[Mahara-contributors] [Bug 1661139] Re: Page screen should show "..." button with option to delete page

[Steven]

Test Steps:
1)Login as a User
2) Navigate to Portfolio>pages & collection
3) Click on one of the page
4) click on “...” which is on right hand side of the page
5) Delete option should be displayed
6) Click on delete page
“ Do you Really Want to delete this page? It cannot be undone> with Yes or no 
buttons shoudl be displayed
7) Click on Yes to delete the page

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask 
on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1661139

Title:
  Page screen should show "..." button with option to delete page

Status in Mahara:
  Fix Released

Bug description:
  In the screen for pages we own, we should see the "..." button similar
  to the one we see for pages shared with us.

  In this button we should only have the option to delete the page.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1661139/+subscriptions

___
Mailing list: https://launchpad.net/~mahara-contributors
Post to : mahara-contributors@lists.launchpad.net
Unsubscribe : https://launchpad.net/~mahara-contributors
More help   : https://help.launchpad.net/ListHelp

[Mahara-contributors] [Bug 1755046] [NEW] File name stripped of unicode chars in file transfer from Moodle to Mahara

[Ghada El-Zoghbi]

Public bug reported:

Mahara: 17.10.2
OS: Ubuntu 16.04
PHP: 7.0
DB: Postgres
Browser: n/a

During a XML-RPC 'File' transfer (not 'Leap2A' transfer) from Moodle to
Mahara, a file name with unicode characters gets stripped out. Clamdscan
then can't find the file when it tries to scan it and reports an error.


The error message coming from Clam is:

ERROR: Can't access file
/var/lib/sitedata/temp/import/339/extract/uploadxxxassignment1.txt

The file name should be: upload（xxx）assignment1.txt

Please note that the brackets are actually unicode:  %uFF08 and %uFF09


This PHP core function strips any unicode characters: escapeshellarg($fullpath)

This is in htdocs/lig/uploadmanager.php::mahara_clam_scan_file() line
337


We were able to reproduce by:

1. Set up a Moodle / Mahara xml-rpc integration
2. In Mahara, set up clamAV (or clamdscan) virus checking
3. In Moodle, create a course and set up an assignment to upload a file
4. In Moodle, Enrol a test user in the course.
5. In Moodle, Log in as the test user and go to course.
6. In Moodle, Upload a file with unicode chars %uFF08 and %uFF09 in the name 
(I've attached a sample).
7. In Moodle, export the file to Mahara and select 'File'
8. In Moodle, the following error will appear to the user:

Exception: Failed to start communication with remote server: remote server 
error: code: , message: Your administrator has enabled virus checking for file 
uploads but has misconfigured something. Your file upload was NOT successful. 
Your administrator was notified so they can fix it. Maybe try uploading this 
file later.ERROR 4:
4: remote server error: code: , message: Your administrator has enabled virus 
checking for file uploads but has misconfigured something. Your file upload was 
NOT successful. Your administrator was notified so they can fix it. Maybe try 
uploading this file later.
in ./portfolio/mahara/lib.php on line 212.
Stack trace:

line 212 of ./portfolio/mahara/lib.php: portfolio_export_exception thrown
line 510 of ./lib/portfolio/exporter.php: call to 
portfolio_plugin_mahara->send_package()
line 227 of ./lib/portfolio/exporter.php: call to 
portfolio_exporter->process_stage_send()
line 233 of ./lib/portfolio/exporter.php: call to 
portfolio_exporter->process_stage()
line 233 of ./lib/portfolio/exporter.php: call to 
portfolio_exporter->process_stage()
line 265 of ./portfolio/add.php: call to portfolio_exporter->process_stage()


9. In Mahara, an error is generated in the error log:

*14997 FastCGI sent in stderr: "PHP message: [DBG] 75 
(lib/uploadmanager.php:452) Clam AV has found a file that is infected with a 
virus. It was uploaded by  . The original file path of the infected file was 
/var/lib/sitedata/temp/import/341/extract/upload<88>xxx<89>assignment1.txt.
 The file has been moved to a quarantine directory and the new path is 
/var/lib/sitedata/quarantine/20180312093305-user-0-infected#012PHP message: 
[WAR] 75 (import/file/lib.php:58) Your administrator has enabled virus checking 
for file uploads but has misconfigured something. Your file upload was NOT 
successful. Your administrator was notified so they can fix it. Maybe try 
uploading this file later.#012PHP message: Call stack (most recent 
first):#012PHP message:   
* PluginImportFile->verify_file_contents() at 
/var/www/site/import/file/lib.php:37#012PHP message:   
* PluginImportFile->process() at /var/www/site/api/xmlrpc/lib.php:514#012PHP 
message:   
* send_content_ready("f3b1200695be08bdfeeea32918048b1be2ae89e3", "", 
"file", array(size 4), 1) at /var/www/site/api/xmlrpc/lib.php:115#012PHP 
message:   
* api_dummy_method("portfolio/mahara/lib.php/send_content_ready", array(size 
5), "send_content_ready") at Unknown:0#012PHP message:   
* xmlrpc_server_call_method(resource(#23), "#012PHP message: __construct("#012PHP 
message: 

[Mahara-contributors] [Bug 1640893] Re: Add StudentID field to SAML auth

[Steven]

Test Steps:
1) Login as a User
2) Navigate to Content>Files
3) Create a folder and add few files into it
4) The size of the folder should be displayed 
  Allow the size of folder contents to show in the file browser list

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask 
on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1640893

Title:
  Add StudentID field to SAML auth

Status in Mahara:
  Fix Released

Bug description:
  https://mahara.org/interaction/forum/topic.php?id=7763=31261

  Add another field to SAML auth to pull a student ID.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1640893/+subscriptions

___
Mailing list: https://launchpad.net/~mahara-contributors
Post to : mahara-contributors@lists.launchpad.net
Unsubscribe : https://launchpad.net/~mahara-contributors
More help   : https://help.launchpad.net/ListHelp

[Mahara-contributors] [Bug 1754560] Re: ClamAV messages misleading

[Ghada El-Zoghbi]

** Changed in: mahara
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask 
on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1754560

Title:
  ClamAV messages misleading

Status in Mahara:
  Invalid

Bug description:
  Mahara: 17.10.2 
  OS: Ubuntu 16.04
  DB: Postgres
  Browser: n/a

  ClamAV is catching files with viruses. Great!

  But, the messages it's generating are quite misleading.

  
  
  The system message (in inbox) it generates is:

  On 9/03/2018, 1:26 PM, "ePortfolios"  wrote:

  You have been sent a notification from ePortfolios. Message follows:
  

  Subject: ePortfolios :: ClamAV notification

  ClamAV has failed to run. The return error message was An error occurred. Here
  is the output from ClamAV:

  ERROR: Can't access file
  /var/lib/sitedata/temp/import/12061/extract/Portfolio.docx

  --- SCAN SUMMARY ---
  Infected files: 0
  Total errors: 1
  Time: 0.165 sec (0 m 0 s)
  The file has been moved to a quarantine directory.

  


  

  When in fact, it did catch the file and quarantined it:

  -rw-r--r-- 1 www-data www-data 106K Mar 9 02:26
  20180309132649-user-0-infected


  

  And, in the error log file, the following is logged:

  Mar 9 13:26:50 0c200fda6b66 mahara: 2018/03/09 13:26:50 [error] 195#195: 
  *4511 FastCGI sent in stderr: "PHP message: [DBG] e4 
(lib/uploadmanager.php:452) Clam AV has found a file that is infected with a 
virus. It was uploaded by . The original file path of the infected file was 
/var/lib/sitedata/temp/import/12062/extract/Portfolio.docx.
  The file has been moved to a quarantine directory and the new path is 
/var/lib/sitedata/quarantine/20180309132649-user-0-infected
  #012PHP message: [WAR] e4 (import/file/lib.php:58) Your administrator has 
enabled virus checking for file uploads but has misconfigured something. Your 
file upload was NOT successful. Your administrator was notified so they can fix 
it. Maybe try uploading this file later.
  #012PHP message: Call stack (most recent first):
  #012PHP message: 
  * PluginImportFile->verify_file_contents() at 
/var/www/site/import/file/lib.php:37#012PHP message: 
  * PluginImportFile->process() at /var/www/site/api/xmlrpc/lib.php:514#012PHP 
message: 
  * send_content_ready(string(size 40), string(size 8), string(size 4), 
array(size 4), integer) at /var/www/site/api/xmlrpc/lib.php:115#012PHP message: 
  * api_dummy_method(string(size 43), array(size 5), string(size 18)) at 
Unknown:0#012PHP message: 
  * xmlrpc_server_call_method(resource(#23), string(size 1668), string(size 
18), array(size 1)) at /var/www/site/api/xmlrpc/dispatcher.php:178#012PHP 
message: 
  * Dispatcher->__construct(string(size 1668), true, true) at 
/var/www/site/api/xmlrpc/server.php:122#012PHP message:" while reading response 
header from upstream, client: xxx.xxx.xxx.xxx, server: eportfolio.xxx, request: 
"POST /api/xmlrpc/server.php HTTP/1.1", upstream: "fastcgi:
  //unix:/var/run/php-fpm7.sock:", host: "eportfolio.xxx"


  
  Which says "Your administrator has enabled virus checking for file uploads 
but has misconfigured something" (and this is what appears to the user).

  
  But, the virus checking is not misconfigured. It's actually working.

  
  

  1. The message displayed to the user needs to reflect the correct
  activity - that their file has been a virus and that they really
  should not try to upload it at a later time.

  2. The message logged in the log file should include the new (updated)
  message from 1.

  3. The SCAN SUMMARY is also incorrect. 'Infected files' is 0 and
  'Total errors' is 1. When it should be the other way around.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1754560/+subscriptions

___
Mailing list: https://launchpad.net/~mahara-contributors
Post to : mahara-contributors@lists.launchpad.net
Unsubscribe : https://launchpad.net/~mahara-contributors
More help   : https://help.launchpad.net/ListHelp

[Mahara-contributors] [Bug 1755049] [NEW] behat test for themes

[Steven]

Public bug reported:

Update Existing Behat feature file 

Behat test: Settings > User_themes.feature already exists - need to update 
behat test to include the following: 


Verify Themes:
1.Have been present in Mahara in their current form since 1.2.
2. Must be uploaded directly onto the web server by a system administrator.
3. Can override the page template for every single screen in Mahara, giving 
total control over how everything is displayed.
4. Depending on site and institution settings, there may be:
 a single theme for the whole site
 a theme for every institution
 the possibility for users to choose their own theme for browsing the site
 the possibility for users to apply a particular theme to each portfolio page, 
the page themes

Verify Skins:
1. Can be created, shared, exported and uploaded by users via Portfolio then 
Skins.
2. Are less powerful than themes. They can only change page colours, fonts and 
background images, and add extra CSS. Basically they add one additional 
user-controlled CSS stylesheet to a page.
3.Can only be applied to user-created portfolio pages. They don’t change the 
way any other part of Mahara is displayed.

Verify following rules apply:

1.If users apply a skin to one of their pages, it adds one additional CSS 
stylesheet to the page. This is in addition to the CSS from the theme.
2.Naturally, any particular skin might not look good in all themes, especially 
if the theme has changed the underlying page templates for portfolio pages.
3.If you’re a theme designer, the good news is that the skin stylesheet is 
itself a page template (skin/style.tpl). So, you can specify which page 
elements each of the skin settings should apply to by overriding that page 
template.

** Affects: mahara
 Importance: Undecided
 Assignee: Steven (stevens-q)
 Status: In Progress

** Changed in: mahara
   Status: New => In Progress

** Changed in: mahara
 Assignee: (unassigned) => Steven (stevens-q)

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask 
on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1755049

Title:
  behat test for themes

Status in Mahara:
  In Progress

Bug description:
  Update Existing Behat feature file 
  
  Behat test: Settings > User_themes.feature already exists - need to update 
behat test to include the following: 

  
  Verify Themes:
  1.Have been present in Mahara in their current form since 1.2.
  2. Must be uploaded directly onto the web server by a system administrator.
  3. Can override the page template for every single screen in Mahara, giving 
total control over how everything is displayed.
  4. Depending on site and institution settings, there may be:
   a single theme for the whole site
   a theme for every institution
   the possibility for users to choose their own theme for browsing the site
   the possibility for users to apply a particular theme to each portfolio 
page, the page themes

  Verify Skins:
  1. Can be created, shared, exported and uploaded by users via Portfolio then 
Skins.
  2. Are less powerful than themes. They can only change page colours, fonts 
and background images, and add extra CSS. Basically they add one additional 
user-controlled CSS stylesheet to a page.
  3.Can only be applied to user-created portfolio pages. They don’t change the 
way any other part of Mahara is displayed.

  Verify following rules apply:

  1.If users apply a skin to one of their pages, it adds one additional CSS 
stylesheet to the page. This is in addition to the CSS from the theme.
  2.Naturally, any particular skin might not look good in all themes, 
especially if the theme has changed the underlying page templates for portfolio 
pages.
  3.If you’re a theme designer, the good news is that the skin stylesheet is 
itself a page template (skin/style.tpl). So, you can specify which page 
elements each of the skin settings should apply to by overriding that page 
template.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1755049/+subscriptions

___
Mailing list: https://launchpad.net/~mahara-contributors
Post to : mahara-contributors@lists.launchpad.net
Unsubscribe : https://launchpad.net/~mahara-contributors
More help   : https://help.launchpad.net/ListHelp