GitHub Actions CI Workflow + Privacy API + Frankenstyle/PHPDoc + Hooks API support + Replaced raw $_SESSION + Loading all users performance issue

[ikramagix]

Add GitHub Actions CI Workflow

This pull request merges the addition of GitHub Actions support from main to the plugin branch, addressing Issue #1 raised by @volodymyrdovhan during the Moodle plugin review.

Changes

• Added .github/workflows/ci.yml to enable automated testing for Moodle plugin guidelines.
• Configured workflow to run tests on each commit, providing visual feedback (traffic lights) and detailed reports.

Purpose

• Ensures future changes comply with Moodle.org standards.
• Catches potential issues early through continuous integration.

Verification

• Check the Actions tab to confirm the workflow runs successfully.
• Review the ci.yml file to ensure it aligns with Moodle review requirements.

[ikramagix]

Privacy API requirement

I've now added a null_provider implementation under classes/privacy/provider.php and declared the plugin's non-usage of personal data via the required language string (privacy:metadata). This brings the plugin in line with the Moodle Privacy API requirements.

[ikramagix]

Frankenstyle namespace compliance

This update renames all remaining globals and session keys to use the local_yeswecanquiz_ prefix:

• yeswecanquiz_session_control() → local_yeswecanquiz_session_control()
• yeswecanquiz_extend_navigation() → local_yeswecanquiz_extend_navigation()
• $_SESSION['yeswecanquiz_newattempt'] → $_SESSION['local_yeswecanquiz_newattempt']

No unprefixed identifiers remain.

[ikramagix]

PHPDoc compliance for settings.php

• Added file-level docblock with @Package, @copyright and @license
• Added settings-page docblock describing its purpose, globals ($DB, $ADMIN) and return type

This completes Issue #5 by aligning with Moodle’s PHPDoc standards.

[ikramagix]

Added Hooks API support

• Created db/hooks.php to register:
  • before_http_headers to local_yeswecanquiz_before_http_headers
  • navigation.primary_extend to local_yeswecanquiz_extend_navigation

Legacy callbacks in lib.php remain for Moodle < 4.4.

[ikramagix]

Replaced raw $_SESSION with Moodle session cache

• Created db/cache.php defining a local_yeswecanquiz/session cache in MODE_SESSION.
• In lib.php, swapped $_SESSION['local_yeswecanquiz_newattempt'][$cmid] for

  $cache = \cache::make('local_yeswecanquiz','session');
  if (!$cache->has((string)$cmid)) {
      // ...
      $cache->set((string)$cmid, true);
  }

• Removed all leftover $_SESSION usage.

This aligns with Moodle’s Cache API best practices and resolves issue #7.

[ikramagix]

Avoid loading all users & guide admins to use IDs, enforce manual-account validation for public quiz user

• Removed the heavy admin_setting_configselect dropdown
• Switched to admin_setting_configtext for local_yeswecanquiz/publicuserid
• Improved the language string to explain:
  • How to find the user ID in the profile URL
  • Why selecting the exact ID prevents homonyms or duplicate emails
  • That only manually created accounts are supported
• Introduced local_yeswecanquiz_admin_setting_publicuserid (subclass of admin_setting_configtext) with a validate() method that:
  • Checks the user exists
  • Verifies the user’s auth method is manual
• On invalid ID or non-manual account, the page reloads with a clear error message
• AJAX autocomplete/search will be added in a future update

This change keeps the settings page performant on large sites, provides precise guidance to administrators and enforces selection of a valid manual-account user.