Group visibility was not taken into account when
generating SQL for getting enrolled users restricted
to a list of groups. This may have allowed users to
infer membership of groups they were not allowed to
see members of.
This commit does few things:
* Unify data generators usage to role short name.
* Replace remaining manual steps to use the new data generator.
* Also replaced other manual steps to set config to use data generators.
* Tidy up of some tests, aligning pipes and splitting one line steps into multiple lines.
* Fixes tests to have one Given/When/Then per scenario.
Added two new buttons to the group page to bulk enable or disable the
selected groups messaging settings.
Supporting Javascript modules were also added to disable/enable the
buttons depending on the groups selected in the picker.
Previously group bulk actions were handled by prepending
_act in the value of the input, and then using a custom function that
accessed $_GET and $_POST to determine which was pressed.
This was refactored in favor of the more standard method of using
optional_param.
These new settings are designed to enchance user privacy surrounding
groups. They allow groups to be configured so that users outside the
group cannot see the group, so that users in the group cannot see each
other, or so that users cannot see the group at all, even if they are in
it. This avoids issues where a group may be assigned based on sensitive
personal information (such as a person requiring special arrangements
due to a disability).
By default, groups are visible to all and available for participation in
activities, which maintains the current behaviour.
For performance, a new cache has been added to track the number of
groups on a course that are not visible to non-members. This allows us
to revert to the existing behaviour if the new features are not being
used at all on a course, and only apply the new visibility conditions if
they are.
Users who have the moodle/course:viewhiddengroups capability should be
concious of exposing hidden groups when showing their screen to other
users. The "Switch role to..." feature can be used to show a course page
on screen without exposing private availability conditions, for example.
The changes cover several specific areas:
* grouplib functions, which most code should use to get lists of groups
and members (this includes the participants page).
* Activities supporting group overrides will not allow overrides for
groups that are hidden from all users.
* Activities supporting separate/visible groups modes will only allow
groups with the new "participation" flag enabled to be selected.
* Group messaging will be disabled for groups where members cannot see
each other, or cannot see the group at all.
Create new entities for exposing report data on course groups and
groupings, joining to existing course/user entities to provide data
for the reportbuilder editor.
All externallib_test, generator_test and filter_test classes:
- Namespaced with component[\level2-API]
- Moved to level2-API subdirectory when required.
- Fixed incorrect use statements with leading backslash.
- Changed code to point to global scope when needed.
- Fix some relative paths and comments here and there.
- All them passing individually.
- Complete runs passing too.
Special mention to tests under testing/tests:
1) The core_testing component doesn't exist.
2) But testing/tests are allowed because there is a suite pointing to it (phpunit.xml).
3) So, the only possible namespace for them is "core".
4) And to avoid problems with other core testcases (under lib/tests)
they have been renamed to have testing_xxxx as prefix.
Finally, also modified calendar/tests/events/events_test.php because it uses
some renamed (core_calendar_externallib_testcase => \core_calendar\externallib_test)
classes.
All lib_test and locallib_test classes:
- Namespaced with component (and API whenever makes sense).
- Fixed incorrect use statements with leading backslash.
- Changed code to point to global scope when needed or add new uses.
- All them passing individually.
- Complete runs passing too.
Special mention to tests under login/tests:
1) The core_login component doesn't exist.
2) But login/tests are allowed because there is a suite pointing to it (phpunit.xml).
3) So, the only possible namespace for them is "core".
4) And to avoid problems with other core testcases (under lib/tests)
they have been renamed to have login_xxxx as prefix.
As far as now all them have correct privacy level2 namespace:
- Move them to "privacy" subdir.
- Rename the files to "provider_test.php", this includes old
privacy_test.php and privacy_provider_test.php files
- Rename the testcase to provider_test too (to match file name)
Also, change some relative paths and comments to point to new
locations.
All privacy_test and privacy_provider_test classes:
- Namespaced with component\privacy.
- Fixed incorrect use statements with leading backslash.
- Changed code to point to global scope when needed.
- Renamed a few files to make all be privacy_test or privacy_provider_test.php
- All them passing individually.
- Complete runs passing too.