Moodle
  1. Moodle
  2. MDL-31209

web service error message: Indication about the service not containg the web service function is confusing

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Trivial Trivial
    • Resolution: Fixed
    • Affects Version/s: 2.2.1, 2.3.7, 2.4.4, 2.5
    • Fix Version/s: 2.3.8, 2.4.5, 2.5.1
    • Component/s: Web Services
    • Labels:
    • Testing Instructions:
      Hide

      Create a service that authorise users
      Add a user to this service
      On the page where you added the user, click on the name. You arrive on the user settings. here enter an IP address which is not yours.
      Create a ws token linked to this service.
      Call a webservice (use REST demo client for example: https://github.com/moodlehq/sample-ws-clients/tree/master/PHP-REST) and check that the returned error message is clear enough. See the commit to check that the text error message match the changes.

      Show
      Create a service that authorise users Add a user to this service On the page where you added the user, click on the name. You arrive on the user settings. here enter an IP address which is not yours. Create a ws token linked to this service. Call a webservice (use REST demo client for example: https://github.com/moodlehq/sample-ws-clients/tree/master/PHP-REST ) and check that the returned error message is clear enough. See the commit to check that the text error message match the changes.
    • Affected Branches:
      MOODLE_22_STABLE, MOODLE_23_STABLE, MOODLE_24_STABLE, MOODLE_25_STABLE
    • Fixed Branches:
      MOODLE_23_STABLE, MOODLE_24_STABLE, MOODLE_25_STABLE
    • Pull 2.4 Branch:
    • Pull Master Branch:
      MDL-31209-master
    • Rank:
      37660

      Description

      Following MDL-31138, the error message could be more accurate:

      "Access to the function local_wstemplate_hello_world() is not allowed. Please check if a service containing the function is enabled. In the service settings: if the service is restricted check that the user is listed. Still in the service settings check for IP restriction or if the service requires a capability"

      We should advice to check that the service linked to the token contains the called function. PS: in the case of username/password authentication, no specific service is linked. The current error message is more matching this authentication method.

        Activity

        Hide
        Jérôme Mouneyrac added a comment -

        Send to Helen for string reviews.

        Show
        Jérôme Mouneyrac added a comment - Send to Helen for string reviews.
        Hide
        Jérôme Mouneyrac added a comment -

        updated.

        Show
        Jérôme Mouneyrac added a comment - updated.
        Hide
        Andrew Davis added a comment -

        This issue is missing testing instructions. Please describe how a human tester can verify that this fix has been correctly integrated and is working correctly.

        Show
        Andrew Davis added a comment - This issue is missing testing instructions. Please describe how a human tester can verify that this fix has been correctly integrated and is working correctly.
        Hide
        Helen Foster added a comment -

        Jerome, thanks for asking me to take a look at the string. Here's my suggested small rewording:

        There could be multiple reasons for this:
        1. The service linked to the user token does not contain the function.
        2. The service is user-restricted and the user is not listed.
        3. The service is IP-restricted and the user IP is not listed.
        4. The service is time-restricted and the time has expired.
        5. The token is time-restricted and the time has expired.
        6. The service requires a specific capability which the user does not have.
        7. The function is called with username/password (no user token is sent) and none of the services has the function to allow the user.
        These settings can be found in Administration > Site administration > Plugins > Web services > External services and Manage tokens.

        Show
        Helen Foster added a comment - Jerome, thanks for asking me to take a look at the string. Here's my suggested small rewording: There could be multiple reasons for this: 1. The service linked to the user token does not contain the function. 2. The service is user-restricted and the user is not listed. 3. The service is IP-restricted and the user IP is not listed. 4. The service is time-restricted and the time has expired. 5. The token is time-restricted and the time has expired. 6. The service requires a specific capability which the user does not have. 7. The function is called with username/password (no user token is sent) and none of the services has the function to allow the user. These settings can be found in Administration > Site administration > Plugins > Web services > External services and Manage tokens.
        Hide
        Jérôme Mouneyrac added a comment -

        Thanks Helen.

        Show
        Jérôme Mouneyrac added a comment - Thanks Helen.
        Hide
        Eloy Lafuente (stronk7) added a comment -

        Integrated (23, 24, 25 & master), thanks!

        Show
        Eloy Lafuente (stronk7) added a comment - Integrated (23, 24, 25 & master), thanks!
        Hide
        Rajesh Taneja added a comment -

        Thanks Jerome,

        I can see the new message.

        FYI: I got following message by testing instructions.

        <?xml version="1.0" encoding="UTF-8" ?>
        <EXCEPTION class="webservice_access_exception">
        <ERRORCODE>accessexception</ERRORCODE>
        <MESSAGE>Access control exception</MESSAGE>
        <DEBUGINFO>Invalid service - IP:192.168.100.33 is not supported - check this allowed user</DEBUGINFO>
        </EXCEPTION>
        

        But passing function name (from ws-client) different then one linked in service throw expected message.
        Let me know it's ok to pass.

        Show
        Rajesh Taneja added a comment - Thanks Jerome, I can see the new message. FYI: I got following message by testing instructions. <?xml version="1.0" encoding="UTF-8" ?> <EXCEPTION class="webservice_access_exception"> <ERRORCODE>accessexception</ERRORCODE> <MESSAGE>Access control exception</MESSAGE> <DEBUGINFO>Invalid service - IP:192.168.100.33 is not supported - check this allowed user</DEBUGINFO> </EXCEPTION> But passing function name (from ws-client) different then one linked in service throw expected message. Let me know it's ok to pass.
        Hide
        Rajesh Taneja added a comment -

        Passing this as message for testing instructions in more precise and I could see the general (updated) message.

        Show
        Rajesh Taneja added a comment - Passing this as message for testing instructions in more precise and I could see the general (updated) message.
        Hide
        Damyon Wiese added a comment -

        Thanks for your contribution! This issue has been reviewed, integrated, tested and now released to everyone.

        Closing as Fixed!

        Show
        Damyon Wiese added a comment - Thanks for your contribution! This issue has been reviewed, integrated, tested and now released to everyone. Closing as Fixed!

          People

          • Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: