//check the the user is allowed for the service
$selectedservice = $webservicemanager->get_external_service_by_id($data->service);
if ($selectedservice->restrictedusers) {
$restricteduser = $webservicemanager->get_ws_authorised_user($data->service, $data->user);
if (empty($restricteduser)) {
$allowuserurl = new moodle_url('/' . $CFG->admin . '/webservice/service_users.php', array('id' => $selectedservice->id));
$allowuserlink = html_writer::tag('a', $selectedservice->name, array('href' => $allowuserurl));
$errormsg = $OUTPUT->notification(get_string('usernotallowed', 'webservice', $allowuserlink));
}
}
//process the creation
if (empty($errormsg)) {
//TODO improvement: either move this function from externallib.php to webservice/lib.php
// either move most of webservicelib.php functions into externallib.php
// (create externalmanager class) MDL-23523
external_generate_token(EXTERNAL_TOKEN_PERMANENT, $data->service, $data->user, get_context_instance(CONTEXT_SYSTEM), $data->validuntil, $data->iprestriction);
redirect($tokenlisturl);
}
}
}
//OUTPUT: create token form
echo $OUTPUT->header();
echo $OUTPUT->heading(get_string('createtoken', 'webservice'));
if (!empty($errormsg)) {
echo $errormsg;
}
$mform->display();
echo $OUTPUT->footer();
die;
break;
case 'delete':
}
foreach ($capabilities as $capability) {
assign_capability($capability->name, CAP_ALLOW, $roleid, $context->id, true);
}
$context->mark_dirty();
// Create a new service with all functions for the user.
$webservicemanager = new webservice();
if (!($service = $DB->get_record('external_services', array('shortname' => 'mdk_all')))) {
$service = new stdClass();
$service->name = 'MDK: All functions';
$service->shortname = 'mdk_all';
$service->enabled = 1;
$service->restrictedusers = 1;
$service->downloadfiles = 1;
$service->id = $webservicemanager->add_external_service($service);
}
$functions = $webservicemanager->get_not_associated_external_functions($service->id);
foreach ($functions as $function) {
$webservicemanager->add_external_function_to_service($function->name, $service->id);
}
if (!$webservicemanager->get_ws_authorised_user($service->id, $user->id)) {
$adduser = new stdClass();
$adduser->externalserviceid = $service->id;
$adduser->userid = $user->id;
$webservicemanager->add_ws_authorised_user($adduser);
}
// Generate a token for the user.
if (!($token = $DB->get_field('external_tokens', 'token', array('userid' => $user->id, 'externalserviceid' => $service->id)))) {
$token = external_generate_token(EXTERNAL_TOKEN_PERMANENT, $service->id, $user->id, $context, 0, '');
}
mtrace('User \'webservice\' token: ' . $token);
/**
* Create and return a session linked token. Token to be used for html embedded client apps that want to communicate
* with the Moodle server through web services. The token is linked to the current session for the current page request.
* It is expected this will be called in the script generating the html page that is embedding the client app and that the
* returned token will be somehow passed into the client app being embedded in the page.
*
* @param string $servicename name of the web service. Service name as defined in db/services.php
* @param int $context context within which the web service can operate.
* @return int returns token id.
* @since Moodle 2.0
*/
function external_create_service_token($servicename, $context)
{
global $USER, $DB;
$service = $DB->get_record('external_services', array('name' => $servicename), '*', MUST_EXIST);
return external_generate_token(EXTERNAL_TOKEN_EMBEDDED, $service, $USER->id, $context, 0);
}
public function getUserToken($userId = null, $serviceId = null, $validTime = null, $ip = null, $context = null)
{
global $DB;
if ($context === null) {
global $CFG;
$courseid = $CFG->tpe_config->courseid;
// courseid
$context = context_course::instance($courseid);
}
$contextid = $context->id;
if ($userId === null) {
global $USER;
$userId = $USER->id;
}
$requiredService = array();
if (!is_array($serviceId)) {
$requiredService[] = intval($serviceId);
} else {
$requiredService = $serviceId;
}
if ($validTime === null) {
$intDate = strtotime('+1 day', time());
$stringDate = date("Y-m-d", $intDate) . " 01:00:00";
$validTime = strtotime($stringDate);
}
$tokens = array();
$sql = "SELECT externalserviceid, token, userid, validuntil, contextid " . "FROM {external_tokens} " . "WHERE userid = ? AND externalserviceid IN(" . implode(",", $requiredService) . ") " . "AND validuntil >= ? " . "AND contextid = ? ";
$params = array($userId, $validTime, $contextid);
$listToken = $DB->get_records_sql($sql, $params);
foreach ($requiredService as $item) {
if (isset($listToken[$item])) {
//Token exit and valid time
$tokens[$item] = $listToken[$item]->token;
} else {
$tokens[$item] = external_generate_token(EXTERNAL_TOKEN_PERMANENT, $item, $userId, $contextid, $validTime, $ip);
}
}
return $tokens;
}
/**
* Creates tokens.
*
* @Given /^the following tokens exist:$/
* @param TableNode $data
*/
public function the_following_tokens_exist(TableNode $data)
{
global $DB, $CFG;
foreach ($data->getHash() as $datahash) {
$service = $this->get_service_id($datahash['service']);
$userid = $this->get_user_id($datahash['user']);
$validuntil = !empty($datahash['validuntil']) ? $datahash['validuntil'] : '';
$iprestriction = !empty($datahash['iprestriction']) ? $datahash['iprestriction'] : '';
require_once "{$CFG->dirroot}/webservice/lib.php";
$webservicemanager = new webservice();
// Check the the user is allowed for the service.
$selectedservice = $webservicemanager->get_external_service_by_id($service);
if ($selectedservice->restrictedusers) {
$restricteduser = $webservicemanager->get_ws_authorised_user($service, $userid);
if (empty($restricteduser)) {
throw new moodle_exception('usernotallowed', 'webservice');
}
}
// Check if the user is deleted. unconfirmed, suspended or guest.
$user = $DB->get_record('user', array('id' => $userid));
if ($user->id == $CFG->siteguest or $user->deleted or !$user->confirmed or $user->suspended) {
throw new moodle_exception('forbiddenwsuser', 'webservice');
}
external_generate_token(EXTERNAL_TOKEN_PERMANENT, $service, $userid, context_system::instance(), $validuntil, $iprestriction);
}
}
$allowuserurl = new moodle_url('/' . $CFG->admin . '/webservice/service_users.php', array('id' => $selectedservice->id));
$allowuserlink = html_writer::tag('a', $selectedservice->name, array('href' => $allowuserurl));
$errormsg = $OUTPUT->notification(get_string('usernotallowed', 'webservice', $allowuserlink));
}
}
//check if the user is deleted. unconfirmed, suspended or guest
$user = $DB->get_record('user', array('id' => $data->user));
if ($user->id == $CFG->siteguest or $user->deleted or !$user->confirmed or $user->suspended) {
throw new moodle_exception('forbiddenwsuser', 'webservice');
}
//process the creation
if (empty($errormsg)) {
//TODO improvement: either move this function from externallib.php to webservice/lib.php
// either move most of webservicelib.php functions into externallib.php
// (create externalmanager class) MDL-23523
external_generate_token(EXTERNAL_TOKEN_PERMANENT, $data->service, $data->user, context_system::instance(), $data->validuntil, $data->iprestriction);
redirect($tokenlisturl);
}
}
}
//OUTPUT: create token form
echo $OUTPUT->header();
echo $OUTPUT->heading(get_string('createtoken', 'webservice'));
if (!empty($errormsg)) {
echo $errormsg;
}
$mform->display();
echo $OUTPUT->footer();
die;
break;
case 'delete':
