require_once $CFG->dirroot . '/' . $CFG->admin . '/webservice/forms.php'; $serviceid = required_param('serviceid', PARAM_INT); $userid = required_param('userid', PARAM_INT); admin_externalpage_setup('externalserviceusersettings'); //define nav bar $PAGE->set_url('/' . $CFG->admin . '/webservice/service_user_settings.php', array('id' => $serviceid, 'userid' => $userid)); $node = $PAGE->settingsnav->find('externalservices', navigation_node::TYPE_SETTING); if ($node) { $node->make_active(); } $PAGE->navbar->add(get_string('serviceusers', 'webservice'), new moodle_url('/' . $CFG->admin . '/webservice/service_users.php', array('id' => $serviceid))); $PAGE->navbar->add(get_string('serviceusersettings', 'webservice')); $formaction = new moodle_url('', array('id' => $serviceid, 'userid' => $userid)); $returnurl = new moodle_url('/' . $CFG->admin . '/webservice/service_users.php', array('id' => $serviceid)); $webservicemanager = new webservice(); $serviceuser = $webservicemanager->get_ws_authorised_user($serviceid, $userid); $usersettingsform = new external_service_authorised_user_settings_form($formaction, $serviceuser); $settingsformdata = $usersettingsform->get_data(); if ($usersettingsform->is_cancelled()) { redirect($returnurl); } else { if (!empty($settingsformdata) and confirm_sesskey()) { /// save user settings (administrator clicked on update button) $settingsformdata = (object) $settingsformdata; $serviceuserinfo = new stdClass(); $serviceuserinfo->id = $serviceuser->serviceuserid; $serviceuserinfo->iprestriction = $settingsformdata->iprestriction; $serviceuserinfo->validuntil = $settingsformdata->validuntil; $webservicemanager->update_ws_authorised_user($serviceuserinfo); //TODO: assign capability //display successful notification
$tokenlisturl = new moodle_url("/" . $CFG->admin . "/settings.php", array('section' => 'webservicetokens')); require_once $CFG->dirroot . "/webservice/lib.php"; $webservicemanager = new webservice(); switch ($action) { case 'create': $mform = new web_service_token_form(null, array('action' => 'create')); $data = $mform->get_data(); if ($mform->is_cancelled()) { redirect($tokenlisturl); } else { if ($data and confirm_sesskey()) { ignore_user_abort(true); //check the the user is allowed for the service $selectedservice = $webservicemanager->get_external_service_by_id($data->service); if ($selectedservice->restrictedusers) { $restricteduser = $webservicemanager->get_ws_authorised_user($data->service, $data->user); if (empty($restricteduser)) { $allowuserurl = new moodle_url('/' . $CFG->admin . '/webservice/service_users.php', array('id' => $selectedservice->id)); $allowuserlink = html_writer::tag('a', $selectedservice->name, array('href' => $allowuserurl)); $errormsg = $OUTPUT->notification(get_string('usernotallowed', 'webservice', $allowuserlink)); } } //process the creation if (empty($errormsg)) { //TODO improvement: either move this function from externallib.php to webservice/lib.php // either move most of webservicelib.php functions into externallib.php // (create externalmanager class) MDL-23523 external_generate_token(EXTERNAL_TOKEN_PERMANENT, $data->service, $data->user, get_context_instance(CONTEXT_SYSTEM), $data->validuntil, $data->iprestriction); redirect($tokenlisturl); } }
// Display confirmation page to Reset the token. if (!$confirm) { $resetconfirmation = $wsrenderer->user_reset_token_confirmation($token); } else { // Delete the token that need to be regenerated. $webservice->delete_user_ws_token($tokenid); } } // No point creating the table is we're just displaying a confirmation screen. if (empty($resetconfirmation)) { $webservice->generate_user_ws_tokens($USER->id); // Generate all token that need to be generated. $tokens = $webservice->get_user_ws_tokens($USER->id); foreach ($tokens as $token) { if ($token->restrictedusers) { $authlist = $webservice->get_ws_authorised_user($token->wsid, $USER->id); if (empty($authlist)) { $token->enabled = false; } } } $webservicetokenboxhtml = $wsrenderer->user_webservice_tokens_box($tokens, $USER->id, $CFG->enablewsdocumentation); // Display the box for web service token. } } // RSS keys. if (!empty($CFG->enablerssfeeds)) { require_once $CFG->dirroot . '/lib/rsslib.php'; $action = optional_param('action', '', PARAM_ALPHANUMEXT); $confirm = optional_param('confirm', 0, PARAM_BOOL); $rssrenderer = $PAGE->get_renderer('core', 'rss');
} foreach ($capabilities as $capability) { assign_capability($capability->name, CAP_ALLOW, $roleid, $context->id, true); } $context->mark_dirty(); // Create a new service with all functions for the user. $webservicemanager = new webservice(); if (!($service = $DB->get_record('external_services', array('shortname' => 'mdk_all')))) { $service = new stdClass(); $service->name = 'MDK: All functions'; $service->shortname = 'mdk_all'; $service->enabled = 1; $service->restrictedusers = 1; $service->downloadfiles = 1; $service->id = $webservicemanager->add_external_service($service); } $functions = $webservicemanager->get_not_associated_external_functions($service->id); foreach ($functions as $function) { $webservicemanager->add_external_function_to_service($function->name, $service->id); } if (!$webservicemanager->get_ws_authorised_user($service->id, $user->id)) { $adduser = new stdClass(); $adduser->externalserviceid = $service->id; $adduser->userid = $user->id; $webservicemanager->add_ws_authorised_user($adduser); } // Generate a token for the user. if (!($token = $DB->get_field('external_tokens', 'token', array('userid' => $user->id, 'externalserviceid' => $service->id)))) { $token = external_generate_token(EXTERNAL_TOKEN_PERMANENT, $service->id, $user->id, $context, 0, ''); } mtrace('User \'webservice\' token: ' . $token);
/** * Creates tokens. * * @Given /^the following tokens exist:$/ * @param TableNode $data */ public function the_following_tokens_exist(TableNode $data) { global $DB, $CFG; foreach ($data->getHash() as $datahash) { $service = $this->get_service_id($datahash['service']); $userid = $this->get_user_id($datahash['user']); $validuntil = !empty($datahash['validuntil']) ? $datahash['validuntil'] : ''; $iprestriction = !empty($datahash['iprestriction']) ? $datahash['iprestriction'] : ''; require_once "{$CFG->dirroot}/webservice/lib.php"; $webservicemanager = new webservice(); // Check the the user is allowed for the service. $selectedservice = $webservicemanager->get_external_service_by_id($service); if ($selectedservice->restrictedusers) { $restricteduser = $webservicemanager->get_ws_authorised_user($service, $userid); if (empty($restricteduser)) { throw new moodle_exception('usernotallowed', 'webservice'); } } // Check if the user is deleted. unconfirmed, suspended or guest. $user = $DB->get_record('user', array('id' => $userid)); if ($user->id == $CFG->siteguest or $user->deleted or !$user->confirmed or $user->suspended) { throw new moodle_exception('forbiddenwsuser', 'webservice'); } external_generate_token(EXTERNAL_TOKEN_PERMANENT, $service, $userid, context_system::instance(), $validuntil, $iprestriction); } }