Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-60141

Field type for sitepolicy in auth_email_get_signup_settings is incorrect

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide
      1. As admin set the admin setting sitepolicy: Add a link to a web page
      2. Enable the e-mail based self registration auth plugin
      3. Set the admin setting registerauth to Email-based self registration
      4. Then, execute the following curl request:

        curl 'http://localhost/m/stable_master/lib/ajax/service.php' --data-binary '[{"index":0,"methodname":"auth_email_get_signup_settings","args":{}}]' | python -m "json.tool"

      5. And check that among all the fields in the response you see the sitepolicy field correctly set to the web page you used in step 1
      6. As admin set the admin setting sitepolicy again, but now use a random string as value, something like "abcdef"
      7. Execute the curl request again and check that you receive the sitepolicy again with the value you used in the previous step
      Show
      As admin set the admin setting sitepolicy: Add a link to a web page Enable the e-mail based self registration auth plugin Set the admin setting registerauth to Email-based self registration Then, execute the following curl request: curl 'http://localhost/m/stable_master/lib/ajax/service.php' --data-binary ' [{"index":0,"methodname":"auth_email_get_signup_settings","args":{}}] ' | python -m "json.tool" And check that among all the fields in the response you see the sitepolicy field correctly set to the web page you used in step 1 As admin set the admin setting sitepolicy again, but now use a random string as value, something like "abcdef" Execute the curl request again and check that you receive the sitepolicy again with the value you used in the previous step
    • Affected Branches:
      MOODLE_33_STABLE
    • Fixed Branches:
      MOODLE_32_STABLE, MOODLE_33_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-60141-master

      Description

      It is defined as PARAM_URL but the admin setting in https://github.com/moodle/moodle/blob/master/admin/settings/security.php#L57 is defined as PARAM_RAW

      This may break the mobile app signup features in sites where the site policy is not a PARAM_URL (it could be a relative path, link to a different protocol, internal document, etc..)

        Attachments

          Activity

            People

            • Assignee:
              jleyva Juan Leyva
              Reporter:
              jleyva Juan Leyva
              Peer reviewer:
              Ankit Agarwal
              Integrator:
              Andrew Nicols
              Tester:
              Andrew Nicols
              Participants:
              Component watchers:
              Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Peter Dias
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Fix Release Date:
                13/Nov/17