//check the the user is allowed for the service $selectedservice = $webservicemanager->get_external_service_by_id($data->service); if ($selectedservice->restrictedusers) { $restricteduser = $webservicemanager->get_ws_authorised_user($data->service, $data->user); if (empty($restricteduser)) { $allowuserurl = new moodle_url('/' . $CFG->admin . '/webservice/service_users.php', array('id' => $selectedservice->id)); $allowuserlink = html_writer::tag('a', $selectedservice->name, array('href' => $allowuserurl)); $errormsg = $OUTPUT->notification(get_string('usernotallowed', 'webservice', $allowuserlink)); } } //process the creation if (empty($errormsg)) { //TODO improvement: either move this function from externallib.php to webservice/lib.php // either move most of webservicelib.php functions into externallib.php // (create externalmanager class) MDL-23523 external_generate_token(EXTERNAL_TOKEN_PERMANENT, $data->service, $data->user, get_context_instance(CONTEXT_SYSTEM), $data->validuntil, $data->iprestriction); redirect($tokenlisturl); } } } //OUTPUT: create token form echo $OUTPUT->header(); echo $OUTPUT->heading(get_string('createtoken', 'webservice')); if (!empty($errormsg)) { echo $errormsg; } $mform->display(); echo $OUTPUT->footer(); die; break; case 'delete':
} foreach ($capabilities as $capability) { assign_capability($capability->name, CAP_ALLOW, $roleid, $context->id, true); } $context->mark_dirty(); // Create a new service with all functions for the user. $webservicemanager = new webservice(); if (!($service = $DB->get_record('external_services', array('shortname' => 'mdk_all')))) { $service = new stdClass(); $service->name = 'MDK: All functions'; $service->shortname = 'mdk_all'; $service->enabled = 1; $service->restrictedusers = 1; $service->downloadfiles = 1; $service->id = $webservicemanager->add_external_service($service); } $functions = $webservicemanager->get_not_associated_external_functions($service->id); foreach ($functions as $function) { $webservicemanager->add_external_function_to_service($function->name, $service->id); } if (!$webservicemanager->get_ws_authorised_user($service->id, $user->id)) { $adduser = new stdClass(); $adduser->externalserviceid = $service->id; $adduser->userid = $user->id; $webservicemanager->add_ws_authorised_user($adduser); } // Generate a token for the user. if (!($token = $DB->get_field('external_tokens', 'token', array('userid' => $user->id, 'externalserviceid' => $service->id)))) { $token = external_generate_token(EXTERNAL_TOKEN_PERMANENT, $service->id, $user->id, $context, 0, ''); } mtrace('User \'webservice\' token: ' . $token);
/** * Create and return a session linked token. Token to be used for html embedded client apps that want to communicate * with the Moodle server through web services. The token is linked to the current session for the current page request. * It is expected this will be called in the script generating the html page that is embedding the client app and that the * returned token will be somehow passed into the client app being embedded in the page. * * @param string $servicename name of the web service. Service name as defined in db/services.php * @param int $context context within which the web service can operate. * @return int returns token id. * @since Moodle 2.0 */ function external_create_service_token($servicename, $context) { global $USER, $DB; $service = $DB->get_record('external_services', array('name' => $servicename), '*', MUST_EXIST); return external_generate_token(EXTERNAL_TOKEN_EMBEDDED, $service, $USER->id, $context, 0); }
public function getUserToken($userId = null, $serviceId = null, $validTime = null, $ip = null, $context = null) { global $DB; if ($context === null) { global $CFG; $courseid = $CFG->tpe_config->courseid; // courseid $context = context_course::instance($courseid); } $contextid = $context->id; if ($userId === null) { global $USER; $userId = $USER->id; } $requiredService = array(); if (!is_array($serviceId)) { $requiredService[] = intval($serviceId); } else { $requiredService = $serviceId; } if ($validTime === null) { $intDate = strtotime('+1 day', time()); $stringDate = date("Y-m-d", $intDate) . " 01:00:00"; $validTime = strtotime($stringDate); } $tokens = array(); $sql = "SELECT externalserviceid, token, userid, validuntil, contextid " . "FROM {external_tokens} " . "WHERE userid = ? AND externalserviceid IN(" . implode(",", $requiredService) . ") " . "AND validuntil >= ? " . "AND contextid = ? "; $params = array($userId, $validTime, $contextid); $listToken = $DB->get_records_sql($sql, $params); foreach ($requiredService as $item) { if (isset($listToken[$item])) { //Token exit and valid time $tokens[$item] = $listToken[$item]->token; } else { $tokens[$item] = external_generate_token(EXTERNAL_TOKEN_PERMANENT, $item, $userId, $contextid, $validTime, $ip); } } return $tokens; }
/** * Creates tokens. * * @Given /^the following tokens exist:$/ * @param TableNode $data */ public function the_following_tokens_exist(TableNode $data) { global $DB, $CFG; foreach ($data->getHash() as $datahash) { $service = $this->get_service_id($datahash['service']); $userid = $this->get_user_id($datahash['user']); $validuntil = !empty($datahash['validuntil']) ? $datahash['validuntil'] : ''; $iprestriction = !empty($datahash['iprestriction']) ? $datahash['iprestriction'] : ''; require_once "{$CFG->dirroot}/webservice/lib.php"; $webservicemanager = new webservice(); // Check the the user is allowed for the service. $selectedservice = $webservicemanager->get_external_service_by_id($service); if ($selectedservice->restrictedusers) { $restricteduser = $webservicemanager->get_ws_authorised_user($service, $userid); if (empty($restricteduser)) { throw new moodle_exception('usernotallowed', 'webservice'); } } // Check if the user is deleted. unconfirmed, suspended or guest. $user = $DB->get_record('user', array('id' => $userid)); if ($user->id == $CFG->siteguest or $user->deleted or !$user->confirmed or $user->suspended) { throw new moodle_exception('forbiddenwsuser', 'webservice'); } external_generate_token(EXTERNAL_TOKEN_PERMANENT, $service, $userid, context_system::instance(), $validuntil, $iprestriction); } }
$allowuserurl = new moodle_url('/' . $CFG->admin . '/webservice/service_users.php', array('id' => $selectedservice->id)); $allowuserlink = html_writer::tag('a', $selectedservice->name, array('href' => $allowuserurl)); $errormsg = $OUTPUT->notification(get_string('usernotallowed', 'webservice', $allowuserlink)); } } //check if the user is deleted. unconfirmed, suspended or guest $user = $DB->get_record('user', array('id' => $data->user)); if ($user->id == $CFG->siteguest or $user->deleted or !$user->confirmed or $user->suspended) { throw new moodle_exception('forbiddenwsuser', 'webservice'); } //process the creation if (empty($errormsg)) { //TODO improvement: either move this function from externallib.php to webservice/lib.php // either move most of webservicelib.php functions into externallib.php // (create externalmanager class) MDL-23523 external_generate_token(EXTERNAL_TOKEN_PERMANENT, $data->service, $data->user, context_system::instance(), $data->validuntil, $data->iprestriction); redirect($tokenlisturl); } } } //OUTPUT: create token form echo $OUTPUT->header(); echo $OUTPUT->heading(get_string('createtoken', 'webservice')); if (!empty($errormsg)) { echo $errormsg; } $mform->display(); echo $OUTPUT->footer(); die; break; case 'delete':