Currently Moodle already supports RSS feeds, however this support is limited only to several areas and is less than useful because:
• Either we can't publish private information to the outside world because it's too sensitive.
• We open up sensitive information to the outside world
Secure RSS feeds is a project about making the RSS feeds published by Moodle secure so that only desired people can access the feeds. This will allow adding feeds to many other places in Moodle (like calendar, activity reports...) therefore making user experience better and more comfortable.
Draft spec is available here:
http://docs.moodle.org/en/Student_projects/Secure_RSS_feeds
Any kind of feedback is appreciated, especially if it is security concerned.
Also I would like to know, in which areas of Moodle RSS feeds are most desired.
Hi, Askar.
To me, the most generally useful feeds would be (in rough order of importance):
Personally, I don't find the feeds for the individual forums all that useful; most of our courses have dozens of forums and the RSS reader would get very cluttered if you tried to monitor them all via RSS.
Of course, other people may have different opinions and/or use cases.
To me, the most generally useful feeds would be (in rough order of importance):
- Upcoming Events
- Latest News
- Recent Activity
- Assignments Submitted (useful for the instructor)
Personally, I don't find the feeds for the individual forums all that useful; most of our courses have dozens of forums and the RSS reader would get very cluttered if you tried to monitor them all via RSS.
Of course, other people may have different opinions and/or use cases.
Hi Aksar,
Great that you're working on this! I'm just sorting out a new intranet for our school and I've identified RSS feeds as being the key to integrating Moodle with our CMS frontend. Specifically, I want to use them wherever possible to give users of all sorts at-a-glance summaries of what's been going on for them so that they know whether they need to go and do something on Moodle or not. Some scenarios that come to mind are:
Great that you're working on this! I'm just sorting out a new intranet for our school and I've identified RSS feeds as being the key to integrating Moodle with our CMS frontend. Specifically, I want to use them wherever possible to give users of all sorts at-a-glance summaries of what's been going on for them so that they know whether they need to go and do something on Moodle or not. Some scenarios that come to mind are:
- Front page feed: recent activity for the whole site. This would show everyone what has been going on regardless of whether they have permissions to go and explore further, e.g. it would be great to have submitted assignments in there, along with links which would take teachers straight there. Students would find that the links lead to a permission denied error, but it will give a sense of community buzz. Assignments marked (without the grades) would be good additions as well. If the items to be included could be configured by the site admin, it would be ideal.
- Same thing but for a single course category. e.g. I want to make a maths department page on the intranet. Part of this needs to be a recent activity on Moodle feed just for the relevant courses.
- Marking feed. Specific to the individual teacher. See here for my block that does this
Thank you for your feedback!
Matt Gibson, sorry, but it's seems you link to "Marking feed" block is broken.
Matt Gibson, sorry, but it's seems you link to "Marking feed" block is broken.
Sorry, I'd only just put it there and it needed approval first. Its fixed now.
This seems to be a good step towards securing RSS feeds, but I would really like to see authenticated feeds available.
I know this is a longshot because only a few authentication mechanisms could support this and few RSS readers support authentication, but I think it could be valuable to support session / CAS / Shibboleth / Basic authentication.
My particular interest is in pulling Moodle's RSS feeds into our portal, authenticated under CAS.
Making the URL non-guessable is nice, but doesn't prevent that URL from being passed on to unauthorized users. In my opinion, authentication is really the only way to genuinely secure the feeds.
Is anyone else thinking along these lines?
I know this is a longshot because only a few authentication mechanisms could support this and few RSS readers support authentication, but I think it could be valuable to support session / CAS / Shibboleth / Basic authentication.
My particular interest is in pulling Moodle's RSS feeds into our portal, authenticated under CAS.
Making the URL non-guessable is nice, but doesn't prevent that URL from being passed on to unauthorized users. In my opinion, authentication is really the only way to genuinely secure the feeds.
Is anyone else thinking along these lines?
hmm... You've got the point there. I will take your idea in consideration. However, "URL auth." will be primary objective this summer. Anyway, it's not going to be hardcoded so that others, more secure methods, could be added later.
Askar,
It would be really nice have "feed filter", so calendar can be transferred to other site and display only related news/activity.
It would be really nice have "feed filter", so calendar can be transferred to other site and display only related news/activity.
Sorry, I don't understand your idea. Could you please exlain it?
Btw, sorry for not posting any news about the project progress here.
It's moving into final stage now.
The code is available here:
http://tracker.moodle.org/browse/MDL-15122
See the attached .zip file.
You will have to unpack files into coresponding directories and then apply secrss.patch.
Btw, sorry for not posting any news about the project progress here.
It's moving into final stage now.
The code is available here:
http://tracker.moodle.org/browse/MDL-15122
See the attached .zip file.
You will have to unpack files into coresponding directories and then apply secrss.patch.
Hello, I'm running Moodle 1.9.2 through Windows, using Apache and PHP, i had downloaded the secrss_complete.patch and saved on moodle's main folder. I'm running the following command:
d:\bin\patch.exe -p0 < secrss_complete.patch
That its returning the message "Assertion failed: hunk, file ../patch-2.5.9-src/patch.c, line 354"
When i run:
d:\bin\patch.exe -p1 < secrss_complete.patch
It return's "missing header for unified diff at line 8 of patch"
How should i proceed?
d:\bin\patch.exe -p0 < secrss_complete.patch
That its returning the message "Assertion failed: hunk, file ../patch-2.5.9-src/patch.c, line 354"
When i run:
d:\bin\patch.exe -p1 < secrss_complete.patch
It return's "missing header for unified diff at line 8 of patch"
How should i proceed?
This patch is applicable only for Moodle 2.0 Dev at the moment.
Labs Askar,
I am testing different modules on Moodle 2.0 dev (Build: 20090501) for my university and found your module called "Secure RSS feeds" at http://docs.moodle.org/en/Student_projects/Secure_RSS_feeds
Within the wiki it is said that the module has been merged with moodle 2.0... as far as I could understand... hence I was trying to find the option to activate it - but failed. I could only discover the standard rss settings for database, forum, and glossary. There has been no option to enable Secure RSS feeds.
May you or anybody else help me on that please?
Thanks in advance
Kai
I am testing different modules on Moodle 2.0 dev (Build: 20090501) for my university and found your module called "Secure RSS feeds" at http://docs.moodle.org/en/Student_projects/Secure_RSS_feeds
Within the wiki it is said that the module has been merged with moodle 2.0... as far as I could understand... hence I was trying to find the option to activate it - but failed. I could only discover the standard rss settings for database, forum, and glossary. There has been no option to enable Secure RSS feeds.
May you or anybody else help me on that please?
Thanks in advance
Kai
Hallo Askar
I'm running Moodle 2.0 dev through linux fedora, using Apache PHP, and Mysql. I had downloaded the secrss_complete.patch and saved on moodle's main folder. I'm running the following command:
patch -p0 < secrss_complete.patch
The result patch an error (hunks FAILED). The patch can running under linux???sorry for my english. Thank you
I'm running Moodle 2.0 dev through linux fedora, using Apache PHP, and Mysql. I had downloaded the secrss_complete.patch and saved on moodle's main folder. I'm running the following command:
patch -p0 < secrss_complete.patch
The result patch an error (hunks FAILED). The patch can running under linux???sorry for my english. Thank you
Moodle 2.0 is under very active development. I am not surprised that a patch from some time ago no longer applies without manual intervention.
By the way, I hope you are not doing anything other than alpha-testing with 2.0 at the moment.
By the way, I hope you are not doing anything other than alpha-testing with 2.0 at the moment.