admin/webservice/tokens.php

   1 <?php
   2
   3 // This file is part of Moodle - http://moodle.org/
   4 //
   5 // Moodle is free software: you can redistribute it and/or modify
   6 // it under the terms of the GNU General Public License as published by
   7 // the Free Software Foundation, either version 3 of the License, or
   8 // (at your option) any later version.
   9 //
  10 // Moodle is distributed in the hope that it will be useful,
  11 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13 // GNU General Public License for more details.
  14 //
  15 // You should have received a copy of the GNU General Public License
  16 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  17
  18 /**
  19  * Web services tokens admin UI
  20  *
  21  * @package   webservice
  22  * @author Jerome Mouneyrac
  23  * @copyright 2009 Moodle Pty Ltd (http://moodle.com)
  24  * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  25  */
  26 require_once('../../config.php');
  27 require_once($CFG->libdir . '/adminlib.php');
  28 require_once($CFG->dirroot . '/' . $CFG->admin . '/webservice/forms.php');
  29 require_once($CFG->libdir . '/externallib.php');
  30
  31 $action = optional_param('action', '', PARAM_ALPHANUMEXT);
  32 $tokenid = optional_param('tokenid', '', PARAM_SAFEDIR);
  33 $confirm = optional_param('confirm', 0, PARAM_BOOL);
  34
  35 admin_externalpage_setup('addwebservicetoken');
  36
  37 //Deactivate the second 'Manage token' navigation node, and use the main 'Manage token' navigation node
  38 $node = $PAGE->settingsnav->find('addwebservicetoken', navigation_node::TYPE_SETTING);
  39 $newnode = $PAGE->settingsnav->find('webservicetokens', navigation_node::TYPE_SETTING);
  40 if ($node && $newnode) {
  41     $node->display = false;
  42     $newnode->make_active();
  43 }
  44
  45 require_capability('moodle/site:config', context_system::instance());
  46
  47 $tokenlisturl = new moodle_url("/" . $CFG->admin . "/settings.php", array('section' => 'webservicetokens'));
  48
  49 require_once($CFG->dirroot . "/webservice/lib.php");
  50 $webservicemanager = new webservice();
  51
  52 switch ($action) {
  53
  54     case 'create':
  55         $mform = new web_service_token_form(null, array('action' => 'create'));
  56         $data = $mform->get_data();
  57         if ($mform->is_cancelled()) {
  58             redirect($tokenlisturl);
  59         } else if ($data and confirm_sesskey()) {
  60             ignore_user_abort(true);
  61
  62             //check the the user is allowed for the service
  63             $selectedservice = $webservicemanager->get_external_service_by_id($data->service);
  64             if ($selectedservice->restrictedusers) {
  65                 $restricteduser = $webservicemanager->get_ws_authorised_user($data->service, $data->user);
  66                 if (empty($restricteduser)) {
  67                     $allowuserurl = new moodle_url('/' . $CFG->admin . '/webservice/service_users.php',
  68                             array('id' => $selectedservice->id));
  69                     $allowuserlink = html_writer::tag('a', $selectedservice->name , array('href' => $allowuserurl));
  70                     $errormsg = $OUTPUT->notification(get_string('usernotallowed', 'webservice', $allowuserlink));
  71                 }
  72             }
  73
  74             //check if the user is deleted. unconfirmed, suspended or guest
  75             $user = $DB->get_record('user', array('id' => $data->user));
  76             if ($user->id == $CFG->siteguest or $user->deleted or !$user->confirmed or $user->suspended) {
  77                 throw new moodle_exception('forbiddenwsuser', 'webservice');
  78             }
  79
  80             //process the creation
  81             if (empty($errormsg)) {
  82                 //TODO improvement: either move this function from externallib.php to webservice/lib.php
  83                 // either move most of webservicelib.php functions into externallib.php
  84                 // (create externalmanager class) MDL-23523
  85                 external_generate_token(EXTERNAL_TOKEN_PERMANENT, $data->service,
  86                         $data->user, context_system::instance(),
  87                         $data->validuntil, $data->iprestriction);
  88                 redirect($tokenlisturl);
  89             }
  90         }
  91
  92         //OUTPUT: create token form
  93         echo $OUTPUT->header();
  94         echo $OUTPUT->heading(get_string('createtoken', 'webservice'));
  95         if (!empty($errormsg)) {
  96             echo $errormsg;
  97         }
  98         $mform->display();
  99         echo $OUTPUT->footer();
 100         die;
 101         break;
 102
 103     case 'delete':
 104         $token = $webservicemanager->get_created_by_user_ws_token($USER->id, $tokenid);
 105
 106         //Delete the token
 107         if ($confirm and confirm_sesskey()) {
 108             $webservicemanager->delete_user_ws_token($token->id);
 109             redirect($tokenlisturl);
 110         }
 111
 112         ////OUTPUT: display delete token confirmation box
 113         echo $OUTPUT->header();
 114         $renderer = $PAGE->get_renderer('core', 'webservice');
 115         echo $renderer->admin_delete_token_confirmation($token);
 116         echo $OUTPUT->footer();
 117         die;
 118         break;
 119
 120     default:
 121         //wrong url access
 122         redirect($tokenlisturl);
 123         break;
 124 }