Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-66119

Disable GUI plugin uninstalls (eg $CFG->uninstallclionly similar to $CFG->disableupdateautodeploy)

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide

      1) Open the plugin overview menu at Site Administration->Plugins->Plugin Overview. Verify that plugins can be uninstalled by clicking the uninstall button on one.

      2) In config.php, add the line

      $CFG->uninstallclionly = true;
      

      3) Go back to the plugins menu, and verify that you are unable to uninstall plugins, as the uninstall button isn't present.

      4) Attempt to uninstall a plugin using the CLI script uninstall_plugins.php, and verify that plugins can still be uninstalled from the command line.

      5) Edit the line in config.php to false

      $CFG->uninstallclionly = false;
      

      6) Go back to the plugins menu, and verify that you are able to uninstall plugins again.

      Show
      1) Open the plugin overview menu at Site Administration->Plugins->Plugin Overview. Verify that plugins can be uninstalled by clicking the uninstall button on one. 2) In config.php, add the line $CFG->uninstallclionly = true ; 3) Go back to the plugins menu, and verify that you are unable to uninstall plugins, as the uninstall button isn't present. 4) Attempt to uninstall a plugin using the CLI script uninstall_plugins.php, and verify that plugins can still be uninstalled from the command line. 5) Edit the line in config.php to false $CFG->uninstallclionly = false ; 6) Go back to the plugins menu, and verify that you are able to uninstall plugins again.
    • Fixed Branches:
      MOODLE_38_STABLE
    • Pull Master Branch:
      mdl-66119

      Description

      We want to harden moodle, one vector is if you get admin access in the gui we want to prevent people from covering their tracks and doing some malicious stuff.

      We can easily log down the log stores and other settings but we can't stop people from uninstalling things in the gui, so proposing a new config.php only setting:

      $CFG->uninstallclionly => 1;

       Short circuit here:

      https://github.com/moodle/moodle/blob/master/lib/classes/plugin_manager.php#L1174

        Attachments

          Activity

            People

            • Votes:
              2 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Fix Release Date:
                18/Nov/19

                Time Tracking

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 hour, 11 minutes
                1h 11m