From fca9e67c25e77694eaff02c10cae4326173ac3d1 Mon Sep 17 00:00:00 2001 From: Juan Leyva Date: Wed, 30 Sep 2015 09:34:23 +0200 Subject: [PATCH] MDL-50613 webservice: Remove risk bit masks for Web Service protocols This will prevent to show a 'Critical' status in security overview report when mobile services are enabled --- webservice/amf/db/access.php | 1 - webservice/amf/version.php | 2 +- webservice/rest/db/access.php | 1 - webservice/rest/version.php | 2 +- webservice/soap/db/access.php | 1 - webservice/soap/version.php | 2 +- webservice/xmlrpc/db/access.php | 1 - webservice/xmlrpc/version.php | 2 +- 8 files changed, 4 insertions(+), 8 deletions(-) diff --git a/webservice/amf/db/access.php b/webservice/amf/db/access.php index a984f57312c1c..0ba462f92d539 100644 --- a/webservice/amf/db/access.php +++ b/webservice/amf/db/access.php @@ -27,7 +27,6 @@ $capabilities = array( 'webservice/amf:use' => array( - 'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_SPAM | RISK_PERSONAL | RISK_XSS, 'captype' => 'read', // in fact this may be considered read and write at the same time 'contextlevel' => CONTEXT_COURSE, // the context level should be probably CONTEXT_MODULE 'archetypes' => array( diff --git a/webservice/amf/version.php b/webservice/amf/version.php index 03b89a19d38f8..4432f589877b9 100644 --- a/webservice/amf/version.php +++ b/webservice/amf/version.php @@ -25,6 +25,6 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2015051100; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2015051101; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2015050500; // Requires this Moodle version $plugin->component = 'webservice_amf'; // Full name of the plugin (used for diagnostics) diff --git a/webservice/rest/db/access.php b/webservice/rest/db/access.php index 551e8df3d18bc..62949b409180a 100644 --- a/webservice/rest/db/access.php +++ b/webservice/rest/db/access.php @@ -27,7 +27,6 @@ $capabilities = array( 'webservice/rest:use' => array( - 'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_SPAM | RISK_PERSONAL | RISK_XSS, 'captype' => 'read', // in fact this may be considered read and write at the same time 'contextlevel' => CONTEXT_COURSE, // the context level should be probably CONTEXT_MODULE 'archetypes' => array( diff --git a/webservice/rest/version.php b/webservice/rest/version.php index f748ef3a06db1..bf238c51ddcad 100644 --- a/webservice/rest/version.php +++ b/webservice/rest/version.php @@ -25,6 +25,6 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2015051100; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2015051101; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2015050500; // Requires this Moodle version $plugin->component = 'webservice_rest'; // Full name of the plugin (used for diagnostics) diff --git a/webservice/soap/db/access.php b/webservice/soap/db/access.php index a3a90a3e45eee..de96adfd2854f 100644 --- a/webservice/soap/db/access.php +++ b/webservice/soap/db/access.php @@ -27,7 +27,6 @@ $capabilities = array( 'webservice/soap:use' => array( - 'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_SPAM | RISK_PERSONAL | RISK_XSS, 'captype' => 'read', // in fact this may be considered read and write at the same time 'contextlevel' => CONTEXT_COURSE, // the context level should be probably CONTEXT_MODULE 'archetypes' => array( diff --git a/webservice/soap/version.php b/webservice/soap/version.php index 86ee3b2e9262f..0f5e559cdfb08 100644 --- a/webservice/soap/version.php +++ b/webservice/soap/version.php @@ -25,6 +25,6 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2015051100; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2015051101; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2015050500; // Requires this Moodle version $plugin->component = 'webservice_soap'; // Full name of the plugin (used for diagnostics) diff --git a/webservice/xmlrpc/db/access.php b/webservice/xmlrpc/db/access.php index 1c71a8ce87ed2..3f4f90e4a72ce 100644 --- a/webservice/xmlrpc/db/access.php +++ b/webservice/xmlrpc/db/access.php @@ -27,7 +27,6 @@ $capabilities = array( 'webservice/xmlrpc:use' => array( - 'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_SPAM | RISK_PERSONAL | RISK_XSS, 'captype' => 'read', // in fact this may be considered read and write at the same time 'contextlevel' => CONTEXT_COURSE, // the context level should be probably CONTEXT_MODULE 'archetypes' => array( diff --git a/webservice/xmlrpc/version.php b/webservice/xmlrpc/version.php index aa7f1bcd60013..ae5c39cd2cac2 100644 --- a/webservice/xmlrpc/version.php +++ b/webservice/xmlrpc/version.php @@ -25,6 +25,6 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2015051100; // The current plugin version (Date: YYYYMMDDXX) +$plugin->version = 2015051101; // The current plugin version (Date: YYYYMMDDXX) $plugin->requires = 2015050500; // Requires this Moodle version $plugin->component = 'webservice_xmlrpc'; // Full name of the plugin (used for diagnostics)