1. 16 Mar, 2021 15 commits
    • David Mudrák's avatar
      MDL-67748 admin: Add Behat tests for tokens filtering features · 4a9f8649
      David Mudrák authored
      
      
      Credit goes to Andrew for Behat data generators for webservices.
      Co-authored-by: default avatarAndrew Nicols <andrew@nicols.co.uk>
      4a9f8649
    • David Mudrák's avatar
      MDL-67748 admin: Do not show missing capabilities for mobile app service · b0fd376d
      David Mudrák authored
      We used to display capabilities like "Manage any calendar entries",
      "Delete evidence", "Manage competency frameworks", "View hidden courses"
      and others as "Missing capabilities" for the mobile app service tokens.
      
      This gave dangerous impression that the app will not work for students
      without these capabilities granted. There are known cases of admins who
      started to grant all these caps to the Authenticated user role because
      they were afraid the app would not work for them.
      
      The problem here is that the official mobile app service includes some
      functions that have these capabilities declared as required. But they
      are not really required to use the app. Either the app makes its own
      clever checks of capabilities before calling the functions, or sometimes
      the capabilities are not even correctly declared.
      
      It is safer for everybody to display this information for custom
      services only where the risk of the falsely missing caps is lower and
      the information is more accurate.
      
      Also, the help text has been improved so it does not suggest that these
      capabilities must be always added. We do not know why the service has
      them declared. In some cases, a service has capabilities declared just
      because it makes use of them in the if-then fashion.
      
      Additionally, the patch also displays the service short name because it
      is actually needed to know.
      b0fd376d
    • David Mudrák's avatar
      MDL-67748 admin: Show user identity fields on the manage tokens page · 6ea3588d
      David Mudrák authored
      On sites with many users, the fullname itself may not be unique
      identifier of users. Display the user identity fields below the token
      owner's name.
      6ea3588d
    • David Mudrák's avatar
      MDL-67748 admin: Add filter to the WS tokens management page · c4ad1bf2
      David Mudrák authored
      The patch adds ability to filter the list of token by the token value,
      the user and the service. Also the button to create a new token is made
      more prominent and easier to spot.
      c4ad1bf2
    • David Mudrák's avatar
    • David Mudrák's avatar
      MDL-67748 admin: Refactor tokens management as an external page · 2c177ae4
      David Mudrák authored
      No need to have a dedicated admin_setting_managewebservicetokens admin
      setting subclass, and yet do not use almost any of its features. So the
      patch merges the list and the forms handling into a single external
      page.
      
      Similarly, it feels like overkill to have a renderer method for a
      simple confirmation widget - especially given that the URLs were
      hard-coded in it. So that one was dropped.
      2c177ae4
    • David Mudrák's avatar
      MDL-67748 admin: Improve the display of missing capabilities · 596b0bb2
      David Mudrák authored
      The patch improves the display of the missing capabilities on the Manage
      tokens page and the Select authorised users page. The list of
      capabilities is rendered in a collapsible area and does not occupy too
      much space by default.
      
      Additionally on the later page, the patch improves the display of the
      list of existing authorised users so that it respects the configured
      identity fields.
      596b0bb2
    • David Mudrák's avatar
      MDL-67748 admin: Improve get_missing_capabilities_by_users() · c07f15d7
      David Mudrák authored
      The previous implementation falsely reported all implicit capabilities
      inherited from the authenticated user archetype. That caused a lot of
      capabilities reported as missing, even if they were correctly granted.
      
      This new implementation uses a different logic. Instead of seeking for
      explicitly assigned capabilities, it searches for capabilities that are
      not assigned to any of the user's role across the system.
      
      Please refer to the inline documentation. This should be still used for
      informative reports only, not for actual permissions evaluation. The
      context has been ignored here, as well as all the overrides etc. This
      patch just makes it a lesser evil.
      c07f15d7
    • David Mudrák's avatar
      MDL-67748 admin: Simplify the webservice token form · 0bcaab32
      David Mudrák authored
      We can now use the autocomplete element to select the user. No need to
      for the legacy behaviour.
      0bcaab32
    • David Mudrák's avatar
    • David Mudrák's avatar
      MDL-67748 user: Add new core_user/form_user_selector JS module · b389393d
      David Mudrák authored
      The module provides AJAX support for the autocomplete form element.
      b389393d
    • David Mudrák's avatar
      MDL-67748 user: Add a new core_user_search_identity external function · f51d3a81
      David Mudrák authored
      The purpose of this external function is to provide data for
      asynchronous user selectors and similar widgets. It allows to search
      users matching the given query in their name or other available identity
      fields.
      f51d3a81
    • David Mudrák's avatar
      MDL-67748 user: Fix @link docs tag usage · 614036d7
      David Mudrák authored
      Not related to this issue, just spotted while working on it.
      614036d7
    • David Mudrák's avatar
    • David Mudrák's avatar
      MDL-67748 admin: Move the web services under the server administration · 2bf6db2d
      David Mudrák authored
      I suppose the original reasoning was that the web services protocols are
      pluggable and that plugins can provide external function. But those are
      not good reasons to put the whole Web services section under plugins.
      Web services are not a plugin type and they always felt very
      counter-intuitive there.
      
      From the server administrtaion perspective, web services are similar to
      scheduled tasks and therefore, they should live in the same section.
      2bf6db2d
  2. 12 Mar, 2021 2 commits
  3. 11 Mar, 2021 10 commits
  4. 10 Mar, 2021 10 commits
  5. 09 Mar, 2021 3 commits