Moodle

web service error message: Indication about the service not containg the web service function is confusing

Details

  • Type: Bug Bug
  • Status: Closed Closed
  • Priority: Trivial Trivial
  • Resolution: Fixed
  • Affects Version/s: 2.2.1, 2.3.7, 2.4.4, 2.5
  • Fix Version/s: 2.3.8, 2.4.5, 2.5.1
  • Component/s: Web Services
  • Labels:
  • Testing Instructions:
    Hide

    Create a service that authorise users
    Add a user to this service
    On the page where you added the user, click on the name. You arrive on the user settings. here enter an IP address which is not yours.
    Create a ws token linked to this service.
    Call a webservice (use REST demo client for example: https://github.com/moodlehq/sample-ws-clients/tree/master/PHP-REST) and check that the returned error message is clear enough. See the commit to check that the text error message match the changes.

    Show
    Create a service that authorise users Add a user to this service On the page where you added the user, click on the name. You arrive on the user settings. here enter an IP address which is not yours. Create a ws token linked to this service. Call a webservice (use REST demo client for example: https://github.com/moodlehq/sample-ws-clients/tree/master/PHP-REST ) and check that the returned error message is clear enough. See the commit to check that the text error message match the changes.
  • Affected Branches:
    MOODLE_22_STABLE, MOODLE_23_STABLE, MOODLE_24_STABLE, MOODLE_25_STABLE
  • Fixed Branches:
    MOODLE_23_STABLE, MOODLE_24_STABLE, MOODLE_25_STABLE
  • Pull from Repository:
  • Pull 2.4 Branch:
  • Pull 2.4 Diff URL:
  • Pull Master Branch:
    MDL-31209-master
  • Pull Master Diff URL:

Description

Following MDL-31138, the error message could be more accurate:

"Access to the function local_wstemplate_hello_world() is not allowed. Please check if a service containing the function is enabled. In the service settings: if the service is restricted check that the user is listed. Still in the service settings check for IP restriction or if the service requires a capability"

We should advice to check that the service linked to the token contains the called function. PS: in the case of username/password authentication, no specific service is linked. The current error message is more matching this authentication method.

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Jérôme Mouneyrac added a comment -

Send to Helen for string reviews.

Show
Jérôme Mouneyrac added a comment - Send to Helen for string reviews.
Hide
Permalink
Jérôme Mouneyrac added a comment -

updated.

Show
Jérôme Mouneyrac added a comment - updated.
Hide
Permalink
Andrew Davis added a comment -

This issue is missing testing instructions. Please describe how a human tester can verify that this fix has been correctly integrated and is working correctly.

Show
Andrew Davis added a comment - This issue is missing testing instructions. Please describe how a human tester can verify that this fix has been correctly integrated and is working correctly.
Hide
Permalink
Helen Foster added a comment -

Jerome, thanks for asking me to take a look at the string. Here's my suggested small rewording:

There could be multiple reasons for this:
1. The service linked to the user token does not contain the function.
2. The service is user-restricted and the user is not listed.
3. The service is IP-restricted and the user IP is not listed.
4. The service is time-restricted and the time has expired.
5. The token is time-restricted and the time has expired.
6. The service requires a specific capability which the user does not have.
7. The function is called with username/password (no user token is sent) and none of the services has the function to allow the user.
These settings can be found in Administration > Site administration > Plugins > Web services > External services and Manage tokens.

Show
Helen Foster added a comment - Jerome, thanks for asking me to take a look at the string. Here's my suggested small rewording: There could be multiple reasons for this: 1. The service linked to the user token does not contain the function. 2. The service is user-restricted and the user is not listed. 3. The service is IP-restricted and the user IP is not listed. 4. The service is time-restricted and the time has expired. 5. The token is time-restricted and the time has expired. 6. The service requires a specific capability which the user does not have. 7. The function is called with username/password (no user token is sent) and none of the services has the function to allow the user. These settings can be found in Administration > Site administration > Plugins > Web services > External services and Manage tokens.
Hide
Permalink
Jérôme Mouneyrac added a comment -

Thanks Helen.

Show
Jérôme Mouneyrac added a comment - Thanks Helen.
Hide
Permalink
Eloy Lafuente (stronk7) added a comment -

Integrated (23, 24, 25 & master), thanks!

Show
Eloy Lafuente (stronk7) added a comment - Integrated (23, 24, 25 & master), thanks!
Hide
Permalink
Rajesh Taneja added a comment -

Thanks Jerome,

I can see the new message.

FYI: I got following message by testing instructions.

<?xml version="1.0" encoding="UTF-8" ?>
<EXCEPTION class="webservice_access_exception">
<ERRORCODE>accessexception</ERRORCODE>
<MESSAGE>Access control exception</MESSAGE>
<DEBUGINFO>Invalid service - IP:192.168.100.33 is not supported - check this allowed user</DEBUGINFO>
</EXCEPTION>

But passing function name (from ws-client) different then one linked in service throw expected message.
Let me know it's ok to pass.

Show
Rajesh Taneja added a comment - Thanks Jerome, I can see the new message. FYI: I got following message by testing instructions. <?xml version="1.0" encoding="UTF-8" ?> <EXCEPTION class="webservice_access_exception"> <ERRORCODE>accessexception</ERRORCODE> <MESSAGE>Access control exception</MESSAGE> <DEBUGINFO>Invalid service - IP:192.168.100.33 is not supported - check this allowed user</DEBUGINFO> </EXCEPTION> But passing function name (from ws-client) different then one linked in service throw expected message. Let me know it's ok to pass.
Hide
Permalink
Rajesh Taneja added a comment -

Passing this as message for testing instructions in more precise and I could see the general (updated) message.

Show
Rajesh Taneja added a comment - Passing this as message for testing instructions in more precise and I could see the general (updated) message.
Hide
Permalink
Damyon Wiese added a comment -

Thanks for your contribution! This issue has been reviewed, integrated, tested and now released to everyone.

Closing as Fixed!

Show
Damyon Wiese added a comment - Thanks for your contribution! This issue has been reviewed, integrated, tested and now released to everyone. Closing as Fixed!

People

Vote (0)
Watch (5)

Dates

  • Created:
    Updated:
    Resolved: