Details

    • Type: Sub-task Sub-task
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 2.1.2
    • Fix Version/s: 2.1.3
    • Component/s: Web Services
    • Labels:
      None
    • Testing Instructions:
      Hide

      1- create a web service (enabled and authorised for a specific username)
      2- in the mysql/postgres 'external_services' table, set manually the SHORTNAME
      3- Enter in your browser: http://yourmoodle/login/token.php?service=SHORTNAME&username=USERNAME&password=PASSWORD (do not test with an admin user expect if asked)

      //none admin username who hasn't the moodle/webservice:createtoken capability
      a) you already created a token in the admin with an expired valid date => error message (Moodle will fail to find a token, and try to create a new one)
      b) you already created a token in the admin with a different ip address => error message (Moodle will fail to find a token, and try to create a new one)
      c) you already created a token in the admin but for a different service => error message (Moodle will fail to find a token, and try to create a new one)
      d) you already created a token in the admin (the service is enabled and authorised for everybody, correct valid dates, correct ip restrictions) => the token is returned

      //none admin username who has the moodle/webservice:createtoken capbility (excepted if mentioned)
      e) the user is an admin
      f) the user is not authorised on a restricted service => error message
      g) the user is authorised but has a expired valid date (manage service admin page, click on authorised user then on the user full name link) => error message
      h) the user is authorised but has a different ip address => error message
      i) the user has not the capability to create a token (moodle/webservice:createtoken) => error message
      j) the user never visited his security keys page (i.e. not token was previously generated) and everything is set up correctly => a token is returned
      k) you run j) a new time (so a token has been generated) => the same token is returned.
      l) the user has not the service required capability.

      Now you are going to use the 'moodle_mobile_app' shortname (the mobile service). Enable it first in the administration. Redo i), it should success if the user doesn't have the 'moodle/webservice:createtoken' capability. Mobile service does not require the capability but the 'moodle/webservice:createmobiletoken' capability.

      Show
      1- create a web service (enabled and authorised for a specific username) 2- in the mysql/postgres 'external_services' table, set manually the SHORTNAME 3- Enter in your browser: http://yourmoodle/login/token.php?service=SHORTNAME&username=USERNAME&password=PASSWORD (do not test with an admin user expect if asked) //none admin username who hasn't the moodle/webservice:createtoken capability a) you already created a token in the admin with an expired valid date => error message (Moodle will fail to find a token, and try to create a new one) b) you already created a token in the admin with a different ip address => error message (Moodle will fail to find a token, and try to create a new one) c) you already created a token in the admin but for a different service => error message (Moodle will fail to find a token, and try to create a new one) d) you already created a token in the admin (the service is enabled and authorised for everybody, correct valid dates, correct ip restrictions) => the token is returned //none admin username who has the moodle/webservice:createtoken capbility (excepted if mentioned) e) the user is an admin f) the user is not authorised on a restricted service => error message g) the user is authorised but has a expired valid date (manage service admin page, click on authorised user then on the user full name link) => error message h) the user is authorised but has a different ip address => error message i) the user has not the capability to create a token (moodle/webservice:createtoken) => error message j) the user never visited his security keys page (i.e. not token was previously generated) and everything is set up correctly => a token is returned k) you run j) a new time (so a token has been generated) => the same token is returned. l) the user has not the service required capability. Now you are going to use the 'moodle_mobile_app' shortname (the mobile service). Enable it first in the administration. Redo i), it should success if the user doesn't have the 'moodle/webservice:createtoken' capability. Mobile service does not require the capability but the 'moodle/webservice:createmobiletoken' capability.
    • Affected Branches:
      MOODLE_21_STABLE
    • Fixed Branches:
      MOODLE_21_STABLE
    • Rank:
      24455

      Issue Links

        Activity

        Hide
        Jérôme Mouneyrac added a comment - - edited

        Hi,
        I'm sending this for integration. It is based on three commits (atm twoof them are in integration process on 2.2 but there should not be any issue).
        The token.php file in 2.1 was exactly the same that it was in 2.2 before the same three commits, so there are no reason it doesn't work.

        Show
        Jérôme Mouneyrac added a comment - - edited Hi, I'm sending this for integration. It is based on three commits (atm twoof them are in integration process on 2.2 but there should not be any issue). The token.php file in 2.1 was exactly the same that it was in 2.2 before the same three commits, so there are no reason it doesn't work.
        Hide
        Eloy Lafuente (stronk7) added a comment -

        The main moodle.git repository has just been updated with latest weekly modifications. You may wish to rebase your PULL branches to simplify history and avoid any possible merge conflicts. This would also make integrator's life easier next week.

        TIA and ciao

        Show
        Eloy Lafuente (stronk7) added a comment - The main moodle.git repository has just been updated with latest weekly modifications. You may wish to rebase your PULL branches to simplify history and avoid any possible merge conflicts. This would also make integrator's life easier next week. TIA and ciao
        Hide
        Jérôme Mouneyrac added a comment -

        The commits are from: MDL-29716, MDL-29931, MDL-30043

        Show
        Jérôme Mouneyrac added a comment - The commits are from: MDL-29716 , MDL-29931 , MDL-30043
        Hide
        Eloy Lafuente (stronk7) added a comment -

        Seems to be the correct sum of MDL-29716, MDL-29931, MDL-30043, so I guess it also requires the sum of their testing instructions (only MDL-29716 ones seem to be present now). Could you complete them, plz? TIA!

        Integrated, thanks!

        Show
        Eloy Lafuente (stronk7) added a comment - Seems to be the correct sum of MDL-29716 , MDL-29931 , MDL-30043 , so I guess it also requires the sum of their testing instructions (only MDL-29716 ones seem to be present now). Could you complete them, plz? TIA! Integrated, thanks!
        Hide
        Rossiani Wijaya added a comment -

        The patch for this issue is working fine.

        However, I also found other bugs while testing this.

        New issues can be found on 'issue links' section.

        Marking this issue as test passed.

        Show
        Rossiani Wijaya added a comment - The patch for this issue is working fine. However, I also found other bugs while testing this. New issues can be found on 'issue links' section. Marking this issue as test passed.
        Hide
        Eloy Lafuente (stronk7) added a comment -

        Yes, you got this finally upstream, just in time for Moodle 2.2beta. Congrats and thanks!

        Ciao

        Show
        Eloy Lafuente (stronk7) added a comment - Yes, you got this finally upstream, just in time for Moodle 2.2beta. Congrats and thanks! Ciao

          People

          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: