Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 3.11.x will end 14 Nov 2022 (12 months plus 6 months extension).
  • Bug fixes for security issues in 3.11.x will end 13 Nov 2023 (18 months plus 12 months extension).
  • PHP version: minimum PHP 7.3.0 Note: minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is supported too.

Differences Between: [Versions 310 and 311] [Versions 311 and 400] [Versions 311 and 401] [Versions 311 and 402] [Versions 311 and 403] [Versions 39 and 311]

   1  <?php
   2  // This file is part of Moodle - https://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Web services / external tokens management UI.
  19   *
  20   * @package     core_webservice
  21   * @category    admin
  22   * @copyright   2009 Jerome Mouneyrac
  23   * @license     http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  24   */
  25  
  26  require(__DIR__ . '/../../config.php');
  27  require_once($CFG->libdir . '/adminlib.php');
  28  require_once($CFG->libdir . '/externallib.php');
  29  require_once($CFG->dirroot . '/webservice/lib.php');
  30  
  31  $action = optional_param('action', '', PARAM_ALPHANUMEXT);
  32  $tokenid = optional_param('tokenid', '', PARAM_SAFEDIR);
  33  $confirm = optional_param('confirm', 0, PARAM_BOOL);
  34  $ftoken = optional_param('ftoken', '', PARAM_ALPHANUM);
  35  $fusers = optional_param_array('fusers', [], PARAM_INT);
  36  $fservices = optional_param_array('fservices', [], PARAM_INT);
  37  
  38  admin_externalpage_setup('webservicetokens');
  39  
  40  if ($action === 'create') {
  41      $webservicemanager = new webservice();
  42      $mform = new \core_webservice\token_form(null, ['action' => 'create']);
  43      $data = $mform->get_data();
  44  
  45      if ($mform->is_cancelled()) {
  46          redirect($PAGE->url);
  47  
  48      } else if ($data) {
  49          ignore_user_abort(true);
  50  
  51          // Check the user is allowed for the service.
  52          $selectedservice = $webservicemanager->get_external_service_by_id($data->service);
  53  
  54          if ($selectedservice->restrictedusers) {
  55              $restricteduser = $webservicemanager->get_ws_authorised_user($data->service, $data->user);
  56  
  57              if (empty($restricteduser)) {
  58                  $errormsg = $OUTPUT->notification(get_string('usernotallowed', 'webservice', $selectedservice->name));
  59              }
  60          }
  61  
  62          $user = \core_user::get_user($data->user, '*', MUST_EXIST);
  63          \core_user::require_active_user($user);
  64  
  65          // Generate the token.
  66          if (empty($errormsg)) {
  67              external_generate_token(EXTERNAL_TOKEN_PERMANENT, $data->service, $data->user, context_system::instance(),
  68                  $data->validuntil, $data->iprestriction);
  69              redirect($PAGE->url);
  70          }
  71      }
  72  
  73      echo $OUTPUT->header();
  74      echo $OUTPUT->heading(get_string('createtoken', 'webservice'));
  75      if (!empty($errormsg)) {
  76          echo $errormsg;
  77      }
  78      $mform->display();
  79      echo $OUTPUT->footer();
  80      die();
  81  }
  82  
  83  if ($action === 'delete') {
  84      $webservicemanager = new webservice();
  85      $token = $webservicemanager->get_token_by_id_with_details($tokenid);
  86  
  87      if ($token->creatorid != $USER->id) {
  88          require_capability('moodle/webservice:managealltokens', context_system::instance());
  89      }
  90  
  91      if ($confirm && confirm_sesskey()) {
  92          $webservicemanager->delete_user_ws_token($token->id);
  93          redirect($PAGE->url);
  94      }
  95  
  96      echo $OUTPUT->header();
  97  
  98      echo $OUTPUT->confirm(
  99          get_string('deletetokenconfirm', 'webservice', [
 100              'user' => $token->firstname . ' ' . $token->lastname,
 101              'service' => $token->name,
 102          ]),
 103          new single_button(new moodle_url('/admin/webservice/tokens.php', [
 104              'tokenid' => $token->id,
 105              'action' => 'delete',
 106              'confirm' => 1,
 107              'sesskey' => sesskey(),
 108          ]), get_string('delete')),
 109          $PAGE->url
 110      );
 111  
 112      echo $OUTPUT->footer();
 113      die();
 114  }
 115  
 116  // Pre-populate the form with the values that come as a part of the URL - typically when using the table_sql control
 117  // links.
 118  $filterdata = (object)[
 119      'token' => $ftoken,
 120      'users' => $fusers,
 121      'services' => $fservices,
 122  ];
 123  
 124  $filter = new \core_webservice\token_filter($PAGE->url, $filterdata);
 125  
 126  $filter->set_data($filterdata);
 127  
 128  if ($filter->is_submitted()) {
 129      $filterdata = $filter->get_data();
 130  
 131      if (isset($filterdata->resetbutton)) {
 132          redirect($PAGE->url);
 133      }
 134  }
 135  
 136  echo $OUTPUT->header();
 137  echo $OUTPUT->heading(get_string('managetokens', 'core_webservice'));
 138  
 139  echo html_writer::div($OUTPUT->render(new single_button(new moodle_url($PAGE->url, ['action' => 'create']),
 140      get_string('createtoken', 'core_webservice'), 'get', true)), 'my-3');
 141  
 142  $filter->display();
 143  
 144  $table = new \core_webservice\token_table('webservicetokens', $filterdata);
 145  
 146  // In order to not lose the filter form values by clicking the table control links, make them part of the table's baseurl.
 147  $baseurl = new moodle_url($PAGE->url, ['ftoken' => $filterdata->token]);
 148  
 149  foreach ($filterdata->users as $i => $userid) {
 150      $baseurl->param("fusers[{$i}]", $userid);
 151  }
 152  
 153  foreach ($filterdata->services as $i => $serviceid) {
 154      $baseurl->param("fservices[{$i}]", $serviceid);
 155  }
 156  
 157  $table->define_baseurl($baseurl);
 158  
 159  $table->attributes['class'] = 'admintable generaltable';
 160  $table->data = [];
 161  $table->out(30, false);
 162  
 163  echo $OUTPUT->footer();