The new configuration flag $CFG->forceclean overrides the noclean
option when calling format_text() so that the text is always
and unconditionally cleaned.
The add/roles thing was only converted to bootstrap 2/4 markup and the yui left in place.
The modal for adding users to a course was unsavable so I rewrote it with an mform in a popup, still calling
the same (barely) modified ajax script.
The webservice for searching cohorts was taken from admin/tool/lp and moved into /cohort. I added a generic "cohort"
mform element at the same time.
The webservice for searching for users was taken from the original ajax script.
The variables AJAX_SCIRPT, CLI_SCRIPT, WS_SERVER are always defined (and set to false)
when webpages are rendered, hence the check of 'defined' is invalid
We should be detecting when we are treating files that are linked to
external repositories.
For doing that we'd need to return some additional fields via Web
Services:
- isexternalfile
- mimetype (google docs files use an special one)
- repositorytype (the repository plugin name)
Private tokens are generated at the same time that the token.
They must be stored safely by the ws client, and they must be transmitted only via https.
component, filearea and itemid are now optional parameters.
In some contexts those parameteres are not necessary because is not
required to do a file rewrite via file_rewrite_pluginfile_urls
This also clarified that developers can decide to force filters
to be ignored when using external_format_text, though they cannot
force filters to be turned on as the clients should be able to
opt-out from filtering should they want to.
1. Improve upgrade note
2. Don't abuse $PAGE to get the current course/cm
3. Use validate_context, never $PAGE->set_context()
4. Reset current coursemodule in validate_context().
5. Respect moodlepageclass when calling an external function.
Fix:
$PAGE->context must be reset when calling validate_context
Improve:
Provide wrapper for calling an external function
The wrapper correctly checks the function parameters and return type against
the description of the external function, and stores the PAGE and COURSE global
state variables, restoring them before the function returns.
Fix: buggy unit tests.
These tests are expecting debugging from a bug that was fixed, and calling web
service functions with no user or session.
Optional params are not allowed as the top level value for external_function_parameters.
This is because stricter protocols (xmlrpc and soap) cannot handle optional parameters, only
optional properties in a structure.
Now the db/service.php array can contain these extra keys to provide information
on how a webservice may be called:
'ajax' => true (Default is false)
Replaces the xx_is_allowed_from_ajax callback.
'loginrequired' => false (Default is true)
Means that this webservice can be called through lib/ajax/service-nosession.php
which sets NO_MOODLE_COOKIES to true (faster). This is only safe for webservices returning
static public data (e.g. get_string).
Some webservice functions need to be available without a login, e.g.
fetching strings and templates.
External functions must call validate_context if they require a valid login etc.
Added a new parameter to services.php: "loginrequired". Default is true.
