Allow override of config.php and move trigger to before session #74

catalyst · Jan 2, 2025 · b8e8aef · b8e8aef
1 parent fb793c4
commit b8e8aef
Show file tree

Hide file tree

Showing 4 changed files with 55 additions and 29 deletions.
diff --git a/README.md b/README.md
@@ -64,10 +64,17 @@ Here is where the commands for a condition set can be specified. These are appli
 This command sets moodle core configurations to a specified value.
 
 Note: `CFG` and `forced_plugin_setting` commands will not overwrite config set inside config.php by design as a security measure.
+However you can allow this by setting:
+
+```php
+$CFG->somethingforced = 'original value';
+$CFG->somethingforced_allow_abconfig = 1;
+```
 
 ```
 CFG,config,value
 CFG,passwordpolicy,1
+CFG,somethingforced,myoverride
 ```
 
 ##### forced_plugin_setting

diff --git a/lib.php b/lib.php
@@ -33,8 +33,22 @@
  * @return void|null
  */
 function tool_abconfig_after_config() {
+    // No longer used, uses before_session_start instead.
+    // Kept in case we want experiment options later to say when to inject the changes.
+}
+
+/**
+ * Before session
+ *
+ * At some point this will also get converted to hook in core.
+ *
+ * @return void|null
+ */
+function tool_abconfig_before_session_start() {
+
+    global $SESSION, $USER, $CFG;
+
     try {
-        global $SESSION, $USER;
 
         // Setup experiment manager.
         $manager = new tool_abconfig_experiment_manager();
@@ -269,10 +283,15 @@ function tool_abconfig_execute_command_array($commandsencoded, $shortname, $js =
         if ($command == 'CFG') {
             $commandarray = explode(',', $commandstring, 3);
 
-            // Ensure that command hasnt already been set in config.php.
-            if (!array_key_exists($commandarray[1], $CFG->config_php_settings)) {
+            // Allow override if set in config.php already:
+            $allow = isset($CFG->{$commandarray[1] . '_allow_abconfig'});
+
+            // Ensure that command hasn't already been set in config.php.
+            if ($allow || !array_key_exists($commandarray[1], $CFG->config_php_settings)) {
                 $CFG->{$commandarray[1]} = $commandarray[2];
                 $CFG->config_php_settings[$commandarray[1]] = $commandarray[2];
+            } else {
+                error_log("abconfig: Can't override \$CFG->{$commandarray[1]} because already set in config.php!");
             }
         }
         if ($command == 'forced_plugin_setting') {

diff --git a/tests/lib_test.php b/tests/lib_test.php
@@ -31,7 +31,7 @@
  * @copyright  2019 Peter Burnett <[email protected]>
  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  */
-class tool_abconfig_lib_testcase extends advanced_testcase {
+class tool_abconfig_lib_test extends advanced_testcase {
 
     public function test_request_no_experiment() {
         $this->resetAfterTest(true);
@@ -44,7 +44,7 @@ public function test_request_no_experiment() {
         $preconfig = $CFG;
 
         // Execute hook call.
-        tool_abconfig_after_config();
+        tool_abconfig_before_session_start();
 
         // Check Config wasnt changed by hook (more for unintended side effect regression testing).
         $this->assertSame($preconfig, $CFG);
@@ -67,7 +67,7 @@ public function test_request_admin_immunity() {
             'commands' => 'CFG,passwordpolicy,1', 'condset' => 'set1', 'value' => 100));
 
         // Call the hook.
-        tool_abconfig_after_config();
+        tool_abconfig_before_session_start();
 
         // Test that the configuration was NOT applied.
         $this->assertEquals($CFG->passwordpolicy, 0);
@@ -92,7 +92,7 @@ public function test_request_core_experiment() {
             'commands' => '["CFG,passwordpolicy,1"]', 'condset' => 'set1', 'value' => 100));
 
         // Call the hook.
-        tool_abconfig_after_config();
+        tool_abconfig_before_session_start();
 
         // Test that the configuration was applied.
         $this->assertEquals($CFG->passwordpolicy, 1);
@@ -102,7 +102,7 @@ public function test_request_core_experiment() {
         unset($CFG->config_php_settings['passwordpolicy']);
         set_config('passwordpolicy', 0);
 
-        tool_abconfig_after_config();
+        tool_abconfig_before_session_start();
         $this->assertEquals($CFG->passwordpolicy, 1);
     }
 
@@ -125,15 +125,15 @@ public function test_request_plugin_experiment() {
             'commands' => '["forced_plugin_setting,auth_manual,expiration,yes"]', 'condset' => 'set1', 'value' => 100));
 
         // Call the hook.
-        tool_abconfig_after_config();
+        tool_abconfig_before_session_start();
 
         // Test that the configuration was applied.
         $this->assertEquals(get_config('auth_manual', 'expiration'), 'yes');
 
         // Manually set config back to false, then call hook again, and test.
         // Simulates next page load.
         set_config('expiration', 'no', 'auth_manual');
-        tool_abconfig_after_config();
+        tool_abconfig_before_session_start();
         $this->assertEquals(get_config('auth_manual', 'expiration'), 'yes');
     }
 
@@ -163,7 +163,7 @@ public function test_request_multi_condition() {
             'commands' => '["CFG,passwordpolicy,1"]', 'condset' => 'set2', 'value' => 0));
 
         // Now execute first hook, and check the plugin value.
-        tool_abconfig_after_config();
+        tool_abconfig_before_session_start();
         $this->assertEquals(get_config('auth_manual', 'expiration'), 'yes');
         $this->assertEquals($CFG->passwordpolicy, 0);
 
@@ -186,7 +186,7 @@ public function test_request_multi_condition() {
         // Purge caches to avoid caching issues with changing experiments.
         \cache_helper::invalidate_by_definition('tool_abconfig', 'experiments', array(), array('allexperiment'));
         // Now execute second hook, and check the plugin value.
-        tool_abconfig_after_config();
+        tool_abconfig_before_session_start();
         $this->assertEquals(get_config('auth_manual', 'expiration'), 'no');
         $this->assertEquals($CFG->passwordpolicy, 1);
 
@@ -206,7 +206,7 @@ public function test_request_multi_condition() {
             'value', 50, 'condset = ? AND experiment = ?', array($sqlcondition4, $eid));
 
         // Now execute second hook, and check the plugin value.
-        tool_abconfig_after_config();
+        tool_abconfig_before_session_start();
         $this->assertTrue((get_config('auth_manual', 'expiration') == 'yes') xor ($CFG->passwordpolicy == 1));
     }
 
@@ -238,7 +238,7 @@ public function test_request_multi_command() {
         $DB->insert_record('tool_abconfig_condition', $record);
 
         // Now execute first hook, and check the plugin value.
-        tool_abconfig_after_config();
+        tool_abconfig_before_session_start();
         $this->assertEquals(get_config('auth_manual', 'expiration'), 'yes');
         $this->assertEquals($CFG->passwordpolicy, 1);
 
@@ -249,7 +249,7 @@ public function test_request_multi_command() {
         set_config('passwordpolicy', 0);
 
         // Now execute second hook, and check the plugin value.
-        tool_abconfig_after_config();
+        tool_abconfig_before_session_start();
         $this->assertEquals(get_config('auth_manual', 'expiration'), 'yes');
         $this->assertEquals($CFG->passwordpolicy, 1);
     }
@@ -274,7 +274,7 @@ public function test_request_ip_whitelist() {
             'commands' => '["CFG,passwordpolicy,1"]', 'condset' => 'set1', 'value' => 100));
 
         // Now execute first hook, and check core value hasnt changed.
-        tool_abconfig_after_config();
+        tool_abconfig_before_session_start();
 
         $this->assertEquals($CFG->passwordpolicy, 0);
 
@@ -286,7 +286,7 @@ public function test_request_ip_whitelist() {
         // Purge caches to avoid caching issues with changing experiments.
         \cache_helper::invalidate_by_definition('tool_abconfig', 'experiments', array(), array('allexperiment'));
 
-        tool_abconfig_after_config();
+        tool_abconfig_before_session_start();
         $this->assertEquals($CFG->passwordpolicy, 1);
     }
 
@@ -370,10 +370,10 @@ public function test_session_core_experiment() {
         $this->assertEquals($CFG->passwordpolicy, 1);
 
         // Now set control manually to incorrect state, as if another page load performed,
-        // And test correct behaviour is set in the after_config hook.
+        // And test correct behaviour is set in the hook.
         unset($CFG->config_php_settings['passwordpolicy']);
         set_config('passwordpolicy', 0);
-        tool_abconfig_after_config();
+        tool_abconfig_before_session_start();
         $this->assertEquals($CFG->passwordpolicy, 1);
     }
 
@@ -419,8 +419,8 @@ public function test_session_plugin_experiment() {
         unset($CFG->forced_plugin_settings['auth_manual']['expiration']);
         set_config('expiration', 'no', 'auth_manual');
 
-        // Now test that the after_config hook sets to the correct session conditions.
-        tool_abconfig_after_config();
+        // Now test that the hook sets to the correct session conditions.
+        tool_abconfig_before_session_start();
         $this->assertEquals(get_config('auth_manual', 'expiration'), 'yes');
     }
 
@@ -465,8 +465,8 @@ public function test_session_multi_command() {
         unset($CFG->config_php_settings['passwordpolicy']);
         set_config('passwordpolicy', 0);
 
-        // Test that after_config correctly applies both settings.
-        tool_abconfig_after_config();
+        // Test that callback correctly applies both settings.
+        tool_abconfig_before_session_start();
         $this->assertEquals(get_config('auth_manual', 'expiration'), 'yes');
         $this->assertEquals($CFG->passwordpolicy, 1);
     }
@@ -506,8 +506,8 @@ public function test_session_multi_condition() {
         unset($CFG->config_php_settings['passwordpolicy']);
         set_config('passwordpolicy', 0);
 
-        // Test that after_config only applies one setting.
-        tool_abconfig_after_config();
+        // Test that we only applies one setting.
+        tool_abconfig_before_session_start();
         $this->assertEquals(get_config('auth_manual', 'expiration'), 'no');
         $this->assertEquals($CFG->passwordpolicy, 1);
     }
@@ -534,8 +534,8 @@ public function test_session_ip_whitelist() {
         tool_abconfig_after_require_login();
         $this->assertEquals($CFG->passwordpolicy, 0);
 
-        // Test that the after_config hook also doesnt execute.
-        tool_abconfig_after_config();
+        // Test that the hook also doesnt execute.
+        tool_abconfig_before_session_start();
         $this->assertEquals($CFG->passwordpolicy, 0);
     }
 

diff --git a/version.php b/version.php
@@ -25,8 +25,8 @@
 
 defined('MOODLE_INTERNAL') || die();
 
-$plugin->version   = 2024060401;      // The current plugin version (Date: YYYYMMDDXX).
-$plugin->release   = 2024060401;      // Same as version.
+$plugin->version   = 2024060402;      // The current plugin version (Date: YYYYMMDDXX).
+$plugin->release   = 2024060402;      // Same as version.
 $plugin->requires  = 2014051217;
 $plugin->supported = [38, 405];       // Available as of Moodle 3.8.0 or later.
 $plugin->component = "tool_abconfig";