, 2018 1 commit
  7. 14 Dec, 2017 1 commit
  9. 11 Dec, 2017 1 commit
  11. 07 Dec, 2017 1 commit
  13. 04 Dec, 2017 1 commit
    • Ghada El-Zoghbi's avatar
      Bug#1735072: Upgrade error with event_log updated columns · a7acb6a5
      Ghada El-Zoghbi authored 
      Several issues resolved:
1. The event_log.time column has been removed
and replaced by ctime. The handl_event() call is using
the new column even though the new column has
not been created yet in the upgrade script.
Therefore, include both columns in the event handling.

2. The 'deleteartefacts' event stores multiple
artefact IDs in the one event_log record. Therefore,
there is not a one-to-one relationship when converting the
record to the new format. Ignore the record when setting
the resourceid and resourcetype.

3. In the 'saveartefact' and 'deleteartefact' events,
not all of the event_log records have 'id' and 'artefact'.
Ignore setting the resourceid and resourcetype fields
when the data is not available.

4. For newer versions of Postgres and MySql, utilise
the json dattype to convert the data held in the
event_log.data column. This will speed up the
processing of the table for sites with large data
in the event_log table.

Sponsored by Australian National University

behatnotneeded

Change-Id: If068dac825b9cef6301cd970f0a368124a67b3f1
      a7acb6a5
  15. 16 Nov, 2017 1 commit
    • Cecilia Vela Gurovic's avatar
      Bug 1572825: added Voki html filter for embed code · 207889a5
      Cecilia Vela Gurovic authored and Robert Lyon's avatar Robert Lyon committed 
      Added new html custom filter to allow
voki embed code with javascript tags.

issue with the creation/edition of blocks:

Voki embed code its a javascript code that loads
js functions from a remote file and makes a call to a
AC_Voki_Embed() function

parameters:

function AC_Voki_Embed (width, height, chsm, sc,
transparent, bgcolor, returnFlag, playerType)

The number of parameter makes the difference between
old and new voki code. The old one will have only 7,
the new one will have one more.

The new embed code will have playerType = 1
The function uses an XMLHttpRequest to obtain the
new embed code. When we are loading the page,
there is no problem. But when we are editing or
creating the block, the the connection with the object
gets lost and the embed code is never loaded.
Solution found: reload the page after editing or adding
a block with new voki code.

The old voki code can have
returnFlag = 1 will return a string with the code
returnFlag = 0 will load the embed code in the page (by default)
In this last case, after the function creates the embed code,
it will call document.write('embed code')
if we are loading a page with the embed code, we have no problem
but if we have the page already loaded and we are editing the block
or creating it, the document.write will replace all the html
with the embed code.
Solution found: change parameter of the function so it returns
the code instead, then manually add it in the correct place
of the html.

behatnotneeded

Change-Id: Ieed00b6c6887715b707b8123082a1312f3db1d9c
      207889a5
  17. 05 Nov, 2017 1 commit
  19. 30 Oct, 2017 1 commit
    • Cecilia Vela Gurovic's avatar
      Bug 1660237: removed old mobile api · d7018426
      Cecilia Vela Gurovic authored and Robert Lyon's avatar Robert Lyon committed 
      removed code from htdocs/api/module/ files and replace it with a json reply error message.
removed the 'allowmobileuploads' config variable since it is only used by the old mobile api.
removed the 'mobileuploadtoken' values in usr_account_preferences since they are only used by old mobile api. The new mahara mobile uses external_tokens table to store its access tokens.

behatnotneeded

Change-Id: I02e94079fc83aa6a81534b70446f7e8ab2ebd7a4
      d7018426
  21. 27 Oct, 2017 1 commit
    • Cecilia Vela Gurovic's avatar
      Security Bug 1701978: fix session cookie issues · d02855fc
      Cecilia Vela Gurovic authored 
      1. when a user logs in it clears any obsolete
   usr_session cookies for the user
2. recording the user-agent of the session
   and if it changes to prompt the user to
   login again
3. when self adding / editing email address(es)
   send 2 emails
	- one to the new email address asking user to confirm address
	- and one to the primary email address to alert user
	that a new email is being added to their account and
	if this is bad how to contact their admin about the problem.

behatnotneeded
Change-Id: Ia44b66cf831abd553b72aa8b1d58d2a2634863b8
      d02855fc
  23. 11 Oct, 2017 1 commit
  25. 26 Sep, 2017 1 commit
  27. 24 Sep, 2017 1 commit
  29. 22 Sep, 2017 2 commits
  31. 14 Sep, 2017 1 commit
    • Robert Lyon's avatar
      Bug 1692385: Adjusting the handle event for 'updateviewaccess' · a3d904e1
      Robert Lyon authored 
      

We want to record things like so:

resourceid = view_access.id
resourcetype = what type the view_access row is for, eg 'token',
'user', 'loggedin' etc
parentresourceid = the id if the view the access is for
parentresourcetype = 'view';
ownerid = the id of the owning resource, eg usr.id / group.id / institution.name
ownertype = what owns the resource, eg user / group / institution

Also this patch adjusts how we index things into elasticsearch

behatnotneeded

Change-Id: I079a42ded2fefaab64a6e49fc26e8aad303c9e8a
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
      a3d904e1
  33. 09 Sep, 2017 1 commit
    • Robert Lyon's avatar
      Bug 1692385: Adjusting the event_log table · ebd928b1
      Robert Lyon authored 
      

Add 5 new new columns to event_log table make searching over the
data easier and also record the id of any parent/related info as well

Eg, if one deletes an image block from a page we now record:
id - the event id
resourceid - the block id
resourcetype - the blocktype, eg image
parentresourceid - the id of the parent, eg view id
parentresourcetype - the type of parent, eg 'view'

Because we would not be able to find related view info from just the
block id anymore.

Also added the ability to index and search over event information in
elasticsearch search type event_log

Change-Id: I280c1c75c35a6c58f42d8acb36cf5c24c70b902d
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
      ebd928b1
  35. 03 Sep, 2017 1 commit
  37. 29 Aug, 2017 1 commit
  39. 27 Jul, 2017 1 commit
  41. 08 Jul, 2017 1 commit
  43. 29 Jun, 2017 2 commits
  45. 28 May, 2017 1 commit
  47. 23 May, 2017 1 commit
    • Robert Lyon's avatar
      Bug 1692749: Security: Stop event log having plain text passwords · 433ab8e6
      Robert Lyon authored 
      

This patch only deals with:
1) removing passwords from existing event_log table data
2) stopping the recording of passwords into the event_log table
3) sets the reset password on next login for those users

It doesn't deal with removing the unnecessary cruft information
that will be handled by the bug 1692385

behatnotneeded

Change-Id: Id29148f78fa6918f5f5afcb89d211ccb3b60c95b
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
      433ab8e6
  49. 11 May, 2017 1 commit
  51. 16 Mar, 2017 1 commit
  53. 15 Mar, 2017 1 commit
  55. 13 Mar, 2017 1 commit
  57. 10 Mar, 2017 1 commit
  59. 26 Feb, 2017 1 commit
  61. 24 Feb, 2017 1 commit
  63. 15 Feb, 2017 1 commit
  65. 14 Feb, 2017 1 commit
    • Robert Lyon's avatar
      Bug 1650995: Auth saml idp metadata fix · 8665b925
      Robert Lyon authored 
      

This patch allows the dataroot/metadata/*.xml file to be named after
the idp rather than the Mahara institution.

Also added
- A select dropdown so that institution can pick existing auth to be
paired to
- Upgrade to rename the dataroot/metadata/*.xml file
- Check to stop being able to add blank metadata field
- An alert for user when updating metadata if other institutions are also being effected
- Delete the metadata if deleted institution is only one using it

behatnotneeded

Change-Id: Ie3f5cdc523404b1081352ede67aab591e79b6dbb
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
      8665b925
  67. 09 Feb, 2017 1 commit
    • Cecilia Vela Gurovic's avatar
      Bug 1655456: fix shared collection not displaying · 359f3540
      Cecilia Vela Gurovic authored 
      Collection shared to a group was not displaying
in group page and shared with me page
after first page of collection was deleted.
Fixed by resetting the order when deleting a view.

behatnotneeded

Change-Id: I096114ecf50b7a3af6d1393b387073676a984006
      359f3540
  69. 26 Jan, 2017 1 commit
  71. 25 Jan, 2017 1 commit