mirror/moodle-auth_outage
1
0
Fork 0
mirror of https://github.com/catalyst/moodle-auth_outage.git synced 2026-05-17 05:48:43 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: mirror:ci-testing
Branches Tags
mirror:MOODLE_501_STABLE mirror:MOODLE_39_STABLE mirror:TOTARA_19 mirror:ci-testing mirror:revert-359-MOODLE_39_STABLE-issue358 mirror:MOODLE_38_STABLE mirror:supports-mfa mirror:t17-php81-compat mirror:m42-php81-compat mirror:TOTARA_13_STABLE mirror:MOODLE_39_STABLE_enable_behat mirror:MOODLE_39_STABLE_Issue209 mirror:MOODLE_39_STABLE_issue_209 mirror:MOODLE_32_STABLE mirror:master mirror:wr334284-plugin_update mirror:totara-10 mirror:admin-message mirror:master-failunittest mirror:moodle34_behat_issue
mirror:1.0.10
..
compare: mirror:supports-mfa
Branches Tags
mirror:MOODLE_39_STABLE mirror:MOODLE_501_STABLE mirror:TOTARA_19 mirror:ci-testing mirror:revert-359-MOODLE_39_STABLE-issue358 mirror:MOODLE_38_STABLE mirror:supports-mfa mirror:t17-php81-compat mirror:m42-php81-compat mirror:TOTARA_13_STABLE mirror:MOODLE_39_STABLE_enable_behat mirror:MOODLE_39_STABLE_Issue209 mirror:MOODLE_39_STABLE_issue_209 mirror:MOODLE_32_STABLE mirror:master mirror:wr334284-plugin_update mirror:totara-10 mirror:admin-message mirror:master-failunittest mirror:moodle34_behat_issue
mirror:1.0.10

3 Commits
ci-testing ... supports-m

Author SHA1 Message Date
Sasha Anastasi
b49538e24d Align documentation with standard 2023-11-16 15:32:41 +13:00
Sasha Anastasi
10b201b638 Add documentation for new function 2023-11-16 14:16:16 +13:00
Sasha Anastasi
7625353660 auth.php: add supports_mfa function for T18 core_mfa compatibility test 2023-11-16 14:02:14 +13:00
48 changed files with 485 additions and 546 deletions
Expand all files Collapse all files

5
.github/workflows/ci.yml vendored
View File

@@ -6,6 +6,5 @@ on: [push, pull_request]
jobs:
ci:
uses: catalyst/catalyst-moodle-workflows/.github/workflows/ci.yml@main
secrets:
moodle_org_token: ${{ secrets.MOODLE_ORG_TOKEN }}
with:
disable_behat: true

21
.github/workflows/moodle-release.yml vendored Normal file
View File

@@ -0,0 +1,21 @@
#
# Whenever version.php is changed, add the latest version
# to the Moodle Plugins directory at https://moodle.org/plugins
#
name: Releasing in the Plugins directory
on:
push:
branches:
- MOODLE_39_STABLE
paths:
- 'version.php'
jobs:
workflow_group_39_plus_release:
uses: catalyst/catalyst-moodle-workflows/.github/workflows/group-39-plus-release.yml@main
with:
plugin_name: auth_outage
disable_behat: true
secrets:
moodle_org_token: ${{ secrets.MOODLE_ORG_TOKEN }}

39
README.md
View File

@@ -1,21 +1,16 @@
[![ci](https://github.com/catalyst/moodle-auth_outage/actions/workflows/ci.yml/badge.svg?branch=MOODLE_39_STABLE)](https://github.com/catalyst/moodle-auth_outage/actions/workflows/ci.yml?branch=MOODLE_39_STABLE)
![GitHub Workflow Status (branch)](https://img.shields.io/github/actions/workflow/status/catalyst/moodle-auth_outage/ci.yml?branch=MOODLE_39_STABLE)
# Moodle Outage manager plugin
- [Moodle Outage manager plugin](#moodle-outage-manager-plugin)
- [What is this?](#what-is-this)
- [Moodle Requirements](#moodle-requirements)
- [Branches](#branches)
- [Screenshots](#screenshots)
- [Installation](#installation)
- [Theme configuration](#theme-configuration)
- [Custom Theme Additional SCSS](#custom-theme-additional-scss)
- [How to use](#how-to-use)
- [Quick Guide](#quick-guide)
- [Why it is an auth plugin?](#why-it-is-an-auth-plugin)
- [Tester restriction options](#tester-restriction-options)
- [IP restriction](#ip-restriction)
- [Access key](#access-key)
- [Feedback and issues](#feedback-and-issues)
* [Version Support](#version-support)
* [What is this?](#what-is-this)
* [Moodle Requirements](#moodle-requirements)
* [Screenshots](#screenshots)
* [Installation](#installation)
* [Theme configuration](#theme-configuration)
* [How to use](#how-to-use)
* [Quick Guide](#quick-guide)
* [Why is it an auth plugin?](#why-it-is-an-auth-plugin)
* [Feedback and issues](#feedback-and-issues)
What is this?
-------------
@@ -183,18 +178,6 @@ Why it is an auth plugin?
One of the graduated stages this plugin introduces is a 'tester only' mode which disables login for most normal users. This is conceptually similar to the maintenance mode but enables testers to login and confirm the state after an upgrade without needing full admin privileges.
Tester restriction options
------------
Two options are available to restrict the site to only let testers in during the tester phase.
Note: these restrictions build on each other; If both are enabled, users must meet both criteria to be allowed in.
## IP restriction
Only allow users from a certain IP or range of ips to enter.
## Access key
Users provide an access key in the URL params on first page load, which is then stored as a cookie for 24 hours. If the access key matches the one setup for the outage, they are allowed in.
## Using IP restriction with access key
Users will be allowed if they are from the configured allowed ips OR if they provide the correct access key.
Feedback and issues
-------------------

9
auth.php
View File

@@ -65,4 +65,13 @@ class auth_plugin_outage extends auth_plugin_base {
public function user_login($username, $password) {
return false;
}
/**
* Returns true if the plugin supports the new login flow for MFA.
*
* @return bool True
*/
public static function supports_mfa(): bool {
return true;
}
}

5
bootstrap.php
View File

@@ -13,7 +13,6 @@
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* This file should run before config.php requires '/lib/setup.php'.
*
@@ -77,15 +76,13 @@ if (!empty($_SERVER['REQUEST_URI'])) {
$url = $path.'/auth/outage/info.php';
$outageinfo = strpos($_SERVER['REQUEST_URI'], $url) === 0 ? true : false;
}
$allowed = !file_exists($CFG->dataroot.'/climaintenance.php') // Not in maintenance mode.
|| (defined('ABORT_AFTER_CONFIG') && ABORT_AFTER_CONFIG) // Only config requested.
|| (defined('CLI_SCRIPT') && CLI_SCRIPT) // Allow CLI scripts.
|| $outageinfo // Allow outage info requests.
|| (defined('NO_AUTH_OUTAGE') && NO_AUTH_OUTAGE); // Allow any page should not be blocked by maintenance mode.
if (!$allowed) {
// Call the climaintenance.php which will check for the conditions
// that have been baked into it from the frontend (ip, accesskey, etc...).
// Call the climaintenance.php which will check for allowed IPs.
$CFG->dirroot = dirname(dirname(dirname(__FILE__))); // It is not defined yet but the script below needs it.
require($CFG->dataroot.'/climaintenance.php'); // This call may terminate the script here or not.
}

10
classes/calendar/calendar.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* calendar class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\calendar;
use auth_outage\local\outage;
@@ -89,7 +98,6 @@ class calendar {
'userid' => 0,
'modulename' => '',
'instance' => $outage->id,
'component' => 'auth_outage',
'eventtype' => 'auth_outage',
'timestart' => $outage->starttime,
'visible' => true,

12
classes/dml/outagedb.php
View File

@@ -14,6 +14,18 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* outagedb class.
*
* The DB Context to manipulate Outages.
* It will also commit changes to the calendar as you change outages.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\dml;
use auth_outage\calendar\calendar;

9
classes/event/outage_created.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Toutage_created class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\event;
use core\event\base;

8
classes/event/outage_deleted.php
View File

@@ -14,6 +14,14 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* outage_deleted class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\event;
use core\event\base;

9
classes/event/outage_updated.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* outage_updated class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\event;
use core\event\base;

12
classes/form/outage/delete.php
View File

@@ -14,11 +14,23 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* delete class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\form\outage;
defined('MOODLE_INTERNAL') || die();
require_once($CFG->libdir.'/formslib.php');
defined('MOODLE_INTERNAL') || die();
/**
* delete class.
*

22
classes/form/outage/edit.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* edit class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\form\outage;
use auth_outage\local\outage;
@@ -75,14 +84,6 @@ class edit extends moodleform {
$mform->addElement('static', 'usagehints', '', get_string('textplaceholdershint', 'auth_outage'));
$mform->addElement('static', 'warningreenablemaintenancemode', '');
$mform->addElement('advcheckbox', 'useaccesskey', get_string('useaccesskey', 'auth_outage'),
get_string('useaccesskey:desc', 'auth_outage'), 0);
$mform->addElement('text', 'accesskey', get_string('accesskey', 'auth_outage'));
$mform->setType('accesskey', PARAM_TEXT);
$mform->disabledIf('accesskey', 'useaccesskey');
$mform->addHelpButton('accesskey', 'accesskey', 'auth_outage');
$this->add_action_buttons();
}
@@ -136,7 +137,6 @@ class edit extends moodleform {
'warntime' => $data->starttime - $data->warningduration,
'title' => $data->title,
'description' => $data->description['text'],
'accesskey' => $data->useaccesskey ? $data->accesskey : null,
];
return new outage($outagedata);
}
@@ -160,15 +160,13 @@ class edit extends moodleform {
'warningduration' => $outage->get_warning_duration(),
'title' => $outage->title,
'description' => ['text' => $outage->description, 'format' => '1'],
'accesskey' => $outage->accesskey,
'useaccesskey' => !empty($outage->accesskey),
]);
// If the default_autostart is configured in config, then force autostart to be the default value.
if (array_key_exists('auth_outage', $CFG->forced_plugin_settings)
&& array_key_exists('default_autostart', $CFG->forced_plugin_settings['auth_outage'])) {
$this->_form->setDefaults([
'autostart' => $CFG->forced_plugin_settings['auth_outage']['default_autostart'],
'autostart' => $CFG->forced_plugin_settings['auth_outage']['default_autostart']
]);
$mform->freeze('autostart');
}

9
classes/form/outage/finish.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* finish class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\form\outage;
use moodleform;

41
classes/hook_callbacks.php
View File

@@ -1,41 +0,0 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace auth_outage;
use auth_outage\local\outagelib;
use core\hook\output\before_standard_top_of_body_html_generation;
/**
* Hook callbacks for auth_outage.
*
* @package auth_outage
* @author Benjamin Walker (benjaminwalker@catalyst-au.net)
* @copyright 2024 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class hook_callbacks {
/**
* Inject the warning bar into the page if there is currently an outage.
*
* @param before_standard_top_of_body_html_generation $hook
*/
public static function before_standard_top_of_body_html_generation(before_standard_top_of_body_html_generation $hook): void {
// Get code to inject.
$hook->add_html(outagelib::get_inject_code());
}
}

13
classes/local/cli/cli_exception.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* cli_exception class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\local\cli;
use Exception;
@@ -76,9 +85,9 @@ class cli_exception extends Exception {
* cliexception constructor.
* @param string $message An explanation of the exception.
* @param int $code Exit code to be used.
* @param Exception|null $previous Another exception as reference or null.
* @param Exception $previous Another exception as reference or null.
*/
public function __construct($message, $code = 1, ?Exception $previous = null) {
public function __construct($message, $code = 1, Exception $previous = null) {
parent::__construct('*ERROR* '.$message, $code, $previous = null);
}
}

13
classes/local/cli/clibase.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* clibase class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\local\cli;
use auth_outage\local\outagelib;
@@ -41,10 +50,10 @@ abstract class clibase {
/**
* clibase constructor.
* @param array|null $options The parameters to use.
* @param array $options The parameters to use.
* @throws cli_exception
*/
public function __construct(?array $options = null) {
public function __construct(array $options = null) {
global $CFG;
require_once($CFG->libdir.'/clilib.php');

9
classes/local/cli/create.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* create class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\local\cli;
use auth_outage\dml\outagedb;

9
classes/local/cli/finish.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* finish class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\local\cli;
use auth_outage\dml\outagedb;

9
classes/local/cli/waitforit.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* waitforit class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\local\cli;
use auth_outage\dml\outagedb;

13
classes/local/controllers/infopage.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* infopage class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\local\controllers;
use auth_outage\dml\outagedb;
@@ -44,9 +53,9 @@ class infopage {
/**
* infopage_controller constructor.
* @param array|null $params Parameters to use or null to get from Moodle API (request).
* @param array $params Parameters to use or null to get from Moodle API (request).
*/
public function __construct(?array $params = null) {
public function __construct(array $params = null) {
global $CFG;
// Enable SVG support here to make sure all SVG files
// used in the current theme are served properly.

9
classes/local/controllers/maintenance_static_page.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* maintenance_static_page class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\local\controllers;
use auth_outage\local\outage;

9
classes/local/controllers/maintenance_static_page_generator.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* maintenance_static_page_generator class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\local\controllers;
use auth_outage\local\outagelib;

9
classes/local/controllers/maintenance_static_page_io.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* maintenance_static_page_io class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\local\controllers;
use auth_outage\local\outagelib;

14
classes/local/outage.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* outage class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\local;
use coding_exception;
@@ -108,11 +117,6 @@ class outage {
*/
public $lastmodified = null;
/**
* @var string|null access key, or null if not enabled.
*/
public $accesskey = null;
/**
* outage constructor.
* @param stdClass|array|null $data The data for the outage.

109
classes/local/outagelib.php
View File

@@ -14,10 +14,20 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* outagelib class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\local;
use auth_outage\dml\outagedb;
use auth_outage\local\controllers\maintenance_static_page;
use auth_outage\output\renderer;
use coding_exception;
use curl;
use Exception;
@@ -26,6 +36,7 @@ use invalid_parameter_exception;
use stdClass;
defined('MOODLE_INTERNAL') || die();
require_once(__DIR__.'/../../lib.php');
/**
@@ -279,95 +290,57 @@ class outagelib {
* @param int $starttime Outage start time.
* @param int $stoptime Outage stop time.
* @param string $allowedips List of IPs allowed.
* @param string|null $accesskey access key, or null if no access key set.
*
* @return string
* @throws invalid_parameter_exception
*/
public static function create_climaintenancephp_code($starttime, $stoptime, $allowedips, $accesskey = null) {
global $CFG;
public static function create_climaintenancephp_code($starttime, $stoptime, $allowedips) {
if (!is_int($starttime) || !is_int($stoptime)) {
throw new invalid_parameter_exception('Make sure $startime and $stoptime are integers.');
}
if (!is_string($allowedips) || (trim($allowedips) == '')) {
throw new invalid_parameter_exception('$allowedips must be a valid string.');
}
// I know Moodle validation would clean up this field, but just in case, let's ensure no
// single-quotes (and double for the sake of it) are present otherwise it would break the code.
$allowedips = addslashes($allowedips);
$cookiesecure = is_moodle_cookie_secure();
// Since Moodle 4.3 cookiehttponly is default to true and this CFG is not set.
// so if not set, default to true.
$cookiehttponly = isset($CFG->cookiehttponly) ? (bool) $CFG->cookiehttponly : true;
$code = <<<'EOT'
<?php
if ((time() >= {{STARTTIME}}) && (time() < {{STOPTIME}})) {
if (!defined('MOODLE_INTERNAL')) {
define('MOODLE_INTERNAL', true);
}
define('MOODLE_INTERNAL', true);
require_once($CFG->dirroot.'/lib/moodlelib.php');
if (file_exists($CFG->dirroot.'/lib/classes/ip_utils.php')) {
require_once($CFG->dirroot.'/lib/classes/ip_utils.php');
}
// Put access key as a cookie if given. This stops the need to put it as a url param on every request.
$urlaccesskey = optional_param('accesskey', null, PARAM_TEXT);
$isphpunit = defined('PHPUNIT_TEST');
if (!empty($urlaccesskey) && !$isphpunit) {
setcookie('auth_outage_accesskey', $urlaccesskey, time() + 86400, '/', '', {{COOKIESECURE}}, {{COOKIEHTTPONLY}});
}
// Use url access key if given, else the cookie, else null.
$useraccesskey = $urlaccesskey ?: $_COOKIE['auth_outage_accesskey'] ?? null;
$ipblocked = !remoteip_in_list('{{ALLOWEDIPS}}');
$accesskeyblocked = $useraccesskey != '{{ACCESSKEY}}';
$allowed = ({{USEACCESSKEY}} && !$accesskeyblocked) || ({{USEALLOWEDIPS}} && !$ipblocked);
if (!$allowed) {
if (!$isphpunit) {
header($_SERVER['SERVER_PROTOCOL'] . ' 503 Moodle under maintenance');
header('Status: 503 Moodle under maintenance');
header('Retry-After: 300');
header('Content-type: text/html; charset=utf-8');
header('X-UA-Compatible: IE=edge');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
header('Expires: Mon, 20 Aug 1969 09:23:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Accept-Ranges: none');
header('X-Moodle-Maintenance: manager');
}
if (!$isphpunit && ((defined('AJAX_SCRIPT') && AJAX_SCRIPT) || (defined('WS_SERVER') && WS_SERVER))) {
if (!remoteip_in_list('{{ALLOWEDIPS}}')) {
header($_SERVER['SERVER_PROTOCOL'] . ' 503 Moodle under maintenance');
header('Status: 503 Moodle under maintenance');
header('Retry-After: 300');
header('Content-type: text/html; charset=utf-8');
header('X-UA-Compatible: IE=edge');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
header('Expires: Mon, 20 Aug 1969 09:23:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Accept-Ranges: none');
header('X-Moodle-Maintenance: manager');
if ((defined('AJAX_SCRIPT') && AJAX_SCRIPT) || (defined('WS_SERVER') && WS_SERVER)) {
exit(0);
}
if ({{USEALLOWEDIPS}} && $ipblocked) {
echo '<!-- Blocked by ip, your ip: '.getremoteaddr('n/a').' -->';
}
if ({{USEACCESSKEY}} && $accesskeyblocked) {
echo '<!-- Blocked by missing or incorrect access key, access key given: '. $useraccesskey .' -->';
}
if (!$isphpunit) {
if (file_exists($CFG->dataroot.'/climaintenance.template.html')) {
require($CFG->dataroot.'/climaintenance.template.html');
exit(0);
}
// The file above should always exist, but just in case...
die('We are currently under maintentance, please try again later.');
echo '<!-- Blocked by ip, your ip: '.getremoteaddr('n/a').' -->';
if (file_exists($CFG->dataroot.'/climaintenance.template.html')) {
require($CFG->dataroot.'/climaintenance.template.html');
exit(0);
}
// The file above should always exist, but just in case...
die('We are currently under maintentance, please try again later.');
}
}
EOT;
$search = ['{{STARTTIME}}', '{{STOPTIME}}', '{{USEALLOWEDIPS}}', '{{ALLOWEDIPS}}', '{{USEACCESSKEY}}', '{{ACCESSKEY}}',
'{{YOURIP}}', '{{COOKIESECURE}}', '{{COOKIEHTTPONLY}}'];
// Note that var_export is required because (string) false == '', not 'false'.
$replace = [$starttime, $stoptime, var_export(!empty($allowedips), true), $allowedips, var_export(!empty($accesskey), true),
$accesskey, getremoteaddr('n/a'), var_export($cookiesecure, true), var_export($cookiehttponly, true)];
$search = ['{{STARTTIME}}', '{{STOPTIME}}', '{{ALLOWEDIPS}}', '{{YOURIP}}'];
$replace = [$starttime, $stoptime, $allowedips, getremoteaddr('n/a')];
return str_replace($search, $replace, $code);
}
@@ -389,15 +362,13 @@ EOT;
$config = self::get_config();
$allowedips = trim($config->allowedips);
$accesskey = $outage->accesskey ?? null;
// If no outage, or allowed ips is null and access key is null (i.e. no blocking required).
if (is_null($outage) || ($allowedips == '' && empty($accesskey))) {
if (is_null($outage) || ($allowedips == '')) {
if (file_exists($file)) {
unlink($file);
}
} else {
$code = self::create_climaintenancephp_code($outage->starttime, $outage->stoptime, $allowedips, $accesskey);
$code = self::create_climaintenancephp_code($outage->starttime, $outage->stoptime, $allowedips);
$dir = dirname($file);
if (!file_exists($dir) || !is_dir($dir)) {

42
classes/output/manage/base_table.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* base_table class.
*
* @package auth_outage
* @author Daniel Thee Roperto <danielroperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\output\manage;
use auth_outage\local\outage;
@@ -22,6 +31,7 @@ use html_writer;
use moodle_url;
defined('MOODLE_INTERNAL') || die();
require_once($CFG->libdir.'/tablelib.php');
/**
@@ -77,7 +87,12 @@ class base_table extends flexible_table {
// View button.
$buttons .= html_writer::link(
new moodle_url('/auth/outage/info.php', ['id' => $outage->id]),
$OUTPUT->pix_icon('t/preview', get_string('view'), 'moodle', array('class' => 'iconsmall')),
html_writer::empty_tag('img', [
'src' => $OUTPUT->image_url('t/preview'),
'alt' => get_string('view'),
'class' => 'iconsmall',
]),
[
'title' => get_string('view'),
'target' => '_blank',
@@ -88,7 +103,11 @@ class base_table extends flexible_table {
if ($editdelete) {
$buttons .= html_writer::link(
new moodle_url('/auth/outage/edit.php', ['edit' => $outage->id]),
$OUTPUT->pix_icon('t/edit', get_string('edit'), 'moodle', array('class' => 'iconsmall')),
html_writer::empty_tag('img', [
'src' => $OUTPUT->image_url('t/edit'),
'alt' => get_string('edit'),
'class' => 'iconsmall',
]),
['title' => get_string('edit')]
);
}
@@ -96,7 +115,12 @@ class base_table extends flexible_table {
// Clone button.
$buttons .= html_writer::link(
new moodle_url('/auth/outage/edit.php', ['clone' => $outage->id]),
$OUTPUT->pix_icon('t/copy', get_string('clone', 'auth_outage'), 'moodle', array('class' => 'iconsmall')),
html_writer::empty_tag('img', [
'src' => $OUTPUT->image_url('t/copy'),
'alt' => get_string('clone', 'auth_outage'),
'class' => 'iconsmall',
]),
['title' => get_string('clone', 'auth_outage')]
);
@@ -104,7 +128,11 @@ class base_table extends flexible_table {
if ($outage->is_ongoing()) {
$buttons .= html_writer::link(
new moodle_url('/auth/outage/finish.php', ['id' => $outage->id]),
$OUTPUT->pix_icon('t/check', get_string('finish', 'auth_outage'), 'moodle', array('class' => 'iconsmall')),
html_writer::empty_tag('img', [
'src' => $OUTPUT->image_url('t/check'),
'alt' => get_string('finish', 'auth_outage'),
'class' => 'iconsmall',
]),
['title' => get_string('finish', 'auth_outage')]
);
}
@@ -113,7 +141,11 @@ class base_table extends flexible_table {
if ($editdelete) {
$buttons .= html_writer::link(
new moodle_url('/auth/outage/delete.php', ['id' => $outage->id]),
$OUTPUT->pix_icon('t/delete', get_string('delete'), 'moodle', array('class' => 'iconsmall')),
html_writer::empty_tag('img', [
'src' => $OUTPUT->image_url('t/delete'),
'alt' => get_string('delete'),
'class' => 'iconsmall',
]),
['title' => get_string('delete')]
);
}

10
classes/output/manage/history_table.php
View File

@@ -14,11 +14,21 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* history_table class.
*
* @package auth_outage
* @author Daniel Thee Roperto <danielroperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\output\manage;
use auth_outage\local\outage;
defined('MOODLE_INTERNAL') || die();
require_once($CFG->libdir.'/tablelib.php');
/**

12
classes/output/manage/planned_table.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* planned_table class.
*
* @package auth_outage
* @author Daniel Thee Roperto <danielroperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\output\manage;
use auth_outage\local\outage;
@@ -21,6 +30,7 @@ use html_writer;
use moodle_url;
defined('MOODLE_INTERNAL') || die();
require_once($CFG->libdir.'/tablelib.php');
/**
@@ -58,7 +68,7 @@ class planned_table extends base_table {
public function show_data(array $outages) {
foreach ($outages as $outage) {
$title = html_writer::link(
new moodle_url('/auth/outage/edit.php', ['edit' => $outage->id]),
new moodle_url('/auth/outage/edit.php', ['id' => $outage->id]),
$outage->get_title(),
['title' => get_string('edit')]
);

9
classes/output/renderer.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* auth_outage_renderer class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\output;
use auth_outage\local\outage;

14
classes/privacy/provider.php
View File

@@ -13,9 +13,6 @@
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace auth_outage\privacy;
/**
* Privacy Subsystem implementation for auth_outage.
*
@@ -23,6 +20,15 @@ namespace auth_outage\privacy;
* @copyright 2018 Olivier SECRET <olivier.secret@catalyst-au.net>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\privacy;
/**
* Privacy provider for the authentication manual.
*
* @copyright 2018 Carlos Escobedo <carlos@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class provider implements
\core_privacy\local\metadata\null_provider {
@@ -35,7 +41,7 @@ class provider implements
*
* @return string
*/
public static function get_reason(): string {
public static function get_reason() : string {
return 'privacy:no_data_reason';
}

10
classes/task/update_static_page.php
View File

@@ -14,8 +14,18 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* update_static_page class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\task;
use auth_outage\local\controllers\infopage;
use auth_outage\local\outagelib;
use core\task\scheduled_task;

8
db/access.php
View File

@@ -26,12 +26,12 @@
defined('MOODLE_INTERNAL') || die();
$capabilities = [
'auth/outage:viewinfo' => [
'auth/outage:viewinfo' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_SYSTEM,
'archetypes' => [
'archetypes' => array(
'guest' => CAP_ALLOW,
'user' => CAP_ALLOW,
],
],
)
),
];

34
db/hooks.php
View File

@@ -1,34 +0,0 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Hook callbacks for auth_outage
*
* @package auth_outage
* @author Benjamin Walker (benjaminwalker@catalyst-au.net)
* @copyright 2024 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
$callbacks = [
[
'hook' => \core\hook\output\before_standard_top_of_body_html_generation::class,
'callback' => '\auth_outage\hook_callbacks::before_standard_top_of_body_html_generation',
'priority' => 0,
],
];

1
db/install.xml
View File

@@ -17,7 +17,6 @@
<FIELD NAME="modifiedby" TYPE="int" LENGTH="10" NOTNULL="true" SEQUENCE="false" COMMENT="Who last modified this entry."/>
<FIELD NAME="lastmodified" TYPE="int" LENGTH="10" NOTNULL="true" SEQUENCE="false" COMMENT="When was this entry last modified."/>
<FIELD NAME="finished" TYPE="int" LENGTH="10" NOTNULL="false" SEQUENCE="false" COMMENT="Timestamp of when the outage really finished."/>
<FIELD NAME="accesskey" TYPE="char" LENGTH="16" NOTNULL="false" SEQUENCE="false" COMMENT="Unique key used to access during outage"/>
</FIELDS>
<KEYS>
<KEY NAME="primary" TYPE="primary" FIELDS="id"/>

15
db/upgrade.php
View File

@@ -47,20 +47,5 @@ function xmldb_auth_outage_upgrade($oldversion) {
upgrade_plugin_savepoint(true, 2016092200, 'auth', 'outage');
}
if ($oldversion < 2024081900) {
// Define field accesskey to be added to auth_outage.
$table = new xmldb_table('auth_outage');
$field = new xmldb_field('accesskey', XMLDB_TYPE_CHAR, '16', null, null, null, null, 'finished');
// Conditionally launch add field accesskey.
if (!$dbman->field_exists($table, $field)) {
$dbman->add_field($table, $field);
}
// Outage savepoint reached.
upgrade_plugin_savepoint(true, 2024081900, 'auth', 'outage');
}
return true;
}

12
lang/en/auth_outage.php
View File

@@ -89,7 +89,7 @@ $string['defaulttitledescription'] = 'Default title for outages. Use {{start}} a
$string['defaulttitlevalue'] = 'System down from {{start}} for {{duration}}';
$string['defaultdescription'] = 'Description';
$string['defaultdescriptiondescription'] = 'Default warning message for outages. Use {{start}} and {{stop}} placeholders as required.';
$string['defaultdescriptionvalue'] = 'There is maintenance scheduled from {{start}} to {{stop}} and our system will not be available during that time.';
$string['defaultdescriptionvalue'] = 'There is an scheduled maintenance from {{start}} to {{stop}} and our system will not be available during that time.';
$string['description'] = 'Public Description';
$string['description_help'] = 'A full description of the outage, publicly visible by all users.';
$string['finish'] = 'Finish';
@@ -103,9 +103,9 @@ $string['infostartofwarning'] = 'start of warning';
$string['infostaticpage'] = 'static page';
$string['infopagestaticgenerated'] = 'This warning was generated on {$a->time}.';
$string['ips_combine'] = 'The IPs listed above will be combined with the IPs listed below.';
$string['allowedipsempty'] = 'No one will be blocked by IP because the list is empty. You can add your own IP address (<i>{$a->ip}</i>) and block all other IPs. IP blocking is in addition to access key blocking (if setup in outage)';
$string['allowedipshasmyip'] = 'Your IP (<i>{$a->ip}</i>) is in the list and your IP will not be blocked out during an Outage.';
$string['allowedipshasntmyip'] = 'Your IP (<i>{$a->ip}</i>) is not in the list and your IP will be blocked out during an outage.';
$string['allowedipsempty'] = 'When the allowed IPs list is empty we will not block anyone. You can add your own IP address (<i>{$a->ip}</i>) and block all other IPs.';
$string['allowedipshasmyip'] = 'Your IP (<i>{$a->ip}</i>) is in the list and you will not be blocked out during an Outage.';
$string['allowedipshasntmyip'] = 'Your IP (<i>{$a->ip}</i>) is not in the list and you will be blocked out during an outage.';
$string['allowedipsnoconfig'] = 'Your config.php does not have the extra setup to allow blocking via IP.<br />Please refer to our <a href="https://github.com/catalyst/moodle-auth_outage#installation" target="_blank">README.md</a> file for more information.';
$string['logformaintmodeconfig'] = 'Update maintenance mode configuration.';
$string['logformaintmodeconfigcomplete'] = 'Updating maintenance mode configuration complete.';
@@ -162,10 +162,6 @@ $string['warningdurationerrorinvalid'] = 'Warning duration must be positive.';
$string['warningduration'] = 'Warning duration';
$string['warningduration_help'] = 'How long before the start of the outage should the warning be displayed.';
$string['warningreenablemaintenancemode'] = 'Please note that saving this outage will re-enable maintenance mode.<br />Untick "Auto start maintenance mode" if you want to prevent this.';
$string['accesskey'] = 'Access key';
$string['accesskey_help'] = 'Testers should pass the access key initially in the url parameters e.g. ?accesskey=xyz. This will then be stored in a cookie for 24 hours, during which the url parameter will not be necessary.<br /><b>Note:</b> the access key is in addition to any IP restrictions setup.';
$string['useaccesskey'] = 'Use access key';
$string['useaccesskey:desc'] = 'Require testers to access site during outage by providing the access key below';
/*
* Privacy provider (GDPR)

14
lib.php
View File

@@ -66,10 +66,18 @@ function auth_outage_get_climaintenance_resource_file($file) {
}
/**
* Inject the warning bar into the page if there is currently an outage.
* Display required icon for the calendar events.
*
* This is a legacy callback that is used for compatibility with older Moodle versions.
* Moodle 4.4+ will use auth_outage\hook_callbacks::before_standard_top_of_body_html_generation instead.
* @return array
*/
function auth_outage_get_fontawesome_icon_map() {
return [
'core:i/auth_outageevent' => 'fa-power-off',
];
}
/**
* Inject the warning bar into the page if there is currently an outage.
*
* @return string|void
*/

BIN
pix/auth_outage.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 343 B

1
pix/auth_outage.svg
View File

@@ -1 +0,0 @@
<svg xmlns="http://www.w3.org/2000/svg" height="16" width="16" viewBox="0 0 512 512" preserveAspectRatio="xMinYMid meet"><!--!Font Awesome Free 6.5.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free Copyright 2024 Fonticons, Inc.--><path d="M288 32c0-17.7-14.3-32-32-32s-32 14.3-32 32V256c0 17.7 14.3 32 32 32s32-14.3 32-32V32zM143.5 120.6c13.6-11.3 15.4-31.5 4.1-45.1s-31.5-15.4-45.1-4.1C49.7 115.4 16 181.8 16 256c0 132.5 107.5 240 240 240s240-107.5 240-240c0-74.2-33.8-140.6-86.6-184.6c-13.6-11.3-33.8-9.4-45.1 4.1s-9.4 33.8 4.1 45.1c38.9 32.3 63.5 81 63.5 135.4c0 97.2-78.8 176-176 176s-176-78.8-176-176c0-54.4 24.7-103.1 63.5-135.4z"/></svg>
Side by Side

Before

Width:  |  Height:  |  Size: 686 B

21
tests/base_testcase.php
View File

@@ -14,11 +14,6 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace auth_outage;
use auth_outage\dml\outagedb;
use auth_outage\local\outage;
/**
* Base testcase for auth outage tests.
*
@@ -35,6 +30,20 @@ use auth_outage\local\outage;
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage;
use auth_outage\dml\outagedb;
use auth_outage\local\outage;
/**
* base_testcase class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
abstract class base_testcase extends \advanced_testcase {
/**
* Checks PHPUnit version and calls the functions accordingly.
@@ -63,7 +72,7 @@ abstract class base_testcase extends \advanced_testcase {
protected function revoke_info_page_permissions() {
global $DB;
$guestrole = $DB->get_record('role', ['shortname' => 'guest']);
$guestrole = $DB->get_record('role', array('shortname' => 'guest'));
role_change_permission($guestrole->id, \context_system::instance(), 'auth/outage:viewinfo', CAP_PREVENT);
$this->setGuestUser();

9
tests/lib_test.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* tests for lib.php
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2017 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage;
defined('MOODLE_INTERNAL') || die();

35
tests/local/controllers/maintenance_static_page_test.php
View File

@@ -98,7 +98,7 @@ class maintenance_static_page_test extends \auth_outage\base_testcase {
* Test remove script tags.
*/
public function test_updatelinkstylesheet() {
$localcsslink = $this->get_fixture_path_location('simple.css');
$localcsslink = $this->get_fixture_path('simple.css');
$externalcsslink = 'http://google.com/coolstuff.css';
$html = "<!DOCTYPE html>\n".
'<html><head><link href="'.$localcsslink.'" rel="stylesheet" /><title>Title</title></head>'.
@@ -114,7 +114,7 @@ class maintenance_static_page_test extends \auth_outage\base_testcase {
* Test update link style sheet urls.
*/
public function test_updatelinkstylesheet_urls() {
$localcsslink = $this->get_fixture_path_location('withurls.css');
$localcsslink = $this->get_fixture_path('withurls.css');
$html = "<!DOCTYPE html>\n".
'<html><head><link href="'.$localcsslink.'" rel="stylesheet" /><title>Title</title></head>'.
'<body>Content</body></html>';
@@ -132,7 +132,7 @@ class maintenance_static_page_test extends \auth_outage\base_testcase {
* Test update link style sheet urls quoted.
*/
public function test_updatelinkstylesheet_urls_quoted() {
$localcsslink = $this->get_fixture_path_location('withurls-quoted.css');
$localcsslink = $this->get_fixture_path('withurls-quoted.css');
$html = "<!DOCTYPE html>\n".
'<html><head><link href="'.$localcsslink.'" rel="stylesheet" /><title>Title</title></head>'.
'<body>Content</body></html>';
@@ -150,7 +150,7 @@ class maintenance_static_page_test extends \auth_outage\base_testcase {
* Test update link style sheet urls with sub dir.
*/
public function test_updatelinkstylesheet_urls_subdir() {
$localcsslink = $this->get_fixture_path_location('subdir/withurls-subdir.css');
$localcsslink = $this->get_fixture_path('subdir/withurls-subdir.css');
$html = "<!DOCTYPE html>\n".
'<html><head><link href="'.$localcsslink.'" rel="stylesheet" /><title>Title</title></head>'.
'<body>Content</body></html>';
@@ -168,7 +168,7 @@ class maintenance_static_page_test extends \auth_outage\base_testcase {
* Test update images to file.php style link.
*/
public function test_updateimages() {
$localimglink = $this->get_fixture_path_location('catalyst.png');
$localimglink = $this->get_fixture_path('catalyst.png');
$externalimglink = 'http://google.com/coolstyle.css';
$html = "<!DOCTYPE html>\n".
'<html><head><title>Title</title></head>'.
@@ -184,7 +184,7 @@ class maintenance_static_page_test extends \auth_outage\base_testcase {
* Test update favicon to file.php style link.
*/
public function test_updatelinkfavicon() {
$link = $this->get_fixture_path_location('catalyst.png');
$link = $this->get_fixture_path('catalyst.png');
$html = "<!DOCTYPE html>\n".
'<html><head><title>Title</title><link rel="shortcut icon" href="'.$link.'""></head>'.
'<body>Content</body></html>';
@@ -199,27 +199,26 @@ class maintenance_static_page_test extends \auth_outage\base_testcase {
* Data provider for test_update_inline_background_images
* @return array
*/
public static function update_inline_background_images_provider(): array {
public function test_update_inline_background_images_provider() {
return [
// Empty string.
["", false],
// URLs that should be retrieved.
["color: #FF00FF; background: lightblue url(/pluginfile.php/1/theme_custom/banner/251298630/0001.png) no-repeat", true],
["background: lightblue
url(https://www.example.com/moodle/pluginfile.php/1/theme_custom/banner/251298630/0001.png) no-repeat", true],
["background: lightblue url(https://www.example.com/moodle/pluginfile.php/1/theme_custom/banner/251298630/0001.png) no-repeat", true],
["background:url('https://www.example.com/moodle/pluginfile.php/1/theme_custom/banner/251298630/0001.png')", true],
["background-image : url( /pix/help.png);", true],
["background-image: url ('/pix/help.png')", true],
// URLs that should not be retrieved.
["background-image:url(data:image/gif;base64,R0lGODlhYADIAP=)", false],
["background-image:url('data:image/gif;base64,R0lGODlhYADIAP=')", false],
["background-image:url('data:image/gif;base64,R0lGODlhYADIAP=')", false]
];
}
/**
* Tests update_inline_background_images() method to update the background images.
*
* @dataProvider update_inline_background_images_provider
* @dataProvider test_update_inline_background_images_provider
* @param string $stylecontent Content of the style to test
* @param bool $rewrite Flag if URL should be rewritten
* @throws coding_exception
@@ -253,7 +252,7 @@ class maintenance_static_page_test extends \auth_outage\base_testcase {
* Test update preview path to file.php style link.
*/
public function test_previewpath() {
$link = $this->get_fixture_path_location('catalyst.png');
$link = $this->get_fixture_path('catalyst.png');
$html = "<!DOCTYPE html>\n".
'<html><head><title>Title</title><link rel="shortcut icon" href="'.$link.'""></head>'.
'<body>Content</body></html>';
@@ -313,7 +312,7 @@ class maintenance_static_page_test extends \auth_outage\base_testcase {
public function test_createdfile() {
global $CFG;
$link = $this->get_fixture_path_location('catalyst.png');
$link = $this->get_fixture_path('catalyst.png');
$html = "<!DOCTYPE html>\n".
'<html><head><title>Title</title></head>'.
'<body>Content<img src="'.$link.'" /></body></html>';
@@ -337,7 +336,7 @@ class maintenance_static_page_test extends \auth_outage\base_testcase {
*
* @return string
*/
private function get_fixture_path_location($file) {
private function get_fixture_path($file) {
return (string)new \moodle_url('/auth/outage/tests/local/controllers/fixtures/'.$file);
}
@@ -373,14 +372,14 @@ class maintenance_static_page_test extends \auth_outage\base_testcase {
/**
* Return array of url data provider and true or false.
*/
public static function is_url_dataprovider(): array {
public function is_url_dataprovider() {
return [
[true, 'http://catalyst.net.nz'],
[true, 'https://www.catalyst-au.net/'],
[false, '/homepage'],
[false, 'file://homepage'],
[true, '//catalyst-au.net/img/test.jpg'],
[false, '://www.catalyst-au.net/img/test.jpg'],
[false, '://www.catalyst-au.net/img/test.jpg']
];
}
@@ -561,7 +560,7 @@ class maintenance_static_page_test extends \auth_outage\base_testcase {
* Data provider for test_get_urls_from_stylesheet
* @return array
*/
public static function get_urls_from_stylesheet_provider(): array {
public function test_get_urls_from_stylesheet_provider() {
return [
// Empty string.
["", 0],
@@ -583,7 +582,7 @@ class maintenance_static_page_test extends \auth_outage\base_testcase {
/**
* Tests get_urls_from_stylesheet() method to get all appropriate URLS from the file.
*
* @dataProvider get_urls_from_stylesheet_provider
* @dataProvider test_get_urls_from_stylesheet_provider
* @param string $filecontent Content of the file
* @param int $count Expected quantity of found URLs
* @throws coding_exception

9
tests/local/outage_test.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* outage_test test class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\local;
defined('MOODLE_INTERNAL') || die();

319
tests/local/outagelib_test.php
View File

@@ -14,6 +14,15 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* outagelib_test test class.
*
* @package auth_outage
* @author Daniel Thee Roperto <daniel.roperto@catalyst-au.net>
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_outage\local;
use auth_outage\dml\outagedb;
@@ -308,76 +317,43 @@ class outagelib_test extends \auth_outage\base_testcase {
* Test create maintenance php code
*/
public function test_createmaintenancephpcode() {
global $CFG;
$CFG->cookiehttponly = false;
$expected = <<<'EOT'
<?php
if ((time() >= 123) && (time() < 456)) {
if (!defined('MOODLE_INTERNAL')) {
define('MOODLE_INTERNAL', true);
}
define('MOODLE_INTERNAL', true);
require_once($CFG->dirroot.'/lib/moodlelib.php');
if (file_exists($CFG->dirroot.'/lib/classes/ip_utils.php')) {
require_once($CFG->dirroot.'/lib/classes/ip_utils.php');
}
// Put access key as a cookie if given. This stops the need to put it as a url param on every request.
$urlaccesskey = optional_param('accesskey', null, PARAM_TEXT);
$isphpunit = defined('PHPUNIT_TEST');
if (!empty($urlaccesskey) && !$isphpunit) {
setcookie('auth_outage_accesskey', $urlaccesskey, time() + 86400, '/', '', true, false);
}
// Use url access key if given, else the cookie, else null.
$useraccesskey = $urlaccesskey ?: $_COOKIE['auth_outage_accesskey'] ?? null;
$ipblocked = !remoteip_in_list('hey\'\"you
if (!remoteip_in_list('hey\'\"you
a.b.c.d
e.e.e.e/20');
$accesskeyblocked = $useraccesskey != '12345';
$allowed = (true && !$accesskeyblocked) || (true && !$ipblocked);
if (!$allowed) {
if (!$isphpunit) {
header($_SERVER['SERVER_PROTOCOL'] . ' 503 Moodle under maintenance');
header('Status: 503 Moodle under maintenance');
header('Retry-After: 300');
header('Content-type: text/html; charset=utf-8');
header('X-UA-Compatible: IE=edge');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
header('Expires: Mon, 20 Aug 1969 09:23:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Accept-Ranges: none');
header('X-Moodle-Maintenance: manager');
}
if (!$isphpunit && ((defined('AJAX_SCRIPT') && AJAX_SCRIPT) || (defined('WS_SERVER') && WS_SERVER))) {
e.e.e.e/20')) {
header($_SERVER['SERVER_PROTOCOL'] . ' 503 Moodle under maintenance');
header('Status: 503 Moodle under maintenance');
header('Retry-After: 300');
header('Content-type: text/html; charset=utf-8');
header('X-UA-Compatible: IE=edge');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
header('Expires: Mon, 20 Aug 1969 09:23:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Accept-Ranges: none');
header('X-Moodle-Maintenance: manager');
if ((defined('AJAX_SCRIPT') && AJAX_SCRIPT) || (defined('WS_SERVER') && WS_SERVER)) {
exit(0);
}
if (true && $ipblocked) {
echo '<!-- Blocked by ip, your ip: '.getremoteaddr('n/a').' -->';
}
if (true && $accesskeyblocked) {
echo '<!-- Blocked by missing or incorrect access key, access key given: '. $useraccesskey .' -->';
}
if (!$isphpunit) {
if (file_exists($CFG->dataroot.'/climaintenance.template.html')) {
require($CFG->dataroot.'/climaintenance.template.html');
exit(0);
}
// The file above should always exist, but just in case...
die('We are currently under maintentance, please try again later.');
echo '<!-- Blocked by ip, your ip: '.getremoteaddr('n/a').' -->';
if (file_exists($CFG->dataroot.'/climaintenance.template.html')) {
require($CFG->dataroot.'/climaintenance.template.html');
exit(0);
}
// The file above should always exist, but just in case...
die('We are currently under maintentance, please try again later.');
}
}
EOT;
$found = outagelib::create_climaintenancephp_code(123, 456, "hey'\"you\na.b.c.d\ne.e.e.e/20", '12345');
$found = outagelib::create_climaintenancephp_code(123, 456, "hey'\"you\na.b.c.d\ne.e.e.e/20");
self::assertSame($expected, $found);
}
@@ -385,81 +361,49 @@ EOT;
* Test create maintenance php code without age
*
* @param string $configkey The key of the config.
* @dataProvider createmaintenancephpcode_withoutage_provider
* @dataProvider test_createmaintenancephpcode_withoutage_provider
*/
public function test_createmaintenancephpcode_withoutage($configkey) {
global $CFG;
$this->resetAfterTest(true);
$CFG->cookiehttponly = false;
$expected = <<<'EOT'
<?php
if ((time() >= 123) && (time() < 456)) {
if (!defined('MOODLE_INTERNAL')) {
define('MOODLE_INTERNAL', true);
}
define('MOODLE_INTERNAL', true);
require_once($CFG->dirroot.'/lib/moodlelib.php');
if (file_exists($CFG->dirroot.'/lib/classes/ip_utils.php')) {
require_once($CFG->dirroot.'/lib/classes/ip_utils.php');
}
// Put access key as a cookie if given. This stops the need to put it as a url param on every request.
$urlaccesskey = optional_param('accesskey', null, PARAM_TEXT);
$isphpunit = defined('PHPUNIT_TEST');
if (!empty($urlaccesskey) && !$isphpunit) {
setcookie('auth_outage_accesskey', $urlaccesskey, time() + 86400, '/', '', true, false);
}
// Use url access key if given, else the cookie, else null.
$useraccesskey = $urlaccesskey ?: $_COOKIE['auth_outage_accesskey'] ?? null;
$ipblocked = !remoteip_in_list('127.0.0.1');
$accesskeyblocked = $useraccesskey != '5678';
$allowed = (true && !$accesskeyblocked) || (true && !$ipblocked);
if (!$allowed) {
if (!$isphpunit) {
header($_SERVER['SERVER_PROTOCOL'] . ' 503 Moodle under maintenance');
header('Status: 503 Moodle under maintenance');
header('Retry-After: 300');
header('Content-type: text/html; charset=utf-8');
header('X-UA-Compatible: IE=edge');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
header('Expires: Mon, 20 Aug 1969 09:23:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Accept-Ranges: none');
header('X-Moodle-Maintenance: manager');
}
if (!$isphpunit && ((defined('AJAX_SCRIPT') && AJAX_SCRIPT) || (defined('WS_SERVER') && WS_SERVER))) {
if (!remoteip_in_list('127.0.0.1')) {
header($_SERVER['SERVER_PROTOCOL'] . ' 503 Moodle under maintenance');
header('Status: 503 Moodle under maintenance');
header('Retry-After: 300');
header('Content-type: text/html; charset=utf-8');
header('X-UA-Compatible: IE=edge');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
header('Expires: Mon, 20 Aug 1969 09:23:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Accept-Ranges: none');
header('X-Moodle-Maintenance: manager');
if ((defined('AJAX_SCRIPT') && AJAX_SCRIPT) || (defined('WS_SERVER') && WS_SERVER)) {
exit(0);
}
if (true && $ipblocked) {
echo '<!-- Blocked by ip, your ip: '.getremoteaddr('n/a').' -->';
}
if (true && $accesskeyblocked) {
echo '<!-- Blocked by missing or incorrect access key, access key given: '. $useraccesskey .' -->';
}
if (!$isphpunit) {
if (file_exists($CFG->dataroot.'/climaintenance.template.html')) {
require($CFG->dataroot.'/climaintenance.template.html');
exit(0);
}
// The file above should always exist, but just in case...
die('We are currently under maintentance, please try again later.');
echo '<!-- Blocked by ip, your ip: '.getremoteaddr('n/a').' -->';
if (file_exists($CFG->dataroot.'/climaintenance.template.html')) {
require($CFG->dataroot.'/climaintenance.template.html');
exit(0);
}
// The file above should always exist, but just in case...
die('We are currently under maintentance, please try again later.');
}
}
EOT;
$outage = new outage([
'starttime' => 123,
'stoptime' => 456,
'accesskey' => '5678',
]);
$file = $CFG->dataroot.'/climaintenance.php';
set_config($configkey, '127.0.0.1', 'auth_outage');
@@ -470,25 +414,20 @@ EOT;
self::assertSame($found, $expected);
}
/**
* Provides values to test_createmaintenancephpcode_withoutage
* @return array
*/
public static function createmaintenancephpcode_withoutage_provider(): array {
public function test_createmaintenancephpcode_withoutage_provider(): array {
return [['allowedips'], ['allowedips_forced']];
}
/**
* Test create maintenance php code without IPs or accesskey
* Test create maintenance php code without IPs
*/
public function test_createmaintenancephpcode_withoutips_or_accesskey() {
public function test_createmaintenancephpcode_withoutips() {
global $CFG;
$this->resetAfterTest(true);
$outage = new outage([
'starttime' => 123,
'stoptime' => 456,
'accesskey' => null,
]);
$file = $CFG->dataroot.'/climaintenance.php';
set_config('allowedips', '', 'auth_outage');
@@ -657,148 +596,4 @@ EOT;
\core\session\manager::gc(); // Remove stale sessions.
\core_plugin_manager::reset_caches();
}
/**
* Provides values to test_evaluation_maintenancepage
* @return array
*/
public static function evaluation_maintenancepage_provider(): array {
$blockedipout = '<!-- Blocked by ip, your ip:';
$blockedaccesskeyout = '<!-- Blocked by missing or incorrect access key, access key given:';
return [
// IP set up, access key not set up.
'ip allowed, no access key setup' => [
'allowedips' => '127.0.0.1',
'iptouse' => '127.0.0.1',
'accesskey' => null,
'accesskeytouse' => null,
'expectedoutputs' => [],
],
'ip not allowed, no access key setup' => [
'allowedips' => '5.5.5.5',
'iptouse' => '127.0.0.1',
'accesskey' => null,
'accesskeytouse' => null,
'expectedoutputs' => [$blockedipout],
],
// IP not set up, access key set up.
'access key incorrect, no ip setup' => [
'allowedips' => null,
'iptouse' => null,
'accesskey' => '12345',
'accesskeytouse' => 'wrong',
'expectedoutputs' => [$blockedaccesskeyout],
],
'access key correct, no ip setup' => [
'allowedips' => null,
'iptouse' => null,
'accesskey' => '12345',
'accesskeytouse' => '12345',
'expectedoutputs' => [],
],
// Both IP and access key set up.
'access key incorrect, ip incorrect' => [
'allowedips' => '127.0.0.1',
'iptouse' => '5.5.5.5',
'accesskey' => '12345',
'accesskeytouse' => 'wrong',
'expectedoutputs' => [$blockedipout, $blockedaccesskeyout],
],
'access key correct, ip incorrect' => [
'allowedips' => '127.0.0.1',
'iptouse' => '5.5.5.5',
'accesskey' => '12345',
'accesskeytouse' => '12345',
'expectedoutputs' => [],
],
'access key incorrect, ip correct' => [
'allowedips' => '127.0.0.1',
'iptouse' => '127.0.0.1',
'accesskey' => '12345',
'accesskeytouse' => 'wrong',
'expectedoutputs' => [],
],
'access key correct, ip correct' => [
'allowedips' => '127.0.0.1',
'iptouse' => '127.0.0.1',
'accesskey' => '12345',
'accesskeytouse' => '12345',
'expectedoutputs' => [],
],
];
}
/**
* Tests the evaluation logic of the generated maintenance page.
*
* @param string|null $allowedips config to set as allowed ips - null to not set
* @param string|null $iptouse ip to 'fake' as the remote ip, or null to not set.
* @param string|null $accesskey config to set as the access key in the outage - null to not set
* @param string|null $accesskeytouse access key to pass in as fake url params - null to not set
* @param array $expectedoutputs expected output strings, if empty will test that the output was also empty.
*
* @dataProvider evaluation_maintenancepage_provider
*
* We need this because we modify the request headers,
* see https://github.com/sebastianbergmann/phpunit/issues/720#issuecomment-10421092
* @runInSeparateProcess
*/
public function test_evaluation_maintenancepage(?string $allowedips, ?string $iptouse, ?string $accesskey,
?string $accesskeytouse, array $expectedoutputs) {
global $CFG, $_SERVER, $_GET;
$this->resetAfterTest(true);
self::setAdminUser();
$now = time();
$outage = new outage([
'autostart' => false,
'warntime' => $now - 200,
'starttime' => $now - 100,
'stoptime' => $now + 200,
'title' => 'Title',
'description' => 'Description',
'accesskey' => $accesskey,
]);
if (!is_null($allowedips)) {
set_config('allowedips', $allowedips, 'auth_outage');
}
// Ensure if the file exists we clean it (e.g. from a previous test run).
$file = $CFG->dataroot.'/climaintenance.php';
if (file_exists($file)) {
unlink($file);
}
// This basically sets the output of getremoteaddr().
if (!is_null($iptouse)) {
$_SERVER['REMOTE_ADDR'] = $iptouse;
}
// This sets the output of optional_param().
if (!is_null($accesskeytouse)) {
$_GET['accesskey'] = $accesskeytouse;
}
outagelib::update_climaintenance_code($outage);
self::assertFileExists($file);
// Require the file to execute it.
// Normally this would die, but we have baked some goodies in there
// that stop it die'ing during a unit test.
ob_start();
require($file);
$contents = ob_get_clean();
// Check each output is as expected.
foreach ($expectedoutputs as $expectedoutput) {
$this->assertStringContainsString($expectedoutput, $contents);
}
// Ensure if nothing was expected, that it is empty.
if (empty($expectedoutputs)) {
$this->assertEmpty($contents);
}
}
}

6
version.php
View File

@@ -28,8 +28,8 @@
defined('MOODLE_INTERNAL') || die();
$plugin->component = "auth_outage";
$plugin->version = 2024081900; // The current plugin version (Date: YYYYMMDDXX).
$plugin->release = 2024081900; // Human-readable release information.
$plugin->version = 2023012700; // The current plugin version (Date: YYYYMMDDXX).
$plugin->release = 2023012700; // Human-readable release information.
$plugin->requires = 2017111309; // 2017111309 = T13, but this really requires 3.9 and higher.
$plugin->maturity = MATURITY_STABLE; // Suitable for PRODUCTION environments!
$plugin->supported = [39, 405]; // A range of branch numbers of supported moodle versions.
$plugin->supported = [39, 401]; // A range of branch numbers of supported moodle versions.

1
views/info/content.php
View File

@@ -24,7 +24,6 @@
*
* @var array $viewbag
*/
// phpcs:disable moodle.Commenting.MissingDocblock.File
defined('MOODLE_INTERNAL') || die();
?>

1
views/manage.php
View File

@@ -22,7 +22,6 @@
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
// phpcs:disable moodle.Commenting.MissingDocblock.File
use auth_outage\output\manage\history_table;
use auth_outage\output\manage\planned_table;

21
views/warningbar/warningbar.php
View File

@@ -22,7 +22,6 @@
* @copyright 2016 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
// phpcs:disable moodle.Commenting.MissingDocblock.File
use auth_outage\local\outagelib;
@@ -47,15 +46,17 @@ if (!$viewbag['static']) {
['target' => '_blank', 'class' => 'auth_outage_warningbar_box_title']
);
if (is_siteadmin()) {
$link = html_writer::link(
new moodle_url('/auth/outage/finish.php', ['id' => $viewbag['outage']->id]),
$OUTPUT->pix_icon('t/check', get_string('finish', 'auth_outage'), 'moodle', array('class' => 'iconsmall')) . get_string('finish', 'auth_outage'),
[
'title' => get_string('finish', 'auth_outage'),
'class' => 'auth_outage_warningbar_box_finish',
]
);
$title .= ' '.html_writer::span($link, '', ['id' => 'auth_outage_warningbar_button']);
$url = new moodle_url('/auth/outage/finish.php', ['id' => $viewbag['outage']->id]);
$text = html_writer::empty_tag('img', [
'src' => $OUTPUT->image_url('t/check'),
'alt' => get_string('finish', 'auth_outage'),
'class' => 'iconsmall',
]).' '.get_string('finish', 'auth_outage');
$attr = [
'title' => get_string('finish', 'auth_outage'),
'class' => 'auth_outage_warningbar_box_finish',
];
$title .= ' '.html_writer::span(html_writer::link($url, $text, $attr), '', ['id' => 'auth_outage_warningbar_button']);
}
}
?>