A new optional parameter $context has been added to the
core_group::groups_get_members_join() function.
Besides, some core_group methods now accept -1 (USERSWITHOUTHGROUP) for
the groupid field.
Whenever the role_capabilities table is changed, we need to remember
to clear the cache for the role(s) being modified. This is far simpler
when all of those changes happen in a single file, i.e. accesslib.php,
allowing other parts of the application to use the public functions
without requiring knowledge of the cache internals.
Thanks to MDL-49398, we can separate the combined user session and role
definition cache clearing function into two separate functions. At the
same time, we want to identify and remove mark_dirty() calls that were
added for role definition changes but were incorrectly left behind.
Change highlights:
- Remove unnecessary mark_dirty() calls performed after
assign_capability(), unassign_capability(), delete_role(),
deleted contexts, brand new contexts
- Move role definition cache clear from the user-centric
accesslib_clear_all_caches() to the newly created,
role-dedicated accesslib_reset_role_cache()
This is another preliminary commit, rationalising the ->work... fields
and also moving the code that sets them up into a separate function.
This is also to prepare for the next commit.
This eliminates a lot of necessary string manipulation for something
that preg can just do with the \b assertion.
The change also extracts all the work to prepare ->work_phrase (renamed
->regexp) into a separate function. This is to pave the way for future
efficiency gains, but for now I have not done them, so it is easier to
verify by inspection that this commit does not change behaviour.
Also, some tidy-ups to the filterobject structure, to eliminate some
redundant fields.
In file_get_all_files_in_draftarea function an integer could get
a null value so it is necessary to execute this function only
when is called with a valid integer value.
The form-autocomplete module uses three Mustache templates
core/form_autocomplete_input, core/form_autocomplete_suggestions and
core/form_autocomplete_selection. However, it did not support executing
the JS that is eventually part of those templates.
Before this patch, we only checked that the given provider has been
configured in the user or system preferences. However, if the provider's
component is disabled, it does not even appear in these preferences.
Additionally, there was no check that the message / notification
provider is among providers allowed to be consumed by the recipient.
The patch checks that the message origin is among providers returned by
the message_get_providers_for_user() so disabled plugins can't act as
sources of messages and users can't receive messages from providers they
do not have capability for. This mitigates the risk of abusing a plugin
as a source of spam, for example.
Unit test is fixed and extended. When the $CFG->messaging is disabled,
no messages between users should be sent (I can't understand why the
unit test was written in an opposite way). Added assertions for the
raised debugging message.
