Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.2.x will end 22 April 2024 (12 months).
  • Bug fixes for security issues in 4.2.x will end 7 October 2024 (18 months).
  • PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.1.x is supported too.
/admin/webservice/ -> tokens.php (source)
<?php


< 
< // This file is part of Moodle - http://moodle.org/





> // This file is part of Moodle - https://moodle.org/



//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.

/**


<  * Web services tokens admin UI





>  * Web services / external tokens management UI.



 *


<  * @package   webservice
<  * @author Jerome Mouneyrac
<  * @copyright 2009 Moodle Pty Ltd (http://moodle.com)





>  * @package     core_webservice
>  * @category    admin
>  * @copyright   2009 Jerome Mouneyrac



 * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 */


< require_once('../../config.php');





> 
> require(__DIR__ . '/../../config.php');



require_once($CFG->libdir . '/adminlib.php');


< require_once($CFG->dirroot . '/' . $CFG->admin . '/webservice/forms.php');
< require_once($CFG->libdir . '/externallib.php');





> require_once($CFG->dirroot . '/webservice/lib.php');




$action = optional_param('action', '', PARAM_ALPHANUMEXT);
$tokenid = optional_param('tokenid', '', PARAM_SAFEDIR);
$confirm = optional_param('confirm', 0, PARAM_BOOL);


> $ftoken = optional_param('ftoken', '', PARAM_ALPHANUM);

> $fusers = optional_param_array('fusers', [], PARAM_INT);
admin_externalpage_setup('addwebservicetoken');
> $fservices = optional_param_array('fservices', [], PARAM_INT);

> 
//Deactivate the second 'Manage token' navigation node, and use the main 'Manage token' navigation node
> admin_externalpage_setup('webservicetokens');
$node = $PAGE->settingsnav->find('addwebservicetoken', navigation_node::TYPE_SETTING);
> 
$newnode = $PAGE->settingsnav->find('webservicetokens', navigation_node::TYPE_SETTING);
> $PAGE->set_primary_active_tab('siteadminnode');
if ($node && $newnode) {
> $PAGE->navbar->add(get_string('managetokens', 'webservice'),
    $node->display = false;
>     new moodle_url('/admin/webservice/tokens.php'));





< admin_externalpage_setup('addwebservicetoken');
< 
< //Deactivate the second 'Manage token' navigation node, and use the main 'Manage token' navigation node
< $node = $PAGE->settingsnav->find('addwebservicetoken', navigation_node::TYPE_SETTING);
< $newnode = $PAGE->settingsnav->find('webservicetokens', navigation_node::TYPE_SETTING);
< if ($node && $newnode) {
<     $node->display = false;
<     $newnode->make_active();
< }
< 
< 
< $tokenlisturl = new moodle_url("/" . $CFG->admin . "/settings.php", array('section' => 'webservicetokens'));
< 
< require_once($CFG->dirroot . "/webservice/lib.php");





> if ($action === 'create') {
>     $PAGE->navbar->add(get_string('createtoken', 'webservice'), $PAGE->url);





< 
< switch ($action) {
< 
<     case 'create':
<         $mform = new web_service_token_form(null, array('action' => 'create'));





>     $mform = new \core_webservice\token_form(null, ['action' => 'create']);



            //check the the user is allowed for the service


> 





<             redirect($tokenlisturl);
<         } else if ($data and confirm_sesskey()) {





>         redirect($PAGE->url);
> 
>     } else if ($data) {





<             //check the the user is allowed for the service





>         // Check the user is allowed for the service.



                if (empty($restricteduser)) {


> 



                    $allowuserurl = new moodle_url('/' . $CFG->admin . '/webservice/service_users.php',


> 





<                     $allowuserurl = new moodle_url('/' . $CFG->admin . '/webservice/service_users.php',
<                             array('id' => $selectedservice->id));
<                     $allowuserlink = html_writer::tag('a', $selectedservice->name , array('href' => $allowuserurl));
<                     $errormsg = $OUTPUT->notification(get_string('usernotallowed', 'webservice', $allowuserlink));





>                 $errormsg = $OUTPUT->notification(get_string('usernotallowed', 'webservice', $selectedservice->name));



            }



<             //check if the user is deleted. unconfirmed, suspended or guest
<             $user = $DB->get_record('user', array('id' => $data->user));
<             if ($user->id == $CFG->siteguest or $user->deleted or !$user->confirmed or $user->suspended) {
<                 throw new moodle_exception('forbiddenwsuser', 'webservice');
<             }





>         $user = \core_user::get_user($data->user, '*', MUST_EXIST);
>         \core_user::require_active_user($user);






<             //process the creation





>         // Generate the token.



            if (empty($errormsg)) {


<                 //TODO improvement: either move this function from externallib.php to webservice/lib.php
<                 // either move most of webservicelib.php functions into externallib.php
<                 // (create externalmanager class) MDL-23523
<                 external_generate_token(EXTERNAL_TOKEN_PERMANENT, $data->service,
<                         $data->user, context_system::instance(),
<                         $data->validuntil, $data->iprestriction);
<                 redirect($tokenlisturl);





>             \core_external\util::generate_token(
>                 EXTERNAL_TOKEN_PERMANENT,
>                 \core_external\util::get_service_by_id($data->service),
>                 $data->user,
>                 context_system::instance(),
>                 $data->validuntil,
>                 $data->iprestriction
>             );
>             redirect($PAGE->url);



            }
        }



<         //OUTPUT: create token form



        echo $OUTPUT->header();
        echo $OUTPUT->heading(get_string('createtoken', 'webservice'));
        if (!empty($errormsg)) {
            echo $errormsg;
        }
        $mform->display();
        echo $OUTPUT->footer();


<         die;
<         break;





>     die();
> }






<     case 'delete':





> if ($action === 'delete') {
>     $PAGE->navbar->add(get_string('deletetoken', 'webservice'), $PAGE->url);
>     $webservicemanager = new webservice();



        $token = $webservicemanager->get_token_by_id_with_details($tokenid);

        if ($token->creatorid != $USER->id) {


<             require_capability("moodle/webservice:managealltokens", context_system::instance());





>         require_capability('moodle/webservice:managealltokens', context_system::instance());



        }



<         //Delete the token
<         if ($confirm and confirm_sesskey()) {





>     if ($confirm && confirm_sesskey()) {



            $webservicemanager->delete_user_ws_token($token->id);


<             redirect($tokenlisturl);





>         redirect($PAGE->url);



        }



<         ////OUTPUT: display delete token confirmation box



        echo $OUTPUT->header();


<         $renderer = $PAGE->get_renderer('core', 'webservice');
<         echo $renderer->admin_delete_token_confirmation($token);





> 
>     echo $OUTPUT->confirm(
>         get_string('deletetokenconfirm', 'webservice', [
>             'user' => $token->firstname . ' ' . $token->lastname,
>             'service' => $token->name,
>         ]),
>         new single_button(new moodle_url('/admin/webservice/tokens.php', [
>             'tokenid' => $token->id,
>             'action' => 'delete',
>             'confirm' => 1,
>             'sesskey' => sesskey(),
>         ]), get_string('delete')),
>         $PAGE->url
>     );
> 



        echo $OUTPUT->footer();


<         die;
<         break;





>     die();
> }






<     default:
<         //wrong url access
<         redirect($tokenlisturl);
<         break;





> // Pre-populate the form with the values that come as a part of the URL - typically when using the table_sql control
> // links.
> $filterdata = (object)[
>     'token' => $ftoken,
>     'users' => $fusers,
>     'services' => $fservices,
> ];
> 
> $filter = new \core_webservice\token_filter($PAGE->url, $filterdata);
> 
> $filter->set_data($filterdata);
> 
> if ($filter->is_submitted()) {
>     $filterdata = $filter->get_data();
> 
>     if (isset($filterdata->resetbutton)) {
>         redirect($PAGE->url);
>     }



}


> 
> echo $OUTPUT->header();
> echo $OUTPUT->heading(get_string('managetokens', 'core_webservice'));
> 
> echo html_writer::div($OUTPUT->render(new single_button(new moodle_url($PAGE->url, ['action' => 'create']),
>     get_string('createtoken', 'core_webservice'), 'get', single_button::BUTTON_PRIMARY)), 'my-3');
> 
> $filter->display();
> 
> $table = new \core_webservice\token_table('webservicetokens', $filterdata);
> 
> // In order to not lose the filter form values by clicking the table control links, make them part of the table's baseurl.
> $baseurl = new moodle_url($PAGE->url, ['ftoken' => $filterdata->token]);
> 
> foreach ($filterdata->users as $i => $userid) {
>     $baseurl->param("fusers[{$i}]", $userid);
> }
> 
> foreach ($filterdata->services as $i => $serviceid) {
>     $baseurl->param("fservices[{$i}]", $serviceid);
> }
> 
> $table->define_baseurl($baseurl);
> 
> $table->attributes['class'] = 'admintable generaltable';
> $table->out(30, false);
> 
> echo $OUTPUT->footer();