Commit 76d0192e authored by Michael Hawkins's avatar Michael Hawkins
Browse files

MDL-7339 admin: Replaced "open to google" references to be more generic

AMOS BEGIN
 MOV [configopentogoogle,admin],[configopentowebcrawlers,admin]
 MOV [opentogoogle,admin],[opentowebcrawlers,admin]
 MOV [check_google_details,report_security],[check_crawlers_details,report_security]
 MOV [check_google_error,report_security],[check_crawlers_error,report_security]
 MOV [check_google_info,report_security],[check_crawlers_info,report_security]
 MOV [check_google_name,report_security],[check_crawlers_name,report_security]
 MOV [check_google_ok,report_security],[check_crawlers_ok,report_security]
AMOS END
parent f3507273
......@@ -17,7 +17,7 @@ if ($hassiteconfig) { // speedup for non-admins, add all caps used on this page
$temp->add(new admin_setting_configcheckbox('forcelogin', new lang_string('forcelogin', 'admin'), new lang_string('configforcelogin', 'admin'), 0));
$temp->add(new admin_setting_configcheckbox('forceloginforprofiles', new lang_string('forceloginforprofiles', 'admin'), new lang_string('configforceloginforprofiles', 'admin'), 1));
$temp->add(new admin_setting_configcheckbox('forceloginforprofileimage', new lang_string('forceloginforprofileimage', 'admin'), new lang_string('forceloginforprofileimage_help', 'admin'), 0));
$temp->add(new admin_setting_configcheckbox('opentogoogle', new lang_string('opentogoogle', 'admin'), new lang_string('configopentogoogle', 'admin'), 0));
$temp->add(new admin_setting_configcheckbox('opentowebcrawlers', new lang_string('opentowebcrawlers', 'admin'), new lang_string('configopentowebcrawlers', 'admin'), 0));
$temp->add(new admin_setting_configselect('allowindexing', new lang_string('allowindexing', 'admin'), new lang_string('allowindexing_desc', 'admin'),
0,
array(0 => new lang_string('allowindexingexceptlogin', 'admin'),
......
This files describes API changes in /admin/*.
=== 3.8 ===
* Admin setting "Open to Google" (opentogoogle) has been renamed to the more generic "Open to search engines" (opentowebcrawlers).
This is a more accurate representation of what is being set and the config string has also been moved and updated to reflect this.
=== 3.7 ===
* Admin setting "Allow blocks to use the dock" (allowblockstodock) has been removed & stings deprecated.
......
......@@ -298,7 +298,7 @@ $string['confignoreplyaddress'] = 'Emails are sometimes sent out on behalf of a
$string['confignotifyloginfailures'] = 'Send login failure notification messages to these selected users. This requires an internal logstore (eg Standard Logstore) to be enabled.';
$string['confignotifyloginthreshold'] = 'If notifications about failed logins are active, how many failed login attempts by one user or one IP address is it worth notifying about?';
$string['confignotloggedinroleid'] = 'Users who are not logged in to the site will be treated as if they have this role granted to them at the site context. Guest is almost always what you want here, but you might want to create roles that are less or more restrictive. Things like creating posts still require the user to log in properly.';
$string['configopentogoogle'] = 'If you enable this setting, then Google will be allowed to enter your site as a Guest. In addition, people coming in to your site via a Google search will automatically be logged in as a Guest. Note that this only provides transparent access to courses that already allow guest access.';
$string['configopentowebcrawlers'] = 'If you enable this setting, then search engines will be allowed to enter your site as a guest. In addition, people coming in to your site via a search engine will automatically be logged in as a guest. Note that this only provides transparent access to courses that already allow guest access.';
$string['configoverride'] = 'Defined in config.php';
$string['configpasswordpolicy'] = 'If enabled, user passwords will be checked against the password policy as specified in the settings below. Enabling the password policy will not affect existing users until they decide to, or are required to, change their password.';
$string['configpasswordresettime'] = 'This specifies the amount of time people have to validate a password reset request before it expires. Usually 30 minutes is a good value.';
......@@ -860,7 +860,7 @@ $string['onlynoreply'] = 'Only when from a no-reply address';
$string['opcacherecommended'] = 'PHP opcode caching improves performance and lowers memory requirements, OPcache extension is recommended and fully supported.';
$string['opensslrecommended'] = 'Installing the optional OpenSSL library is highly recommended -- it enables Moodle Networking functionality.';
$string['opensslrequired'] = 'The OpenSSL PHP extension is now required by Moodle to provide stronger cryptographic services.';
$string['opentogoogle'] = 'Open to Google';
$string['opentowebcrawlers'] = 'Open to search engines';
$string['optionalmaintenancemessage'] = 'Optional maintenance message';
$string['order1'] = 'First';
$string['order2'] = 'Second';
......
......@@ -428,7 +428,7 @@ class manager {
$user = null;
if (!empty($CFG->opentogoogle)) {
if (!empty($CFG->opentowebcrawlers)) {
if (\core_useragent::is_web_crawler()) {
$user = guest_user();
}
......
......@@ -3378,5 +3378,21 @@ function xmldb_main_upgrade($oldversion) {
// Automatically generated Moodle v3.7.0 release upgrade line.
// Put any upgrade step following this.
if ($oldversion < 2019060600.02) {
// Renaming 'opentogoogle' config to 'opentowebcrawlers'.
$opentogooglevalue = get_config('core', 'opentogoogle');
// Move the value over if it was previously configured.
if ($opentogooglevalue !== false) {
set_config('opentowebcrawlers', $opentogooglevalue);
}
// Remove the now unused value.
unset_config('opentogoogle');
// Main savepoint reached.
upgrade_main_savepoint(true, 2019060600.02);
}
return true;
}
......@@ -61,11 +61,11 @@ $string['check_frontpagerole_error'] = 'Incorrectly defined frontpage role "{$a}
$string['check_frontpagerole_name'] = 'Frontpage role';
$string['check_frontpagerole_notset'] = 'Frontpage role is not set.';
$string['check_frontpagerole_ok'] = 'Frontpage role definition is OK.';
$string['check_google_details'] = '<p>The Open to Google setting enables search engines to enter courses with guest access. There is no point in enabling this setting if guest login is not allowed.</p>';
$string['check_google_error'] = 'Search engine access is allowed but guest access is disabled.';
$string['check_google_info'] = 'Search engines may enter as guests.';
$string['check_google_name'] = 'Open to Google';
$string['check_google_ok'] = 'Search engine access is not enabled.';
$string['check_crawlers_details'] = '<p>The "Open to search engines" setting enables search engines to enter courses with guest access. There is no point in enabling this setting if guest login is not allowed.</p>';
$string['check_crawlers_error'] = 'Search engine access is allowed but guest access is disabled.';
$string['check_crawlers_info'] = 'Search engines may enter as guests.';
$string['check_crawlers_name'] = 'Open to search engines';
$string['check_crawlers_ok'] = 'Search engine access is not enabled.';
$string['check_guestrole_details'] = '<p>The guest role is used for guests, not logged in users and temporary guest course access. Please make sure no risky capabilities are allowed in this role.</p>
<p>The only supported legacy type for guest role is <em>Guest</em>.</p>';
$string['check_guestrole_error'] = 'The guest role "{$a}" is incorrectly defined!';
......
......@@ -47,7 +47,7 @@ function report_security_get_issue_list() {
'report_security_check_embed',
'report_security_check_mediafilterswf',
'report_security_check_openprofiles',
'report_security_check_google',
'report_security_check_crawlers',
'report_security_check_passwordpolicy',
'report_security_check_emailchangeconfirmation',
'report_security_check_cookiesecure',
......@@ -308,35 +308,35 @@ function report_security_check_openprofiles($detailed=false) {
}
/**
* Verifies google access not combined with disabled guest access
* Verifies web crawler (search engine) access not combined with disabled guest access
* because attackers might gain guest access by modifying browser signature.
* @param bool $detailed
* @return object result
*/
function report_security_check_google($detailed=false) {
function report_security_check_crawlers($detailed=false) {
global $CFG;
$result = new stdClass();
$result->issue = 'report_security_check_google';
$result->name = get_string('check_google_name', 'report_security');
$result->issue = 'report_security_check_crawlers';
$result->name = get_string('check_crawlers_name', 'report_security');
$result->info = null;
$result->details = null;
$result->status = null;
$result->link = "<a href=\"$CFG->wwwroot/$CFG->admin/settings.php?section=sitepolicies\">".get_string('sitepolicies', 'admin').'</a>';
if (empty($CFG->opentogoogle)) {
if (empty($CFG->opentowebcrawlers)) {
$result->status = REPORT_SECURITY_OK;
$result->info = get_string('check_google_ok', 'report_security');
$result->info = get_string('check_crawlers_ok', 'report_security');
} else if (!empty($CFG->guestloginbutton)) {
$result->status = REPORT_SECURITY_INFO;
$result->info = get_string('check_google_info', 'report_security');
$result->info = get_string('check_crawlers_info', 'report_security');
} else {
$result->status = REPORT_SECURITY_SERIOUS;
$result->info = get_string('check_google_error', 'report_security');
$result->info = get_string('check_crawlers_error', 'report_security');
}
if ($detailed) {
$result->details = get_string('check_google_details', 'report_security');
$result->details = get_string('check_crawlers_details', 'report_security');
}
return $result;
......
......@@ -29,7 +29,7 @@
defined('MOODLE_INTERNAL') || die();
$version = 2019060600.01; // YYYYMMDD = weekly release date of this DEV branch.
$version = 2019060600.02; // YYYYMMDD = weekly release date of this DEV branch.
// RR = release increments - 00 in DEV branches.
// .XX = incremental changes.
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment