Skip to content
GitLab
  1. 11 Apr, 2019 1 commit
  3. 09 Apr, 2019 1 commit
    • Robert Lyon's avatar
      Bug 1823065: Site staff should not see users outside 'no institution' · 279c33c4
      Robert Lyon authored 
      

When $cfg->isolatedistitutions are turned on because if they can and
message a user that user can't reply to them

Also fixed default filter option from throwing error if current user
is in no institution

Also fix up online users - consolidate duplicate code and restrict
non-admins in no institution is isolated institutions is turned on

behatnotneeded

Change-Id: I5828147461f513bb392598d62337d417e631e6f2
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
      279c33c4
  5. 02 Apr, 2019 1 commit
  7. 30 Mar, 2019 1 commit
    • Gregor Anzelj's avatar
      Bug 717196: Isolated institutions · 258c4744
      Gregor Anzelj authored and Robert Lyon's avatar Robert Lyon committed 
      Isolated institutions is a feature that allows locking down
access for members of institutions so that they are separated
entirely and disallow contact between members of one
institution with members of another institution.

behatnotneeded

Change-Id: Ib94681aff5543ad26887f24b2eb7fce9d0c8b8d2
      258c4744
  9. 29 Mar, 2019 1 commit
  11. 27 Mar, 2019 1 commit
  13. 14 Mar, 2019 1 commit
  15. 26 Feb, 2019 2 commits
  17. 22 Feb, 2019 1 commit
  19. 07 Feb, 2019 1 commit
  21. 23 Jan, 2019 1 commit
  23. 19 Dec, 2018 1 commit
  25. 20 Nov, 2018 1 commit
  27. 06 Sep, 2018 1 commit
    • Cecilia Vela Gurovic's avatar
      Bug 1790742: stop deleting user sessions when updating user data · 59e381ef
      Cecilia Vela Gurovic authored 
      the user sessionids are removed from the DB
to prevent users from reseting the user data when they are logged in
while their user is being updated through CSV file

this fix deletes the sessionids when uploading CSV files
and not in the update_user general function
to prevent logging out of the user when updating through web services

behatnotneeded

Change-Id: I3eca84dd10a035c4b9fe3ad180ca8ba32746b3c6
      59e381ef
  29. 31 Aug, 2018 1 commit
  31. 14 Aug, 2018 1 commit
    • Rebecca Blundell's avatar
      Bug 1752743: replace php 7.2 deprecated functions · c6c6c295
      Rebecca Blundell authored and Robert Lyon's avatar Robert Lyon committed 
      replaced each() with foreach in core code.
replaced create_function() with anonymous function in core code.

Also removed some functions that were not used anymore

behatnotneeded

Change-Id: I300396a1ec04c75d7882b7ec5c9de76c3763e70d
      c6c6c295
  33. 01 Aug, 2018 1 commit
  35. 19 Jun, 2018 2 commits
  37. 20 May, 2018 1 commit
    • Robert Lyon's avatar
      Bug 1763163: record who has been given what page for one time copy · 1dcaef85
      Robert Lyon authored 
      

This changes the parent patch a bit. Instead of recording on the view
table if a page is able to be copied to existing group members we
insetad record in a new existing copy table if a group page/collection
has been copied to a member and if not make the copy.

We've also made the switch a slide switch, eg when switching it to
'Yes' it does the task on save and then switches back to 'No'.

This means at a later time if set to 'Yes' again it will do the copying
again and give any newer members a copy of all pages/collections as
well as give older members copies of any newer pages / collections /
collection pages since the previous switching to 'No'

Note: Currently adding new collection pages to older members will only
add the pages as singular pages to their portfolio.

behatnotneeded

Change-Id: Ia22d8138d80ec5fdb5a401de7289b256f9e5fc69
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
      1dcaef85
  39. 02 May, 2018 1 commit
  41. 21 Mar, 2018 1 commit
  43. 06 Mar, 2018 1 commit
    • Ghada El-Zoghbi's avatar
      Bug 1745278: check user is logged in for publicly viewable groups · 65f6e575
      Ghada El-Zoghbi authored 
      When a group is public and allows submissions, we need to check
that the user is logged in before retrieving the list of
sumibtted pages/collections to the group.

Sponsored by The Australian National University
behatnotneeded

Change-Id: Id8aeffea12aa36f27122069f9372fcb7b9ed95c5
      65f6e575
  45. 22 Feb, 2018 1 commit
  47. 16 Feb, 2018 1 commit
    • Cecilia Vela Gurovic's avatar
      Bug 1734178: allow user to delete own account · 9837f182
      Cecilia Vela Gurovic authored and Robert Lyon's avatar Robert Lyon committed 
      added settings

- institution level: reviewselfdeletion
    0 if the institution does not require approval
      from an admin to delete an account
    1 if the institution requires an admin to approve
      account deletion requests from users
    if not set, it takes the value from the site's
    default

- site level: defaultreviewselfdeletion
  (Site options->User Settings -> Review account before self-deletion)
    1 if the site's default is requiring approval
    null otherwise

Account deletion by a user

when a user accesses to the account settings, a
'Delete account' button is displayed.

This will:
- If the user belongs to an institution that requires
  approval (or does not have the settings but the site
  requires approval by default)
    then a notification will be sent to the admins
    of the institutions that require approval that
    the user belongs to
- if the user belongs to institutions and none of them
  require approval (or does not have the setting
  but the site does not require approval by default)
    then the account is deleted
- if the user does not belong to any institution
    then the action will depend on the setting of
    the 'mahara' institution or sites default if
    'mahara' doesn't have the setting

Approval by institution admins

An institution admin can see the pending deletion
requests in Admin menu-> Institution -> Pending deletions
After approving/denying a request, the user
that requested the account deletion will receive
a notification

behatnotneeded
Change-Id: I4ccd9c798cab065ec557eaddf7dfc3a51920b6d0
      9837f182
  49. 14 Feb, 2018 4 commits
  51. 12 Feb, 2018 2 commits
  53. 08 Feb, 2018 1 commit
    • Maria Sorica's avatar
      Bug 1734169: Suspend user if privacy statement is refused · 382e5f7e
      Maria Sorica authored 
      If a privacy switch has the value 'No', a confirmation
form will be displayed to make sure this is really the
users decision.
If yes, the users account is suspended.

behatnotneeded

Change-Id: Ifa7c175569cbad780a449c8431d4d9f981839c21
      382e5f7e
  55. 05 Feb, 2018 1 commit
    • Maria Sorica's avatar
      Bug 1734174: Add the after login privacy page · 44a6284e
      Maria Sorica authored 
      Upon login, if the user has not yet agreed to the most
recent Privacy statement versions, he will be redirected
to this page.

On install admin user accepts default privacy

behatnotneeded

Change-Id: I6afc3d4d4db0676782a8b1501a962862108eab6b
      44a6284e
  57. 24 Jan, 2018 1 commit
  59. 03 Jan, 2018 1 commit
  61. 22 Nov, 2017 1 commit
  63. 10 Nov, 2017 1 commit
  65. 07 Nov, 2017 1 commit
  67. 30 Oct, 2017 1 commit
    • Cecilia Vela Gurovic's avatar
      Bug 1660237: removed old mobile api · d7018426
      Cecilia Vela Gurovic authored and Robert Lyon's avatar Robert Lyon committed 
      removed code from htdocs/api/module/ files and replace it with a json reply error message.
removed the 'allowmobileuploads' config variable since it is only used by the old mobile api.
removed the 'mobileuploadtoken' values in usr_account_preferences since they are only used by old mobile api. The new mahara mobile uses external_tokens table to store its access tokens.

behatnotneeded

Change-Id: I02e94079fc83aa6a81534b70446f7e8ab2ebd7a4
      d7018426