Search moodle.org's
Developer Documentation
Developer Documentation
- Bug fixes for general core bugs in 4.0.x will end 8 May 2023 (12 months).
- Bug fixes for security issues in 4.0.x will end 13 November 2023 (18 months).
- PHP version: minimum PHP 7.3.0 Note: the minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is also supported.
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace quizaccess_seb\external;
defined('MOODLE_INTERNAL') || die();
global $CFG;
< use external_api;
< use external_function_parameters;
< use external_single_structure;
< use external_value;
> use core_external\external_api;
> use core_external\external_function_parameters;
> use core_external\external_single_structure;
> use core_external\external_value;
use invalid_parameter_exception;
< use quiz;
> use mod_quiz\quiz_settings;
use quizaccess_seb\event\access_prevented;
< use quizaccess_seb\access_manager;
<
< require_once($CFG->dirroot . '/mod/quiz/accessmanager.php');
< require_once($CFG->dirroot . '/mod/quiz/attemptlib.php');
< require_once($CFG->libdir . '/externallib.php');
> use quizaccess_seb\seb_access_manager;
/**
* Validate browser exam key and config key.
*
* @package quizaccess_seb
* @author Andrew Madden <andrewmadden@catalyst-au.net>
* @copyright 2021 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class validate_quiz_keys extends external_api {
/**
* External function parameters.
*
* @return external_function_parameters
*/
public static function execute_parameters(): external_function_parameters {
return new external_function_parameters([
'cmid' => new external_value(PARAM_INT, 'Course module ID',
VALUE_REQUIRED, null, NULL_NOT_ALLOWED),
'url' => new external_value(PARAM_URL, 'Page URL to check',
VALUE_REQUIRED, null, NULL_NOT_ALLOWED),
'configkey' => new external_value(PARAM_ALPHANUMEXT, 'SEB config key',
VALUE_DEFAULT, null),
'browserexamkey' => new external_value(PARAM_ALPHANUMEXT, 'SEB browser exam key',
VALUE_DEFAULT, null),
]);
}
/**
* Validate a SEB config key or browser exam key.
*
* @param string $cmid Course module ID.
* @param string $url URL of the page on which the SEB JS API generated the keys.
* @param string|null $configkey A SEB config key hash. Includes URL in the hash.
* @param string|null $browserexamkey A SEB browser exam key hash. Includes the URL in the hash.
* @return array
*/
public static function execute(string $cmid, string $url, ?string $configkey = null, ?string $browserexamkey = null): array {
list(
'cmid' => $cmid,
'url' => $url,
'configkey' => $configkey,
'browserexamkey' => $browserexamkey
) = self::validate_parameters(self::execute_parameters(), [
'cmid' => $cmid,
'url' => $url,
'configkey' => $configkey,
'browserexamkey' => $browserexamkey,
]);
self::validate_context(\context_module::instance($cmid));
// At least one SEB key must be provided.
if (empty($configkey) && empty($browserexamkey)) {
throw new invalid_parameter_exception(get_string('error:ws:nokeyprovided', 'quizaccess_seb'));
}
// Check quiz exists corresponding to cmid.
if (($quizid = self::get_quiz_id($cmid)) === 0) {
throw new invalid_parameter_exception(get_string('error:ws:quiznotexists', 'quizaccess_seb', $cmid));
}
$result = ['configkey' => true, 'browserexamkey' => true];
< $accessmanager = new access_manager(quiz::create($quizid));
> $accessmanager = new seb_access_manager(quiz_settings::create($quizid));
// Check if there is a valid config key.
if (!$accessmanager->validate_config_key($configkey, $url)) {
access_prevented::create_strict($accessmanager, get_string('invalid_config_key', 'quizaccess_seb'),
$configkey, $browserexamkey)->trigger();
$result['configkey'] = false;
}
// Check if there is a valid browser exam key.
if (!$accessmanager->validate_browser_exam_key($browserexamkey, $url)) {
access_prevented::create_strict($accessmanager, get_string('invalid_browser_key', 'quizaccess_seb'),
$configkey, $browserexamkey)->trigger();
$result['browserexamkey'] = false;
}
if ($result['configkey'] && $result['browserexamkey']) {
// Set the state of the access for this Moodle session.
$accessmanager->set_session_access(true);
}
return $result;
}
/**
* External function returns.
*
* @return external_single_structure
*/
public static function execute_returns(): external_single_structure {
return new external_single_structure([
'configkey' => new external_value(PARAM_BOOL, 'Is a provided config key valid?',
VALUE_REQUIRED, 0, NULL_NOT_ALLOWED),
'browserexamkey' => new external_value(PARAM_BOOL, 'Is a provided browser exam key valid?',
VALUE_REQUIRED, 0, NULL_NOT_ALLOWED)
]);
}
/**
* Check if there is a valid quiz corresponding to a course module it.
*
* @param string $cmid Course module ID.
* @return int Returns quiz id if cmid matches valid quiz, or 0 if there is no match.
*/
private static function get_quiz_id(string $cmid): int {
$quizid = 0;
$coursemodule = get_coursemodule_from_id('quiz', $cmid);
if (!empty($coursemodule)) {
$quizid = $coursemodule->instance;
}
return $quizid;
}
}
<
