Mahara

Document more $cfg options

Bug #1185297 reported by Aaron Wells on 2013-05-29

This bug affects 3 people

Affects		Status	Importance	Assigned to	Milestone
	Mahara	Fix Released	Medium	Unassigned

Bug Description

I think it would be a great idea if we went through the code, found as many of the config options as we can (by searching for $CFG and get_config()), and made sure they were properly documented in one of three ways:

1. If it's a setting that should be hard-coded and most users will want/need to set it, put it in config-dist.php

2. If it's a setting that should be hard-coded but is experimental, advanced, or less likely to be used, put it in lib/config-defaults.php

3. Or give it a UI front-end setting on the Admin pages. But keep in mind possible security implications -- anything settable by the UI can be abused by XSS, so for instance filesystem paths should not be set in the UI because that makes a handy escalation from XSS to filesystem.

See original description

Tags:

Aaron Wells (u-aaronw) on 2013-05-29

summary:

- Document more $cfg options in config-dist.php
+ Document more $cfg options

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2013-05-29: A change has been merged

Reviewed: https://reviews.mahara.org/2251
Committed: http://gitorious.org/mahara/mahara/commit/46aba6b4dc2e2a2576826be6cc5bab28fed7a355
Submitter: Son Nguyen (<email address hidden>)
Branch: master

commit 46aba6b4dc2e2a2576826be6cc5bab28fed7a355
Author: Aaron Wells <email address hidden>
Date: Thu May 30 11:03:16 2013 +1200

Removing $cfg->themeprefs because it has been replaced by $cfg->sitethemeprefs

Bug #1185297: The $cfg->themeprefs setting was removed in bug #793308

Change-Id: Ifcea19569d62eeb03cb26e098d74ab4d535f61e3
Signed-off-by: Aaron Wells <email address hidden>

Aaron Wells (u-aaronw) on 2013-05-29

description:	updated
description:	updated

Revision history for this message

Kristina Hoeppner (kris-hoeppner) wrote on 2013-06-09:

Hi Aaron,

Good idea for the front-end settings for cases that can't be exploited by XSS.

Cheers
Kristina

Revision history for this message

Howard Miller (howardsmiller) wrote on 2013-09-04:

I think the description in that file is probably fair. I suspect the use case is where all your users authenticate against the same source. So - typically - one Mahara, multiple Moodle's, direct login to Mahara, all of which are authenticating against a common LDAP server.

Essentially, I suppose it would be "Permits multiple/departmental Moodles with a single Mahara all authenticating against a common authentication source (e.g. ldap) where unique usernames are guaranteed".

There's no nice way to describe it but you know it when you need it ;-)

Revision history for this message

Aaron Wells (u-aaronw) wrote on 2013-09-04:

A first patch to clean up config-defaults.php (although it doesn't add any additional items to it):

https://reviews.mahara.org/#/c/2473/

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2013-09-08:

Reviewed: https://reviews.mahara.org/2473
Committed: http://gitorious.org/mahara/mahara/commit/042715c1b2c1d8e47533ca8aaa8c4eab7658d774
Submitter: Aaron Wells (<email address hidden>)
Branch: master

commit 042715c1b2c1d8e47533ca8aaa8c4eab7658d774
Author: Aaron Wells <email address hidden>
Date: Wed Sep 4 13:59:10 2013 +1200

Clean up config-defaults.php and config-dist.php

Bug1185297 In order to set apart the sample code from the commentary, I'm putting all the commentary
into phpdocs style /** ... */ blocks, which trendy IDE's will highlight in a different color

Also putting a line in the top of config-dist.php to tell users about the existence of
config-defaults.php

Change-Id: I3e587cf441ed14808a24d148e969df5d08041254

Aaron Wells (u-aaronw) on 2013-09-30

Changed in mahara:
milestone:	1.8rc1 → 1.8.0

Aaron Wells (u-aaronw) on 2013-10-03

Changed in mahara:
status:	Triaged → In Progress
milestone:	1.8.0 → 1.9.0

Aaron Wells (u-aaronw) on 2013-10-22

summary:

- Document more $cfg options
+ [Ongoing] Document more $cfg options

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2013-10-22:

Reviewed: https://reviews.mahara.org/2633
Committed: http://gitorious.org/mahara/mahara/commit/a5af1aa2665962edc6070842305504b72a340ac3
Submitter: Aaron Wells (<email address hidden>)
Branch: master

commit a5af1aa2665962edc6070842305504b72a340ac3
Author: Aaron Wells <email address hidden>
Date: Tue Oct 22 16:50:17 2013 +1300

Document the $cfg->cacertinfo option

Bug1185297

Change-Id: I30ca497cbd2f37a63bcce2b7346a737f75612b94

Aaron Wells (u-aaronw) on 2014-04-15

Changed in mahara:
milestone:	1.9.0 → 1.10.0

Revision history for this message

Aaron Wells (u-aaronw) wrote on 2014-09-10: Re: [Ongoing] Document more $cfg options

We now do this as standard practice with new options, and I'm not aware of any old undocumented ones lying around anymore. If there are any remaining undocumented cfg options, feel free to reopen this bug for them if you want, or file a new bug.

Changed in mahara:
status:	In Progress → Fix Committed
milestone:	1.10.0 → none

Kristina Hoeppner (kris-hoeppner) on 2014-11-02

summary:	- [Ongoing] Document more $cfg options + Document more $cfg options
Changed in mahara:
milestone:	none → 15.04.0

Aaron Wells (u-aaronw) on 2014-11-06

Changed in mahara:
status:	Fix Committed → Fix Released
milestone:	15.04.0 → none

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.