when function find_users was supposed to be used for user validation but no userids were passed to it, it retrieved all users in the system.
This caused memory overflow on systems with too many users (like moodle.org).
Now we make sure that find_users is not called for validation if there is nobody to validate.
Also improved query inside find_users to make it work faster
This change:
- Renames the existing setting 'extrauserselectorfields' to 'showuseridentity'
in preparation for using it in more places. (Upgrade change, new version.)
- Adds a new capability moodle/site:viewuseridentity, now required in order
to see the extra fields; if you don't have the capability, you don't see them
- Slightly improves the display of extra fields in user selector list; it used
to be like 'sam marshall, 01234567, email@address' and is now
'sam marshall [01234567, email@address]' ie the fields are in square
brackets
- Turns feature on for the group selector - the feature was enabled for other
user selectors but not for the group selector. Tim did the disable code, he
thinks this may be to do with more people having access to group selector -
probably not a problem now it is controlled by capability.
This is a final cleanup commit of fullname and shortname issue. All
places where these strings were detected yet have been replaced with
proper fullnamecourse or fullnameuser or some other context specific
string.
AMOS BEGIN
CPY [fullname,core],[outcomefullname,core_grades]
CPY [shortname,core],[outcomeshortname,core_grades]
CPY [name,core],[rolefullname,core_role]
CPY [shortname,core],[roleshortname,core_role]
AMOS END
even non-course and sticky blocks.
The parent context is block_instances.parentcontextid.
The block context should be used for checking permissions directly
related to the block, like moodle/block:view or moodle/site:manageblocks.
However, if the block is displaying information about the current page,
for example the participants block showing who 'here', then it may be
better to use the context of the page where the bloack is appearing -
in other words $this->page->context - to check permissions about the
user's ability to see participants here.
Or, if the block is displaying something stronly related to courses,
for example, a course meny block, the block should probably use the
context for $this->page->course to check permissions.
There is a new implementation of require_js in lib/deprecatedlib.php,
based on $PAGE->requires.
There were a few other recently introduced functions in lib/weblib.php,
namely print_js_call, print_delayed_js_call, print_js_config and
standard_js_config. These have been removed, since they were never in
a stable branch, and all the places that used them have been changed
to use the newer $PAGE->requires->... methods.
get_require_js_code is also gone, and the evil places that were calling
it, even though it is an internal function, have been fixed.
Also, I made some minor improvements to the code I committed yesterday
for MDL-16695.
All that remains is to update all the places in core code that are
still using require_js.
(This commit also fixes the problem where the admin tree would not
start with the right categories expanded.)
