Clone
 

stephen marquard <stephen.marquard@uct.ac.za> in Sakai.Git

SAK-43666 Files over 2G have incorrect file size (#8232)

Switch from Spring FileCopyUtils which returns an int to

commons-io IOUtils.copyLarge which returns long for file length,

to avoid getting an incorrect content length when uploading files

larger than 2G.

SAK-42688 Tool configuration option for duplication (#7487)

Add a tool configuration option that prevents a tool from being duplicated to a new site

When a site is duplicated, tools with this configuration:

<configuration name="allowToolDuplicate" value="false" />

will not be copied to the duplicated site.

SAK-42630 Avoid a possible NPE when catching errors during assessment preview (#7435)

DeliveryActionListener has a large try/catch block that catches RuntimeException

and then adds an error the error log.

If an exception is caught for an assessment preview, the real error is masked

because the T&Q event logging code attempts to get an assessmentGradingId

which is null (and really there's nothing meaningful to log here since it's a

preview and the event log doesn't log previews).

So we should check for that and throw the real exception earlier before

attempting to update the event log.

SAK-42451 Allow CM services to be used with a SecurityAdvisor (#7329)

Introduces a pseudo permission and reference that can be allowed

in a SecurityAdvisor to enable code to perform CM updates, without

requiring the user session to be set to admin.

SAK-42465 Add user.view.any permission to allow global user lookups for webservices (#7334)

This adds a new user.view.any permission to support the use-case for a webservice account

to be able to look up user information through the /direct/user endpoint, without the account

needing to be admin-equivalent.

This can be achieved at a global level by setting the server configuration property

entity.users.viewall=true, but that applies to all users. The user.view.any permission

can be set for a specific account or group of accounts by creating a special account

type (e.g. "webservice"), creating a user template role (e.g. !user.template.webservice),

and then setting the permission for the .auth role in the template realm.

SAK-41785 Retry setup of the LDAP connection pool after startup if it's null (#6905)

SAK-41271 Fixes some broken wiki macros (#6515)

(cherry picked from commit d0e030b1733cbedf8dce07014b32b00c8cf88a56)

SAK-41271 Fixes some broken wiki macros (#6515)

(cherry picked from commit d0e030b1733cbedf8dce07014b32b00c8cf88a56)

SAK-41271 Fixes some broken wiki macros (#6515)

SAK-41298 Document maxAuthenticationAge property for SAML auth (#6525)

* SAK-41298 Document maxAuthenticationAge property for SAML auth

* Update xlogin-context.saml.adfs-prod.xml

SAK-41298 Update the ADFS max auth age to 86400 (1 day) as ADFS sets this to the time of first login

(cherry picked from commit 03a98d62729666bd46251eed5d693acc0f2cebe7)

SAK-41298 Document maxAuthenticationAge property for SAML auth (#6525)

* SAK-41298 Document maxAuthenticationAge property for SAML auth

* Update xlogin-context.saml.adfs-prod.xml

SAK-41298 Update the ADFS max auth age to 86400 (1 day) as ADFS sets this to the time of first login

SAK-41179 Check create permission in the site wiki before attempting to create subspace default pages (#6458)

SAK-41179 Check create permission in the site wiki before attempting to create subspace default pages (#6458)

(cherry picked from commit d50332fde5eb050093aef862d1360c2ff341fcfe)

SAK-41165 Ignore invalid left and right params in page diff URLs (#6452)

Ignore these rather than throwing an exception, so we don't get a bug report.

The UI will never generate invalid params here, so this is to catch any

search engines or fuzzing scripts that request invalid URLs.

(cherry picked from commit 03a1f817691dfb2bcf6d58ffce426f9b8ca715b3)

SAK-41165 Ignore invalid left and right params in page diff URLs (#6452)

Ignore these rather than throwing an exception, so we don't get a bug report.

The UI will never generate invalid params here, so this is to catch any

search engines or fuzzing scripts that request invalid URLs.

SAK-40891 Use a static DocumentBuilderFactory for StorageUtils (#6224)

To mitigate threads blocking on filesystem access; see JIRA issue for more detailed explanation.

SAK-40891 Use a static DocumentBuilderFactory for StorageUtils (#6224)

To mitigate threads blocking on filesystem access; see JIRA issue for more detailed explanation.

(cherry picked from commit 6daf9659fda77d4f17d25b26a3a4c92eb74249bf)

SAK-40891 Use a static DocumentBuilderFactory for StorageUtils (#6224)

To mitigate threads blocking on filesystem access; see JIRA issue for more detailed explanation.

(cherry picked from commit 6daf9659fda77d4f17d25b26a3a4c92eb74249bf)

SAK-26580 Ignore cache creation attempt if it already exists (#6217)

Harmless to return null here.

(cherry picked from commit 3757bc3d3d93456d4deec92c650890dcc1f15e99)

SAK-26580 Ignore cache creation attempt if it already exists (#6217)

Harmless to return null here.

(cherry picked from commit 3757bc3d3d93456d4deec92c650890dcc1f15e99)

SAK-26580 Ignore cache creation attempt if it already exists (#6217)

Harmless to return null here.

SAK-40889 Ignore a null event

(cherry picked from commit 92e40bd7e43b809a5442e7614d48dfafd34567ca)

SAK-40889 Ignore a null event

SAK-40571 Don't check basic auth if no Authorization header is present (#5964)

* SAK-40571 Don't check basic auth if no Authorization header is present

Avoids an unnecessary stack trace being logged

* SAK-40571 Remove now-redundant null check for auth header

SAK-40571 Don't check basic auth if no Authorization header is present (#5964)

* SAK-40571 Don't check basic auth if no Authorization header is present

Avoids an unnecessary stack trace being logged

* SAK-40571 Remove now-redundant null check for auth header

(cherry picked from commit d04fce80f94ddfa5f4221cf7759621d55ca67f88)

SAK-40572 Add 4 additional config options to the unboundid LDAP provider (#5965)

allowAuthenticationAdmin (default false)

allowAuthenticationExternal (default true)

allowSearchExternal (default true)

allowGetExternal (default true)

SAK-40535 Add User API methods for ContextualUserDisplayService (#5932)

SAK-10868 and SAK-39642 added support for context-specific user aliases, that is a display name for a user that can be different in a specific site context.

This supports the "role play" or "user alias" use case, for example for simulation games (. There is a contrib implementation for this (https://confluence.sakaiproject.org/display/RPLAY/Home) in use by UCT and possibly others.

When implemented, it was sufficient to resolve the site context from the tool context, but as more tools have moved to using /direct/ or other REST endpoints for tool data, this no longer works as the tool placement is not available, specifically for chatData in the Chat Tool.

This task adds methods to the User API so that tool- and service endpoints can get a display name for a user for a specific site context explicitly.

This also allows us to remove explicit use of ContextualUserDisplayService in various tool code.

This PR adds the User API methods, updates implementations and mocks of User and adds support in the Chat tool code.

SAK-40380 Check for pages with no tools (avoid ArrayIndexOutOfBoundsException) (#5840)

SAK-40380 Check for pages with no tools (avoid ArrayIndexOutOfBoundsException) (#5840)

(cherry picked from commit 8d2989d135538a40554f45ebe2ec45484a8d6024)

SAK-40354 Lazy-load chat channel messages (#5814)

So we don't have to get all of them from the database every time we get a channel object

(cherry picked from commit 7768cd27c67ca2ef7f196762bfe4fcdb69dfddff)