Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-67818

Create a Check API

XMLWordPrintable

    • MOODLE_39_STABLE
    • MOODLE_39_STABLE
    • MDL-67818-check-api
    • Hide

      Setup

      1. First make all checks fail once way or another by running the following in the terminal

        # If using MDK:
        mdk run undev
        mkdir -p vendor
        mkdir -p node_modules
        mkdir -p moodledata
        chmod 777 config.php
        php admin/cli/cfg.php --name=cookiesecure --set=0
        php admin/cli/cfg.php --name=allowobjectembed --set=1
        php admin/cli/cfg.php --name=forcelogin --set=0
        php admin/cli/cfg.php --name=forceloginforprofiles --set=0
        php admin/cli/cfg.php --name=opentowebcrawlers --set=1
        php admin/cli/cfg.php --name=passwordpolicy --set=0
        php admin/cli/cfg.php --name=emailchangeconfirmation --set=0
        php admin/cli/cfg.php --name=cronclionly --set=0
        php admin/cli/cfg.php --name=guestroleid --set=0
        php admin/cli/cfg.php --name=defaultfrontpageroleid --set=1
        php admin/cli/cfg.php --name=preventexecpath --set=0
        

      2. Edit your config.php
      3. Add the following at the top, just underneath the opening php tag:

        @ini_set('display_errors', '1');
        

      4. Find where $CFG->dataroot is set, and add the following line aftereward:

        $CFG->dataroot = __DIR__ . '/moodledata';
        

      5. Log in as admin
      6. Navigate to Site administraiton -> Plugins -> Manage media players
      7. Ensure that "Flash animation" is enabled
      8. Navigate to Site administraiton -> Plugins -> Manage authentication
      9. Ensure that the "No authentication" plugin is enabled
      10. Navigate to Site administraiton -> Users -> Permissions -> Define roles
      11. Edit the "Authenticated user" role
      12. Grant the "moodle/course:create" capability

      Test

      1. Login as admin
      2. Navigate to Site administration -> Reports -> Security checks
        1. Confirm that all items are shown as either error, warning, or info
      3. Now drill into each error and follow it's help in order fix it
        Note: Some of them are non-trivial to fix, and some are just warnings and/or information and cannot be fixed
        Note: You will need to access the site via HTTPS, e.g. via ngrok, in order to solve the "Secure cookies" line item
        Note: Some of the following will give a few ideas on how to fix many of these issues.

        rm -rf vendor node_modules moodledata
        php admin/cli/cfg.php --name=cookiesecure --set=1
        php admin/cli/cfg.php --name=allowobjectembed --set=0
        php admin/cli/cfg.php --name=forcelogin --set=1
        php admin/cli/cfg.php --name=forceloginforprofiles --set=1
        php admin/cli/cfg.php --name=opentowebcrawlers --set=0
        php admin/cli/cfg.php --name=passwordpolicy --set=1
        php admin/cli/cfg.php --name=emailchangeconfirmation --set=1
        php admin/cli/cfg.php --name=cronclionly --set=1
        php admin/cli/cfg.php --name=guestroleid --set=1
        php admin/cli/cfg.php --name=preventexecpath --set=1
        php admin/cli/cfg.php --name=defaultfrontpageroleid --set=0
        

      Show
      Setup First make all checks fail once way or another by running the following in the terminal # If using MDK: mdk run undev mkdir -p vendor mkdir -p node_modules mkdir -p moodledata chmod 777 config.php php admin/cli/cfg.php --name=cookiesecure --set=0 php admin/cli/cfg.php --name=allowobjectembed --set=1 php admin/cli/cfg.php --name=forcelogin --set=0 php admin/cli/cfg.php --name=forceloginforprofiles --set=0 php admin/cli/cfg.php --name=opentowebcrawlers --set=1 php admin/cli/cfg.php --name=passwordpolicy --set=0 php admin/cli/cfg.php --name=emailchangeconfirmation --set=0 php admin/cli/cfg.php --name=cronclionly --set=0 php admin/cli/cfg.php --name=guestroleid --set=0 php admin/cli/cfg.php --name=defaultfrontpageroleid --set=1 php admin/cli/cfg.php --name=preventexecpath --set=0 Edit your config.php Add the following at the top, just underneath the opening php tag: @ini_set('display_errors', '1'); Find where $CFG->dataroot is set, and add the following line aftereward: $CFG->dataroot = __DIR__ . '/moodledata'; Log in as admin Navigate to Site administraiton -> Plugins -> Manage media players Ensure that "Flash animation" is enabled Navigate to Site administraiton -> Plugins -> Manage authentication Ensure that the "No authentication" plugin is enabled Navigate to Site administraiton -> Users -> Permissions -> Define roles Edit the "Authenticated user" role Grant the " moodle/course:create " capability Test Login as admin Navigate to Site administration -> Reports -> Security checks Confirm that all items are shown as either error, warning, or info Now drill into each error and follow it's help in order fix it Note: Some of them are non-trivial to fix, and some are just warnings and/or information and cannot be fixed Note: You will need to access the site via HTTPS, e.g. via ngrok, in order to solve the "Secure cookies" line item Note: Some of the following will give a few ideas on how to fix many of these issues. rm -rf vendor node_modules moodledata php admin/cli/cfg.php --name=cookiesecure --set=1 php admin/cli/cfg.php --name=allowobjectembed --set=0 php admin/cli/cfg.php --name=forcelogin --set=1 php admin/cli/cfg.php --name=forceloginforprofiles --set=1 php admin/cli/cfg.php --name=opentowebcrawlers --set=0 php admin/cli/cfg.php --name=passwordpolicy --set=1 php admin/cli/cfg.php --name=emailchangeconfirmation --set=1 php admin/cli/cfg.php --name=cronclionly --set=1 php admin/cli/cfg.php --name=guestroleid --set=1 php admin/cli/cfg.php --name=preventexecpath --set=1 php admin/cli/cfg.php --name=defaultfrontpageroleid --set=0

      This is an umbrella tracker to group a bunch of related work together.

      There is a growing need for plugins to define various checks for security, performance and health etc, and it makes sense for not only each of these to be managed centrally in core, but also there is a lot of similarity between them and an opportunity to make them all consistent under a unified API.

      I've throw together some docs for how I think it will all hang together:

      https://docs.moodle.org/dev/Check_API

      This will end up as a decent sized refactor of the performance report, the security report, possibly the admin notification page and also a new report for health checks (which will ultimately deprecate the tool_heartbeat plugin see MDL-47271)

       

      Docs needed:

      https://docs.moodle.org/dev/Core_APIs

       

            brendanheywood Brendan Heywood
            brendanheywood Brendan Heywood
            Peter Burnett Peter Burnett
            Andrew Lyons Andrew Lyons
            Janelle Barcega Janelle Barcega
            Votes:
            2 Vote for this issue
            Watchers:
            10 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 2 hours, 2 minutes
                2h 2m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.