webservice MDL-20805 fix token authentication

author jerome mouneyrac <jerome@moodle.com>

Thu, 14 Jan 2010 08:17:00 +0000 (08:17 +0000)

committer jerome mouneyrac <jerome@moodle.com>

Thu, 14 Jan 2010 08:17:00 +0000 (08:17 +0000)
author jerome mouneyrac <jerome@moodle.com>
Thu, 14 Jan 2010 08:17:00 +0000 (08:17 +0000)
committer jerome mouneyrac <jerome@moodle.com>
Thu, 14 Jan 2010 08:17:00 +0000 (08:17 +0000)
diff --git a/webservice/lib.php b/webservice/lib.php

index 12c35aeeec70b77f12af9b8eded3da87eec3f43b..418f646b22dfcf9d3a738175256b8893743705fa 100644 (file)
--- a/webservice/lib.php
+++ b/webservice/lib.php
@@ -676,28 +676,27 @@ abstract class webservice_base_server extends webservice_server {
          }
  
          // now let's verify access control
-        if ($this->simple) {
-            // now make sure the function is listed in at least one service user is allowed to use
-            // allow access only if:
-            //  1/ entry in the external_services_users table if required
-            //  2/ validuntil not reached
-            //  3/ has capability if specified in service desc
-            //  4/ iprestriction
-
-            $sql = "SELECT s.*, NULL AS iprestriction
-                      FROM {external_services} s
-                      JOIN {external_services_functions} sf ON (sf.externalserviceid = s.id AND s.restrictedusers = 0 AND sf.functionname = :name1)
-                     WHERE s.enabled = 1 $wscond1
-
-                     UNION
-
-                    SELECT s.*, su.iprestriction
-                      FROM {external_services} s
-                      JOIN {external_services_functions} sf ON (sf.externalserviceid = s.id AND s.restrictedusers = 1 AND sf.functionname = :name2)
-                      JOIN {external_services_users} su ON (su.externalserviceid = s.id AND su.userid = :userid)
-                     WHERE s.enabled = 1 AND su.validuntil IS NULL OR su.validuntil < :now $wscond2";
-            $params = array_merge($params, array('userid'=>$USER->id, 'name1'=>$function->name, 'name2'=>$function->name, 'now'=>time()));
-        }
+
+        // now make sure the function is listed in at least one service user is allowed to use
+        // allow access only if:
+        //  1/ entry in the external_services_users table if required
+        //  2/ validuntil not reached
+        //  3/ has capability if specified in service desc
+        //  4/ iprestriction
+
+        $sql = "SELECT s.*, NULL AS iprestriction
+                  FROM {external_services} s
+                  JOIN {external_services_functions} sf ON (sf.externalserviceid = s.id AND s.restrictedusers = 0 AND sf.functionname = :name1)
+                 WHERE s.enabled = 1 $wscond1
+
+                 UNION
+
+                SELECT s.*, su.iprestriction
+                  FROM {external_services} s
+                  JOIN {external_services_functions} sf ON (sf.externalserviceid = s.id AND s.restrictedusers = 1 AND sf.functionname = :name2)
+                  JOIN {external_services_users} su ON (su.externalserviceid = s.id AND su.userid = :userid)
+                 WHERE s.enabled = 1 AND su.validuntil IS NULL OR su.validuntil < :now $wscond2";
+        $params = array_merge($params, array('userid'=>$USER->id, 'name1'=>$function->name, 'name2'=>$function->name, 'now'=>time()));
  
          $rs = $DB->get_recordset_sql($sql, $params);
          // now make sure user may access at least one service
author	jerome mouneyrac <jerome@moodle.com>
	Thu, 14 Jan 2010 08:17:00 +0000 (08:17 +0000)
committer	jerome mouneyrac <jerome@moodle.com>
	Thu, 14 Jan 2010 08:17:00 +0000 (08:17 +0000)