webservice MDL-20805 added token creation page

moodle · Jan 11, 2010 · 15e417f · 15e417f
1 parent a25bb90
commit 15e417f
Show file tree

Hide file tree

Showing 6 changed files with 136 additions and 12 deletions.
diff --git a/admin/settings/plugins.php b/admin/settings/plugins.php
@@ -266,6 +266,7 @@
         }
     }
     /// manage token page link
+    $ADMIN->add('webservicesettings', new admin_externalpage('addwebservicetoken', get_string('managetokens', 'webservice'), "$CFG->wwwroot/$CFG->admin/webservice/tokens.php", 'moodle/site:config', true));
     $temp = new admin_settingpage('webservicetokens', get_string('managetokens', 'webservice'));
     $temp->add(new admin_setting_managewebservicetokens());
     if (empty($CFG->enablewebservices)) {

diff --git a/admin/webservice/forms.php b/admin/webservice/forms.php
@@ -129,3 +129,57 @@ function definition() {
         $this->set_data($data);
     }
 }
+
+
+class web_service_token_form extends moodleform {
+    function definition() {
+        global $CFG, $USER, $DB;
+
+        $mform = $this->_form;
+        $data = $this->_customdata;
+
+        $mform->addElement('header', 'token', get_string('token', 'webservice'));
+
+        //user searchable selector
+        $sql = "SELECT user.id, user.firstname, user.lastname, rassign.roleid
+        FROM {user} user
+        LEFT JOIN {role_assignments} rassign
+        ON user.id = rassign.userid
+        ORDER BY user.lastname";
+        $users = $DB->get_records_sql($sql,array());
+        $options = array();
+        foreach ($users as $userid => $user) {
+            if ($user->roleid != 1) {
+                $options[$userid] = $user->firstname. " " . $user->lastname;
+            }
+        }
+        $mform->addElement('searchableselector', 'user', get_string('user'),$options);
+        $mform->addRule('user', get_string('required'), 'required', null, 'client');
+
+        //service selector
+        $services = $DB->get_records('external_services');
+        $options = array();
+        foreach ($services as $serviceid => $service) {
+            $options[$serviceid] = $service->name;
+        }
+        $mform->addElement('select', 'service', get_string('service', 'webservice'),$options);
+        $mform->addRule('service', get_string('required'), 'required', null, 'client');
+
+
+        $mform->addElement('text', 'iprestriction', get_string('iprestriction', 'webservice'));
+
+        $mform->addElement('date_selector', 'validuntil', get_string('validuntil', 'webservice'), array('optional'=>true));
+
+        $mform->addElement('hidden', 'action');
+        $mform->setType('action', PARAM_ACTION);
+
+        $this->add_action_buttons(true);
+
+        $this->set_data($data);
+    }
+
+    function validation($data, $files) {
+        $errors = parent::validation($data, $files);
+        return $errors;
+    }
+}
diff --git a/admin/webservice/tokens.php b/admin/webservice/tokens.php
@@ -25,9 +25,13 @@
  */
 
 require_once('../../config.php');
+require_once($CFG->libdir.'/adminlib.php');
+require_once('forms.php');
 
 $PAGE->set_url('/admin/webservice/tokens.php', array());
 
+admin_externalpage_setup('addwebservicetoken');
+
 require_login();
 require_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM));
 
@@ -46,14 +50,69 @@
 }
 
 switch ($action) {
-
+    
     case 'create':
-        echo "I'm creating a token yoohoo";
+        $mform = new web_service_token_form(null, array('action' => 'create'));
+        if ($mform->is_cancelled()) {
+            redirect($returnurl);
+        } else if ($data = $mform->get_data()) {
+            ignore_user_abort(true); // no interruption here!
+
+            //generate token
+            $generatedtoken = md5(uniqid(rand(),1));
+
+            // make sure the token doesn't exist (even if it should be almost impossible with the random generation)
+            if ($DB->record_exists('external_tokens', array('token'=>$generatedtoken))) {
+                throw new moodle_exception('tokenalreadyexist');
+            } else {
+                $newtoken = new object();
+                $newtoken->token = $generatedtoken;
+                $newtoken->externalserviceid = $data->service;
+                $newtoken->tokentype = 2;
+                $newtoken->userid = $data->user;
+                //TODO: find a way to get the context - UPDATE FOLLOWING LINE
+                $newtoken->contextid = get_context_instance(CONTEXT_SYSTEM)->id; 
+                $newtoken->creatorid = $USER->id;
+                $newtoken->timecreated = time();
+                $newtoken->validuntil = $data->validuntil;
+                if (!empty($data->iprestriction)) {
+                    $newtoken->iprestriction = $data->iprestriction;
+                }
+                $DB->insert_record('external_tokens', $newtoken);
+            }
+            redirect($returnurl);
+        }
+
+
+
+        //ask for function id
+        admin_externalpage_print_header();
+        echo $OUTPUT->heading(get_string('createtoken', 'webservice'));
+        $mform->display();
+        echo $OUTPUT->footer();
+        die;
         break;
 
     case 'delete':
-        $token = $DB->get_record('external_tokens', array('id' => $tokenid));
-        echo "coucou delete token id:".$token->id;
+        $sql = "SELECT
+                    token.id, token.token, user.firstname, user.lastname, service.name
+                FROM
+                    {external_tokens} token, {user} user, {external_services} service
+                WHERE
+                    token.creatorid=? AND token.id=? AND token.tokentype = 2 AND service.id = token.externalserviceid AND token.userid = user.id";
+        $token = $DB->get_record_sql($sql, array($USER->id, $tokenid), MUST_EXIST); //must be the token creator
+        if (!$confirm) {
+            admin_externalpage_print_header();
+            $optionsyes = array('tokenid'=>$tokenid, 'action'=>'delete', 'confirm'=>1, 'sesskey'=>sesskey());
+            $optionsno  = array('section'=>'webservicetokens', 'sesskey'=>sesskey());
+            $formcontinue = new single_button(new moodle_url('/admin/webservice/tokens.php', $optionsyes), get_string('delete'));
+            $formcancel = new single_button(new moodle_url('/admin/settings.php', $optionsno), get_string('cancel'), 'get');
+            echo $OUTPUT->confirm(get_string('deletetokenconfirm', 'webservice', (object)array('user'=>$token->firstname." ".$token->lastname, 'service'=>$token->name)), $formcontinue, $formcancel);
+            echo $OUTPUT->footer();
+            die;
+        }
+        $DB->delete_records('external_tokens', array('id'=>$token->id));
+        redirect($returnurl);
         break;
 
     default:

diff --git a/lang/en_utf8/error.php b/lang/en_utf8/error.php
@@ -419,6 +419,7 @@
 $string['tagdisabled'] = 'Tags are disabled!';
 $string['targetdatabasenotempty'] = 'The target database is not empty. Transfer aborted for safety reasons.';
 $string['themenotinstall'] = 'This theme is not installed!';
+$string['tokenalreadyexist'] = 'The generated token already exists, try again.';
 $string['transactionvoid'] = 'Transaction cannot be voided because it has already been voided';
 $string['TODO'] = 'TODO';
 $string['importformatnotimplement'] = 'Sorry, importing this format is not yet implemented!';

diff --git a/lang/en_utf8/webservice.php b/lang/en_utf8/webservice.php
@@ -1,6 +1,7 @@
 <?php
 
 $string['accessexception'] = 'Access control exception';
+$string['activatehttps'] = 'connect with HTTPS to see the token';
 $string['addfunction'] = 'Add function';
 $string['addfunctionhelp'] = 'Select the function to add to the service.';
 $string['addrequiredcapability'] = 'Assign/Unassign the required capability';
@@ -11,8 +12,10 @@
 $string['arguments'] = 'Arguments';
 $string['configwebserviceplugins'] = 'For security reasons enable only protocols that are used.';
 $string['context'] = 'Context';
+$string['createtoken'] = 'Create token';
 $string['deleteservice'] = 'Delete the service: $a->name (id: $a->id)';
 $string['deleteserviceconfirm'] = 'Do you really want to delete external service \"$a\"?';
+$string['deletetokenconfirm'] = 'Do you really want to delete this web service token for <strong>$a->user</strong> on the service <strong>$a->service</strong>?';
 $string['disabledwarning'] = 'All webs service protocols are disabled, the \Enable web services\" setting can be found in the \"Advanced features\" section.';
 $string['editservice'] = 'Edit the service: $a->name (id: $a->id)';
 $string['enabled'] = 'Enabled';

diff --git a/lib/adminlib.php b/lib/adminlib.php
@@ -6474,30 +6474,28 @@ public function output_html($data, $query='') {
         $strservice = get_string('service', 'webservice');
         $struser = get_string('user');
         $strcontext = get_string('context', 'webservice');
-
-
-
+        $strvaliduntil = get_string('validuntil', 'webservice');
 
         $return = $OUTPUT->heading(get_string('webservicetokens', 'webservice'), 3, 'main', true);
         $return .= $OUTPUT->box_start('generalbox webservicestokenui');
 
         $table = new html_table();
-        $table->head  = array($strtoken, $struser, $strservice, $strcontext, $stroperation);
+        $table->head  = array($strtoken, $struser, $strservice, $strcontext, $strvaliduntil, $stroperation);
         $table->align = array('left', 'left', 'left', 'left', 'center');
         $table->width = '100%';
         $table->data  = array();
 
         $tokenpageurl = "$CFG->wwwroot/$CFG->admin/webservice/tokens.php?sesskey=" . sesskey();
 
-        //TODO: in order to let the administrator delete obsolete token, split this request in multiple request
+        //TODO: in order to let the administrator delete obsolete token, split this request in multiple request or use LEFT JOIN
 
         //here retrieve token list (including linked users firstname/lastname and linked services name)
         $sql = "SELECT
-                    token.id, token.token, user.firstname, user.lastname, service.name
+                    token.id, token.token, user.firstname, user.lastname, service.name, token.validuntil
                 FROM
                     {external_tokens} token, {user} user, {external_services} service
                 WHERE
-                    token.creatorid=? AND service.id = token.externalserviceid AND token.userid = user.id";
+                    token.creatorid=? AND token.tokentype = 2 AND service.id = token.externalserviceid AND token.userid = user.id";
         $tokens = $DB->get_records_sql($sql, array( $USER->id));
         if (!empty($tokens)) {
             foreach ($tokens as $token) {
@@ -6506,8 +6504,16 @@ public function output_html($data, $query='') {
                 $delete = "<a href=\"".$tokenpageurl."&amp;action=delete&amp;tokenid=".$token->id."\">";
                 $delete .= get_string('delete')."</a>";
 
+                if (empty($_SERVER['HTTPS'])) {
+                    $token->token = get_string('activatehttps', 'webservice');
+                }
+
+                $validuntil = '';
+                if (!empty($token->validuntil)) {
+                    $validuntil = date("F j, Y"); //TODO: language support (look for moodle function)
+                }
 
-                $table->data[] = array($token->token, $token->firstname." ".$token->lastname, $token->name, '', $delete);
+                $table->data[] = array($token->token, $token->firstname." ".$token->lastname, $token->name, '', $validuntil, $delete);
             }
 
             $return .= $OUTPUT->table($table);