MDL-81717 h5p: Improve robustness content type fetching
[moodle.git] / webservice / externallib.php
blobcd76c808b2257fa61052eb1a3de527e2beb40242
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17 use core_external\external_function_parameters;
18 use core_external\external_multiple_structure;
19 use core_external\external_single_structure;
20 use core_external\external_value;
21 /**
22 * Web service related functions
24 * @package core_webservice
25 * @category external
26 * @copyright 2011 Jerome Mouneyrac <jerome@moodle.com>
27 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
28 * @since Moodle 2.2
30 class core_webservice_external extends \core_external\external_api {
32 /**
33 * Returns description of method parameters
35 * @return external_function_parameters
36 * @since Moodle 2.2
38 public static function get_site_info_parameters() {
39 return new external_function_parameters(
40 array('serviceshortnames' => new external_multiple_structure (
41 new external_value(
42 PARAM_ALPHANUMEXT,
43 'service shortname'),
44 'DEPRECATED PARAMETER - it was a design error in the original implementation. \
45 It is ignored now. (parameter kept for backward compatibility)',
46 VALUE_DEFAULT,
47 array()
53 /**
54 * Return user information including profile picture + basic site information
55 * Note:
56 * - no capability checking because we return only known information about logged user
58 * @param array $serviceshortnames - DEPRECATED PARAMETER - values will be ignored -
59 * it was an original design error, we keep for backward compatibility.
60 * @return array site info
61 * @since Moodle 2.2
63 public static function get_site_info($serviceshortnames = array()) {
64 global $USER, $SITE, $CFG, $DB, $PAGE;
66 $params = self::validate_parameters(self::get_site_info_parameters(),
67 array('serviceshortnames'=>$serviceshortnames));
69 $context = context_user::instance($USER->id);
70 $systemcontext = context_system::instance();
72 $userpicture = new user_picture($USER);
73 $userpicture->size = 1; // Size f1.
74 $profileimageurl = $userpicture->get_url($PAGE);
76 // Site information.
77 $siteinfo = array(
78 'sitename' => \core_external\util::format_string($SITE->fullname, $systemcontext),
79 'siteurl' => $CFG->wwwroot,
80 'username' => $USER->username,
81 'firstname' => $USER->firstname,
82 'lastname' => $USER->lastname,
83 'fullname' => fullname($USER),
84 'lang' => clean_param(current_language(), PARAM_LANG),
85 'userid' => $USER->id,
86 'userpictureurl' => $profileimageurl->out(false),
87 'siteid' => SITEID
90 // Retrieve the service and functions from the web service linked to the token
91 // If you call this function directly from external (not a web service call),
92 // then it will still return site info without information about a service
93 // Note: wsusername/wspassword ws authentication is not supported.
94 $functions = array();
95 if ($CFG->enablewebservices) { // No need to check token if web service are disabled and not a ws call.
96 $token = optional_param('wstoken', '', PARAM_ALPHANUM);
98 if (!empty($token)) { // No need to run if not a ws call.
99 // Retrieve service shortname.
100 $servicesql = 'SELECT s.*
101 FROM {external_services} s, {external_tokens} t
102 WHERE t.externalserviceid = s.id AND token = ? AND t.userid = ? AND s.enabled = 1';
103 $service = $DB->get_record_sql($servicesql, array($token, $USER->id));
105 $siteinfo['downloadfiles'] = $service->downloadfiles;
106 $siteinfo['uploadfiles'] = $service->uploadfiles;
108 if (!empty($service)) {
109 // Return the release and version number for web service users only.
110 $siteinfo['release'] = $CFG->release;
111 $siteinfo['version'] = $CFG->version;
112 // Retrieve the functions.
113 $functionssql = "SELECT f.*
114 FROM {external_functions} f, {external_services_functions} sf
115 WHERE f.name = sf.functionname AND sf.externalserviceid = ?";
116 $functions = $DB->get_records_sql($functionssql, array($service->id));
117 } else {
118 throw new coding_exception('No service found in get_site_info: something is buggy, \
119 it should have fail at the ws server authentication layer.');
124 // Build up the returned values of the list of functions.
125 $componentversions = array();
126 $availablefunctions = array();
127 foreach ($functions as $function) {
128 $functioninfo = array();
129 $functioninfo['name'] = $function->name;
130 if ($function->component == 'moodle' || $function->component == 'core') {
131 $version = $CFG->version; // Moodle version.
132 } else {
133 $versionpath = core_component::get_component_directory($function->component).'/version.php';
134 if (is_readable($versionpath)) {
135 // We store the component version once retrieved (so we don't load twice the version.php).
136 if (!isset($componentversions[$function->component])) {
137 $plugin = new stdClass();
138 include($versionpath);
139 $componentversions[$function->component] = $plugin->version;
140 $version = $plugin->version;
141 } else {
142 $version = $componentversions[$function->component];
144 } else {
145 // Ignore this component or plugin, it was probably incorrectly uninstalled.
146 continue;
149 $functioninfo['version'] = $version;
150 $availablefunctions[] = $functioninfo;
153 $siteinfo['functions'] = $availablefunctions;
155 // Mobile CSS theme and alternative login url.
156 $siteinfo['mobilecssurl'] = !empty($CFG->mobilecssurl) ? $CFG->mobilecssurl : '';
158 // Retrieve some advanced features. Only enable/disable ones (bool).
159 $advancedfeatures = ["usecomments", "usetags", "enablenotes", "messaging", "enableblogs",
160 "enablecompletion", "enablebadges", "messagingallusers", "enablecustomreports", "enableglobalsearch"];
162 foreach ($advancedfeatures as $feature) {
163 if (isset($CFG->{$feature})) {
164 $siteinfo['advancedfeatures'][] = array(
165 'name' => $feature,
166 'value' => (int) $CFG->{$feature}
170 // Special case mnet_dispatcher_mode.
171 $siteinfo['advancedfeatures'][] = array(
172 'name' => 'mnet_dispatcher_mode',
173 'value' => ($CFG->mnet_dispatcher_mode == 'strict') ? 1 : 0
175 // Competencies.
176 $enablecompetencies = get_config('core_competency', 'enabled');
177 $siteinfo['advancedfeatures'][] = [
178 'name' => 'enablecompetencies',
179 'value' => (!empty($enablecompetencies)) ? 1 : 0,
182 // User can manage own files.
183 $siteinfo['usercanmanageownfiles'] = has_capability('moodle/user:manageownfiles', $context);
185 // User quota. 0 means user can ignore the quota.
186 $siteinfo['userquota'] = 0;
187 if (!has_capability('moodle/user:ignoreuserquota', $context)) {
188 $siteinfo['userquota'] = (int) $CFG->userquota; // Cast to int to ensure value is not higher than PHP_INT_MAX.
191 // User max upload file size. -1 means the user can ignore the upload file size.
192 // Cast to int to ensure value is not higher than PHP_INT_MAX.
193 $siteinfo['usermaxuploadfilesize'] = (int) get_user_max_upload_file_size($context, $CFG->maxbytes);
195 // User home page.
196 $siteinfo['userhomepage'] = get_home_page();
198 // Calendar.
199 $siteinfo['sitecalendartype'] = $CFG->calendartype;
200 if (empty($USER->calendartype)) {
201 $siteinfo['usercalendartype'] = $CFG->calendartype;
202 } else {
203 $siteinfo['usercalendartype'] = $USER->calendartype;
205 $siteinfo['userissiteadmin'] = is_siteadmin();
207 // User key, to avoid using the WS token for fetching assets.
208 $siteinfo['userprivateaccesskey'] = get_user_key('core_files', $USER->id);
210 // Current theme.
211 $siteinfo['theme'] = clean_param($PAGE->theme->name, PARAM_THEME); // We always clean to avoid problem with old sites.
213 $siteinfo['limitconcurrentlogins'] = (int) $CFG->limitconcurrentlogins;
214 if (!empty($CFG->limitconcurrentlogins)) {
215 // For performance, only when enabled.
216 $siteinfo['usersessionscount'] = $DB->count_records('sessions', ['userid' => $USER->id]);
219 $siteinfo['policyagreed'] = $USER->policyagreed;
221 return $siteinfo;
225 * Returns description of method result value
227 * @return external_single_structure
228 * @since Moodle 2.2
230 public static function get_site_info_returns() {
231 return new external_single_structure(
232 array(
233 'sitename' => new external_value(PARAM_RAW, 'site name'),
234 'username' => new external_value(PARAM_RAW, 'username'),
235 'firstname' => new external_value(PARAM_TEXT, 'first name'),
236 'lastname' => new external_value(PARAM_TEXT, 'last name'),
237 'fullname' => new external_value(PARAM_TEXT, 'user full name'),
238 'lang' => new external_value(PARAM_LANG, 'Current language.'),
239 'userid' => new external_value(PARAM_INT, 'user id'),
240 'siteurl' => new external_value(PARAM_RAW, 'site url'),
241 'userpictureurl' => new external_value(PARAM_URL, 'the user profile picture.
242 Warning: this url is the public URL that only works when forcelogin is set to NO and guestaccess is set to YES.
243 In order to retrieve user profile pictures independently of the Moodle config, replace "pluginfile.php" by
244 "webservice/pluginfile.php?token=WSTOKEN&file="
245 Of course the user can only see profile picture depending
246 on his/her permissions. Moreover it is recommended to use HTTPS too.'),
247 'functions' => new external_multiple_structure(
248 new external_single_structure(
249 array(
250 'name' => new external_value(PARAM_RAW, 'function name'),
251 'version' => new external_value(PARAM_TEXT,
252 'The version number of the component to which the function belongs')
253 ), 'functions that are available')
255 'downloadfiles' => new external_value(PARAM_INT, '1 if users are allowed to download files, 0 if not',
256 VALUE_OPTIONAL),
257 'uploadfiles' => new external_value(PARAM_INT, '1 if users are allowed to upload files, 0 if not',
258 VALUE_OPTIONAL),
259 'release' => new external_value(PARAM_TEXT, 'Moodle release number', VALUE_OPTIONAL),
260 'version' => new external_value(PARAM_TEXT, 'Moodle version number', VALUE_OPTIONAL),
261 'mobilecssurl' => new external_value(PARAM_URL, 'Mobile custom CSS theme', VALUE_OPTIONAL),
262 'advancedfeatures' => new external_multiple_structure(
263 new external_single_structure(
264 array(
265 'name' => new external_value(PARAM_ALPHANUMEXT, 'feature name'),
266 'value' => new external_value(PARAM_INT, 'feature value. Usually 1 means enabled.')
268 'Advanced features availability'
270 'Advanced features availability',
271 VALUE_OPTIONAL
273 'usercanmanageownfiles' => new external_value(PARAM_BOOL,
274 'true if the user can manage his own files', VALUE_OPTIONAL),
275 'userquota' => new external_value(PARAM_INT,
276 'user quota (bytes). 0 means user can ignore the quota', VALUE_OPTIONAL),
277 'usermaxuploadfilesize' => new external_value(PARAM_INT,
278 'user max upload file size (bytes). -1 means the user can ignore the upload file size',
279 VALUE_OPTIONAL),
280 'userhomepage' => new external_value(PARAM_INT,
281 'the default home page for the user: 0 for the site home, 1 for dashboard',
282 VALUE_OPTIONAL),
283 'userprivateaccesskey' => new external_value(PARAM_ALPHANUM, 'Private user access key for fetching files.',
284 VALUE_OPTIONAL),
285 'siteid' => new external_value(PARAM_INT, 'Site course ID', VALUE_OPTIONAL),
286 'sitecalendartype' => new external_value(PARAM_PLUGIN, 'Calendar type set in the site.', VALUE_OPTIONAL),
287 'usercalendartype' => new external_value(PARAM_PLUGIN, 'Calendar typed used by the user.', VALUE_OPTIONAL),
288 'userissiteadmin' => new external_value(PARAM_BOOL, 'Whether the user is a site admin or not.', VALUE_OPTIONAL),
289 'theme' => new external_value(PARAM_THEME, 'Current theme for the user.', VALUE_OPTIONAL),
290 'limitconcurrentlogins' => new external_value(PARAM_INT, 'Number of concurrent sessions allowed', VALUE_OPTIONAL),
291 'usersessionscount' => new external_value(PARAM_INT, 'Number of active sessions for current user.
292 Only returned when limitconcurrentlogins is used.', VALUE_OPTIONAL),
293 'policyagreed' => new external_value(PARAM_INT, 'Whether user accepted all the policies.', VALUE_OPTIONAL),