Details

    • Type: Sub-task Sub-task
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 2.1.2
    • Fix Version/s: 2.1.3
    • Component/s: Web Services
    • Labels:
      None
    • Testing Instructions:
      Hide

      1- create a web service (enabled and authorised for a specific username)
      2- in the mysql/postgres 'external_services' table, set manually the SHORTNAME
      3- Enter in your browser: http://yourmoodle/login/token.php?service=SHORTNAME&username=USERNAME&password=PASSWORD (do not test with an admin user expect if asked)

      //none admin username who hasn't the moodle/webservice:createtoken capability
      a) you already created a token in the admin with an expired valid date => error message (Moodle will fail to find a token, and try to create a new one)
      b) you already created a token in the admin with a different ip address => error message (Moodle will fail to find a token, and try to create a new one)
      c) you already created a token in the admin but for a different service => error message (Moodle will fail to find a token, and try to create a new one)
      d) you already created a token in the admin (the service is enabled and authorised for everybody, correct valid dates, correct ip restrictions) => the token is returned

      //none admin username who has the moodle/webservice:createtoken capbility (excepted if mentioned)
      e) the user is an admin
      f) the user is not authorised on a restricted service => error message
      g) the user is authorised but has a expired valid date (manage service admin page, click on authorised user then on the user full name link) => error message
      h) the user is authorised but has a different ip address => error message
      i) the user has not the capability to create a token (moodle/webservice:createtoken) => error message
      j) the user never visited his security keys page (i.e. not token was previously generated) and everything is set up correctly => a token is returned
      k) you run j) a new time (so a token has been generated) => the same token is returned.
      l) the user has not the service required capability.

      Now you are going to use the 'moodle_mobile_app' shortname (the mobile service). Enable it first in the administration. Redo i), it should success if the user doesn't have the 'moodle/webservice:createtoken' capability. Mobile service does not require the capability but the 'moodle/webservice:createmobiletoken' capability.

      Show
      1- create a web service (enabled and authorised for a specific username) 2- in the mysql/postgres 'external_services' table, set manually the SHORTNAME 3- Enter in your browser: http://yourmoodle/login/token.php?service=SHORTNAME&username=USERNAME&password=PASSWORD (do not test with an admin user expect if asked) //none admin username who hasn't the moodle/webservice:createtoken capability a) you already created a token in the admin with an expired valid date => error message (Moodle will fail to find a token, and try to create a new one) b) you already created a token in the admin with a different ip address => error message (Moodle will fail to find a token, and try to create a new one) c) you already created a token in the admin but for a different service => error message (Moodle will fail to find a token, and try to create a new one) d) you already created a token in the admin (the service is enabled and authorised for everybody, correct valid dates, correct ip restrictions) => the token is returned //none admin username who has the moodle/webservice:createtoken capbility (excepted if mentioned) e) the user is an admin f) the user is not authorised on a restricted service => error message g) the user is authorised but has a expired valid date (manage service admin page, click on authorised user then on the user full name link) => error message h) the user is authorised but has a different ip address => error message i) the user has not the capability to create a token (moodle/webservice:createtoken) => error message j) the user never visited his security keys page (i.e. not token was previously generated) and everything is set up correctly => a token is returned k) you run j) a new time (so a token has been generated) => the same token is returned. l) the user has not the service required capability. Now you are going to use the 'moodle_mobile_app' shortname (the mobile service). Enable it first in the administration. Redo i), it should success if the user doesn't have the 'moodle/webservice:createtoken' capability. Mobile service does not require the capability but the 'moodle/webservice:createmobiletoken' capability.
    • Affected Branches:
      MOODLE_21_STABLE
    • Fixed Branches:
      MOODLE_21_STABLE

      Gliffy Diagrams

        Issue Links

          Activity

          Hide
          Jérôme Mouneyrac added a comment - - edited

          Hi,
          I'm sending this for integration. It is based on three commits (atm twoof them are in integration process on 2.2 but there should not be any issue).
          The token.php file in 2.1 was exactly the same that it was in 2.2 before the same three commits, so there are no reason it doesn't work.

          Show
          Jérôme Mouneyrac added a comment - - edited Hi, I'm sending this for integration. It is based on three commits (atm twoof them are in integration process on 2.2 but there should not be any issue). The token.php file in 2.1 was exactly the same that it was in 2.2 before the same three commits, so there are no reason it doesn't work.
          Hide
          Eloy Lafuente (stronk7) added a comment -

          The main moodle.git repository has just been updated with latest weekly modifications. You may wish to rebase your PULL branches to simplify history and avoid any possible merge conflicts. This would also make integrator's life easier next week.

          TIA and ciao

          Show
          Eloy Lafuente (stronk7) added a comment - The main moodle.git repository has just been updated with latest weekly modifications. You may wish to rebase your PULL branches to simplify history and avoid any possible merge conflicts. This would also make integrator's life easier next week. TIA and ciao
          Hide
          Jérôme Mouneyrac added a comment -

          The commits are from: MDL-29716, MDL-29931, MDL-30043

          Show
          Jérôme Mouneyrac added a comment - The commits are from: MDL-29716 , MDL-29931 , MDL-30043
          Hide
          Eloy Lafuente (stronk7) added a comment -

          Seems to be the correct sum of MDL-29716, MDL-29931, MDL-30043, so I guess it also requires the sum of their testing instructions (only MDL-29716 ones seem to be present now). Could you complete them, plz? TIA!

          Integrated, thanks!

          Show
          Eloy Lafuente (stronk7) added a comment - Seems to be the correct sum of MDL-29716 , MDL-29931 , MDL-30043 , so I guess it also requires the sum of their testing instructions (only MDL-29716 ones seem to be present now). Could you complete them, plz? TIA! Integrated, thanks!
          Hide
          Rossiani Wijaya added a comment -

          The patch for this issue is working fine.

          However, I also found other bugs while testing this.

          New issues can be found on 'issue links' section.

          Marking this issue as test passed.

          Show
          Rossiani Wijaya added a comment - The patch for this issue is working fine. However, I also found other bugs while testing this. New issues can be found on 'issue links' section. Marking this issue as test passed.
          Hide
          Eloy Lafuente (stronk7) added a comment -

          Yes, you got this finally upstream, just in time for Moodle 2.2beta. Congrats and thanks!

          Ciao

          Show
          Eloy Lafuente (stronk7) added a comment - Yes, you got this finally upstream, just in time for Moodle 2.2beta. Congrats and thanks! Ciao

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: