Display creation info on manage outage page

Issue 387: Add metadata header to outage pages

README.md

@@ -1,4 +1,4 @@
-[![ci](https://github.com/catalyst/moodle-auth_outage/actions/workflows/ci.yml/badge.svg?branch=MOODLE_501_STABLE)](https://github.com/catalyst/moodle-auth_outage/actions/workflows/ci.yml?branch=MOODLE_501_STABLE)
+[![ci](https://github.com/catalyst/moodle-auth_outage/actions/workflows/ci.yml/badge.svg?branch=MOODLE_39_STABLE)](https://github.com/catalyst/moodle-auth_outage/actions/workflows/ci.yml?branch=MOODLE_39_STABLE)
 
 # Moodle Outage manager plugin
 - [Moodle Outage manager plugin](#moodle-outage-manager-plugin)
@@ -42,10 +42,9 @@ need to manually add one extra plugin, please check:
 
 Moodle supported branches
 --------
-| Version        | Branch              | PHP  |
-|----------------|---------------------|------|
-| Moodle 5.1     | MOODLE_501_STABLE   | 8.2  |
-| Moodle 3.9-5.0 | MOODLE_39_STABLE    | 7.2+ |
+| Version     | Branch            | PHP  |
+|-------------|-------------------|------|
+| Moodle 3.9+ | MOODLE_39_STABLE  | 7.2+ |
 
 Totara supported branches
 --------

classes/local/outagelib.php

@@ -56,7 +56,7 @@ class outagelib {
         global $CFG;
         require_once($CFG->libdir . '/filelib.php');
 
-        $curl = new curl();
+        $curl = new curl(['ignoresecurity' => true]);
         $contents = $curl->get($file);
         $info = $curl->get_info();
         if (!empty($info['content_type'])) {
@@ -253,7 +253,7 @@ class outagelib {
      * @param int    $stoptime   Outage stop time.
      * @param string $allowedips List of IPs allowed.
      * @param string|null $accesskey access key, or null if no access key set.
-     * @param string|null $metadata Metadata to set in headers, or null if none.
+     * @param string|null $metadata metadata to be added to the outage headers, or null if none.
      *
      * @return string
      * @throws invalid_parameter_exception
@@ -345,17 +345,9 @@ EOT;
         $search = ['{{STARTTIME}}', '{{STOPTIME}}', '{{USEALLOWEDIPS}}', '{{ALLOWEDIPS}}', '{{USEACCESSKEY}}', '{{ACCESSKEY}}',
             '{{YOURIP}}', '{{COOKIESECURE}}', '{{COOKIEHTTPONLY}}', '{{METADATA}}'];
         // Note that var_export is required because (string) false == '', not 'false'.
-        $replace = [
-            $starttime,
-            $stoptime,
-            var_export(!empty($allowedips), true),
-            $allowedips,
-            var_export(!empty($accesskey), true),
-            $accesskey,
-            getremoteaddr('n/a'),
-            var_export($cookiesecure, true),
-            var_export($cookiehttponly, true),
-            var_export($metadata, true)];
+        $replace = [$starttime, $stoptime, var_export(!empty($allowedips), true), $allowedips, var_export(!empty($accesskey), true),
+            $accesskey, getremoteaddr('n/a'), var_export($cookiesecure, true),
+            var_export($cookiehttponly, true), var_export($metadata, true)];
         return str_replace($search, $replace, $code);
     }
 

classes/output/manage/base_table.php

@@ -64,6 +64,41 @@ class base_table extends flexible_table {
         $this->set_attribute('class', 'generaltable admintable');
     }
 
+    /**
+     * Displays a user by their fullname with a link to a profile.
+     * @param int $userid
+     * @return string HTML link to user profile
+     */
+    private function format_user(int $userid): string {
+        if ($userid == 0 || !$user = \core_user::get_user($userid)) {
+            return get_string('na', 'auth_outage');
+        }
+        $url = new moodle_url('/user/profile.php', ['id' => $userid]);
+        return html_writer::link($url, fullname($user));
+    }
+
+    /**
+     * Formats created by column.
+     * @param outage $outage
+     * @return string The user who created the outage.
+     */
+    protected function format_created(outage $outage): string {
+        return $this->format_user($outage->createdby);
+    }
+
+    /**
+     * Formats modified by column.
+     * @param outage $outage
+     * @return string The user who last modiifed the outage and the last modified time.
+     */
+    protected function format_modified(outage $outage): string {
+        $timestamp = html_writer::div(
+            userdate($outage->lastmodified, get_string('datetimeformat', 'auth_outage')),
+            'small text-muted'
+        );
+        return $this->format_user($outage->modifiedby) . $timestamp;
+    }
+
     /**
      * Create the action buttons HTML code for a specific outage.
      * @param outage $outage The outage to generate the buttons.

classes/output/manage/history_table.php

@@ -36,7 +36,7 @@ class history_table extends base_table {
     public function __construct() {
         parent::__construct();
 
-        $this->define_columns(['warning', 'starts', 'durationplanned', 'durationactual', 'title', 'actions']);
+        $this->define_columns(['warning', 'starts', 'duration', 'durationactual', 'title', 'created', 'modified', 'actions']);
 
         $this->define_headers([
                 get_string('tableheaderwarnbefore', 'auth_outage'),
@@ -44,6 +44,8 @@ class history_table extends base_table {
                 get_string('tableheaderdurationplanned', 'auth_outage'),
                 get_string('tableheaderdurationactual', 'auth_outage'),
                 get_string('tableheadertitle', 'auth_outage'),
+                get_string('tableheadercreatedby', 'auth_outage'),
+                get_string('tableheadermodifiedby', 'auth_outage'),
                 get_string('actions'),
             ]);
 
@@ -64,6 +66,8 @@ class history_table extends base_table {
                 format_time($outage->get_duration_planned()),
                 $finished,
                 $outage->get_title(),
+                $this->format_created($outage),
+                $this->format_modified($outage),
                 $this->create_data_buttons($outage, false),
             ]);
         }

classes/output/manage/planned_table.php

@@ -38,13 +38,15 @@ class planned_table extends base_table {
     public function __construct() {
         parent::__construct();
 
-        $this->define_columns(['warning', 'starts', 'duration', 'title', 'actions']);
+        $this->define_columns(['warning', 'starts', 'duration', 'title', 'created', 'modified', 'actions']);
 
         $this->define_headers([
             get_string('tableheaderwarnbefore', 'auth_outage'),
             get_string('tableheaderstarttime', 'auth_outage'),
             get_string('tableheaderduration', 'auth_outage'),
             get_string('tableheadertitle', 'auth_outage'),
+            get_string('tableheadercreatedby', 'auth_outage'),
+            get_string('tableheadermodifiedby', 'auth_outage'),
             get_string('actions'),
         ]);
 
@@ -68,6 +70,8 @@ class planned_table extends base_table {
                 self::create_starttime_string($outage->starttime),
                 format_time($outage->get_duration_planned()),
                 $title,
+                $this->format_created($outage),
+                $this->format_modified($outage),
                 $this->create_data_buttons($outage, true),
             ]);
         }

db/upgrade.php

@@ -61,7 +61,7 @@ function xmldb_auth_outage_upgrade($oldversion) {
         upgrade_plugin_savepoint(true, 2024081900, 'auth', 'outage');
     }
 
-    if ($oldversion < 2026011301) {
+    if ($oldversion < 2024081901) {
         // Define field metadata to be added to auth_outage.
         $table = new xmldb_table('auth_outage');
         $field = new xmldb_field('metadata', XMLDB_TYPE_TEXT, null, null, null, null, null, 'accesskey');
@@ -72,10 +72,10 @@ function xmldb_auth_outage_upgrade($oldversion) {
         }
 
         // Outage savepoint reached.
-        upgrade_plugin_savepoint(true, 2026011301, 'auth', 'outage');
+        upgrade_plugin_savepoint(true, 2024081901, 'auth', 'outage');
     }
 
-    if ($oldversion < 2026011302) {
+    if ($oldversion < 2024081902) {
         // Getting the table auth_outage and target field to remove from the table.
         $table = new xmldb_table('auth_outage');
         $field = new xmldb_field('autostart');
@@ -89,7 +89,7 @@ function xmldb_auth_outage_upgrade($oldversion) {
         unset_config('default_autostart', 'auth_outage');
 
         // Outage savepoint reached.
-        upgrade_plugin_savepoint(true, 2026011302, 'auth', 'outage');
+        upgrade_plugin_savepoint(true, 2024081902, 'auth', 'outage');
     }
 
     return true;

edit.php

@@ -28,6 +28,7 @@ use auth_outage\form\outage\edit;
 use auth_outage\local\outage;
 use auth_outage\local\outagelib;
 
+
 require_once(__DIR__ . '/../../config.php');
 require_once($CFG->libdir . '/adminlib.php');
 require_once($CFG->libdir . '/formslib.php');

lang/en/auth_outage.php

@@ -141,7 +141,6 @@ $string['outagefinishwarning'] = 'You are about to mark this outage as finished.
 $string['outageslistfuture'] = 'Planned outages';
 $string['outageslistpast'] = 'Outage history';
 $string['pluginname'] = 'Outage manager';
-$string["privacy:no_data_reason"] = "The Outage authentication plugin does not store any personal data.";
 $string['removeselectors'] = 'Remove selectors';
 $string['removeselectorsdescription'] = 'CSS selectors to remove when rendering a static themed maintenance page. One selector per line.';
 $string['settingssectiondefaults'] = 'Default Outage Parameters';
@@ -150,9 +149,11 @@ $string['settingssectionplugin'] = 'Plugin Configuration';
 $string['settingssectionplugindescription'] = 'General outage management plugin settings.';
 $string['starttime'] = 'Start date and time';
 $string['starttime_help'] = 'At which date and time the outage starts, preventing general access to the system.';
+$string['tableheadercreatedby'] = 'Created by';
 $string['tableheaderduration'] = 'Duration';
 $string['tableheaderdurationactual'] = 'Actual duration';
 $string['tableheaderdurationplanned'] = 'Planned duration';
+$string['tableheadermodifiedby'] = 'Last modified by';
 $string['tableheaderstartedtime'] = 'Started on';
 $string['tableheaderstarttime'] = 'Starts on';
 $string['tableheadertitle'] = 'Title';
@@ -171,3 +172,8 @@ $string['warningduration'] = 'Warning duration';
 $string['warningduration_help'] = 'How long before the start of the outage should the warning be displayed.';
 $string['warningdurationerrorinvalid'] = 'Warning duration must be positive.';
 $string['warningreenablemaintenancemode'] = 'Please note that saving this outage will re-enable maintenance mode.<br />Untick "Auto start maintenance mode" if you want to prevent this.';
+
+/*
+ * Privacy provider (GDPR)
+ */
+$string["privacy:no_data_reason"] = "The Outage authentication plugin does not store any personal data.";

tests/local/cli/waitforit_test.php

@@ -158,7 +158,7 @@ final class waitforit_test extends cli_testcase {
     /**
      * Tests the countdown.
      */
-    public function test_countdown(): void {
+    public function test_countdown() {
         self::setAdminUser();
         $now = time();
         outagedb::save(new outage([
@@ -186,7 +186,7 @@ final class waitforit_test extends cli_testcase {
     /**
      * Tests if the outage changed while waiting.
      */
-    public function test_outagechanged(): void {
+    public function test_outagechanged() {
         self::setAdminUser();
         $now = time();
         $id = outagedb::save(new outage([

tests/local/controllers/maintenance_static_page_test.php

@@ -431,6 +431,39 @@ final class maintenance_static_page_test extends \auth_outage\base_testcase {
         maintenance_static_page_io::file_get_data(200);
     }
 
+    /**
+     * Test file_get_data with curlsecurityblockedhosts.
+     * We will use an external URL to test passing ignoresecurity inside of file_get_data works,
+     * ideally in real code we should only be calling file_get_data with internal URLs.
+     */
+    public function test_file_get_data_curlsecurityblockedhosts(): void {
+        global $CFG, $USER;
+
+        $testhtml = $this->getExternalTestFileUrl('/test.html');
+        $url = new \moodle_url($testhtml);
+        $host = $url->get_host();
+        set_config('curlsecurityblockedhosts', $host); // Blocks $host.
+
+        // Test a regular curl with the default security enabled does in fact get blocked.
+        $curl = new \curl();
+        $contents = $curl->get($testhtml);
+        $expected = $curl->get_security()->get_blocked_url_string();
+        self::assertSame($expected, $contents);
+        self::assertSame(0, $curl->get_errno());
+        if ($CFG->branch >= 403) {
+            self::assertDebuggingCalled(
+                "Blocked $testhtml: The URL is blocked. [user {$USER->id}]",
+                DEBUG_NONE
+            );
+        }
+
+        // Test file_get_data does return the page and isn't blocked by security.
+        $found = maintenance_static_page_io::file_get_data($url->out());
+        $expected = '47250a973d1b88d9445f94db4ef2c97a';
+        self::assertSame($expected, md5($found['contents']));
+        self::assertSame('text/html', $found['mime']);
+    }
+
     /**
      * Test remove css selector.
      */
@@ -550,7 +583,7 @@ final class maintenance_static_page_test extends \auth_outage\base_testcase {
     /**
      * Test meta refresh maximum 5 minutes.
      */
-    public function test_meta_refresh_maximum_5seconds(): void {
+    public function test_meta_refresh_maximum_5seconds() {
         $this->resetAfterTest(true);
         $html = "<!DOCTYPE html>\n" .
                 '<html><head><title>Title</title></head>' .
@@ -560,6 +593,7 @@ final class maintenance_static_page_test extends \auth_outage\base_testcase {
         $page->set_max_refresh_time(5);
         $page->generate();
         $generated = trim(file_get_contents($page->get_io()->get_template_file()));
+        return $generated;
 
         self::assertStringContainsString('<meta http-equiv="refresh" content="5">', $generated);
     }

version.php

@@ -28,8 +28,9 @@
 defined('MOODLE_INTERNAL') || die();
 
 $plugin->component = "auth_outage";
-$plugin->version = 2026011304;          // The current plugin version (Date: YYYYMMDDXX).
-$plugin->release = 2026011304;          // Human-readable release information.
-$plugin->requires = 2025100600;         // Moodle 5.1.
-$plugin->maturity = MATURITY_STABLE;    // Suitable for PRODUCTION environments!
-$plugin->supported = [501, 501];        // A range of branch numbers of supported moodle versions.
+$plugin->version = 2024081903;                  // The current plugin version (Date: YYYYMMDDXX).
+$plugin->release = 2024081903;                  // Human-readable release information.
+$plugin->requires = 2017111309;                 // 2017111309 = T13, but this really requires 3.9 and higher.
+$plugin->maturity = MATURITY_STABLE;            // Suitable for PRODUCTION environments!
+$plugin->supported = [39, 405];                 // A range of branch numbers of supported moodle versions.
+$plugin->incompatible = 501;

views/info/content.php

@@ -44,13 +44,14 @@ defined('MOODLE_INTERNAL') || die();
     <?php if ($viewbag['admin']) : ?>
         <?php
         $adminlinks = [];
-        $params = [
+        foreach (
+            [
             'startofwarning' => -$viewbag['outage']->get_warning_duration(),
             '15secondsbefore' => -15,
             'start' => 0,
             'endofoutage' => $viewbag['outage']->get_duration_planned() - 1,
-        ];
-        foreach ($params as $title => $delta) {
+            ] as $title => $delta
+        ) {
             $adminlinks[] = html_writer::link(
                 new moodle_url(
                     '/auth/outage/info.php',