Moodle

backup: security

Details

  • Type: Sub-task Sub-task
  • Status: Closed Closed
  • Priority: Minor Minor
  • Resolution: Fixed
  • Affects Version/s: 2.0
  • Fix Version/s: 2.0
  • Component/s: Backup
  • Labels:
    None
  • Difficulty:
    Moderate
  • Affected Branches:
    MOODLE_20_STABLE
  • Fixed Branches:
    MOODLE_20_STABLE

Description

Apart from MDL-21668 (that must be done before), implement the check_security() in controller, so all the settings will be initially allowed/locked if /as necessary.u i cannot change them if locked by permission.

Activity

Hide
Permalink
Eloy Lafuente (stronk7) added a comment -

Implemented, these are checked:

  • depending of backup->type
    • 'moodle/backup:backupcourse'
    • 'moodle/backup:backupsection'
    • 'moodle/backup:backupactivity'
  • depending of backup->mode
    • 'moodle/backup:backuptargethub'
    • 'moodle/backup:backuptargetimport'
  • configuring backup settings (if allowed):
    **'moodle/backup:userinfo'
    • 'moodle/backup:anonymise'

All them throwing backup_controller_exception() if something goes wrong.

Offtopic, once implemented, I found one more problem in the backup ui (MDL-22142) not following the locks defined here. Going to report that there (is serious).

Show
Eloy Lafuente (stronk7) added a comment - Implemented, these are checked:
  • depending of backup->type
    • 'moodle/backup:backupcourse'
    • 'moodle/backup:backupsection'
    • 'moodle/backup:backupactivity'
  • depending of backup->mode
    • 'moodle/backup:backuptargethub'
    • 'moodle/backup:backuptargetimport'
  • configuring backup settings (if allowed): **'moodle/backup:userinfo'
    • 'moodle/backup:anonymise'
All them throwing backup_controller_exception() if something goes wrong. Offtopic, once implemented, I found one more problem in the backup ui (MDL-22142) not following the locks defined here. Going to report that there (is serious).

People

Vote (0)
Watch (0)

Dates

  • Created:
    Updated:
    Resolved:
Atlassian JIRA (v4.4.5#665-sha1:422aead) | Report a problem
Powered by a free Atlassian JIRA open source license for Moodle. Try JIRA - bug tracking software for your team.