[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  // This file is part of Moodle - http://moodle.org/
   4  //
   5  // Moodle is free software: you can redistribute it and/or modify
   6  // it under the terms of the GNU General Public License as published by
   7  // the Free Software Foundation, either version 3 of the License, or
   8  // (at your option) any later version.
   9  //
  10  // Moodle is distributed in the hope that it will be useful,
  11  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13  // GNU General Public License for more details.
  14  //
  15  // You should have received a copy of the GNU General Public License
  16  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  17  
  18  /**
  19   * Web services tokens admin UI
  20   *
  21   * @package   webservice
  22   * @author Jerome Mouneyrac
  23   * @copyright 2009 Moodle Pty Ltd (http://moodle.com)
  24   * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  25   */
  26  require_once('../../config.php');
  27  require_once($CFG->libdir . '/adminlib.php');
  28  require_once($CFG->dirroot . '/' . $CFG->admin . '/webservice/forms.php');
  29  require_once($CFG->libdir . '/externallib.php');
  30  
  31  $action = optional_param('action', '', PARAM_ALPHANUMEXT);
  32  $tokenid = optional_param('tokenid', '', PARAM_SAFEDIR);
  33  $confirm = optional_param('confirm', 0, PARAM_BOOL);
  34  
  35  admin_externalpage_setup('addwebservicetoken');
  36  
  37  //Deactivate the second 'Manage token' navigation node, and use the main 'Manage token' navigation node
  38  $node = $PAGE->settingsnav->find('addwebservicetoken', navigation_node::TYPE_SETTING);
  39  $newnode = $PAGE->settingsnav->find('webservicetokens', navigation_node::TYPE_SETTING);
  40  if ($node && $newnode) {
  41      $node->display = false;
  42      $newnode->make_active();
  43  }
  44  
  45  require_capability('moodle/site:config', context_system::instance());
  46  
  47  $tokenlisturl = new moodle_url("/" . $CFG->admin . "/settings.php", array('section' => 'webservicetokens'));
  48  
  49  require_once($CFG->dirroot . "/webservice/lib.php");
  50  $webservicemanager = new webservice();
  51  
  52  switch ($action) {
  53  
  54      case 'create':
  55          $mform = new web_service_token_form(null, array('action' => 'create'));
  56          $data = $mform->get_data();
  57          if ($mform->is_cancelled()) {
  58              redirect($tokenlisturl);
  59          } else if ($data and confirm_sesskey()) {
  60              ignore_user_abort(true);
  61  
  62              //check the the user is allowed for the service
  63              $selectedservice = $webservicemanager->get_external_service_by_id($data->service);
  64              if ($selectedservice->restrictedusers) {
  65                  $restricteduser = $webservicemanager->get_ws_authorised_user($data->service, $data->user);
  66                  if (empty($restricteduser)) {
  67                      $allowuserurl = new moodle_url('/' . $CFG->admin . '/webservice/service_users.php',
  68                              array('id' => $selectedservice->id));
  69                      $allowuserlink = html_writer::tag('a', $selectedservice->name , array('href' => $allowuserurl));
  70                      $errormsg = $OUTPUT->notification(get_string('usernotallowed', 'webservice', $allowuserlink));
  71                  }
  72              }
  73  
  74              //check if the user is deleted. unconfirmed, suspended or guest
  75              $user = $DB->get_record('user', array('id' => $data->user));
  76              if ($user->id == $CFG->siteguest or $user->deleted or !$user->confirmed or $user->suspended) {
  77                  throw new moodle_exception('forbiddenwsuser', 'webservice');
  78              }
  79  
  80              //process the creation
  81              if (empty($errormsg)) {
  82                  //TODO improvement: either move this function from externallib.php to webservice/lib.php
  83                  // either move most of webservicelib.php functions into externallib.php
  84                  // (create externalmanager class) MDL-23523
  85                  external_generate_token(EXTERNAL_TOKEN_PERMANENT, $data->service,
  86                          $data->user, context_system::instance(),
  87                          $data->validuntil, $data->iprestriction);
  88                  redirect($tokenlisturl);
  89              }
  90          }
  91  
  92          //OUTPUT: create token form
  93          echo $OUTPUT->header();
  94          echo $OUTPUT->heading(get_string('createtoken', 'webservice'));
  95          if (!empty($errormsg)) {
  96              echo $errormsg;
  97          }
  98          $mform->display();
  99          echo $OUTPUT->footer();
 100          die;
 101          break;
 102  
 103      case 'delete':
 104          $token = $webservicemanager->get_created_by_user_ws_token($USER->id, $tokenid);
 105  
 106          //Delete the token
 107          if ($confirm and confirm_sesskey()) {
 108              $webservicemanager->delete_user_ws_token($token->id);
 109              redirect($tokenlisturl);
 110          }
 111  
 112          ////OUTPUT: display delete token confirmation box
 113          echo $OUTPUT->header();
 114          $renderer = $PAGE->get_renderer('core', 'webservice');
 115          echo $renderer->admin_delete_token_confirmation($token);
 116          echo $OUTPUT->footer();
 117          die;
 118          break;
 119  
 120      default:
 121          //wrong url access
 122          redirect($tokenlisturl);
 123          break;
 124  }