Using DI for all hook access means that it becomes significantly easier
to mock hooks and callbacks for unit testing without fundamentally
altering the structure of the code purely for the purposes of unit
testing.
This commit effectively reverts MDL-63153.
Calls to action in the UI for other products or marketing
should link directly to the corresponding services in moodle.com
rather than trying to replicate parts of it in LMS.
Note: Removing the manual require for the attribute from moodlelib
because the class does not have to exist at time of definition, only
when the Reflection API instantiates an instance in \core\deprecation,
by which point the autoloader is available.
Most params are formally deprecated here. This was originally planned
for MDL-80042, but I realised that having an emit, and final param is a
very useful option going forward.
This patch also moves the is_deprecated(), and related methods to the
\core\deprecated attribute.
Besides adding the is_guest() check in the check_password_policy() condition,
I also changed the temporary user ID because the temporary user and
the guest must not share the same ID. Otherwise, it will raise an error.
Co-authored-by: Andrei Bautu <abautu@gmail.com>
This is a Moodle version of a proposed function `array_keys_filter`.
Since this method has not yet been created in upstream PHP, I have
elected to name it with a Moodle prefix as the signature is not known.
In the future, if and when this method is created, we can replace its
content with new method and deprecate it.
The API was incorrectly assuming that all uses of the API were for a
course, and that the instanceid of the communication instance was a
course id. These assumptions are both entirely wrong.
The API is intended to support a range of uses including use at the
site, user, and activity levels.
Furthermore, if a group were to be used, then the instanceid should be
of that group's id, and therefore the contextid would need to be fetched
or that group's course instead.
The only solution here is to add a new contextid field to the table, and
implement it all parts of the API.
* Makes it possible to safely call acquire_lock so that it throws an
exception instead of returning false if it can't get a lock (which
most existing uses assumed it already does).
* Fix some omissions from the requirelockingbeforewrite option (it
now checks on delete).
* Modinfo uses a versioned cache, so it is not necessary to delete
items, only increase the version. (Provided we keep track of
cacherev carefully...)
1. Modified the password related forms
2. Added a new constant in moodlelib.php called MAX_PASSWORD_CHARACTERS
3. Added a new method in moodlelib.php called exeeds_password_length
4. Updated the upgrade.text
Add a pepper to the users supplied password.
The pepper is stored in CFG and user to add extra security to
the password hash. By effectively breaking the information to
create the hashed password into two and storing it in more
than one place.
* Add parameter to drop zero time units. So a time interval like
"3d 0h 0s" will be returned as "3d" only.
* Add parameter to display full format for time units. E.g. Instead of
"3d 2h", it will be returned as "3 days 2 hours"
* Deprecate unused dateintervaldayshoursmins langconfig string.
Replace the bcrypt password hashing algorithm with SHA-512.
Existing bcrypt hashes will be updated to SHA-512 when a user
logs in next. Support for old md5 hashes has been removed.
Any reamining md5 hashes are replaced with SHA-512 hashes
from strong random passwords.
