Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-67818

Create a Check API

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide

      Setup

      1. First make all checks fail once way or another by running the following in the terminal

        # If using MDK:
        mdk run undev
        mkdir -p vendor
        mkdir -p node_modules
        mkdir -p moodledata
        chmod 777 config.php
        php admin/cli/cfg.php --name=cookiesecure --set=0
        php admin/cli/cfg.php --name=allowobjectembed --set=1
        php admin/cli/cfg.php --name=forcelogin --set=0
        php admin/cli/cfg.php --name=forceloginforprofiles --set=0
        php admin/cli/cfg.php --name=opentowebcrawlers --set=1
        php admin/cli/cfg.php --name=passwordpolicy --set=0
        php admin/cli/cfg.php --name=emailchangeconfirmation --set=0
        php admin/cli/cfg.php --name=cronclionly --set=0
        php admin/cli/cfg.php --name=guestroleid --set=0
        php admin/cli/cfg.php --name=defaultfrontpageroleid --set=1
        php admin/cli/cfg.php --name=preventexecpath --set=0
        

      2. Edit your config.php
      3. Add the following at the top, just underneath the opening php tag:

        @ini_set('display_errors', '1');
        

      4. Find where $CFG->dataroot is set, and add the following line aftereward:

        $CFG->dataroot = __DIR__ . '/moodledata';
        

      5. Log in as admin
      6. Navigate to Site administraiton -> Plugins -> Manage media players
      7. Ensure that "Flash animation" is enabled
      8. Navigate to Site administraiton -> Plugins -> Manage authentication
      9. Ensure that the "No authentication" plugin is enabled
      10. Navigate to Site administraiton -> Users -> Permissions -> Define roles
      11. Edit the "Authenticated user" role
      12. Grant the "moodle/course:create" capability

      Test

      1. Login as admin
      2. Navigate to Site administration -> Reports -> Security checks
        1. Confirm that all items are shown as either error, warning, or info
      3. Now drill into each error and follow it's help in order fix it
        Note: Some of them are non-trivial to fix, and some are just warnings and/or information and cannot be fixed
        Note: You will need to access the site via HTTPS, e.g. via ngrok, in order to solve the "Secure cookies" line item
        Note: Some of the following will give a few ideas on how to fix many of these issues.

        rm -rf vendor node_modules moodledata
        php admin/cli/cfg.php --name=cookiesecure --set=1
        php admin/cli/cfg.php --name=allowobjectembed --set=0
        php admin/cli/cfg.php --name=forcelogin --set=1
        php admin/cli/cfg.php --name=forceloginforprofiles --set=1
        php admin/cli/cfg.php --name=opentowebcrawlers --set=0
        php admin/cli/cfg.php --name=passwordpolicy --set=1
        php admin/cli/cfg.php --name=emailchangeconfirmation --set=1
        php admin/cli/cfg.php --name=cronclionly --set=1
        php admin/cli/cfg.php --name=guestroleid --set=1
        php admin/cli/cfg.php --name=preventexecpath --set=1
        php admin/cli/cfg.php --name=defaultfrontpageroleid --set=0
        

      Show
      Setup First make all checks fail once way or another by running the following in the terminal # If using MDK: mdk run undev mkdir -p vendor mkdir -p node_modules mkdir -p moodledata chmod 777 config.php php admin/cli/cfg.php --name=cookiesecure --set=0 php admin/cli/cfg.php --name=allowobjectembed --set=1 php admin/cli/cfg.php --name=forcelogin --set=0 php admin/cli/cfg.php --name=forceloginforprofiles --set=0 php admin/cli/cfg.php --name=opentowebcrawlers --set=1 php admin/cli/cfg.php --name=passwordpolicy --set=0 php admin/cli/cfg.php --name=emailchangeconfirmation --set=0 php admin/cli/cfg.php --name=cronclionly --set=0 php admin/cli/cfg.php --name=guestroleid --set=0 php admin/cli/cfg.php --name=defaultfrontpageroleid --set=1 php admin/cli/cfg.php --name=preventexecpath --set=0 Edit your config.php Add the following at the top, just underneath the opening php tag: @ini_set('display_errors', '1'); Find where $CFG->dataroot is set, and add the following line aftereward: $CFG->dataroot = __DIR__ . '/moodledata'; Log in as admin Navigate to Site administraiton -> Plugins -> Manage media players Ensure that "Flash animation" is enabled Navigate to Site administraiton -> Plugins -> Manage authentication Ensure that the "No authentication" plugin is enabled Navigate to Site administraiton -> Users -> Permissions -> Define roles Edit the "Authenticated user" role Grant the " moodle/course:create " capability Test Login as admin Navigate to Site administration -> Reports -> Security checks Confirm that all items are shown as either error, warning, or info Now drill into each error and follow it's help in order fix it Note: Some of them are non-trivial to fix, and some are just warnings and/or information and cannot be fixed Note: You will need to access the site via HTTPS, e.g. via ngrok, in order to solve the "Secure cookies" line item Note: Some of the following will give a few ideas on how to fix many of these issues. rm -rf vendor node_modules moodledata php admin/cli/cfg.php --name=cookiesecure --set=1 php admin/cli/cfg.php --name=allowobjectembed --set=0 php admin/cli/cfg.php --name=forcelogin --set=1 php admin/cli/cfg.php --name=forceloginforprofiles --set=1 php admin/cli/cfg.php --name=opentowebcrawlers --set=0 php admin/cli/cfg.php --name=passwordpolicy --set=1 php admin/cli/cfg.php --name=emailchangeconfirmation --set=1 php admin/cli/cfg.php --name=cronclionly --set=1 php admin/cli/cfg.php --name=guestroleid --set=1 php admin/cli/cfg.php --name=preventexecpath --set=1 php admin/cli/cfg.php --name=defaultfrontpageroleid --set=0
    • Affected Branches:
      MOODLE_39_STABLE
    • Fixed Branches:
      MOODLE_39_STABLE
    • Pull Master Branch:
      MDL-67818-check-api

      Description

      This is an umbrella tracker to group a bunch of related work together.

      There is a growing need for plugins to define various checks for security, performance and health etc, and it makes sense for not only each of these to be managed centrally in core, but also there is a lot of similarity between them and an opportunity to make them all consistent under a unified API.

      I've throw together some docs for how I think it will all hang together:

      https://docs.moodle.org/dev/Check_API

      This will end up as a decent sized refactor of the performance report, the security report, possibly the admin notification page and also a new report for health checks (which will ultimately deprecate the tool_heartbeat plugin see MDL-47271)

       

      Docs needed:

      https://docs.moodle.org/dev/Core_APIs

       

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              brendanheywood Brendan Heywood
              Reporter:
              brendanheywood Brendan Heywood
              Peer reviewer:
              Peter Burnett
              Integrator:
              Andrew Nicols
              Tester:
              Janelle Barcega
              Participants:
              Component watchers:
              Andrew Nicols, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze, Matteo Scaramuccia, Andrew Nicols, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze
              Votes:
              2 Vote for this issue
              Watchers:
              11 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Fix Release Date:
                15/Jun/20

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 hours, 2 minutes
                  2h 2m