Hello everyone,
The following versions of Totara Learn have now been released:
- Release Evergreen
- Release 12.10
- Release 11.19
- Release 10.25
- Release 9.36
- Release 2.6.70
- Release 2.5.76
- Release 2.4.72
- Release 2.2.74
There are no releases for 2.9 or 2.7 this month, but security fixes have been back-ported to version 2.6 and earlier and for this reason we strongly recommend upgrading if you are on those versions. Each release also includes bug fixes and improvements.
Kind regards
David Curry
Release Evergreen (19th September 2019):
Key: + Evergreen only
Performance improvements:
TL-22055 Materialization in MariaDB is now forced off for audience-based visibility queries
We became aware of an issue that affects the performance of audience-based
visibility check within MariaDB in situations where the context tree was
deep (many nested categories), there were lots of role assignments or
capability overrides.
In this situation the MariaDB query planner would inevitably choose to use
materialization in the query, however as MariaDB does not fully support
subquery condition pushdowns, this particular query would not perform well
with materialized subqueries.
This patch implements the ability to force materialization off for a single
query on MariaDB and then forces it off for the audience-based visibility
query.
TL-22056 Improved performance of check_access_audience_visibility() function
TL-22057 Optimised SQL capability checks for commonly encountered environments
TL-22060 Improved the performance of course/program/certification management pages
TL-22345 Performance improvements to 'Manage Course Category' page
Removed the very expensive 'can the current user delete all the
courses/subcategories?' check when displaying the 'Manage course category'
page. The system performs this check anyway when a user selects the
'delete' menu item on a category item.
Improvements:
TL-21513 + Added 'Require event over for' seminar activity completion criteria
By default, seminar activities are considered complete as soon as the
required completion criteria are achieved. With the ability to take
attendance and mark grades at the beginning of sessions (or anytime) it is
possible for trainers to trigger seminar activity completion before a
seminar event is complete.
As this may not be a desirable outcome, there is now a 'Require event over
for' criteria that delays activity completion for 0 or more days after the
end of an event. To enable this functionality, there is a new scheduled
task which is set to run every 5 minutes by default.
TL-21822 + Added a new 'Abstract' text field for Report Builder reports to allow content to be truncated and displayed correctly
TL-21909 + Added a 'Room Name' column to 'My Future Bookings' report
This change only affects new installations; admins of existing sites are
encouraged to add a 'Room Name (linked to room details page)' column to the
'My Future Bookings' report to provide more complete information for
learners.
TL-22047 + Renamed 'Hide in My Reports' setting name to 'Hide on user reports list' and updated its help string in Report Builder
TL-22049 + Moved and renamed 'View This Report' link when editing a Report Builder report
TL-22080 Default context maintenance task frequency was reduced to once a day to prevent overloading of database servers
TL-22249 + The 'Cancel' modal can now have a custom string for the 'Cancel' button
Bug fixes:
TL-21855 Fixed issue causing SCORM packages to fail to launch on IIS
TL-21871 Fixed seminar 'Cancel booking' link displayed in calendar for users who have already cancelled their booking
TL-21976 Fixed incorrect capability check when removing attendees from a seminar event
Previously, the 'Add attendees to a seminar event' capability was checked
when a user removed seminar attendees. With this patch, the correct 'Remove
attendees from a seminar event' capability is checked instead.
TL-21995 Rangy selector spans are no longer added when editing HTML in the Atto editor
This will not remove pre-existing rangy selector spans.
TL-22032 MDL-61996: Fixed login with the site policy enabled
Previously when the 'Force users to log in' setting was turned off, and the
site policies were enabled, it was possible for new users to log in,
immediately navigate to the homepage, and view the site content without
having consented to the policy.
This fix ensures that users have consented to the policy and can't view the
site content without it.
TL-22041 + Ensured activity descriptions are consistently cleaned
Prior to this change, the activity descriptions on the course page were
cleaned regardless of the 'Disable consistent cleaning' setting. This was
inconsistent with the display of activity descriptions throughout the rest
of the site.
The 'Disable consistent cleaning' setting is now consistently respected.
TL-22042 Fixed seminar restore when rooms/assets were deleted from the system between backup and restore
TL-22044 Removed accidentally included non-functional API changes for login page tokens
TL-22045 Login form is now only submitted once per page load
TL-22069 + Fixed a bug where dropping a test database had not been possible on MySQL due to foreign keys
TL-22083 Fixed an error in the help text for URL pattern matching in User Tours
TL-22112 Preserve activity completion status for activity completed via record of prior learning (RPL)
Previously, when an activity was marked as complete via record of prior
learning (RPL), the apparent completion status of the activity could change
to not completed, depending on activity completion criteria. The RPL
information was still there, and counted toward course completion, but the
activity itself could appear to be incomplete.
This has been fixed. Activities which are marked as complete via RPL will
always appear completed. The completion status may change to
complete-with-pass or complete-with-fail depending on activity completion
criteria and whether a passing grade has been entered in the grade book,
but they will never appear as not completed.
TL-22123 Fixed HR Import failing to import users when using a MSSQL database
HR Import uses temporary tables to import records and in some situations
MSSQL runs into problems with updating records in temporary tables. We now
preload the database record set to work around this issue.
TL-22124 + Fixed line chart line colour not matching the dots in ChartJS
TL-22133 Fixed language strings for Google reCaptcha
TL-22135 Ensured that changing a seminar event does not empty its waitlist when 'Send all bookings to waitlist' is enabled
TL-22182 Fixed incorrectly changed default value which caused program summary to not be shown
A default value was incorrectly changed in a previous fix which caused the
program / certification summary to not be shown on the program view page.
This now works as expected.
TL-22208 Fixed file support in Totara form editor element
Prior to this patch, when using an editor element with Totara forms, images
that had previously been uploaded to the field were not displaying properly
during editing.
Note: This form element is not currently in use anywhere in a way that
would be affected by this.
TL-22209 Fixed category titles being coloured incorrectly in the administration menu when using theme style overrides
TL-22212 Fixed course default image on course creation workflow page
Prior to this patch, when a content marketplace was enabled and a default
image was configured in course default settings, the course creation
workflow page still showed the course default image of the basis theme.
With this patch the default image defined in the course default settings
will be shown.
TL-22229 Fixed certif_completion_progress report builder display function
The display function certif_completion_progress in some circumstances was
using incorrect variables when trying to calculate the progress. This would
cause a PHP error and the progress would not be displayed.
TL-22238 + Fixed missing include of filelib in text_field_formatter
TL-22239 + Added a missing 'Number of unable to attend' column in seminar report
TL-22265 Ensured cloning Report Builder reports copies textarea files
When a report was cloned, any images added to the report description were
not copied. This patch ensures that they are.
TL-22266 + Fixed class name resolution of GraphQL resolvers to support underscores in plugin names
TL-22269 Removed user content restrictions from Course completion by Organisation report source
Whenever user content restrictions were added to the report, an error would
be generated because there is no user-related information in the report
source. Due to the purpose of the source, adding the user content
restrictions would not work. Therefore we have removed these content
restrictions.
TL-22272 + Fixed the 'Record of Learning: Courses' report to ensure correct records for active and completed learning are displayed
TL-20772 incorrectly applied report parameters which led to active courses
appearing in the 'Completed learning' report for a user. This has now been
fixed and the users will see only completed courses when viewing this
report under their Record of Learning.
TL-22280 Backported MDL-65908 to fix an issue with PDF annotation in assignments when changing screen resolutions
TL-22289 Ensured cloning an Audience also copies textarea files
When an Audience was cloned, any images added to the report description
were not copied. This patch ensure that they are.
TL-22300 + Ensured format_text() options and formatting was applied consistently
This fixes:
* The blank target option which was previously inconsistently applied
depending upon which filters were enabled.
* Markdown format now correctly respects the allowxss option.
TL-22319 Fixed manager approval ignoring the 'sign-up for an event' permission
Before allowing learners to request manager approval for a seminar event,
the system now checks the 'sign-up for an event' capability
(mod/facetoface:signup).
Note that the capability check will be skipped for signup via the seminar
direct enrolment plugin.
API changes:
TL-9072 + Refactored certification core code
Introduced some separation around the transitions and creating completion
records for certifications. This added specific functions for
certification-only operations such as becoming certified, window opening
and expiring. Conditions that were providing similar functionality in
programs no longer work if the program being supplied to them is a
certification and throw an exception.
TL-16531 + Refactored internal totara_sync code to use traits
TL-21922 + Introduced and applied prettier to .graphql and .grapqhls files
This patch adds prettier support for .graphql and .graphqls files. It also
adds a grunt task for it which is automatically run with grunt.
Make sure you update your node modules via 'npm install'. To trigger
prettier to format all graphql/graphqls files use
'./node_modules/.bin/grunt prettier'.
Instructions on how to integrate prettier with your IDE can be found here:
https://prettier.io/docs/en/editors.html.
Release 12.10 (19th September 2019):
Performance improvements:
TL-22055 Materialization in MariaDB is now forced off for audience-based visibility queries
We became aware of an issue that affects the performance of audience-based
visibility check within MariaDB in situations where the context tree was
deep (many nested categories), there were lots of role assignments or
capability overrides.
In this situation the MariaDB query planner would inevitably choose to use
materialization in the query, however as MariaDB does not fully support
subquery condition pushdowns, this particular query would not perform well
with materialized subqueries.
This patch implements the ability to force materialization off for a single
query on MariaDB and then forces it off for the audience-based visibility
query.
TL-22056 Improved performance of check_access_audience_visibility() function
TL-22057 Optimised SQL capability checks for commonly encountered environments
TL-22060 Improved the performance of course/program/certification management pages
TL-22345 Performance improvements to 'Manage Course Category' page
Removed the very expensive 'can the current user delete all the
courses/subcategories?' check when displaying the 'Manage course category'
page. The system performs this check anyway when a user selects the
'delete' menu item on a category item.
Improvements:
TL-22080 Default context maintenance task frequency was reduced to once a day to prevent overloading of database servers
Bug fixes:
TL-21855 Fixed issue causing SCORM packages to fail to launch on IIS
TL-21871 Fixed seminar 'Cancel booking' link displayed in calendar for users who have already cancelled their booking
TL-21976 Fixed incorrect capability check when removing attendees from a seminar event
Previously, the 'Add attendees to a seminar event' capability was checked
when a user removed seminar attendees. With this patch, the correct 'Remove
attendees from a seminar event' capability is checked instead.
TL-21995 Rangy selector spans are no longer added when editing HTML in the Atto editor
This will not remove pre-existing rangy selector spans.
TL-22032 MDL-61996: Fixed login with the site policy enabled
Previously when the 'Force users to log in' setting was turned off, and the
site policies were enabled, it was possible for new users to log in,
immediately navigate to the homepage, and view the site content without
having consented to the policy.
This fix ensures that users have consented to the policy and can't view the
site content without it.
TL-22042 Fixed seminar restore when rooms/assets were deleted from the system between backup and restore
TL-22044 Removed accidentally included non-functional API changes for login page tokens
TL-22045 Login form is now only submitted once per page load
TL-22083 Fixed an error in the help text for URL pattern matching in User Tours
TL-22112 Preserve activity completion status for activity completed via record of prior learning (RPL)
Previously, when an activity was marked as complete via record of prior
learning (RPL), the apparent completion status of the activity could change
to not completed, depending on activity completion criteria. The RPL
information was still there, and counted toward course completion, but the
activity itself could appear to be incomplete.
This has been fixed. Activities which are marked as complete via RPL will
always appear completed. The completion status may change to
complete-with-pass or complete-with-fail depending on activity completion
criteria and whether a passing grade has been entered in the grade book,
but they will never appear as not completed.
TL-22123 Fixed HR Import failing to import users when using a MSSQL database
HR Import uses temporary tables to import records and in some situations
MSSQL runs into problems with updating records in temporary tables. We now
preload the database record set to work around this issue.
TL-22133 Fixed language strings for Google reCaptcha
TL-22135 Ensured that changing a seminar event does not empty its waitlist when 'Send all bookings to waitlist' is enabled
TL-22182 Fixed incorrectly changed default value which caused program summary to not be shown
A default value was incorrectly changed in a previous fix which caused the
program / certification summary to not be shown on the program view page.
This now works as expected.
TL-22208 Fixed file support in Totara form editor element
Prior to this patch, when using an editor element with Totara forms, images
that had previously been uploaded to the field were not displaying properly
during editing.
Note: This form element is not currently in use anywhere in a way that
would be affected by this.
TL-22209 Fixed category titles being coloured incorrectly in the administration menu when using theme style overrides
TL-22212 Fixed course default image on course creation workflow page
Prior to this patch, when a content marketplace was enabled and a default
image was configured in course default settings, the course creation
workflow page still showed the course default image of the basis theme.
With this patch the default image defined in the course default settings
will be shown.
TL-22229 Fixed certif_completion_progress report builder display function
The display function certif_completion_progress in some circumstances was
using incorrect variables when trying to calculate the progress. This would
cause a PHP error and the progress would not be displayed.
TL-22259 Fixed display of position and organisation names when exported in Report Builder
In the Position and Organisation report sources names that included '&'
would not be displayed correctly when exported.
TL-22265 Ensured cloning Report Builder reports copies textarea files
When a report was cloned, any images added to the report description were
not copied. This patch ensures that they are.
TL-22269 Removed user content restrictions from Course completion by Organisation report source
Whenever user content restrictions were added to the report, an error would
be generated because there is no user-related information in the report
source. Due to the purpose of the source, adding the user content
restrictions would not work. Therefore we have removed these content
restrictions.
TL-22280 Backported MDL-65908 to fix an issue with PDF annotation in assignments when changing screen resolutions
TL-22289 Ensured cloning an Audience also copies textarea files
When an Audience was cloned, any images added to the report description
were not copied. This patch ensure that they are.
TL-22319 Fixed manager approval ignoring the 'sign-up for an event' permission
Before allowing learners to request manager approval for a seminar event,
the system now checks the 'sign-up for an event' capability
(mod/facetoface:signup).
Note that the capability check will be skipped for signup via the seminar
direct enrolment plugin.
Release 11.19 (19th September 2019):
Performance improvements:
TL-22345 Performance improvements to 'Manage Course Category' page
Removed the very expensive 'can the current user delete all the
courses/subcategories?' check when displaying the 'Manage course category'
page. The system performs this check anyway when a user selects the
'delete' menu item on a category item.
Bug fixes:
TL-21995 Rangy selector spans are no longer added when editing HTML in the Atto editor
This will not remove pre-existing rangy selector spans.
TL-22045 Login form is now only submitted once per page load
TL-22112 Preserve activity completion status for activity completed via record of prior learning (RPL)
Previously, when an activity was marked as complete via record of prior
learning (RPL), the apparent completion status of the activity could change
to not completed, depending on activity completion criteria. The RPL
information was still there, and counted toward course completion, but the
activity itself could appear to be incomplete.
This has been fixed. Activities which are marked as complete via RPL will
always appear completed. The completion status may change to
complete-with-pass or complete-with-fail depending on activity completion
criteria and whether a passing grade has been entered in the grade book,
but they will never appear as not completed.
TL-22123 Fixed HR Import failing to import users when using a MSSQL database
HR Import uses temporary tables to import records and in some situations
MSSQL runs into problems with updating records in temporary tables. We now
preload the database record set to work around this issue.
TL-22208 Fixed file support in Totara form editor element
Prior to this patch, when using an editor element with Totara forms, images
that had previously been uploaded to the field were not displaying properly
during editing.
Note: This form element is not currently in use anywhere in a way that
would be affected by this.
Release 10.25 (19th September 2019):
Bug fixes:
TL-22045 Login form is now only submitted once per page load
TL-22208 Fixed file support in Totara form editor element
Prior to this patch, when using an editor element with Totara forms, images
that had previously been uploaded to the field were not displaying properly
during editing.
Note: This form element is not currently in use anywhere in a way that
would be affected by this.
Release 9.36 (19th September 2019):
Bug fixes:
TL-22208 Fixed file support in Totara form editor element
Prior to this patch, when using an editor element with Totara forms, images
that had previously been uploaded to the field were not displaying properly
during editing.
Note: This form element is not currently in use anywhere in a way that
would be affected by this.
Release 2.6.70 (19th September 2019):
Security issues:
TL-22246 Improved the validation of the form used to edit block configuration
Validation on the fields in the edit block configuration form has been
improved, and only fields that the user is permitted to change are passed
through this form. The results of logical operators are no longer passed
through or relied upon.
Release 2.5.76 (19th September 2019):
Security issues:
TL-22246 Improved the validation of the form used to edit block configuration
Validation on the fields in the edit block configuration form has been
improved, and only fields that the user is permitted to change are passed
through this form. The results of logical operators are no longer passed
through or relied upon.
TL-22310 Backported MDL-62275 quiz question validation
Additional validation was added to quiz questions in MDL-62275 to protect
against remote code execution by a user with permission to create or edit
quiz questions. This fix was initially backported as far as Totara 2.6 as
part of TL-17785.
Release 2.4.72 (19th September 2019):
Security issues:
TL-22310 Backported MDL-62275 quiz question validation
Additional validation was added to quiz questions in MDL-62275 to protect
against remote code execution by a user with permission to create or edit
quiz questions. This fix was initially backported as far as Totara 2.6 as
part of TL-17785.
Release 2.2.74 (19th September 2019):
Security issues:
TL-22310 Backported MDL-62275 quiz question validation
Additional validation was added to quiz questions in MDL-62275 to protect
against remote code execution by a user with permission to create or edit
quiz questions. This fix was initially backported as far as Totara 2.6 as
part of TL-17785.