Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-54551

AJAX webservices return poor error message when not logged in - servicenotavailable

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.0.1, 3.0.2, 3.0.3, 3.2, 3.4.4, 3.5, 3.6
    • Fix Version/s: 3.6
    • Component/s: JavaScript, Web Services
    • Labels:
    • Testing Instructions:
      Hide
      Prerequisite
      1. A site that contains a course.
      Test 1
      1. Log in as the admin.
      2. Visit a course.
      3. Run php admin/cli/kill_all_sessions.php.
      4. Click on the messaging icon in the top-right.
      5. Confirm you are taken to the login page.
      6. Log in and confirm you are taken back to the course.
      Show
      Prerequisite A site that contains a course. Test 1 Log in as the admin. Visit a course. Run php admin/cli/kill_all_sessions.php . Click on the messaging icon in the top-right. Confirm you are taken to the login page. Log in and confirm you are taken back to the course.
    • Affected Branches:
      MOODLE_30_STABLE, MOODLE_32_STABLE, MOODLE_34_STABLE, MOODLE_35_STABLE, MOODLE_36_STABLE
    • Fixed Branches:
      MOODLE_36_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-54551_master

      Description

      Replication instructions:

      1. Edit config.php and add

        $CFG->sessiontimeout = 10;

        This just sets a session expiry time of 10 seconds.

      1. Log in and wait on the dashboard/site home for 10 seconds.
      2. Now, click to expand either the messages or notifications menu in the header
      3. Notice the exception popup, which doesn't provide the user with a whole lot of useful information.

      Summary

      When not logged in AJAX webservices return the error code servicenotavailable.
      This is not a useful error code as it cannot be used to inform the user that they or not currently logged in.
      I suggest a new error code of 'servicerequireslogin'

      /lib/ajax/service.php

                  if (!isloggedin()) {
                      error_log('This external function is not available to public users. Failed to call "' . $methodname . '"');
                      throw new moodle_exception('servicerequireslogin', 'webservice');
                  } else {
                      require_sesskey();
                  }
      

      This would obviously require a new language string for 'servicerequireslogin'

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                4 Vote for this issue
                Watchers:
                13 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  3/Dec/18

                  Time Tracking

                  Estimated:
                  Original Estimate - 0 minutes
                  0m
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 8 minutes
                  8m