Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-49934

Admins or managers are not able to retrieve assignments info via get_assignments

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide
      1. As admin or teacher, create a new course with an assignment (default settings)
      2. Enable "Mobile services": Plugins ► Web Services ► Mobile
      3. Create a Token for the Moodle main admin user:
        • Click on Site administration ► Plugins ► Web services ► Manage tokens
      4. Ensure that the admin user (or the user you created the token for) is not enrolled in the course you created in the first step.
      5. Next, you can do a CURL REST call simulating a WS client.
        • You need to replace the wstoken and URL.
        • You need to replace also the courseids value to match the course you created in the first step.

          curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'courseids%5B0%5D=4&wsfunction=mod_assign_get_assignments&wstoken=ffbe3a3002f235bf9d01fd9369e10b66'

          Note, you can use jsonlint.com to validate and format the json returned string or append "| python -m json.tool" to automatically format the command output

      6. Confirm that
        • The json returned does NOT contain any assignment.
      7. Now, do the same request but adding this new parameter: &includenotenrolledcourses=1
      8. Confirm that
        • Now, you see the assignment information
      Show
      As admin or teacher, create a new course with an assignment (default settings) Enable "Mobile services": Plugins ► Web Services ► Mobile Create a Token for the Moodle main admin user: Click on Site administration ► Plugins ► Web services ► Manage tokens Ensure that the admin user (or the user you created the token for) is not enrolled in the course you created in the first step. Next, you can do a CURL REST call simulating a WS client. You need to replace the wstoken and URL. You need to replace also the courseids value to match the course you created in the first step. curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'courseids%5B0%5D=4&wsfunction=mod_assign_get_assignments&wstoken=ffbe3a3002f235bf9d01fd9369e10b66' Note, you can use jsonlint.com to validate and format the json returned string or append "| python -m json.tool" to automatically format the command output Confirm that The json returned does NOT contain any assignment. Now, do the same request but adding this new parameter: &includenotenrolledcourses=1 Confirm that Now, you see the assignment information
    • Affected Branches:
      MOODLE_29_STABLE, MOODLE_31_STABLE
    • Fixed Branches:
      MOODLE_31_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-49934-master

      Description

      This external function doesn't work for not-enrolled users (even if they are admins or managers with global roles that can access the course and manage it).

      The functions uses incorrectly the enrol_get_users_courses function instead of relying in validate_context checks

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Fix Release Date:
                23/May/16