Before this patch, we only checked that the given provider has been
configured in the user or system preferences. However, if the provider's
component is disabled, it does not even appear in these preferences.
Additionally, there was no check that the message / notification
provider is among providers allowed to be consumed by the recipient.
The patch checks that the message origin is among providers returned by
the message_get_providers_for_user() so disabled plugins can't act as
sources of messages and users can't receive messages from providers they
do not have capability for. This mitigates the risk of abusing a plugin
as a source of spam, for example.
Unit test is fixed and extended. When the $CFG->messaging is disabled,
no messages between users should be sent (I can't understand why the
unit test was written in an opposite way). Added assertions for the
raised debugging message.
Without this relative URLs passed (like /message/index.php)
were being redirected to HOST/message/index.php rather than
$CFG->wwwroot/message/index.php.
If you pass a URL that is not a valid URL (for example
';') it is cleaned to an empty string which redirects to
$CFG->wwwroot/message/output/popup/ which is not a valid
page.
We allow notifications to have a null value for the 'contexturl'.
In this case we should not be appending a 'redirecturl' param to
the URL when it is going to be empty.
Remove AJAX requests core_message_get_unread_conversations_count and
message_popup_get_unread_popup_notification_count and
render the unread messages and notifications into mustache template.
It's possible the '\core\message\message' object has a null value
for the 'courseid' which is used in \core\message\manager::send_message().
Make sure we compensate for this.
Significant string changes:
* sitepolicies, core_admin - 'Site policies' changed to 'Site security
settings'
* processexpirationstask, enrol_paypal - more explanatory name
* sitepolicy_help and sitepolicyguest_help, core_admin - setting will
only have an effect if the site policy handler is set to default
* sitepolicyhandler_desc,core_admin - improved wording
* pathtodot_help, core_admin - Windows and Mac paths
* debugstringids_desc, core_admin - improved explanation
