search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
on-demand release 4.5dev+
[moodle.git] / user / tests / externallib_test.php
blobf2ed8b46f80e3ac85f4eb2ec1e116e68a3cafd06
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
16
17 /**
18 * User external PHPunit tests
19 *
20 * @package core_user
21 * @category external
22 * @copyright 2012 Jerome Mouneyrac
23 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
24 * @since Moodle 2.4
25 */
26
27 namespace core_user;
28
29 use core_external\external_api;
30 use core_files_external;
31 use core_user_external;
32 use externallib_advanced_testcase;
33
34 defined('MOODLE_INTERNAL') || die();
35
36 global $CFG;
37
38 require_once($CFG->dirroot . '/webservice/tests/helpers.php');
39 require_once($CFG->dirroot . '/user/externallib.php');
40 require_once($CFG->dirroot . '/files/externallib.php');
41
42 /**
43 * Tests for the user external functions.
44 *
45 * @package core_user
46 * @covers \core_user_external
47 */
48 final class externallib_test extends externallib_advanced_testcase {
49
50 /**
51 * Test get_users
52 */
53 public function test_get_users(): void {
54 global $USER, $CFG;
55
56 $this->resetAfterTest(true);
57
58 $course = self::getDataGenerator()->create_course();
59
60 $user1 = array(
61 'username' => 'usernametest1',
62 'idnumber' => 'idnumbertest1',
63 'firstname' => 'First Name User Test 1',
64 'lastname' => 'Last Name User Test 1',
65 'email' => 'usertest1@example.com',
66 'address' => '2 Test Street Perth 6000 WA',
67 'phone1' => '01010101010',
68 'phone2' => '02020203',
69 'department' => 'Department of user 1',
70 'institution' => 'Institution of user 1',
71 'description' => 'This is a description for user 1',
72 'descriptionformat' => FORMAT_MOODLE,
73 'city' => 'Perth',
74 'country' => 'AU'
75 );
76
77 $user1 = self::getDataGenerator()->create_user($user1);
78 set_config('usetags', 1);
79 require_once($CFG->dirroot . '/user/editlib.php');
80 $user1->interests = array('Cinema', 'Tennis', 'Dance', 'Guitar', 'Cooking');
81 useredit_update_interests($user1, $user1->interests);
82
83 $user2 = self::getDataGenerator()->create_user(
84 array('username' => 'usernametest2', 'idnumber' => 'idnumbertest2'));
85
86 $generatedusers = array();
87 $generatedusers[$user1->id] = $user1;
88 $generatedusers[$user2->id] = $user2;
89
90 $context = \context_course::instance($course->id);
91 $roleid = $this->assignUserCapability('moodle/user:viewdetails', $context->id);
92
93 // Enrol the users in the course.
94 $this->getDataGenerator()->enrol_user($user1->id, $course->id, $roleid);
95 $this->getDataGenerator()->enrol_user($user2->id, $course->id, $roleid);
96 $this->getDataGenerator()->enrol_user($USER->id, $course->id, $roleid);
97
98 // call as admin and receive all possible fields.
99 $this->setAdminUser();
100
101 $searchparams = array(
102 array('key' => 'invalidkey', 'value' => 'invalidkey'),
103 array('key' => 'email', 'value' => $user1->email),
104 array('key' => 'firstname', 'value' => $user1->firstname));
105
106 // Call the external function.
107 $result = core_user_external::get_users($searchparams);
108
109 // We need to execute the return values cleaning process to simulate the web service server
110 $result = external_api::clean_returnvalue(core_user_external::get_users_returns(), $result);
111
112 // Check we retrieve the good total number of enrolled users + no error on capability.
113 $expectedreturnedusers = 1;
114 $returnedusers = $result['users'];
115 $this->assertEquals($expectedreturnedusers, count($returnedusers));
116
117 foreach($returnedusers as $returneduser) {
118 $generateduser = ($returneduser['id'] == $USER->id) ?
119 $USER : $generatedusers[$returneduser['id']];
120 $this->assertEquals($generateduser->username, $returneduser['username']);
121 if (!empty($generateduser->idnumber)) {
122 $this->assertEquals($generateduser->idnumber, $returneduser['idnumber']);
123 }
124 $this->assertEquals($generateduser->firstname, $returneduser['firstname']);
125 $this->assertEquals($generateduser->lastname, $returneduser['lastname']);
126 if ($generateduser->email != $USER->email) { // Don't check the tmp modified $USER email.
127 $this->assertEquals($generateduser->email, $returneduser['email']);
128 }
129 if (!empty($generateduser->address)) {
130 $this->assertEquals($generateduser->address, $returneduser['address']);
131 }
132 if (!empty($generateduser->phone1)) {
133 $this->assertEquals($generateduser->phone1, $returneduser['phone1']);
134 }
135 if (!empty($generateduser->phone2)) {
136 $this->assertEquals($generateduser->phone2, $returneduser['phone2']);
137 }
138 if (!empty($generateduser->department)) {
139 $this->assertEquals($generateduser->department, $returneduser['department']);
140 }
141 if (!empty($generateduser->institution)) {
142 $this->assertEquals($generateduser->institution, $returneduser['institution']);
143 }
144 if (!empty($generateduser->description)) {
145 $this->assertEquals($generateduser->description, $returneduser['description']);
146 }
147 if (!empty($generateduser->descriptionformat)) {
148 $this->assertEquals(FORMAT_HTML, $returneduser['descriptionformat']);
149 }
150 if (!empty($generateduser->city)) {
151 $this->assertEquals($generateduser->city, $returneduser['city']);
152 }
153 if (!empty($generateduser->country)) {
154 $this->assertEquals($generateduser->country, $returneduser['country']);
155 }
156 if (!empty($CFG->usetags) and !empty($generateduser->interests)) {
157 $this->assertEquals(implode(', ', $generateduser->interests), $returneduser['interests']);
158 }
159 }
160
161 // Test the invalid key warning.
162 $warnings = $result['warnings'];
163 $this->assertEquals(count($warnings), 1);
164 $warning = array_pop($warnings);
165 $this->assertEquals($warning['item'], 'invalidkey');
166 $this->assertEquals($warning['warningcode'], 'invalidfieldparameter');
167
168 // Test sending twice the same search field.
169 try {
170 $searchparams = array(
171 array('key' => 'firstname', 'value' => 'Canard'),
172 array('key' => 'email', 'value' => $user1->email),
173 array('key' => 'firstname', 'value' => $user1->firstname));
174
175 // Call the external function.
176 $result = core_user_external::get_users($searchparams);
177 $this->fail('Expecting \'keyalreadyset\' moodle_exception to be thrown.');
178 } catch (\moodle_exception $e) {
179 $this->assertEquals('keyalreadyset', $e->errorcode);
180 } catch (\Exception $e) {
181 $this->fail('Expecting \'keyalreadyset\' moodle_exception to be thrown.');
182 }
183 }
184
185 /**
186 * Test get_users_by_field
187 */
188 public function test_get_users_by_field(): void {
189 global $USER, $CFG;
190
191 $this->resetAfterTest(true);
192
193 $generator = self::getDataGenerator();
194
195 // Create complex user profile field supporting multi-lang.
196 filter_set_global_state('multilang', TEXTFILTER_ON);
197 $name = '<span lang="en" class="multilang">Employment status</span>'.
198 '<span lang="es" class="multilang">Estado de Empleo</span>';
199 $statuses = 'UE\nSE\n<span lang="en" class="multilang">Other</span><span lang="es" class="multilang">Otro</span>';
200 $generator->create_custom_profile_field(
201 [
202 'datatype' => 'menu',
203 'shortname' => 'employmentstatus',
204 'name' => $name,
205 'param1' => $statuses
206 ]
207 );
208
209 $course = $generator->create_course();
210 $user1 = array(
211 'username' => 'usernametest1',
212 'idnumber' => 'idnumbertest1',
213 'firstname' => 'First Name User Test 1',
214 'lastname' => 'Last Name User Test 1',
215 'email' => 'usertest1@example.com',
216 'address' => '2 Test Street Perth 6000 WA',
217 'phone1' => '01010101010',
218 'phone2' => '02020203',
219 'department' => 'Department of user 1',
220 'institution' => 'Institution of user 1',
221 'description' => 'This is a description for user 1',
222 'descriptionformat' => FORMAT_MOODLE,
223 'city' => 'Perth',
224 'country' => 'AU',
225 'profile_field_jobposition' => 'Manager',
226 'profile_field_employmentstatus' => explode('\n', $statuses)[2],
227 );
228 $user1 = $generator->create_user($user1);
229 if (!empty($CFG->usetags)) {
230 require_once($CFG->dirroot . '/user/editlib.php');
231 $user1->interests = array('Cinema', 'Tennis', 'Dance', 'Guitar', 'Cooking');
232 useredit_update_interests($user1, $user1->interests);
233 }
234 $user2 = $generator->create_user(
235 array('username' => 'usernametest2', 'idnumber' => 'idnumbertest2'));
236
237 $generatedusers = array();
238 $generatedusers[$user1->id] = $user1;
239 $generatedusers[$user2->id] = $user2;
240
241 $context = \context_course::instance($course->id);
242 $roleid = $this->assignUserCapability('moodle/user:viewdetails', $context->id);
243
244 // Enrol the users in the course.
245 $generator->enrol_user($user1->id, $course->id, $roleid, 'manual');
246 $generator->enrol_user($user2->id, $course->id, $roleid, 'manual');
247 $generator->enrol_user($USER->id, $course->id, $roleid, 'manual');
248
249 // call as admin and receive all possible fields.
250 $this->setAdminUser();
251
252 $fieldstosearch = array('id', 'idnumber', 'username', 'email');
253
254 foreach ($fieldstosearch as $fieldtosearch) {
255
256 // Call the external function.
257 $returnedusers = core_user_external::get_users_by_field($fieldtosearch,
258 array($USER->{$fieldtosearch}, $user1->{$fieldtosearch}, $user2->{$fieldtosearch}));
259 $returnedusers = external_api::clean_returnvalue(core_user_external::get_users_by_field_returns(), $returnedusers);
260
261 // Expected result differ following the searched field
262 // Admin user in the PHPunit framework doesn't have an idnumber.
263 if ($fieldtosearch == 'idnumber') {
264 $expectedreturnedusers = 2;
265 } else {
266 $expectedreturnedusers = 3;
267 }
268
269 // Check we retrieve the good total number of enrolled users + no error on capability.
270 $this->assertEquals($expectedreturnedusers, count($returnedusers));
271
272 foreach($returnedusers as $returneduser) {
273 $generateduser = ($returneduser['id'] == $USER->id) ?
274 $USER : $generatedusers[$returneduser['id']];
275 $this->assertEquals($generateduser->username, $returneduser['username']);
276 if (!empty($generateduser->idnumber)) {
277 $this->assertEquals($generateduser->idnumber, $returneduser['idnumber']);
278 }
279 $this->assertEquals($generateduser->firstname, $returneduser['firstname']);
280 $this->assertEquals($generateduser->lastname, $returneduser['lastname']);
281 if ($generateduser->email != $USER->email) { //don't check the tmp modified $USER email
282 $this->assertEquals($generateduser->email, $returneduser['email']);
283 }
284 if (!empty($generateduser->address)) {
285 $this->assertEquals($generateduser->address, $returneduser['address']);
286 }
287 if (!empty($generateduser->phone1)) {
288 $this->assertEquals($generateduser->phone1, $returneduser['phone1']);
289 }
290 if (!empty($generateduser->phone2)) {
291 $this->assertEquals($generateduser->phone2, $returneduser['phone2']);
292 }
293 if (!empty($generateduser->department)) {
294 $this->assertEquals($generateduser->department, $returneduser['department']);
295 }
296 if (!empty($generateduser->institution)) {
297 $this->assertEquals($generateduser->institution, $returneduser['institution']);
298 }
299 if (!empty($generateduser->description)) {
300 $this->assertEquals($generateduser->description, $returneduser['description']);
301 }
302 if (!empty($generateduser->descriptionformat) and isset($returneduser['descriptionformat'])) {
303 $this->assertEquals($generateduser->descriptionformat, $returneduser['descriptionformat']);
304 }
305 if (!empty($generateduser->city)) {
306 $this->assertEquals($generateduser->city, $returneduser['city']);
307 }
308 if (!empty($generateduser->country)) {
309 $this->assertEquals($generateduser->country, $returneduser['country']);
310 }
311 if (!empty($CFG->usetags) and !empty($generateduser->interests)) {
312 $this->assertEquals(implode(', ', $generateduser->interests), $returneduser['interests']);
313 }
314 // Default language and no theme were used for the user.
315 $this->assertEquals($CFG->lang, $returneduser['lang']);
316 $this->assertEquals($generateduser->trackforums, $returneduser['trackforums']);
317 $this->assertEmpty($returneduser['theme']);
318
319 if ($returneduser['id'] == $user1->id) {
320 $this->assertCount(1, $returneduser['customfields']);
321 $dbvalue = explode('\n', $statuses)[2];
322 $this->assertEquals($dbvalue, $returneduser['customfields'][0]['value']);
323 $this->assertEquals('Employment status', $returneduser['customfields'][0]['name']);
324 $this->assertEquals('Other', $returneduser['customfields'][0]['displayvalue']);
325 }
326 }
327 }
328
329 // Test that no result are returned for search by username if we are not admin
330 $this->setGuestUser();
331
332 // Call the external function.
333 $returnedusers = core_user_external::get_users_by_field('username',
334 array($USER->username, $user1->username, $user2->username));
335 $returnedusers = external_api::clean_returnvalue(core_user_external::get_users_by_field_returns(), $returnedusers);
336
337 // Only the own $USER username should be returned
338 $this->assertEquals(1, count($returnedusers));
339
340 // And finally test as one of the enrolled users.
341 $this->setUser($user1);
342
343 // Call the external function.
344 $returnedusers = core_user_external::get_users_by_field('username',
345 array($USER->username, $user1->username, $user2->username));
346 $returnedusers = external_api::clean_returnvalue(core_user_external::get_users_by_field_returns(), $returnedusers);
347
348 // Only the own $USER username should be returned still.
349 $this->assertEquals(1, count($returnedusers));
350 }
351
352 public function get_course_user_profiles_setup($capability) {
353 global $USER, $CFG;
354
355 $this->resetAfterTest(true);
356
357 $return = new \stdClass();
358
359 $generator = self::getDataGenerator();
360
361 // Create complex user profile field supporting multi-lang.
362 filter_set_global_state('multilang', TEXTFILTER_ON);
363 $name = '<span lang="en" class="multilang">Employment status</span>' .
364 '<span lang="es" class="multilang">Estado de Empleo</span>';
365 $statuses = 'UE\nSE\n<span lang="en" class="multilang">Other</span><span lang="es" class="multilang">Otro</span>';
366 $generator->create_custom_profile_field(
367 [
368 'datatype' => 'menu',
369 'shortname' => 'employmentstatus',
370 'name' => $name,
371 'param1' => $statuses,
372 ]
373 );
374
375 // Create the course and fetch its context.
376 $return->course = self::getDataGenerator()->create_course();
377 $return->user1 = array(
378 'username' => 'usernametest1',
379 'idnumber' => 'idnumbertest1',
380 'firstname' => 'First Name User Test 1',
381 'lastname' => 'Last Name User Test 1',
382 'email' => 'usertest1@example.com',
383 'address' => '2 Test Street Perth 6000 WA',
384 'phone1' => '01010101010',
385 'phone2' => '02020203',
386 'department' => 'Department of user 1',
387 'institution' => 'Institution of user 1',
388 'description' => 'This is a description for user 1',
389 'descriptionformat' => FORMAT_MOODLE,
390 'city' => 'Perth',
391 'country' => 'AU',
392 'profile_field_employmentstatus' => explode('\n', $statuses)[2],
393 );
394 $return->user1 = self::getDataGenerator()->create_user($return->user1);
395 if (!empty($CFG->usetags)) {
396 require_once($CFG->dirroot . '/user/editlib.php');
397 $return->user1->interests = array('Cinema', 'Tennis', 'Dance', 'Guitar', 'Cooking');
398 useredit_update_interests($return->user1, $return->user1->interests);
399 }
400 $return->user2 = self::getDataGenerator()->create_user();
401
402 $context = \context_course::instance($return->course->id);
403 $return->roleid = $this->assignUserCapability($capability, $context->id);
404
405 // Enrol the users in the course.
406 $this->getDataGenerator()->enrol_user($return->user1->id, $return->course->id, $return->roleid, 'manual');
407 $this->getDataGenerator()->enrol_user($return->user2->id, $return->course->id, $return->roleid, 'manual');
408 $this->getDataGenerator()->enrol_user($USER->id, $return->course->id, $return->roleid, 'manual');
409
410 $group1 = $this->getDataGenerator()->create_group(['courseid' => $return->course->id, 'name' => 'G1']);
411 $group2 = $this->getDataGenerator()->create_group(['courseid' => $return->course->id, 'name' => 'G2']);
412
413 groups_add_member($group1->id, $return->user1->id);
414 groups_add_member($group2->id, $return->user2->id);
415
416 return $return;
417 }
418
419 /**
420 * Test get_course_user_profiles
421 */
422 public function test_get_course_user_profiles(): void {
423 global $USER, $CFG;
424
425 $this->resetAfterTest(true);
426
427 $data = $this->get_course_user_profiles_setup('moodle/user:viewdetails');
428
429 // Call the external function.
430 $enrolledusers = core_user_external::get_course_user_profiles(array(
431 array('userid' => $USER->id, 'courseid' => $data->course->id)));
432
433 // We need to execute the return values cleaning process to simulate the web service server.
434 $enrolledusers = external_api::clean_returnvalue(core_user_external::get_course_user_profiles_returns(), $enrolledusers);
435
436 // Check we retrieve the good total number of enrolled users + no error on capability.
437 $this->assertEquals(1, count($enrolledusers));
438 }
439
440 public function test_get_user_course_profile_as_admin(): void {
441 global $USER, $CFG;
442
443 global $USER, $CFG;
444
445 $this->resetAfterTest(true);
446
447 $data = $this->get_course_user_profiles_setup('moodle/user:viewdetails');
448
449 // Do the same call as admin to receive all possible fields.
450 $this->setAdminUser();
451 $USER->email = "admin@example.com";
452
453 // Call the external function.
454 $enrolledusers = core_user_external::get_course_user_profiles(array(
455 array('userid' => $data->user1->id, 'courseid' => $data->course->id)));
456
457 // We need to execute the return values cleaning process to simulate the web service server.
458 $enrolledusers = external_api::clean_returnvalue(core_user_external::get_course_user_profiles_returns(), $enrolledusers);
459 // Check we get the requested user and that is in a group.
460 $this->assertCount(1, $enrolledusers);
461 $this->assertCount(1, $enrolledusers[0]['groups']);
462
463 foreach($enrolledusers as $enrolleduser) {
464 if ($enrolleduser['username'] == $data->user1->username) {
465 $this->assertEquals($data->user1->idnumber, $enrolleduser['idnumber']);
466 $this->assertEquals($data->user1->firstname, $enrolleduser['firstname']);
467 $this->assertEquals($data->user1->lastname, $enrolleduser['lastname']);
468 $this->assertEquals($data->user1->email, $enrolleduser['email']);
469 $this->assertEquals($data->user1->address, $enrolleduser['address']);
470 $this->assertEquals($data->user1->phone1, $enrolleduser['phone1']);
471 $this->assertEquals($data->user1->phone2, $enrolleduser['phone2']);
472 $this->assertEquals($data->user1->department, $enrolleduser['department']);
473 $this->assertEquals($data->user1->institution, $enrolleduser['institution']);
474 $this->assertEquals($data->user1->description, $enrolleduser['description']);
475 $this->assertEquals(FORMAT_HTML, $enrolleduser['descriptionformat']);
476 $this->assertEquals($data->user1->city, $enrolleduser['city']);
477 $this->assertEquals($data->user1->country, $enrolleduser['country']);
478 // Default language was used for the user.
479 $this->assertEquals($CFG->lang, $enrolleduser['lang']);
480 $this->assertEquals('Employment status', $enrolleduser['customfields'][0]['name']);
481 $this->assertEquals('Other', $enrolleduser['customfields'][0]['displayvalue']);
482
483 if (!empty($CFG->usetags)) {
484 $this->assertEquals(implode(', ', $data->user1->interests), $enrolleduser['interests']);
485 }
486 }
487 }
488 }
489
490 /**
491 * Test create_users
492 */
493 public function test_create_users(): void {
494 global $DB;
495
496 $this->resetAfterTest(true);
497
498 $user1 = array(
499 'username' => 'usernametest1',
500 'password' => 'Moodle2012!',
501 'idnumber' => 'idnumbertest1',
502 'firstname' => 'First Name User Test 1',
503 'lastname' => 'Last Name User Test 1',
504 'middlename' => 'Middle Name User Test 1',
505 'lastnamephonetic' => '最後のお名前のテスト一号',
506 'firstnamephonetic' => 'お名前のテスト一号',
507 'alternatename' => 'Alternate Name User Test 1',
508 'email' => 'usertest1@example.com',
509 'description' => 'This is a description for user 1',
510 'city' => 'Perth',
511 'country' => 'AU',
512 'preferences' => [[
513 'type' => 'htmleditor',
514 'value' => 'atto'
515 ], [
516 'type' => 'invalidpreference',
517 'value' => 'abcd'
518 ]
519 ],
520 'department' => 'College of Science',
521 'institution' => 'National Institute of Physics',
522 'phone1' => '01 2345 6789',
523 'maildisplay' => 1,
524 'interests' => 'badminton, basketball, cooking, '
525 );
526
527 // User with an authentication method done externally.
528 $user2 = array(
529 'username' => 'usernametest2',
530 'firstname' => 'First Name User Test 2',
531 'lastname' => 'Last Name User Test 2',
532 'email' => 'usertest2@example.com',
533 'auth' => 'oauth2'
534 );
535
536 $context = \context_system::instance();
537 $roleid = $this->assignUserCapability('moodle/user:create', $context->id);
538 $this->assignUserCapability('moodle/user:editprofile', $context->id, $roleid);
539
540 // Call the external function.
541 $createdusers = core_user_external::create_users(array($user1, $user2));
542
543 // We need to execute the return values cleaning process to simulate the web service server.
544 $createdusers = external_api::clean_returnvalue(core_user_external::create_users_returns(), $createdusers);
545
546 // Check we retrieve the good total number of created users + no error on capability.
547 $this->assertCount(2, $createdusers);
548
549 foreach($createdusers as $createduser) {
550 $dbuser = $DB->get_record('user', array('id' => $createduser['id']));
551
552 if ($createduser['username'] === $user1['username']) {
553 $usertotest = $user1;
554 $this->assertEquals('atto', get_user_preferences('htmleditor', null, $dbuser));
555 $this->assertEquals(null, get_user_preferences('invalidpreference', null, $dbuser));
556 // Confirm user interests have been saved.
557 $interests = \core_tag_tag::get_item_tags_array('core', 'user', $createduser['id'],
558 \core_tag_tag::BOTH_STANDARD_AND_NOT, 0, false);
559 // There should be 3 user interests.
560 $this->assertCount(3, $interests);
561
562 } else if ($createduser['username'] === $user2['username']) {
563 $usertotest = $user2;
564 }
565
566 foreach ($dbuser as $property => $value) {
567 if ($property === 'password') {
568 if ($usertotest === $user2) {
569 // External auth mechanisms don't store password in the user table.
570 $this->assertEquals(AUTH_PASSWORD_NOT_CACHED, $value);
571 } else {
572 // Skip hashed passwords.
573 continue;
574 }
575 }
576 // Confirm that the values match.
577 if (isset($usertotest[$property])) {
578 $this->assertEquals($usertotest[$property], $value);
579 }
580 }
581 }
582
583 // Call without required capability
584 $this->unassignUserCapability('moodle/user:create', $context->id, $roleid);
585 $this->expectException('required_capability_exception');
586 core_user_external::create_users(array($user1));
587 }
588
589 /**
590 * Test create_users with password and createpassword parameter not set.
591 */
592 public function test_create_users_empty_password(): void {
593 $this->resetAfterTest();
594 $this->setAdminUser();
595
596 $user = [
597 'username' => 'usernametest1',
598 'firstname' => 'First Name User Test 1',
599 'lastname' => 'Last Name User Test 1',
600 'email' => 'usertest1@example.com',
601 ];
602
603 // This should throw an exception because either password or createpassword param must be passed for auth_manual.
604 $this->expectException(\invalid_parameter_exception::class);
605 core_user_external::create_users([$user]);
606 }
607
608 /**
609 * Data provider for \core_user_externallib_testcase::test_create_users_with_same_emails().
610 */
611 public function create_users_provider_with_same_emails() {
612 return [
613 'Same emails allowed, same case' => [
614 1, false
615 ],
616 'Same emails allowed, different case' => [
617 1, true
618 ],
619 'Same emails disallowed, same case' => [
620 0, false
621 ],
622 'Same emails disallowed, different case' => [
623 0, true
624 ],
625 ];
626 }
627
628 /**
629 * Test for \core_user_external::create_users() when user using the same email addresses are being created.
630 *
631 * @dataProvider create_users_provider_with_same_emails
632 * @param int $sameemailallowed The value to set for $CFG->allowaccountssameemail.
633 * @param boolean $differentcase Whether to user a different case for the other user.
634 */
635 public function test_create_users_with_same_emails($sameemailallowed, $differentcase): void {
636 global $DB;
637
638 $this->resetAfterTest();
639 $this->setAdminUser();
640
641 // Allow multiple users with the same email address.
642 set_config('allowaccountssameemail', $sameemailallowed);
643 $users = [
644 [
645 'username' => 's1',
646 'firstname' => 'Johnny',
647 'lastname' => 'Bravo',
648 'email' => 's1@example.com',
649 'password' => 'Passw0rd!'
650 ],
651 [
652 'username' => 's2',
653 'firstname' => 'John',
654 'lastname' => 'Doe',
655 'email' => $differentcase ? 'S1@EXAMPLE.COM' : 's1@example.com',
656 'password' => 'Passw0rd!'
657 ],
658 ];
659
660 if (!$sameemailallowed) {
661 // This should throw an exception when $CFG->allowaccountssameemail is empty.
662 $this->expectException(\invalid_parameter_exception::class);
663 }
664
665 // Create our users.
666 core_user_external::create_users($users);
667
668 // Confirm that the users have been created.
669 list($insql, $params) = $DB->get_in_or_equal(['s1', 's2']);
670 $this->assertEquals(2, $DB->count_records_select('user', 'username ' . $insql, $params));
671 }
672
673 /**
674 * Test create_users with invalid parameters
675 *
676 * @dataProvider data_create_users_invalid_parameter
677 * @param array $data User data to attempt to register.
678 * @param string $expectmessage Expected exception message.
679 */
680 public function test_create_users_invalid_parameter(array $data, $expectmessage): void {
681 global $USER, $CFG, $DB;
682
683 $this->resetAfterTest(true);
684 $this->assignUserCapability('moodle/user:create', SYSCONTEXTID);
685
686 $this->expectException('invalid_parameter_exception');
687 $this->expectExceptionMessage($expectmessage);
688
689 core_user_external::create_users(array($data));
690 }
691
692 /**
693 * Data provider for {@see self::test_create_users_invalid_parameter()}.
694 *
695 * @return array
696 */
697 public function data_create_users_invalid_parameter() {
698 return [
699 'blank_username' => [
700 'data' => [
701 'username' => '',
702 'firstname' => 'Foo',
703 'lastname' => 'Bar',
704 'email' => 'foobar@example.com',
705 'createpassword' => 1,
706 ],
707 'expectmessage' => 'The field username cannot be blank',
708 ],
709 'blank_firtname' => [
710 'data' => [
711 'username' => 'foobar',
712 'firstname' => "\t \n",
713 'lastname' => 'Bar',
714 'email' => 'foobar@example.com',
715 'createpassword' => 1,
716 ],
717 'expectmessage' => 'The field firstname cannot be blank',
718 ],
719 'blank_lastname' => [
720 'data' => [
721 'username' => 'foobar',
722 'firstname' => '0',
723 'lastname' => ' ',
724 'email' => 'foobar@example.com',
725 'createpassword' => 1,
726 ],
727 'expectmessage' => 'The field lastname cannot be blank',
728 ],
729 'invalid_email' => [
730 'data' => [
731 'username' => 'foobar',
732 'firstname' => 'Foo',
733 'lastname' => 'Bar',
734 'email' => '@foobar',
735 'createpassword' => 1,
736 ],
737 'expectmessage' => 'Email address is invalid',
738 ],
739 'missing_password' => [
740 'data' => [
741 'username' => 'foobar',
742 'firstname' => 'Foo',
743 'lastname' => 'Bar',
744 'email' => 'foobar@example.com',
745 ],
746 'expectmessage' => 'Invalid password: you must provide a password, or set createpassword',
747 ],
748 ];
749 }
750
751 /**
752 * Test delete_users
753 */
754 public function test_delete_users(): void {
755 global $USER, $CFG, $DB;
756
757 $this->resetAfterTest(true);
758
759 $user1 = self::getDataGenerator()->create_user();
760 $user2 = self::getDataGenerator()->create_user();
761
762 // Check the users were correctly created.
763 $this->assertEquals(2, $DB->count_records_select('user', 'deleted = 0 AND (id = :userid1 OR id = :userid2)',
764 array('userid1' => $user1->id, 'userid2' => $user2->id)));
765
766 $context = \context_system::instance();
767 $roleid = $this->assignUserCapability('moodle/user:delete', $context->id);
768
769 // Call the external function.
770 core_user_external::delete_users(array($user1->id, $user2->id));
771
772 // Check we retrieve no users + no error on capability.
773 $this->assertEquals(0, $DB->count_records_select('user', 'deleted = 0 AND (id = :userid1 OR id = :userid2)',
774 array('userid1' => $user1->id, 'userid2' => $user2->id)));
775
776 // Call without required capability.
777 $this->unassignUserCapability('moodle/user:delete', $context->id, $roleid);
778 $this->expectException('required_capability_exception');
779 core_user_external::delete_users(array($user1->id, $user2->id));
780 }
781
782 /**
783 * Test update_users
784 */
785 public function test_update_users(): void {
786 global $USER, $CFG, $DB;
787
788 $this->resetAfterTest(true);
789 $this->preventResetByRollback();
790
791 $wsuser = self::getDataGenerator()->create_user();
792 self::setUser($wsuser);
793
794 $context = \context_user::instance($USER->id);
795 $contextid = $context->id;
796 $filename = "reddot.png";
797 $filecontent = "iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12P4//8/w38"
798 . "GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg==";
799
800 // Call the files api to create a file.
801 $draftfile = core_files_external::upload($contextid, 'user', 'draft', 0, '/',
802 $filename, $filecontent, null, null);
803 $draftfile = external_api::clean_returnvalue(core_files_external::upload_returns(), $draftfile);
804
805 $draftid = $draftfile['itemid'];
806
807 $user1 = self::getDataGenerator()->create_user();
808
809 $user1 = array(
810 'id' => $user1->id,
811 'username' => 'usernametest1',
812 'password' => 'Moodle2012!',
813 'idnumber' => 'idnumbertest1',
814 'firstname' => 'First Name User Test 1',
815 'lastname' => 'Last Name User Test 1',
816 'middlename' => 'Middle Name User Test 1',
817 'lastnamephonetic' => '最後のお名前のテスト一号',
818 'firstnamephonetic' => 'お名前のテスト一号',
819 'alternatename' => 'Alternate Name User Test 1',
820 'email' => 'usertest1@example.com',
821 'description' => 'This is a description for user 1',
822 'city' => 'Perth',
823 'userpicture' => $draftid,
824 'country' => 'AU',
825 'preferences' => [[
826 'type' => 'htmleditor',
827 'value' => 'atto'
828 ], [
829 'type' => 'invialidpreference',
830 'value' => 'abcd'
831 ]
832 ],
833 'department' => 'College of Science',
834 'institution' => 'National Institute of Physics',
835 'phone1' => '01 2345 6789',
836 'maildisplay' => 1,
837 'interests' => 'badminton, basketball, cooking, '
838 );
839
840 $context = \context_system::instance();
841 $roleid = $this->assignUserCapability('moodle/user:update', $context->id);
842 $this->assignUserCapability('moodle/user:editprofile', $context->id, $roleid);
843
844 // Check we can't update deleted users, guest users, site admin.
845 $user2 = $user3 = $user4 = $user1;
846 $user2['id'] = $CFG->siteguest;
847
848 $siteadmins = explode(',', $CFG->siteadmins);
849 $user3['id'] = array_shift($siteadmins);
850
851 $userdeleted = self::getDataGenerator()->create_user();
852 $user4['id'] = $userdeleted->id;
853 user_delete_user($userdeleted);
854
855 $user5 = self::getDataGenerator()->create_user();
856 $user5 = array('id' => $user5->id, 'email' => $user5->email);
857
858 // Call the external function.
859 $returnvalue = core_user_external::update_users(array($user1, $user2, $user3, $user4));
860 $returnvalue = external_api::clean_returnvalue(core_user_external::update_users_returns(), $returnvalue);
861
862 // Check warnings.
863 $this->assertEquals($user2['id'], $returnvalue['warnings'][0]['itemid']); // Guest user.
864 $this->assertEquals('usernotupdatedguest', $returnvalue['warnings'][0]['warningcode']);
865 $this->assertEquals($user3['id'], $returnvalue['warnings'][1]['itemid']); // Admin user.
866 $this->assertEquals('usernotupdatedadmin', $returnvalue['warnings'][1]['warningcode']);
867 $this->assertEquals($user4['id'], $returnvalue['warnings'][2]['itemid']); // Deleted user.
868 $this->assertEquals('usernotupdateddeleted', $returnvalue['warnings'][2]['warningcode']);
869
870 $dbuser2 = $DB->get_record('user', array('id' => $user2['id']));
871 $this->assertNotEquals($dbuser2->username, $user2['username']);
872 $dbuser3 = $DB->get_record('user', array('id' => $user3['id']));
873 $this->assertNotEquals($dbuser3->username, $user3['username']);
874 $dbuser4 = $DB->get_record('user', array('id' => $user4['id']));
875 $this->assertNotEquals($dbuser4->username, $user4['username']);
876
877 $dbuser = $DB->get_record('user', array('id' => $user1['id']));
878 $this->assertEquals($dbuser->username, $user1['username']);
879 $this->assertEquals($dbuser->idnumber, $user1['idnumber']);
880 $this->assertEquals($dbuser->firstname, $user1['firstname']);
881 $this->assertEquals($dbuser->lastname, $user1['lastname']);
882 $this->assertEquals($dbuser->email, $user1['email']);
883 $this->assertEquals($dbuser->description, $user1['description']);
884 $this->assertEquals($dbuser->city, $user1['city']);
885 $this->assertEquals($dbuser->country, $user1['country']);
886 $this->assertNotEquals(0, $dbuser->picture, 'Picture must be set to the new icon itemid for this user');
887 $this->assertEquals($dbuser->department, $user1['department']);
888 $this->assertEquals($dbuser->institution, $user1['institution']);
889 $this->assertEquals($dbuser->phone1, $user1['phone1']);
890 $this->assertEquals($dbuser->maildisplay, $user1['maildisplay']);
891 $this->assertEquals('atto', get_user_preferences('htmleditor', null, $dbuser));
892 $this->assertEquals(null, get_user_preferences('invalidpreference', null, $dbuser));
893
894 // Confirm user interests have been saved.
895 $interests = \core_tag_tag::get_item_tags_array('core', 'user', $user1['id'], \core_tag_tag::BOTH_STANDARD_AND_NOT, 0, false);
896 // There should be 3 user interests.
897 $this->assertCount(3, $interests);
898
899 // Confirm no picture change when parameter is not supplied.
900 unset($user1['userpicture']);
901 core_user_external::update_users(array($user1));
902 $dbusernopic = $DB->get_record('user', array('id' => $user1['id']));
903 $this->assertEquals($dbuser->picture, $dbusernopic->picture, 'Picture not change without the parameter.');
904
905 // Confirm delete of picture deletes the picture from the user record.
906 $user1['userpicture'] = 0;
907 core_user_external::update_users(array($user1));
908 $dbuserdelpic = $DB->get_record('user', array('id' => $user1['id']));
909 $this->assertEquals(0, $dbuserdelpic->picture, 'Picture must be deleted when sent as 0.');
910
911 // Updating user with an invalid email.
912 $user5['email'] = 'bogus';
913 $returnvalue = core_user_external::update_users(array($user5));
914 $returnvalue = external_api::clean_returnvalue(core_user_external::update_users_returns(), $returnvalue);
915 $this->assertEquals('useremailinvalid', $returnvalue['warnings'][0]['warningcode']);
916 $this->assertStringContainsString('Invalid email address',
917 $returnvalue['warnings'][0]['message']);
918
919 // Updating user with a duplicate email.
920 $user5['email'] = $user1['email'];
921 $returnvalue = core_user_external::update_users(array($user1, $user5));
922 $returnvalue = external_api::clean_returnvalue(core_user_external::update_users_returns(), $returnvalue);
923 $this->assertEquals('useremailduplicate', $returnvalue['warnings'][0]['warningcode']);
924 $this->assertStringContainsString('Duplicate email address',
925 $returnvalue['warnings'][0]['message']);
926
927 // Updating a user that does not exist.
928 $user5['id'] = -1;
929 $returnvalue = core_user_external::update_users(array($user5));
930 $returnvalue = external_api::clean_returnvalue(core_user_external::update_users_returns(), $returnvalue);
931 $this->assertEquals('invaliduserid', $returnvalue['warnings'][0]['warningcode']);
932 $this->assertStringContainsString('Invalid user ID',
933 $returnvalue['warnings'][0]['message']);
934
935 // Updating a remote user.
936 $user1['mnethostid'] = 5;
937 user_update_user($user1); // Update user not using webservice.
938 unset($user1['mnethostid']); // The mnet host ID field is not in the allowed field list for the webservice.
939 $returnvalue = core_user_external::update_users(array($user1));
940 $returnvalue = external_api::clean_returnvalue(core_user_external::update_users_returns(), $returnvalue);
941 $this->assertEquals('usernotupdatedremote', $returnvalue['warnings'][0]['warningcode']);
942 $this->assertStringContainsString('User is a remote user',
943 $returnvalue['warnings'][0]['message']);
944
945 // Call without required capability.
946 $this->unassignUserCapability('moodle/user:update', $context->id, $roleid);
947 $this->expectException('required_capability_exception');
948 core_user_external::update_users(array($user1));
949 }
950
951 /**
952 * Data provider for testing \core_user_external::update_users() for users with same emails
953 *
954 * @return array
955 */
956 public function users_with_same_emails() {
957 return [
958 'Same emails not allowed: Update name using exactly the same email' => [
959 0, 'John', 's1@example.com', 'Johnny', 's1@example.com', false, true
960 ],
961 'Same emails not allowed: Update using someone else\'s email' => [
962 0, 'John', 's1@example.com', 'Johnny', 's2@example.com', true, false
963 ],
964 'Same emails allowed: Update using someone else\'s email' => [
965 1, 'John', 's1@example.com', 'Johnny', 's2@example.com', true, true
966 ],
967 'Same emails not allowed: Update using same email but with different case' => [
968 0, 'John', 's1@example.com', 'Johnny', 'S1@EXAMPLE.COM', false, true
969 ],
970 'Same emails not allowed: Update using another user\'s email similar to user but with different case' => [
971 0, 'John', 's1@example.com', 'Johnny', 'S1@EXAMPLE.COM', true, false
972 ],
973 'Same emails allowed: Update using another user\'s email similar to user but with different case' => [
974 1, 'John', 's1@example.com', 'Johnny', 'S1@EXAMPLE.COM', true, true
975 ],
976 ];
977 }
978
979 /**
980 * Test update_users using similar emails with varying cases.
981 *
982 * @dataProvider users_with_same_emails
983 * @param boolean $allowsameemail The value to set for $CFG->allowaccountssameemail.
984 * @param string $currentname The user's current name.
985 * @param string $currentemail The user's current email.
986 * @param string $newname The user's new name.
987 * @param string $newemail The user's new email.
988 * @param boolean $withanotheruser Whether to create another user that has the same email as the target user's new email.
989 * @param boolean $successexpected Whether we expect that the target user's email/name will be updated.
990 */
991 public function test_update_users_emails_with_different_cases($allowsameemail, $currentname, $currentemail,
992 $newname, $newemail, $withanotheruser, $successexpected): void {
993 global $DB;
994
995 $this->resetAfterTest();
996 $this->setAdminUser();
997
998 // Set the value for $CFG->allowaccountssameemail.
999 set_config('allowaccountssameemail', $allowsameemail);
1000
1001 $generator = self::getDataGenerator();
1002
1003 // Create the user that we wish to update.
1004 $usertoupdate = $generator->create_user(['email' => $currentemail, 'firstname' => $currentname]);
1005
1006 if ($withanotheruser) {
1007 // Create another user that has the same email as the new email that we'd like to update for our target user.
1008 $generator->create_user(['email' => $newemail]);
1009 }
1010
1011 // Build the user update parameters.
1012 $updateparams = [
1013 'id' => $usertoupdate->id,
1014 'email' => $newemail,
1015 'firstname' => $newname
1016 ];
1017 // Let's try to update the user's information.
1018 core_user_external::update_users([$updateparams]);
1019
1020 // Fetch the updated user record.
1021 $userrecord = $DB->get_record('user', ['id' => $usertoupdate->id], 'id, email, firstname');
1022
1023 // If we expect the update to succeed, then the email/name would have been changed.
1024 if ($successexpected) {
1025 $expectedemail = $newemail;
1026 $expectedname = $newname;
1027 } else {
1028 $expectedemail = $currentemail;
1029 $expectedname = $currentname;
1030 }
1031 // Confirm that our expectations are met.
1032 $this->assertEquals($expectedemail, $userrecord->email);
1033 $this->assertEquals($expectedname, $userrecord->firstname);
1034 }
1035
1036 /**
1037 * Test add_user_private_files
1038 */
1039 public function test_add_user_private_files(): void {
1040 global $USER, $CFG, $DB;
1041
1042 $this->resetAfterTest(true);
1043
1044 $context = \context_system::instance();
1045 $roleid = $this->assignUserCapability('moodle/user:manageownfiles', $context->id);
1046
1047 $context = \context_user::instance($USER->id);
1048 $contextid = $context->id;
1049 $component = "user";
1050 $filearea = "draft";
1051 $itemid = 0;
1052 $filepath = "/";
1053 $filename = "Simple.txt";
1054 $filecontent = base64_encode("Let us create a nice simple file");
1055 $contextlevel = null;
1056 $instanceid = null;
1057 $browser = get_file_browser();
1058
1059 // Call the files api to create a file.
1060 $draftfile = core_files_external::upload($contextid, $component, $filearea, $itemid, $filepath,
1061 $filename, $filecontent, $contextlevel, $instanceid);
1062 $draftfile = external_api::clean_returnvalue(core_files_external::upload_returns(), $draftfile);
1063
1064 $draftid = $draftfile['itemid'];
1065 // Make sure the file was created.
1066 $file = $browser->get_file_info($context, $component, $filearea, $draftid, $filepath, $filename);
1067 $this->assertNotEmpty($file);
1068
1069 // Make sure the file does not exist in the user private files.
1070 $file = $browser->get_file_info($context, $component, 'private', 0, $filepath, $filename);
1071 $this->assertEmpty($file);
1072
1073 // Call the external function.
1074 core_user_external::add_user_private_files($draftid);
1075
1076 // Make sure the file was added to the user private files.
1077 $file = $browser->get_file_info($context, $component, 'private', 0, $filepath, $filename);
1078 $this->assertNotEmpty($file);
1079 }
1080
1081
1082 /**
1083 * Test add_user_private_files quota
1084 */
1085 public function test_add_user_private_files_quota(): void {
1086 global $USER, $CFG, $DB;
1087
1088 $this->resetAfterTest(true);
1089
1090 $context = \context_system::instance();
1091 $roleid = $this->assignUserCapability('moodle/user:manageownfiles', $context->id);
1092
1093 $context = \context_user::instance($USER->id);
1094 $contextid = $context->id;
1095 $component = "user";
1096 $filearea = "draft";
1097 $itemid = 0;
1098 $filepath = "/";
1099 $filename = "Simple.txt";
1100 $filecontent = base64_encode("Let us create a nice simple file");
1101 $contextlevel = null;
1102 $instanceid = null;
1103 $browser = get_file_browser();
1104
1105 // Call the files api to create a file.
1106 $draftfile = core_files_external::upload($contextid, $component, $filearea, $itemid, $filepath,
1107 $filename, $filecontent, $contextlevel, $instanceid);
1108 $draftfile = external_api::clean_returnvalue(core_files_external::upload_returns(), $draftfile);
1109 $draftid = $draftfile['itemid'];
1110
1111 // Call the external function to add the file to private files.
1112 core_user_external::add_user_private_files($draftid);
1113
1114 // Force the quota so we are sure it won't be space to add the new file.
1115 $fileareainfo = file_get_file_area_info($contextid, 'user', 'private');
1116 $CFG->userquota = $fileareainfo['filesize_without_references'] + 1;
1117
1118 // Generate a new draftitemid for the same testfile.
1119 $draftfile = core_files_external::upload($contextid, $component, $filearea, $itemid, $filepath,
1120 $filename, $filecontent, $contextlevel, $instanceid);
1121 $draftid = $draftfile['itemid'];
1122
1123 $this->expectException('moodle_exception');
1124 $this->expectExceptionMessage(get_string('maxareabytes', 'error'));
1125
1126 // Call the external function to include the new file.
1127 core_user_external::add_user_private_files($draftid);
1128 }
1129
1130 /**
1131 * Test add user device
1132 */
1133 public function test_add_user_device(): void {
1134 global $USER, $CFG, $DB;
1135
1136 $this->resetAfterTest(true);
1137
1138 $device = array(
1139 'appid' => 'com.moodle.moodlemobile',
1140 'name' => 'occam',
1141 'model' => 'Nexus 4',
1142 'platform' => 'Android',
1143 'version' => '4.2.2',
1144 'pushid' => 'apushdkasdfj4835',
1145 'uuid' => 'asdnfl348qlksfaasef859',
1146 'publickey' => null,
1147 );
1148
1149 // Call the external function.
1150 core_user_external::add_user_device($device['appid'], $device['name'], $device['model'], $device['platform'],
1151 $device['version'], $device['pushid'], $device['uuid']);
1152
1153 $created = $DB->get_record('user_devices', array('pushid' => $device['pushid']));
1154 $created = (array) $created;
1155
1156 $this->assertEquals($device, array_intersect_key((array)$created, $device));
1157
1158 // Test reuse the same pushid value.
1159 $warnings = core_user_external::add_user_device($device['appid'], $device['name'], $device['model'], $device['platform'],
1160 $device['version'], $device['pushid'], $device['uuid']);
1161 // We need to execute the return values cleaning process to simulate the web service server.
1162 $warnings = external_api::clean_returnvalue(core_user_external::add_user_device_returns(), $warnings);
1163 $this->assertCount(1, $warnings);
1164
1165 // Test update an existing device.
1166 $device['pushid'] = 'different than before';
1167 $device['publickey'] = 'MFsxCzAJBgNVBAYTAkZSMRMwEQYDVQQ';
1168 $warnings = core_user_external::add_user_device($device['appid'], $device['name'], $device['model'], $device['platform'],
1169 $device['version'], $device['pushid'], $device['uuid'], $device['publickey']);
1170 $warnings = external_api::clean_returnvalue(core_user_external::add_user_device_returns(), $warnings);
1171
1172 $this->assertEquals(1, $DB->count_records('user_devices'));
1173 $updated = $DB->get_record('user_devices', array('pushid' => $device['pushid']));
1174 $this->assertEquals($device, array_intersect_key((array)$updated, $device));
1175
1176 // Test creating a new device just changing the uuid.
1177 $device['uuid'] = 'newuidforthesameuser';
1178 $device['pushid'] = 'new different than before';
1179 $warnings = core_user_external::add_user_device($device['appid'], $device['name'], $device['model'], $device['platform'],
1180 $device['version'], $device['pushid'], $device['uuid']);
1181 $warnings = external_api::clean_returnvalue(core_user_external::add_user_device_returns(), $warnings);
1182 $this->assertEquals(2, $DB->count_records('user_devices'));
1183 }
1184
1185 /**
1186 * Test remove user device
1187 */
1188 public function test_remove_user_device(): void {
1189 global $USER, $CFG, $DB;
1190
1191 $this->resetAfterTest(true);
1192
1193 $device = array(
1194 'appid' => 'com.moodle.moodlemobile',
1195 'name' => 'occam',
1196 'model' => 'Nexus 4',
1197 'platform' => 'Android',
1198 'version' => '4.2.2',
1199 'pushid' => 'apushdkasdfj4835',
1200 'uuid' => 'ABCDE3723ksdfhasfaasef859'
1201 );
1202
1203 // A device with the same properties except the appid and pushid.
1204 $device2 = $device;
1205 $device2['pushid'] = "0987654321";
1206 $device2['appid'] = "other.app.com";
1207
1208 $this->setAdminUser();
1209 // Create a user device using the external API function.
1210 core_user_external::add_user_device($device['appid'], $device['name'], $device['model'], $device['platform'],
1211 $device['version'], $device['pushid'], $device['uuid']);
1212
1213 // Create the same device but for a different app.
1214 core_user_external::add_user_device($device2['appid'], $device2['name'], $device2['model'], $device2['platform'],
1215 $device2['version'], $device2['pushid'], $device2['uuid']);
1216
1217 // Try to remove a device that does not exist.
1218 $result = core_user_external::remove_user_device('1234567890');
1219 $result = external_api::clean_returnvalue(core_user_external::remove_user_device_returns(), $result);
1220 $this->assertFalse($result['removed']);
1221 $this->assertCount(1, $result['warnings']);
1222
1223 // Try to remove a device that does not exist for an existing app.
1224 $result = core_user_external::remove_user_device('1234567890', $device['appid']);
1225 $result = external_api::clean_returnvalue(core_user_external::remove_user_device_returns(), $result);
1226 $this->assertFalse($result['removed']);
1227 $this->assertCount(1, $result['warnings']);
1228
1229 // Remove an existing device for an existing app. This will remove one of the two devices.
1230 $result = core_user_external::remove_user_device($device['uuid'], $device['appid']);
1231 $result = external_api::clean_returnvalue(core_user_external::remove_user_device_returns(), $result);
1232 $this->assertTrue($result['removed']);
1233
1234 // Remove all the devices. This must remove the remaining device.
1235 $result = core_user_external::remove_user_device($device['uuid']);
1236 $result = external_api::clean_returnvalue(core_user_external::remove_user_device_returns(), $result);
1237 $this->assertTrue($result['removed']);
1238 }
1239
1240 /**
1241 * Test get_user_preferences
1242 */
1243 public function test_get_user_preferences(): void {
1244 $this->resetAfterTest(true);
1245
1246 $user = self::getDataGenerator()->create_user();
1247 set_user_preference('calendar_maxevents', 1, $user);
1248 set_user_preference('some_random_text', 'text', $user);
1249
1250 $this->setUser($user);
1251
1252 $result = core_user_external::get_user_preferences();
1253 $result = external_api::clean_returnvalue(core_user_external::get_user_preferences_returns(), $result);
1254 $this->assertCount(0, $result['warnings']);
1255 // Expect 3, _lastloaded is always returned.
1256 $this->assertCount(3, $result['preferences']);
1257
1258 foreach ($result['preferences'] as $pref) {
1259 if ($pref['name'] === '_lastloaded') {
1260 continue;
1261 }
1262 // Check we receive the expected preferences.
1263 $this->assertEquals(get_user_preferences($pref['name']), $pref['value']);
1264 }
1265
1266 // Retrieve just one preference.
1267 $result = core_user_external::get_user_preferences('some_random_text');
1268 $result = external_api::clean_returnvalue(core_user_external::get_user_preferences_returns(), $result);
1269 $this->assertCount(0, $result['warnings']);
1270 $this->assertCount(1, $result['preferences']);
1271 $this->assertEquals('text', $result['preferences'][0]['value']);
1272
1273 // Retrieve non-existent preference.
1274 $result = core_user_external::get_user_preferences('non_existent');
1275 $result = external_api::clean_returnvalue(core_user_external::get_user_preferences_returns(), $result);
1276 $this->assertCount(0, $result['warnings']);
1277 $this->assertCount(1, $result['preferences']);
1278 $this->assertEquals(null, $result['preferences'][0]['value']);
1279
1280 // Check that as admin we can retrieve all the preferences for any user.
1281 $this->setAdminUser();
1282 $result = core_user_external::get_user_preferences('', $user->id);
1283 $result = external_api::clean_returnvalue(core_user_external::get_user_preferences_returns(), $result);
1284 $this->assertCount(0, $result['warnings']);
1285 $this->assertCount(3, $result['preferences']);
1286
1287 foreach ($result['preferences'] as $pref) {
1288 if ($pref['name'] === '_lastloaded') {
1289 continue;
1290 }
1291 // Check we receive the expected preferences.
1292 $this->assertEquals(get_user_preferences($pref['name'], null, $user), $pref['value']);
1293 }
1294
1295 // Check that as a non admin user we cannot retrieve other users preferences.
1296 $anotheruser = self::getDataGenerator()->create_user();
1297 $this->setUser($anotheruser);
1298
1299 $this->expectException('required_capability_exception');
1300 $result = core_user_external::get_user_preferences('', $user->id);
1301 }
1302
1303 /**
1304 * Test update_picture
1305 */
1306 public function test_update_picture(): void {
1307 global $DB, $USER;
1308
1309 $this->resetAfterTest(true);
1310
1311 $user = self::getDataGenerator()->create_user();
1312 self::setUser($user);
1313
1314 $context = \context_user::instance($USER->id);
1315 $contextid = $context->id;
1316 $filename = "reddot.png";
1317 $filecontent = "iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12P4//8/w38"
1318 . "GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg==";
1319
1320 // Call the files api to create a file.
1321 $draftfile = core_files_external::upload($contextid, 'user', 'draft', 0, '/', $filename, $filecontent, null, null);
1322 $draftid = $draftfile['itemid'];
1323
1324 // Change user profile image.
1325 $result = core_user_external::update_picture($draftid);
1326 $result = external_api::clean_returnvalue(core_user_external::update_picture_returns(), $result);
1327 $picture = $DB->get_field('user', 'picture', array('id' => $user->id));
1328 // The new revision is in the url for the user.
1329 $this->assertStringContainsString($picture, $result['profileimageurl']);
1330 // Check expected URL for serving the image.
1331 $this->assertStringContainsString("/$contextid/user/icon", $result['profileimageurl']);
1332
1333 // Delete image.
1334 $result = core_user_external::update_picture(0, true);
1335 $result = external_api::clean_returnvalue(core_user_external::update_picture_returns(), $result);
1336 $picture = $DB->get_field('user', 'picture', array('id' => $user->id));
1337 // No picture.
1338 $this->assertEquals(0, $picture);
1339
1340 // Add again the user profile image (as admin).
1341 $this->setAdminUser();
1342
1343 $context = \context_user::instance($USER->id);
1344 $admincontextid = $context->id;
1345 $draftfile = core_files_external::upload($admincontextid, 'user', 'draft', 0, '/', $filename, $filecontent, null, null);
1346 $draftid = $draftfile['itemid'];
1347
1348 $result = core_user_external::update_picture($draftid, false, $user->id);
1349 $result = external_api::clean_returnvalue(core_user_external::update_picture_returns(), $result);
1350 // The new revision is in the url for the user.
1351 $picture = $DB->get_field('user', 'picture', array('id' => $user->id));
1352 $this->assertStringContainsString($picture, $result['profileimageurl']);
1353 $this->assertStringContainsString("/$contextid/user/icon", $result['profileimageurl']);
1354 }
1355
1356 /**
1357 * Test update_picture disabled
1358 */
1359 public function test_update_picture_disabled(): void {
1360 global $CFG;
1361 $this->resetAfterTest(true);
1362 $CFG->disableuserimages = true;
1363
1364 $this->setAdminUser();
1365 $this->expectException('moodle_exception');
1366 core_user_external::update_picture(0);
1367 }
1368
1369 /**
1370 * Test set_user_preferences
1371 */
1372 public function test_set_user_preferences_save(): void {
1373 global $DB;
1374 $this->resetAfterTest(true);
1375
1376 $user1 = self::getDataGenerator()->create_user();
1377 $user2 = self::getDataGenerator()->create_user();
1378
1379 // Save users preferences.
1380 $this->setAdminUser();
1381 $preferences = array(
1382 array(
1383 'name' => 'htmleditor',
1384 'value' => 'atto',
1385 'userid' => $user1->id,
1386 ),
1387 array(
1388 'name' => 'htmleditor',
1389 'value' => 'tiny',
1390 'userid' => $user2->id,
1391 )
1392 );
1393
1394 $result = core_user_external::set_user_preferences($preferences);
1395 $result = external_api::clean_returnvalue(core_user_external::set_user_preferences_returns(), $result);
1396 $this->assertCount(0, $result['warnings']);
1397 $this->assertCount(2, $result['saved']);
1398
1399 // Get preference from DB to avoid cache.
1400 $this->assertEquals('atto', $DB->get_field('user_preferences', 'value',
1401 array('userid' => $user1->id, 'name' => 'htmleditor')));
1402 $this->assertEquals('tiny', $DB->get_field('user_preferences', 'value',
1403 array('userid' => $user2->id, 'name' => 'htmleditor')));
1404 }
1405
1406 /**
1407 * Test set_user_preferences
1408 */
1409 public function test_set_user_preferences_save_invalid_pref(): void {
1410 global $DB;
1411 $this->resetAfterTest(true);
1412
1413 $user1 = self::getDataGenerator()->create_user();
1414
1415 // Save users preferences.
1416 $this->setAdminUser();
1417 $preferences = array(
1418 array(
1419 'name' => 'some_random_pref',
1420 'value' => 'abc',
1421 'userid' => $user1->id,
1422 ),
1423 );
1424
1425 $result = core_user_external::set_user_preferences($preferences);
1426 $result = external_api::clean_returnvalue(core_user_external::set_user_preferences_returns(), $result);
1427 $this->assertCount(1, $result['warnings']);
1428 $this->assertCount(0, $result['saved']);
1429 $this->assertEquals('nopermission', $result['warnings'][0]['warningcode']);
1430
1431 // Nothing was written to DB.
1432 $this->assertEmpty($DB->count_records('user_preferences', array('name' => 'some_random_pref')));
1433 }
1434
1435 /**
1436 * Test set_user_preferences for an invalid user
1437 */
1438 public function test_set_user_preferences_invalid_user(): void {
1439 $this->resetAfterTest(true);
1440
1441 $this->setAdminUser();
1442 $preferences = array(
1443 array(
1444 'name' => 'calendar_maxevents',
1445 'value' => 4,
1446 'userid' => -2
1447 )
1448 );
1449
1450 $result = core_user_external::set_user_preferences($preferences);
1451 $result = external_api::clean_returnvalue(core_user_external::set_user_preferences_returns(), $result);
1452 $this->assertCount(1, $result['warnings']);
1453 $this->assertCount(0, $result['saved']);
1454 $this->assertEquals('invaliduser', $result['warnings'][0]['warningcode']);
1455 $this->assertEquals(-2, $result['warnings'][0]['itemid']);
1456 }
1457
1458 /**
1459 * Test set_user_preferences using an invalid preference
1460 */
1461 public function test_set_user_preferences_invalid_preference(): void {
1462 global $USER, $DB;
1463
1464 $this->resetAfterTest(true);
1465 // Create a very long value.
1466 $this->setAdminUser();
1467 $preferences = array(
1468 array(
1469 'name' => 'calendar_maxevents',
1470 'value' => str_repeat('a', 1334),
1471 'userid' => $USER->id
1472 )
1473 );
1474
1475 $result = core_user_external::set_user_preferences($preferences);
1476 $result = external_api::clean_returnvalue(core_user_external::set_user_preferences_returns(), $result);
1477 $this->assertCount(0, $result['warnings']);
1478 $this->assertCount(1, $result['saved']);
1479 // Cleaned valud of the preference was saved.
1480 $this->assertEquals(1, $DB->get_field('user_preferences', 'value',
1481 array('userid' => $USER->id, 'name' => 'calendar_maxevents')));
1482 }
1483
1484 /**
1485 * Test set_user_preferences for other user not being admin
1486 */
1487 public function test_set_user_preferences_capability(): void {
1488 $this->resetAfterTest(true);
1489
1490 $user1 = self::getDataGenerator()->create_user();
1491 $user2 = self::getDataGenerator()->create_user();
1492
1493 $this->setUser($user1);
1494 $preferences = array(
1495 array(
1496 'name' => 'calendar_maxevents',
1497 'value' => 4,
1498 'userid' => $user2->id
1499 )
1500 );
1501
1502 $result = core_user_external::set_user_preferences($preferences);
1503
1504 $this->assertCount(1, $result['warnings']);
1505 $this->assertCount(0, $result['saved']);
1506 $this->assertEquals('nopermission', $result['warnings'][0]['warningcode']);
1507 $this->assertEquals($user2->id, $result['warnings'][0]['itemid']);
1508 }
1509
1510 /**
1511 * Test update_user_preferences unsetting an existing preference.
1512 */
1513 public function test_update_user_preferences_unset(): void {
1514 global $DB;
1515 $this->resetAfterTest(true);
1516
1517 $user = self::getDataGenerator()->create_user();
1518
1519 // Save users preferences.
1520 $this->setAdminUser();
1521 $preferences = array(
1522 array(
1523 'name' => 'htmleditor',
1524 'value' => 'atto',
1525 'userid' => $user->id,
1526 )
1527 );
1528
1529 $result = core_user_external::set_user_preferences($preferences);
1530 $result = external_api::clean_returnvalue(core_user_external::set_user_preferences_returns(), $result);
1531 $this->assertCount(0, $result['warnings']);
1532 $this->assertCount(1, $result['saved']);
1533
1534 // Get preference from DB to avoid cache.
1535 $this->assertEquals('atto', $DB->get_field('user_preferences', 'value',
1536 array('userid' => $user->id, 'name' => 'htmleditor')));
1537
1538 // Now, unset.
1539 $result = core_user_external::update_user_preferences($user->id, null, array(array('type' => 'htmleditor')));
1540
1541 $this->assertEquals(0, $DB->count_records('user_preferences', array('userid' => $user->id, 'name' => 'htmleditor')));
1542 }
1543
1544 /**
1545 * Test agree_site_policy
1546 */
1547 public function test_agree_site_policy(): void {
1548 global $CFG, $DB, $USER;
1549 $this->resetAfterTest(true);
1550
1551 $user = self::getDataGenerator()->create_user();
1552 $this->setUser($user);
1553
1554 // Site policy not set.
1555 $result = core_user_external::agree_site_policy();
1556 $result = external_api::clean_returnvalue(core_user_external::agree_site_policy_returns(), $result);
1557 $this->assertFalse($result['status']);
1558 $this->assertCount(1, $result['warnings']);
1559 $this->assertEquals('nositepolicy', $result['warnings'][0]['warningcode']);
1560
1561 // Set a policy issue.
1562 $CFG->sitepolicy = 'https://moodle.org';
1563 $this->assertEquals(0, $USER->policyagreed);
1564
1565 $result = core_user_external::agree_site_policy();
1566 $result = external_api::clean_returnvalue(core_user_external::agree_site_policy_returns(), $result);
1567 $this->assertTrue($result['status']);
1568 $this->assertCount(0, $result['warnings']);
1569 $this->assertEquals(1, $USER->policyagreed);
1570 $this->assertEquals(1, $DB->get_field('user', 'policyagreed', array('id' => $USER->id)));
1571
1572 // Try again, we should get a warning.
1573 $result = core_user_external::agree_site_policy();
1574 $result = external_api::clean_returnvalue(core_user_external::agree_site_policy_returns(), $result);
1575 $this->assertFalse($result['status']);
1576 $this->assertCount(1, $result['warnings']);
1577 $this->assertEquals('alreadyagreed', $result['warnings'][0]['warningcode']);
1578
1579 // Set something to make require_login throws an exception.
1580 $otheruser = self::getDataGenerator()->create_user();
1581 $this->setUser($otheruser);
1582
1583 $DB->set_field('user', 'lastname', '', array('id' => $USER->id));
1584 $USER->lastname = '';
1585 try {
1586 $result = core_user_external::agree_site_policy();
1587 $this->fail('Expecting \'usernotfullysetup\' moodle_exception to be thrown');
1588 } catch (\moodle_exception $e) {
1589 $this->assertEquals('usernotfullysetup', $e->errorcode);
1590 } catch (\Exception $e) {
1591 $this->fail('Expecting \'usernotfullysetup\' moodle_exception to be thrown.');
1592 }
1593 }
1594
1595 /**
1596 * Test get_private_files_info
1597 */
1598 public function test_get_private_files_info(): void {
1599
1600 $this->resetAfterTest(true);
1601 $user = self::getDataGenerator()->create_user();
1602 $this->setUser($user);
1603 $usercontext = \context_user::instance($user->id);
1604
1605 $filerecord = array(
1606 'contextid' => $usercontext->id,
1607 'component' => 'user',
1608 'filearea' => 'private',
1609 'itemid' => 0,
1610 'filepath' => '/',
1611 'filename' => 'thefile',
1612 );
1613
1614 $fs = get_file_storage();
1615 $file = $fs->create_file_from_string($filerecord, 'abc');
1616
1617 // Get my private files information.
1618 $result = core_user_external::get_private_files_info();
1619 $result = external_api::clean_returnvalue(core_user_external::get_private_files_info_returns(), $result);
1620 $this->assertEquals(1, $result['filecount']);
1621 $this->assertEquals($file->get_filesize(), $result['filesize']);
1622 $this->assertEquals(0, $result['foldercount']);
1623 $this->assertEquals($file->get_filesize(), $result['filesizewithoutreferences']);
1624
1625 // As admin, get user information.
1626 $this->setAdminUser();
1627 $result = core_user_external::get_private_files_info($user->id);
1628 $result = external_api::clean_returnvalue(core_user_external::get_private_files_info_returns(), $result);
1629 $this->assertEquals(1, $result['filecount']);
1630 $this->assertEquals($file->get_filesize(), $result['filesize']);
1631 $this->assertEquals(0, $result['foldercount']);
1632 $this->assertEquals($file->get_filesize(), $result['filesizewithoutreferences']);
1633 }
1634
1635 /**
1636 * Test get_private_files_info missing permissions.
1637 */
1638 public function test_get_private_files_info_missing_permissions(): void {
1639
1640 $this->resetAfterTest(true);
1641 $user1 = self::getDataGenerator()->create_user();
1642 $user2 = self::getDataGenerator()->create_user();
1643 $this->setUser($user1);
1644
1645 $this->expectException('required_capability_exception');
1646 // Try to retrieve other user private files info.
1647 core_user_external::get_private_files_info($user2->id);
1648 }
1649
1650 /**
1651 * Test the functionality of the {@see \core_user\external\search_identity} class.
1652 */
1653 public function test_external_search_identity(): void {
1654 global $CFG;
1655
1656 $this->resetAfterTest(true);
1657 $this->setAdminUser();
1658
1659 $user1 = self::getDataGenerator()->create_user([
1660 'firstname' => 'Firstone',
1661 'lastname' => 'Lastone',
1662 'username' => 'usernameone',
1663 'idnumber' => 'idnumberone',
1664 'email' => 'userone@example.com',
1665 'phone1' => 'tel1',
1666 'phone2' => 'tel2',
1667 'department' => 'Department Foo',
1668 'institution' => 'Institution Foo',
1669 'city' => 'City One',
1670 'country' => 'AU',
1671 ]);
1672
1673 $user2 = self::getDataGenerator()->create_user([
1674 'firstname' => 'Firsttwo',
1675 'lastname' => 'Lasttwo',
1676 'username' => 'usernametwo',
1677 'idnumber' => 'idnumbertwo',
1678 'email' => 'usertwo@example.com',
1679 'phone1' => 'tel1',
1680 'phone2' => 'tel2',
1681 'department' => 'Department Foo',
1682 'institution' => 'Institution Foo',
1683 'city' => 'City One',
1684 'country' => 'AU',
1685 ]);
1686
1687 $user3 = self::getDataGenerator()->create_user([
1688 'firstname' => 'Firstthree',
1689 'lastname' => 'Lastthree',
1690 'username' => 'usernamethree',
1691 'idnumber' => 'idnumberthree',
1692 'email' => 'userthree@example.com',
1693 'phone1' => 'tel1',
1694 'phone2' => 'tel2',
1695 'department' => 'Department Foo',
1696 'institution' => 'Institution Foo',
1697 'city' => 'City One',
1698 'country' => 'AU',
1699 ]);
1700
1701 $CFG->showuseridentity = 'email,idnumber,city';
1702 $CFG->maxusersperpage = 3;
1703
1704 $result = \core_user\external\search_identity::execute('Lastt');
1705 $result = external_api::clean_returnvalue(\core_user\external\search_identity::execute_returns(), $result);
1706
1707 $this->assertEquals(2, count($result['list']));
1708 $this->assertEquals(3, $result['maxusersperpage']);
1709 $this->assertEquals(false, $result['overflow']);
1710
1711 foreach ($result['list'] as $user) {
1712 $this->assertEquals(3, count($user['extrafields']));
1713 $this->assertEquals('email', $user['extrafields'][0]['name']);
1714 $this->assertEquals('idnumber', $user['extrafields'][1]['name']);
1715 $this->assertEquals('city', $user['extrafields'][2]['name']);
1716 }
1717
1718 $CFG->showuseridentity = 'username';
1719 $CFG->maxusersperpage = 2;
1720
1721 $result = \core_user\external\search_identity::execute('Firstt');
1722 $result = external_api::clean_returnvalue(\core_user\external\search_identity::execute_returns(), $result);
1723
1724 $this->assertEquals(2, count($result['list']));
1725 $this->assertEquals(2, $result['maxusersperpage']);
1726 $this->assertEquals(false, $result['overflow']);
1727
1728 foreach ($result['list'] as $user) {
1729 $this->assertEquals(1, count($user['extrafields']));
1730 $this->assertEquals('username', $user['extrafields'][0]['name']);
1731 }
1732
1733 $CFG->showuseridentity = 'email';
1734 $CFG->maxusersperpage = 2;
1735
1736 $result = \core_user\external\search_identity::execute('City One');
1737 $result = external_api::clean_returnvalue(\core_user\external\search_identity::execute_returns(), $result);
1738
1739 $this->assertEquals(0, count($result['list']));
1740 $this->assertEquals(2, $result['maxusersperpage']);
1741 $this->assertEquals(false, $result['overflow']);
1742
1743 $CFG->showuseridentity = 'city';
1744 $CFG->maxusersperpage = 2;
1745
1746 foreach ($result['list'] as $user) {
1747 $this->assertEquals(1, count($user['extrafields']));
1748 $this->assertEquals('username', $user['extrafields'][0]['name']);
1749 }
1750
1751 $result = \core_user\external\search_identity::execute('City One');
1752 $result = external_api::clean_returnvalue(\core_user\external\search_identity::execute_returns(), $result);
1753
1754 $this->assertEquals(2, count($result['list']));
1755 $this->assertEquals(2, $result['maxusersperpage']);
1756 $this->assertEquals(true, $result['overflow']);
1757 }
1758
1759 /**
1760 * Test functionality of the {@see \core_user\external\search_identity} class with alternativefullnameformat defined.
1761 */
1762 public function test_external_search_identity_with_alternativefullnameformat(): void {
1763 global $CFG;
1764
1765 $this->resetAfterTest(true);
1766 $this->setAdminUser();
1767
1768 $user1 = self::getDataGenerator()->create_user([
1769 'lastname' => '小柳',
1770 'lastnamephonetic' => 'Koyanagi',
1771 'firstname' => '秋',
1772 'firstnamephonetic' => 'Aki',
1773 'email' => 'koyanagiaki@example.com',
1774 'country' => 'JP',
1775 ]);
1776
1777 $CFG->showuseridentity = 'email';
1778 $CFG->maxusersperpage = 3;
1779 $CFG->alternativefullnameformat =
1780 '<ruby>lastname firstname <rp>(</rp><rt>lastnamephonetic firstnamephonetic</rt><rp>)</rp></ruby>';
1781
1782 $result = \core_user\external\search_identity::execute('Ak');
1783 $result = external_api::clean_returnvalue(\core_user\external\search_identity::execute_returns(), $result);
1784
1785 $this->assertEquals(1, count($result['list']));
1786 $this->assertEquals(3, $result['maxusersperpage']);
1787 $this->assertEquals(false, $result['overflow']);
1788
1789 foreach ($result['list'] as $user) {
1790 $this->assertEquals(1, count($user['extrafields']));
1791 $this->assertEquals('email', $user['extrafields'][0]['name']);
1792 }
1793 }
1794
1795 /**
1796 * Test verifying that update_user_preferences prevents changes to the default homepage for other users.
1797 */
1798 public function test_update_user_preferences_homepage_permission_callback(): void {
1799 global $DB;
1800 $this->resetAfterTest();
1801
1802 $user = self::getDataGenerator()->create_user();
1803 $this->setUser($user);
1804 $adminuser = get_admin();
1805
1806 // Allow user selection of the default homepage via preferences.
1807 set_config('defaulthomepage', HOMEPAGE_USER);
1808
1809 // Try to save another user's home page preference which uses the permissioncallback.
1810 $preferences = [
1811 [
1812 'name' => 'user_home_page_preference',
1813 'value' => '3',
1814 'userid' => $adminuser->id,
1815 ]
1816 ];
1817 $result = core_user_external::set_user_preferences($preferences);
1818 $result = external_api::clean_returnvalue(core_user_external::set_user_preferences_returns(), $result);
1819 $this->assertCount(1, $result['warnings']);
1820 $this->assertCount(0, $result['saved']);
1821
1822 // Verify no change to the preference, checking from DB to avoid cache.
1823 $this->assertEquals(null, $DB->get_field('user_preferences', 'value',
1824 ['userid' => $adminuser->id, 'name' => 'user_home_page_preference']));
1825 }
1826 }
Read-only mirror of the Moodle CVS