From 15e417fe1facab7b7d01552144e24369c4ec4dad Mon Sep 17 00:00:00 2001 From: jerome mouneyrac Date: Mon, 11 Jan 2010 08:23:39 +0000 Subject: [PATCH] webservice MDL-20805 added token creation page --- admin/settings/plugins.php | 1 + admin/webservice/forms.php | 54 ++++++++++++++++++++++++++++++ admin/webservice/tokens.php | 67 ++++++++++++++++++++++++++++++++++--- lang/en_utf8/error.php | 1 + lang/en_utf8/webservice.php | 3 ++ lib/adminlib.php | 22 +++++++----- 6 files changed, 136 insertions(+), 12 deletions(-) diff --git a/admin/settings/plugins.php b/admin/settings/plugins.php index 2949564f94..1e965b13a0 100644 --- a/admin/settings/plugins.php +++ b/admin/settings/plugins.php @@ -266,6 +266,7 @@ if ($hassiteconfig) { } } /// manage token page link + $ADMIN->add('webservicesettings', new admin_externalpage('addwebservicetoken', get_string('managetokens', 'webservice'), "$CFG->wwwroot/$CFG->admin/webservice/tokens.php", 'moodle/site:config', true)); $temp = new admin_settingpage('webservicetokens', get_string('managetokens', 'webservice')); $temp->add(new admin_setting_managewebservicetokens()); if (empty($CFG->enablewebservices)) { diff --git a/admin/webservice/forms.php b/admin/webservice/forms.php index 6df2d8ff41..ac591ce088 100644 --- a/admin/webservice/forms.php +++ b/admin/webservice/forms.php @@ -129,3 +129,57 @@ class external_service_functions_form extends moodleform { $this->set_data($data); } } + + +class web_service_token_form extends moodleform { + function definition() { + global $CFG, $USER, $DB; + + $mform = $this->_form; + $data = $this->_customdata; + + $mform->addElement('header', 'token', get_string('token', 'webservice')); + + //user searchable selector + $sql = "SELECT user.id, user.firstname, user.lastname, rassign.roleid + FROM {user} user + LEFT JOIN {role_assignments} rassign + ON user.id = rassign.userid + ORDER BY user.lastname"; + $users = $DB->get_records_sql($sql,array()); + $options = array(); + foreach ($users as $userid => $user) { + if ($user->roleid != 1) { + $options[$userid] = $user->firstname. " " . $user->lastname; + } + } + $mform->addElement('searchableselector', 'user', get_string('user'),$options); + $mform->addRule('user', get_string('required'), 'required', null, 'client'); + + //service selector + $services = $DB->get_records('external_services'); + $options = array(); + foreach ($services as $serviceid => $service) { + $options[$serviceid] = $service->name; + } + $mform->addElement('select', 'service', get_string('service', 'webservice'),$options); + $mform->addRule('service', get_string('required'), 'required', null, 'client'); + + + $mform->addElement('text', 'iprestriction', get_string('iprestriction', 'webservice')); + + $mform->addElement('date_selector', 'validuntil', get_string('validuntil', 'webservice'), array('optional'=>true)); + + $mform->addElement('hidden', 'action'); + $mform->setType('action', PARAM_ACTION); + + $this->add_action_buttons(true); + + $this->set_data($data); + } + + function validation($data, $files) { + $errors = parent::validation($data, $files); + return $errors; + } +} \ No newline at end of file diff --git a/admin/webservice/tokens.php b/admin/webservice/tokens.php index 3f67d4fefd..4e2fcd8959 100644 --- a/admin/webservice/tokens.php +++ b/admin/webservice/tokens.php @@ -25,9 +25,13 @@ */ require_once('../../config.php'); +require_once($CFG->libdir.'/adminlib.php'); +require_once('forms.php'); $PAGE->set_url('/admin/webservice/tokens.php', array()); +admin_externalpage_setup('addwebservicetoken'); + require_login(); require_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM)); @@ -46,14 +50,69 @@ if (!confirm_sesskey()) { } switch ($action) { - + case 'create': - echo "I'm creating a token yoohoo"; + $mform = new web_service_token_form(null, array('action' => 'create')); + if ($mform->is_cancelled()) { + redirect($returnurl); + } else if ($data = $mform->get_data()) { + ignore_user_abort(true); // no interruption here! + + //generate token + $generatedtoken = md5(uniqid(rand(),1)); + + // make sure the token doesn't exist (even if it should be almost impossible with the random generation) + if ($DB->record_exists('external_tokens', array('token'=>$generatedtoken))) { + throw new moodle_exception('tokenalreadyexist'); + } else { + $newtoken = new object(); + $newtoken->token = $generatedtoken; + $newtoken->externalserviceid = $data->service; + $newtoken->tokentype = 2; + $newtoken->userid = $data->user; + //TODO: find a way to get the context - UPDATE FOLLOWING LINE + $newtoken->contextid = get_context_instance(CONTEXT_SYSTEM)->id; + $newtoken->creatorid = $USER->id; + $newtoken->timecreated = time(); + $newtoken->validuntil = $data->validuntil; + if (!empty($data->iprestriction)) { + $newtoken->iprestriction = $data->iprestriction; + } + $DB->insert_record('external_tokens', $newtoken); + } + redirect($returnurl); + } + + + + //ask for function id + admin_externalpage_print_header(); + echo $OUTPUT->heading(get_string('createtoken', 'webservice')); + $mform->display(); + echo $OUTPUT->footer(); + die; break; case 'delete': - $token = $DB->get_record('external_tokens', array('id' => $tokenid)); - echo "coucou delete token id:".$token->id; + $sql = "SELECT + token.id, token.token, user.firstname, user.lastname, service.name + FROM + {external_tokens} token, {user} user, {external_services} service + WHERE + token.creatorid=? AND token.id=? AND token.tokentype = 2 AND service.id = token.externalserviceid AND token.userid = user.id"; + $token = $DB->get_record_sql($sql, array($USER->id, $tokenid), MUST_EXIST); //must be the token creator + if (!$confirm) { + admin_externalpage_print_header(); + $optionsyes = array('tokenid'=>$tokenid, 'action'=>'delete', 'confirm'=>1, 'sesskey'=>sesskey()); + $optionsno = array('section'=>'webservicetokens', 'sesskey'=>sesskey()); + $formcontinue = new single_button(new moodle_url('/admin/webservice/tokens.php', $optionsyes), get_string('delete')); + $formcancel = new single_button(new moodle_url('/admin/settings.php', $optionsno), get_string('cancel'), 'get'); + echo $OUTPUT->confirm(get_string('deletetokenconfirm', 'webservice', (object)array('user'=>$token->firstname." ".$token->lastname, 'service'=>$token->name)), $formcontinue, $formcancel); + echo $OUTPUT->footer(); + die; + } + $DB->delete_records('external_tokens', array('id'=>$token->id)); + redirect($returnurl); break; default: diff --git a/lang/en_utf8/error.php b/lang/en_utf8/error.php index 4c8809ffb0..78a65d6bcd 100644 --- a/lang/en_utf8/error.php +++ b/lang/en_utf8/error.php @@ -419,6 +419,7 @@ $string['tagnotfound'] = 'The specified tag was not found in the database'; $string['tagdisabled'] = 'Tags are disabled!'; $string['targetdatabasenotempty'] = 'The target database is not empty. Transfer aborted for safety reasons.'; $string['themenotinstall'] = 'This theme is not installed!'; +$string['tokenalreadyexist'] = 'The generated token already exists, try again.'; $string['transactionvoid'] = 'Transaction cannot be voided because it has already been voided'; $string['TODO'] = 'TODO'; $string['importformatnotimplement'] = 'Sorry, importing this format is not yet implemented!'; diff --git a/lang/en_utf8/webservice.php b/lang/en_utf8/webservice.php index 57df6043ee..9fdc63c55d 100644 --- a/lang/en_utf8/webservice.php +++ b/lang/en_utf8/webservice.php @@ -1,6 +1,7 @@ name (id: $a->id)'; $string['deleteserviceconfirm'] = 'Do you really want to delete external service \"$a\"?'; +$string['deletetokenconfirm'] = 'Do you really want to delete this web service token for $a->user on the service $a->service?'; $string['disabledwarning'] = 'All webs service protocols are disabled, the \Enable web services\" setting can be found in the \"Advanced features\" section.'; $string['editservice'] = 'Edit the service: $a->name (id: $a->id)'; $string['enabled'] = 'Enabled'; diff --git a/lib/adminlib.php b/lib/adminlib.php index e88c3b4843..4d6144ee37 100644 --- a/lib/adminlib.php +++ b/lib/adminlib.php @@ -6474,30 +6474,28 @@ class admin_setting_managewebservicetokens extends admin_setting { $strservice = get_string('service', 'webservice'); $struser = get_string('user'); $strcontext = get_string('context', 'webservice'); - - - + $strvaliduntil = get_string('validuntil', 'webservice'); $return = $OUTPUT->heading(get_string('webservicetokens', 'webservice'), 3, 'main', true); $return .= $OUTPUT->box_start('generalbox webservicestokenui'); $table = new html_table(); - $table->head = array($strtoken, $struser, $strservice, $strcontext, $stroperation); + $table->head = array($strtoken, $struser, $strservice, $strcontext, $strvaliduntil, $stroperation); $table->align = array('left', 'left', 'left', 'left', 'center'); $table->width = '100%'; $table->data = array(); $tokenpageurl = "$CFG->wwwroot/$CFG->admin/webservice/tokens.php?sesskey=" . sesskey(); - //TODO: in order to let the administrator delete obsolete token, split this request in multiple request + //TODO: in order to let the administrator delete obsolete token, split this request in multiple request or use LEFT JOIN //here retrieve token list (including linked users firstname/lastname and linked services name) $sql = "SELECT - token.id, token.token, user.firstname, user.lastname, service.name + token.id, token.token, user.firstname, user.lastname, service.name, token.validuntil FROM {external_tokens} token, {user} user, {external_services} service WHERE - token.creatorid=? AND service.id = token.externalserviceid AND token.userid = user.id"; + token.creatorid=? AND token.tokentype = 2 AND service.id = token.externalserviceid AND token.userid = user.id"; $tokens = $DB->get_records_sql($sql, array( $USER->id)); if (!empty($tokens)) { foreach ($tokens as $token) { @@ -6506,8 +6504,16 @@ class admin_setting_managewebservicetokens extends admin_setting { $delete = "id."\">"; $delete .= get_string('delete').""; + if (empty($_SERVER['HTTPS'])) { + $token->token = get_string('activatehttps', 'webservice'); + } + + $validuntil = ''; + if (!empty($token->validuntil)) { + $validuntil = date("F j, Y"); //TODO: language support (look for moodle function) + } - $table->data[] = array($token->token, $token->firstname." ".$token->lastname, $token->name, '', $delete); + $table->data[] = array($token->token, $token->firstname." ".$token->lastname, $token->name, '', $validuntil, $delete); } $return .= $OUTPUT->table($table); -- 2.39.5