WebSVN – Moodle – Autoría – /admin/settings/security.php

Rev	Autor	Línea Nro.	Línea
1	efrain	1	`<?php`
		2	`// This file is part of Moodle - http://moodle.org/`
		3	`//`
		4	`// Moodle is free software: you can redistribute it and/or modify`
		5	`// it under the terms of the GNU General Public License as published by`
		6	`// the Free Software Foundation, either version 3 of the License, or`
		7	`// (at your option) any later version.`
		8	`//`
		9	`// Moodle is distributed in the hope that it will be useful,`
		10	`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
		11	`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
		12	`// GNU General Public License for more details.`
		13	`//`
		14	`// You should have received a copy of the GNU General Public License`
		15	`// along with Moodle. If not, see <http://www.gnu.org/licenses/>.`
		16
		17	`/**`
		18	`* Adds security related settings links for security category to admin tree.`
		19	`*`
		20	`* @copyright 1999 Martin Dougiamas http://dougiamas.com`
		21	`* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later`
		22	`*/`
		23
		24	`defined('MOODLE_INTERNAL') \|\| die();`
		25
		26	`use core_admin\local\settings\filesize;`
		27
		28	`if ($hassiteconfig) { // speedup for non-admins, add all caps used on this page`
		29
		30	`// "ip blocker" settingpage`
		31	`$temp = new admin_settingpage('ipblocker', new lang_string('ipblocker', 'admin'));`
		32	`$temp->add(new admin_setting_configcheckbox('allowbeforeblock', new lang_string('allowbeforeblock', 'admin'), new lang_string('allowbeforeblockdesc', 'admin'), 0));`
		33	`$temp->add(new admin_setting_configiplist('allowedip', new lang_string('allowediplist', 'admin'),`
		34	`new lang_string('ipblockersyntax', 'admin'), ''));`
		35	`$temp->add(new admin_setting_configiplist('blockedip', new lang_string('blockediplist', 'admin'),`
		36	`new lang_string('ipblockersyntax', 'admin'), ''));`
		37	`$ADMIN->add('security', $temp);`
		38
		39	`// "sitepolicies" settingpage`
		40	`$temp = new admin_settingpage('sitepolicies', new lang_string('sitepolicies', 'admin'));`
		41	`$temp->add(new admin_setting_configcheckbox('protectusernames', new lang_string('protectusernames', 'admin'), new lang_string('configprotectusernames', 'admin'), 1));`
		42	`$temp->add(new admin_setting_configcheckbox('forcelogin', new lang_string('forcelogin', 'admin'), new lang_string('configforcelogin', 'admin'), 0));`
		43	`$temp->add(new admin_setting_configcheckbox('forceloginforprofiles', new lang_string('forceloginforprofiles', 'admin'), new lang_string('configforceloginforprofiles', 'admin'), 1));`
		44	`$temp->add(new admin_setting_configcheckbox('forceloginforprofileimage', new lang_string('forceloginforprofileimage', 'admin'), new lang_string('forceloginforprofileimage_help', 'admin'), 0));`
		45	`$temp->add(new admin_setting_configcheckbox('opentowebcrawlers', new lang_string('opentowebcrawlers', 'admin'), new lang_string('configopentowebcrawlers', 'admin'), 0));`
		46	`$temp->add(new admin_setting_configselect('allowindexing', new lang_string('allowindexing', 'admin'), new lang_string('allowindexing_desc', 'admin'),`
		47	`0,`
		48	`array(0 => new lang_string('allowindexingexceptlogin', 'admin'),`
		49	`1 => new lang_string('allowindexingeverywhere', 'admin'),`
		50	`2 => new lang_string('allowindexingnowhere', 'admin'))));`
		51	`$temp->add(new admin_setting_pickroles('profileroles',`
		52	`new lang_string('profileroles','admin'),`
		53	`new lang_string('configprofileroles', 'admin'),`
		54	`array('student', 'teacher', 'editingteacher')));`
		55
		56	`$maxbytes = 0;`
		57	`if (!empty($CFG->maxbytes)) {`
		58	`$maxbytes = $CFG->maxbytes;`
		59	`}`
		60	`$max_upload_choices = get_max_upload_sizes(0, 0, 0, $maxbytes);`
		61	`// maxbytes set to 0 will allow the maximum server limit for uploads`
		62	`$temp->add(new admin_setting_configselect('maxbytes', new lang_string('maxbytes', 'admin'), new lang_string('configmaxbytes', 'admin'), 0, $max_upload_choices));`
		63	`// 100MB`
		64	`$defaultuserquota = 100 * filesize::UNIT_MB;`
		65	`$temp->add(new filesize('userquota', new lang_string('userquota', 'admin'),`
		66	`new lang_string('userquota_desc', 'admin'), $defaultuserquota));`
		67
		68	`$temp->add(new admin_setting_configcheckbox('allowobjectembed', new lang_string('allowobjectembed', 'admin'), new lang_string('configallowobjectembed', 'admin'), 0));`
		69	`$temp->add(new admin_setting_configcheckbox('enabletrusttext', new lang_string('enabletrusttext', 'admin'), new lang_string('configenabletrusttext', 'admin'), 0));`
		70	`$temp->add(new admin_setting_configselect('maxeditingtime', new lang_string('maxeditingtime','admin'), new lang_string('configmaxeditingtime','admin'), 1800,`
		71	`array(60 => new lang_string('numminutes', '', 1),`
		72	`300 => new lang_string('numminutes', '', 5),`
		73	`900 => new lang_string('numminutes', '', 15),`
		74	`1800 => new lang_string('numminutes', '', 30),`
		75	`2700 => new lang_string('numminutes', '', 45),`
		76	`3600 => new lang_string('numminutes', '', 60))));`
		77
		78	`$temp->add(new admin_setting_configcheckbox('extendedusernamechars', new lang_string('extendedusernamechars', 'admin'), new lang_string('configextendedusernamechars', 'admin'), 0));`
		79
		80	`$temp->add(new admin_setting_configcheckbox('extendedusernamechars', new lang_string('extendedusernamechars', 'admin'), new lang_string('configextendedusernamechars', 'admin'), 0));`
		81	`$temp->add(new admin_setting_configcheckbox('keeptagnamecase', new lang_string('keeptagnamecase','admin'),new lang_string('configkeeptagnamecase', 'admin'),'1'));`
		82
		83	`$temp->add(new admin_setting_configcheckbox('profilesforenrolledusersonly', new lang_string('profilesforenrolledusersonly','admin'),new lang_string('configprofilesforenrolledusersonly', 'admin'),'1'));`
		84
		85	`$temp->add(new admin_setting_configcheckbox('cronclionly', new lang_string('cronclionly', 'admin'), new lang_string`
		86	`('configcronclionly', 'admin'), 1));`
		87	`$temp->add(new admin_setting_configpasswordunmask('cronremotepassword', new lang_string('cronremotepassword', 'admin'), new lang_string('configcronremotepassword', 'admin'), ''));`
		88	`$temp->add(new admin_setting_configcheckbox('tool_task/enablerunnow', new lang_string('enablerunnow', 'tool_task'),`
		89	`new lang_string('enablerunnow_desc', 'tool_task'), 1));`
		90
		91	`$options = array(0=>get_string('no'), 3=>3, 5=>5, 7=>7, 10=>10, 20=>20, 30=>30, 50=>50, 100=>100);`
		92	`$temp->add(new admin_setting_configselect('lockoutthreshold', new lang_string('lockoutthreshold', 'admin'), new lang_string('lockoutthreshold_desc', 'admin'), 0, $options));`
		93	`$temp->add(new admin_setting_configduration('lockoutwindow', new lang_string('lockoutwindow', 'admin'), new lang_string('lockoutwindow_desc', 'admin'), 60*30));`
		94	`$temp->add(new admin_setting_configduration('lockoutduration', new lang_string('lockoutduration', 'admin'), new lang_string('lockoutduration_desc', 'admin'), 60*30));`
		95
		96	`$temp->add(new admin_setting_configcheckbox('passwordpolicy', new lang_string('passwordpolicy', 'admin'), new lang_string('configpasswordpolicy', 'admin'), 1));`
		97	`$temp->add(new admin_setting_configtext('minpasswordlength', new lang_string('minpasswordlength', 'admin'), new lang_string('configminpasswordlength', 'admin'), 8, PARAM_INT));`
		98	`$temp->add(new admin_setting_configtext('minpassworddigits', new lang_string('minpassworddigits', 'admin'), new lang_string('configminpassworddigits', 'admin'), 1, PARAM_INT));`
		99	`$temp->add(new admin_setting_configtext('minpasswordlower', new lang_string('minpasswordlower', 'admin'), new lang_string('configminpasswordlower', 'admin'), 1, PARAM_INT));`
		100	`$temp->add(new admin_setting_configtext('minpasswordupper', new lang_string('minpasswordupper', 'admin'), new lang_string('configminpasswordupper', 'admin'), 1, PARAM_INT));`
		101	`$temp->add(new admin_setting_configtext('minpasswordnonalphanum', new lang_string('minpasswordnonalphanum', 'admin'), new lang_string('configminpasswordnonalphanum', 'admin'), 1, PARAM_INT));`
		102	`$temp->add(new admin_setting_configtext('maxconsecutiveidentchars', new lang_string('maxconsecutiveidentchars', 'admin'), new lang_string('configmaxconsecutiveidentchars', 'admin'), 0, PARAM_INT));`
		103	`$temp->add(new admin_setting_configcheckbox('passwordpolicycheckonlogin',`
		104	`new lang_string('passwordpolicycheckonlogin', 'admin'),`
		105	`new lang_string('configpasswordpolicycheckonlogin', 'admin'), 0));`
		106
		107	`$temp->add(new admin_setting_configtext('passwordreuselimit',`
		108	`new lang_string('passwordreuselimit', 'admin'),`
		109	`new lang_string('passwordreuselimit_desc', 'admin'), 0, PARAM_INT));`
		110
		111	`$pwresetoptions = array(`
		112	`300 => new lang_string('numminutes', '', 5),`
		113	`900 => new lang_string('numminutes', '', 15),`
		114	`1800 => new lang_string('numminutes', '', 30),`
		115	`2700 => new lang_string('numminutes', '', 45),`
		116	`3600 => new lang_string('numminutes', '', 60),`
		117	`7200 => new lang_string('numminutes', '', 120),`
		118	`14400 => new lang_string('numminutes', '', 240)`
		119	`);`
		120	`$adminsetting = new admin_setting_configselect(`
		121	`'pwresettime',`
		122	`new lang_string('passwordresettime','admin'),`
		123	`new lang_string('configpasswordresettime','admin'),`
		124	`1800,`
		125	`$pwresetoptions);`
		126	`$temp->add($adminsetting);`
		127	`$temp->add(new admin_setting_configcheckbox('passwordchangelogout',`
		128	`new lang_string('passwordchangelogout', 'admin'),`
		129	`new lang_string('passwordchangelogout_desc', 'admin'), 0));`
		130
		131	`$temp->add(new admin_setting_configcheckbox('passwordchangetokendeletion',`
		132	`new lang_string('passwordchangetokendeletion', 'admin'),`
		133	`new lang_string('passwordchangetokendeletion_desc', 'admin'), 0));`
		134
		135	`$temp->add(new admin_setting_configduration('tokenduration',`
		136	`new lang_string('tokenduration', 'admin'),`
		137	`new lang_string('tokenduration_desc', 'admin'), 12 * WEEKSECS, WEEKSECS));`
		138
		139	`$temp->add(new admin_setting_configcheckbox('groupenrolmentkeypolicy', new lang_string('groupenrolmentkeypolicy', 'admin'), new lang_string('groupenrolmentkeypolicy_desc', 'admin'), 1));`
		140	`$temp->add(new admin_setting_configcheckbox('disableuserimages', new lang_string('disableuserimages', 'admin'), new lang_string('configdisableuserimages', 'admin'), 0));`
		141	`$temp->add(new admin_setting_configcheckbox('emailchangeconfirmation', new lang_string('emailchangeconfirmation', 'admin'), new lang_string('configemailchangeconfirmation', 'admin'), 1));`
		142	`$temp->add(new admin_setting_configselect('rememberusername', new lang_string('rememberusername','admin'), new lang_string('rememberusername_desc','admin'), 2, array(1=>new lang_string('yes'), 0=>new lang_string('no'), 2=>new lang_string('optional'))));`
		143	`$temp->add(new admin_setting_configcheckbox('strictformsrequired', new lang_string('strictformsrequired', 'admin'), new lang_string('configstrictformsrequired', 'admin'), 0));`
		144
		145	`$temp->add(new admin_setting_heading('adminpresets', new lang_string('siteadminpresetspluginname', 'core_adminpresets'), ''));`
		146	`$sensiblesettingsdefault = 'recaptchapublickey@@none, recaptchaprivatekey@@none, googlemapkey3@@none, ';`
		147	`$sensiblesettingsdefault .= 'secretphrase@@url, cronremotepassword@@none, smtpuser@@none, ';`
		148	`$sensiblesettingsdefault .= 'smtppass@@none, proxypassword@@none, quizpassword@@quiz, allowedip@@none, blockedip@@none, ';`
		149	`$sensiblesettingsdefault .= 'dbpass@@logstore_database, messageinbound_hostpass@@none, ';`
		150	`$sensiblesettingsdefault .= 'bind_pw@@auth_cas, pass@@auth_db, bind_pw@@auth_ldap, ';`
		151	`$sensiblesettingsdefault .= 'dbpass@@enrol_database, bind_pw@@enrol_ldap, ';`
		152	`$sensiblesettingsdefault .= 'server_password@@search_solr, ssl_keypassword@@search_solr, ';`
		153	`$sensiblesettingsdefault .= 'alternateserver_password@@search_solr, alternatessl_keypassword@@search_solr, ';`
		154	`$sensiblesettingsdefault .= 'test_password@@cachestore_redis, password@@mlbackend_python, ';`
		155	`$sensiblesettingsdefault .= 'badges_badgesalt@@none, calendar_exportsalt@@none';`
		156	`$temp->add(new admin_setting_configtextarea('adminpresets/sensiblesettings',`
		157	`get_string('sensiblesettings', 'core_adminpresets'),`
		158	`get_string('sensiblesettingstext', 'core_adminpresets'),`
		159	`$sensiblesettingsdefault, PARAM_TEXT));`
		160
		161	`$ADMIN->add('security', $temp);`
		162
		163	`// "httpsecurity" settingpage`
		164	`$temp = new admin_settingpage('httpsecurity', new lang_string('httpsecurity', 'admin'));`
		165
		166	`$temp->add(new admin_setting_configcheckbox('cookiesecure', new lang_string('cookiesecure', 'admin'), new lang_string('configcookiesecure', 'admin'), 1));`
		167	`$temp->add(new admin_setting_configcheckbox('allowframembedding', new lang_string('allowframembedding', 'admin'), new lang_string('allowframembedding_help', 'admin'), 0));`
		168
		169	`// Settings elements used by the \core\files\curl_security_helper class.`
		170	`$blockedhostsdefault = [`
		171	`'127.0.0.0/8',`
		172	`'192.168.0.0/16',`
		173	`'10.0.0.0/8',`
		174	`'172.16.0.0/12',`
		175	`'0.0.0.0',`
		176	`'localhost',`
		177	`'169.254.169.254',`
		178	`'0000::1',`
		179	`];`
		180	`$allowedportsdefault = ['443', '80'];`
		181
		182	`// By default, block various common internal network or cloud provider hosts.`
		183	`$temp->add(new admin_setting_configmixedhostiplist('curlsecurityblockedhosts',`
		184	`new lang_string('curlsecurityblockedhosts', 'admin'),`
		185	`new lang_string('curlsecurityblockedhostssyntax', 'admin'), implode(PHP_EOL, $blockedhostsdefault)));`
		186
		187	`// By default, only allow web ports.`
		188	`$temp->add(new admin_setting_configportlist('curlsecurityallowedport',`
		189	`new lang_string('curlsecurityallowedport', 'admin'),`
		190	`new lang_string('curlsecurityallowedportsyntax', 'admin'), implode(PHP_EOL, $allowedportsdefault)));`
		191
		192	`// HTTP Header referrer policy settings.`
		193	`$referreroptions = [`
		194	`'default' => get_string('referrernone', 'admin'),`
		195	`'no-referrer' => 'no-referrer',`
		196	`'no-referrer-when-downgrade' => 'no-referrer-when-downgrade',`
		197	`'origin' => 'origin',`
		198	`'origin-when-cross-origin' => 'origin-when-cross-origin',`
		199	`'same-origin' => 'same-origin',`
		200	`'strict-origin' => 'strict-origin',`
		201	`'strict-origin-when-cross-origin' => 'strict-origin-when-cross-origin',`
		202	`'unsafe-url' => 'unsafe-url',`
		203	`];`
		204	`$temp->add(new admin_setting_configselect('referrerpolicy',`
		205	`new lang_string('referrerpolicy', 'admin'),`
		206	`new lang_string('referrerpolicydesc', 'admin'), 'default', $referreroptions));`
		207
		208	`$ADMIN->add('security', $temp);`
		209
		210	`// "notifications" settingpage`
		211	`$temp = new admin_settingpage('notifications', new lang_string('notifications', 'admin'));`
		212	`$temp->add(new admin_setting_configcheckbox('displayloginfailures', new lang_string('displayloginfailures', 'admin'),`
		213	`new lang_string('configdisplayloginfailures', 'admin'), 0));`
		214	`$temp->add(new admin_setting_users_with_capability('notifyloginfailures', new lang_string('notifyloginfailures', 'admin'), new lang_string('confignotifyloginfailures', 'admin'), array(), 'moodle/site:config'));`
		215	`$options = array();`
		216	`for ($i = 1; $i <= 100; $i++) {`
		217	`$options[$i] = $i;`
		218	`}`
		219	`$temp->add(new admin_setting_configselect('notifyloginthreshold', new lang_string('notifyloginthreshold', 'admin'), new lang_string('confignotifyloginthreshold', 'admin'), '10', $options));`
		220	`$ADMIN->add('security', $temp);`
		221	`} // end of speedup`

Proyectos de Subversion Moodle

(root)/admin/settings/security.php – Rev 1