1. 15 Jun, 2017 1 commit
  2. 28 May, 2017 1 commit
  3. 23 May, 2017 1 commit
    • Robert Lyon's avatar
      Bug 1692749: Security: Stop event log having plain text passwords · 433ab8e6
      Robert Lyon authored
      This patch only deals with:
      1) removing passwords from existing event_log table data
      2) stopping the recording of passwords into the event_log table
      3) sets the reset password on next login for those users
      It doesn't deal with removing the unnecessary cruft information
      that will be handled by the bug 1692385
      Change-Id: Id29148f78fa6918f5f5afcb89d211ccb3b60c95b
      Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
  4. 11 May, 2017 1 commit
  5. 21 Mar, 2017 1 commit
  6. 13 Mar, 2017 1 commit
    • Gregor Anzelj's avatar
      format_date function returns false (Bug #1670885) · e707353a
      Gregor Anzelj authored and Robert Lyon's avatar Robert Lyon committed
      It is known that under Windows the %e modifier of strftime
      function is problematic. Modifier %l is also problematic and
      must be replced with %#I so that format_date will work under
      Change-Id: I7c0dec6bfd220fbd79a5608a28d152f41df47b6b
  7. 01 Feb, 2017 1 commit
  8. 25 Jan, 2017 1 commit
  9. 09 Jan, 2017 1 commit
  10. 27 Oct, 2016 1 commit
  11. 17 Oct, 2016 1 commit
  12. 07 Oct, 2016 1 commit
    • Aaron Wells's avatar
      Bug 1620879: Remove extraneous "/webservice" from end of plugin components · 98ca273e
      Aaron Wells authored
      Currently, a plugin has to list its component as e.g.
      "module/mobileapi/webservice". This could just be "module/mobileapi".
      Since we're using the component string as part of the automated token
      request system, it's better to change this now to something more sensible.
      behatnotneeded: Tests to come later
      Change-Id: Ia7663065b79598d92c3bf8450c5539efb6aa3e2d
  13. 27 Sep, 2016 1 commit
    • Aaron Wells's avatar
      Documenting that call_static_method() is deprecated · dc852194
      Aaron Wells authored
      PHP 5.0 to 5.2 apparently did not support dynamic access
      of static members, e.g. $classname::$method(). But support
      for this was added in PHP 5.3. So there's no longer any
      reason to use call_static_method().
      Change-Id: Ib2c48251fb3e5a8ca4af9994bd2d648bc40794d2
      behatneeded: Comment update only
  14. 26 Sep, 2016 2 commits
    • Aaron Wells's avatar
      Bug 1533377: Browserid end-of-life migration script · cfef0ff9
      Aaron Wells authored
      This patch removes all authentication functionality
      from the browserid auth plugin. It adds a script,
      accessible through the plugin's configuration page,
      to migrate user accounts from browserid to
      internal auth.
      Also includes changes to allow users to be searched
      by authtype, and to prevent non-useable plugins
      from being enabled on the plugin config page.
      Change-Id: I4e8bd9fc4d2fb2ccaa1845fda533c9373ec251bd
      behatnotneeded: Can't test with behat
    • Aaron Wells's avatar
      Bug 1620879: Improve JSON error messages when JSON flag is on · d382d069
      Aaron Wells authored
      JSON-encodes more information about the error or exception,
      and adds an optional error number.
      behatnotneeded: Can't test in Behat
      Change-Id: I258e7a275d78c91a5f8cd638ab7f6a7590125a6d
  15. 19 Sep, 2016 1 commit
  16. 01 Sep, 2016 3 commits
  17. 31 Aug, 2016 1 commit
    • Aaron Wells's avatar
      Bug 1615280: More robust email validation · 1192c05d
      Aaron Wells authored
      Because all of our emails need to pass PHPMailer's
      validation method before they get sent (due to the way
      PHPMailer is written) it makes the most sense to use
      that for validation.
      Change-Id: I232ab9496ce8fc295a49625c999b48215305216c
      behatnotneeded: Covered by phpunit
  18. 30 Aug, 2016 1 commit
    • Aaron Wells's avatar
      Bug 1600099: Cleanup of the webservice admin page · ce1a97ac
      Aaron Wells authored
      This patch does a few things:
      1. Renames "webservice_enabled" config to "webservice_provider_enabled",
      to indicate that this config only controls Mahara's actions as
      a webservice provider, *not* a webservice client.
      2. Renames all the "webservice_<protocol>_enabled" configs to
      "webservice_provider_<protocol>_enabled" to indicate that they only
      control whether Mahara will provide webservices via that protocol,
      and not whether Mahara will use that protocol as a client.
      3. Renames "webservice_connections_enabled" config to
      "webservice_requester_enabled", to clarify that this config
      controls whether Mahara is allowed to request webservices
      from external sources.
      4. Updates language strings to make these changes clearer.
      5. Rearranges and renames the form methods in
      webservice/admin/index.php to make the flow of control more
      obvious. Now the main form method is first, followed in order
      by the methods that generate its subforms and each of their
      submit hand...
  19. 24 Aug, 2016 1 commit
  20. 23 Aug, 2016 1 commit
  21. 19 Aug, 2016 1 commit
    • Aaron Wells's avatar
      CLI upgrader, better handling of out-of-sequence plugin upgrades · 0e1704c1
      Aaron Wells authored
      Bug 1614805. When a plugin is installed "out of sequence" by a
      call to plugin_upgrade in the core lib/db/upgrade.php file, the
      AJAX-based web upgrader handles it gracefully, because it does
      check_upgrade() before upgrading each plugin, detects the change
      in status, and doesn't run the upgrade for that plugin a second
      The CLI upgrader, on the other hand, uses the same cached data
      from check_upgrades() all the way through, causing it to re-run
      upgrades for such plugins.
      This patch makes it behave the same as the AJAX plugin, running
      check_upgrade() again immediately before each component gets
      upgraded. This does cause some redundancy in code execution,
      but it shouldn't be enough to cause a noticeable performance hit.
      Change-Id: Id5c431fc9e636df2cab05d22e6cc424271ce9f3d
      behatnotneeded: Covered by existing tests
  22. 04 Aug, 2016 1 commit
  23. 13 Jul, 2016 1 commit
    • Aaron Wells's avatar
      Get rid of redundant DB writes in set_config() · a79dd6bb
      Aaron Wells authored
      Bug 1526073. Also in set_config_plugin() and
      set_config_institution() is more complicated, and outside
      the scope of this bug.
      Change-Id: Ibaeb93fea83c190e6ffab7cd000eddf98f3afbb7
      behatnotneeded: Covered by existing tests
  24. 11 Jul, 2016 1 commit
  25. 08 Jul, 2016 4 commits
    • Robert Lyon's avatar
      Bug 1393536: More tidying up · 2c79d608
      Robert Lyon authored and Aaron Wells's avatar Aaron Wells committed
      - making add connection form cancel back to connections page
      with correct institution selected
      - Adding a help icon/page (needs content) for add connections
      - Display tick/cross next to connection name to see if it is enabled
      - Have the 'enable connection manager' master switch bunched with the
      - Changing some strings to make thing clearer
      Change-Id: I875ad6ec745cd136338017e27ef49542157cac7c
      Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
    • Robert Lyon's avatar
      Bug 1393536: Tidying up of the code · fdcac7ba
      Robert Lyon authored and Aaron Wells's avatar Aaron Wells committed
      To keep it consistent with rest of Mahara
      1) Moving the template files to the plugin/auth dir
      2) Removing the old style submenu lines
      3) Removing the bad window.open() calls
      4) Fixing up menu placement / order
      5) Fixing the add connection form's errors so they appear against
      correct fields
      Change-Id: Ic73526a2db2c6f8d7009b374a8ecc0977ba57330
      Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
    • Piers Harding's avatar
      Bug 1393536: remove debug and parameterise remote oauth user · 442dc945
      Piers Harding authored and Aaron Wells's avatar Aaron Wells committed
      Change-Id: Ica193fac3c4ee0d000c503f61205b226da344466
    • Piers Harding's avatar
      Bug 1393536: client connection manager · aa743c03
      Piers Harding authored and Aaron Wells's avatar Aaron Wells committed
      * added new client connection manager screens
      * added client connection manager backend
      Change-Id: Iac103616c7a9cd68cc94ea301a4cb808fe090669
  26. 07 Jul, 2016 1 commit
  27. 06 Jul, 2016 1 commit
  28. 24 Jun, 2016 1 commit
  29. 20 Jun, 2016 1 commit
  30. 15 Jun, 2016 1 commit
  31. 03 Jun, 2016 1 commit
  32. 25 May, 2016 1 commit
    • Aaron Wells's avatar
      Dropping support for PHP 5.3 · fd630ce8
      Aaron Wells authored
      Bug 1576448. As discussed at the 52nd Mahara developer meeting.
      behatnotneeded: Can't test in Behat (requires environmental
      Change-Id: I6cdfb0c154077f597128b7c3c1fd86b40b36c772
  33. 19 Apr, 2016 1 commit
  34. 30 Mar, 2016 1 commit