/** * get the interface definition for the function * * @param string $functionname * @return array $vars */ function testclient_get_interface($functionname) { $fdesc = webservice_function_info($functionname); $strs = explode('|', testclient_parameters($fdesc->parameters_desc, '')); $vars = array(); foreach ($strs as $str) { if (empty($str)) { continue; } list($name, $type) = explode('=', $str); $name = preg_replace('/\\]\\[/', '_', $name); $name = preg_replace('/[\\]\\[]/', '', $name); $vars[] = array('name' => $name, 'type' => $type); } return $vars; }
/** * Fetches the function description from database, * verifies user is allowed to use this function and * loads all paremeters and return descriptions. * @return void */ protected function load_function_info() { global $USER; if (empty($this->functionname)) { throw new WebserviceInvalidParameterException(get_string('missingfuncname', 'webserivce')); } // function must exist $function = webservice_function_info($this->functionname); if (!$function) { throw new WebserviceAccessException(get_string('accessextfunctionnotconf', 'auth.webservice')); } // first ofall get a complete list of services user is allowed to access if ($this->restricted_serviceid) { $wscond1 = 'AND s.id = ? '; $wscond2 = 'AND s.id = ? '; } else { $wscond1 = ''; $wscond2 = ''; } // now let's verify access control // now make sure the function is listed in at least one service user is allowed to use // allow access only if: // 1/ entry in the external_services_users table if required // 2/ validuntil not reached // 3/ has capability if specified in service desc // 4/ iprestriction $sql = "SELECT s.*, NULL AS iprestriction\n FROM {external_services} s\n JOIN {external_services_functions} sf ON (sf.externalserviceid = s.id AND (s.restrictedusers = ? OR s.tokenusers = ?) AND sf.functionname = ?)\n WHERE s.enabled = ? {$wscond1}\n\n UNION\n\n SELECT s.*, su.iprestriction\n FROM {external_services} s\n JOIN {external_services_functions} sf ON (sf.externalserviceid = s.id AND s.restrictedusers = ? AND sf.functionname = ?)\n JOIN {external_services_users} su ON (su.externalserviceid = s.id AND su.userid = ?)\n WHERE s.enabled = ? AND su.validuntil IS NULL OR su.validuntil < ? {$wscond2}"; $params = array(0, 1, $function->name, 1); $wscond1 && ($params[] = $this->restricted_serviceid); $params[] = 1; $params[] = $function->name; $params[] = $USER->get('id'); $params[] = 1; $params[] = time(); $wscond2 && ($params[] = $this->restricted_serviceid); $rs = get_recordset_sql($sql, $params); // now make sure user may access at least one service $remoteaddr = getremoteaddr(); $allowed = false; $serviceids = array(); foreach ($rs as $service) { $serviceids[] = $service['id']; if ($service['iprestriction'] and !address_in_subnet($remoteaddr, $service['iprestriction'])) { // wrong request source ip, sorry continue; } $allowed = true; // one service is enough, no need to continue break; } $rs->close(); if (!$allowed) { throw new WebserviceAccessException(get_string('accesstofunctionnotallowed', 'auth.webservice', $this->functionname)); } // now get the list of all functions - this triggers the stashing of // functions in the context $wsmanager = new webservice(); $functions = $wsmanager->get_external_functions($serviceids); // we have all we need now $this->function = $function; }
*/ define('INTERNAL', 1); define('MENUITEM', 'configextensions/pluginadminwebservices'); define('SECTION_PAGE', 'webservice'); require dirname(dirname(__FILE__)) . '/init.php'; define('TITLE', get_string('pluginadmin', 'admin')); require_once 'pieforms/pieform.php'; require_once get_config('docroot') . 'webservice/lib.php'; $function = param_integer('id', 0); $dialog = param_integer('dialog', 0); $dbfunction = get_record('external_functions', 'id', $function); if (empty($dbfunction)) { $SESSION->add_error_msg(get_string('invalidfunction', 'auth.webservice')); redirect('/webservice/admin/index.php'); } $fdesc = webservice_function_info($dbfunction->name); $smarty = smarty(array(), array('<link rel="stylesheet" type="text/css" href="' . $THEME->get_url('style/webservice.css', false, 'auth/webservice') . '">')); safe_require('auth', 'webservice'); PluginAuthWebservice::menu_items($smarty, 'webservice'); $smarty->assign('function', $dbfunction); $smarty->assign('functiondescription', $fdesc->description); $smarty->assign('fdesc', $fdesc); $smarty->assign('xmlrpcactive', webservice_protocol_is_enabled('xmlrpc')); $smarty->assign('restactive', webservice_protocol_is_enabled('rest')); $smarty->assign('soapactive', webservice_protocol_is_enabled('soap')); $heading = get_string('wsdoc', 'auth.webservice'); $smarty->assign('PAGEHEADING', $heading); $smarty->assign('dialog', $dialog); $smarty->display('auth:webservice:wsdoc.tpl'); die; /**