Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-31431

Profile image sometimes requires login => mobile app can not retrieve profile images

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide

      Go to Plugins > Web services > API Documentation
      Check that core_webservice_get_site_info:userpictureurl return value explain how to retrieve the profile picture when forcelogin is set to YES or guestaccess to NO.

      Show
      Go to Plugins > Web services > API Documentation Check that core_webservice_get_site_info:userpictureurl return value explain how to retrieve the profile picture when forcelogin is set to YES or guestaccess to NO.
    • Workaround:
      Hide

      At the moment core_webservice_get_site_info() returns:

      <KEY name="userpictureurl"><VALUE>http://jerome.moodle.local/~jerome/Moodle_HEAD/pluginfile.php/5/user/icon/f1</VALUE>
      </KEY>

      to avoid this MDL issue with forcelogin/guestaccess, you can call the picture this way:

      http://jerome.moodle.local/~jerome/Moodle_HEAD/webservice/pluginfile.php?token= f95fe8ce5f6a4f01dc22ccdf333bba22&file=/5/user/icon/f1

      Show
      At the moment core_webservice_get_site_info() returns: <KEY name="userpictureurl"><VALUE>http://jerome.moodle.local/~jerome/Moodle_HEAD/pluginfile.php/5/user/icon/f1</VALUE> </KEY> to avoid this MDL issue with forcelogin/guestaccess, you can call the picture this way: http://jerome.moodle.local/~jerome/Moodle_HEAD/webservice/pluginfile.php?token= f95fe8ce5f6a4f01dc22ccdf333bba22&file=/5/user/icon/f1
    • Affected Branches:
      MOODLE_22_STABLE
    • Fixed Branches:
      MOODLE_22_STABLE
    • Pull Master Branch:

      Description

      Juan wrote in the web service forum:

      The current webservices for displaying information about an user returns a value called:

      user.profileimageurl

      This is the full url of the user profile image

      Please, note that the current implementation only works if forcelogin is set to NO and guestaccess to Yes

      Also, there is a new security issue for preventing displaying profile images for guests users

      http://tracker.moodle.org/browse/MDL-29844

      I think it's neccesary a new script for obtaining this image using the auth token as a parmether (like the new pluginfile)

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              jerome Jérôme Mouneyrac
              Reporter:
              jerome Jérôme Mouneyrac
              Peer reviewer:
              Juan Leyva
              Integrator:
              Dan Poltawski
              Tester:
              Ankit Agarwal
              Participants:
              Component watchers:
              Matteo Scaramuccia, Andrew Nicols, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze, Juan Leyva, Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Sara Arjona (@sarjona), Víctor Déniz Falcón
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Fix Release Date:
                14/May/12