Feature Request: Questionlibrary.php for external questions

[Mat-Ge]

The new question library is a very useful innovation. In addition to the official STACK question library, there are more and more public STACK question collections available. Can we expand questionlibrary.php so that it can be used also for external questions?
In my case, I am Moodle admin, but I do not have access to the file system. Otherwise, I could copy external questions into the stacklibrary directory to use the nice form to have a look and possibly import external STACK questions. For this, questionlibrary.php could be modified, so that also local directories could be selected and not only the stacklibrary directory on the server.
This customization could be made available via the current method (New question -> STACK question library) or just via a link in the Admin UI.
However, I am unsure about the security of these approaches. Would this approach be a security vulnerability, if questionlibrary.php would be accessible to arbitrary xml files?

[sangwinc]

Thanks for raising this @Mat-Ge, it's on my plans to do this. My current thinking is to use moodle's "data" directory on the server. STACK already has a sub-directory for plots. That mitigates security risks to look only in directories Moodle current has read/write access to. It's also clearly defined. If we have a "stacklibrary" subdirectory there we can expand the current stacklibary code to look in there as well and list questions to users. I'm very open to specific suggestions from users. Let's keep it as simple as possible! I'm not excited about complex access controls allowing different moodle users different access etc.!

We plan to release the whole of the HELM materials as a separate git repro (using the new gitsync plugin). HELM will be a large, and valuable collection of materials I hope others will help to maintain and improve. Once we have that out, it will be time to make it very easy for people to access it.