stephen marquard <stephen.marquard@uct.ac.za> in Sakai.Git

The paragraph regexp is too complex for long img alt text which includes linebreaks. This uses a simpler regexp for alt text.

* SAK-44261 Use the stateful quartz wrapper for the SiteStats aggregation job

This commit also removes the CR line-endings from components.xml, so view without

whitespace changes to see the actual update.

* SAK-44261 Update comment on use of stateful job

(cherry picked from commit 668ed80a094495251d353db8033000143b0e1af2)

Set the initial view correctly again

* SAK-44066 Remove courier from portal presence

This removes the functional use of /courier/ URLs from the portal presence tool,

eliminating end-user requests to /courier/... which serve no purpose, because

requesting the presence list itself also serves to establish the user's presence in a site,

and the morpheus js refreshes the presence anyway.

Complete cleanup left for SAK-39977, including removal of scheduleUpdate() from headscripts.js

which is referenced from some other places too (JSF widgets).

Should be mergeable back to 20.x

* SAK-39977 Remove courier code

This touches a lot of code mostly because of the velocity templates. The only

place this seems to be used is in the Admin / Online tool. This changes removes

the auto-refresh functionality.

* SAK-39977 Remove courier code

Further cleanup of unused code

Co-authored-by: Earle Nietzel <earle@longsight.com>

(cherry picked from commit 2c96eff3ba29f21f327d9118b99ea4ef79457f2d)

This removes the functional use of /courier/ URLs from the portal presence tool,

eliminating end-user requests to /courier/... which serve no purpose, because

requesting the presence list itself also serves to establish the user's presence in a site,

and the morpheus js refreshes the presence anyway.

Complete cleanup left for SAK-39977, including removal of scheduleUpdate() from headscripts.js

which is referenced from some other places too (JSF widgets).

Should be mergeable back to 20.x

There is no need to get the site here, as the transformation from

a site id (context) to a site reference is a simple string manipulation

for which SiteService already has a method.

Switch from Spring FileCopyUtils which returns an int to

commons-io IOUtils.copyLarge which returns long for file length,

to avoid getting an incorrect content length when uploading files

larger than 2G.

Add a tool configuration option that prevents a tool from being duplicated to a new site

When a site is duplicated, tools with this configuration:

<configuration name="allowToolDuplicate" value="false" />

will not be copied to the duplicated site.

DeliveryActionListener has a large try/catch block that catches RuntimeException

and then adds an error the error log.

If an exception is caught for an assessment preview, the real error is masked

because the T&Q event logging code attempts to get an assessmentGradingId

which is null (and really there's nothing meaningful to log here since it's a

preview and the event log doesn't log previews).

So we should check for that and throw the real exception earlier before

attempting to update the event log.

Introduces a pseudo permission and reference that can be allowed

in a SecurityAdvisor to enable code to perform CM updates, without

requiring the user session to be set to admin.

(cherry picked from commit d0e030b1733cbedf8dce07014b32b00c8cf88a56)

* SAK-41298 Document maxAuthenticationAge property for SAML auth

* Update xlogin-context.saml.adfs-prod.xml

SAK-41298 Update the ADFS max auth age to 86400 (1 day) as ADFS sets this to the time of first login

(cherry picked from commit 03a98d62729666bd46251eed5d693acc0f2cebe7)

Ignore these rather than throwing an exception, so we don't get a bug report.

The UI will never generate invalid params here, so this is to catch any

search engines or fuzzing scripts that request invalid URLs.

(cherry picked from commit 03a1f817691dfb2bcf6d58ffce426f9b8ca715b3)

To mitigate threads blocking on filesystem access; see JIRA issue for more detailed explanation.