Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-56126

Changes to be able to handle the site policy in external functions

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.1.2
    • Fix Version/s: 3.2
    • Component/s: Web Services
    • Labels:
    • Testing Instructions:
      Hide
      1. Add a new sitepolicy to the site (a link to any page)
      2. Create a new user in Moodle (do not log-in with that user in Moodle)
      3. Enable "Mobile services": Plugins ► Web Services ► Mobile
      4. Now, get a ws token via login/token.php (passing the username, password and moodle_mobile_app as $service)
      5. Next, you can do a CURL REST call simulating a WS client with the user.
        • You need to replace the wstoken, useridto and the URL of your moodle instance

          curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'useridto=120&useridfrom=0&type=notifications&read=0&newestfirst=1&limitfrom=0&limitnum=20&moodlewssettingfilter=true&moodlewssettingfileurl=true&wsfunction=core_message_get_messages&wstoken=df1bfa97aed575da512382a1f80e2273' --compressed

      6. Confirm that you receive a moodle_exception with a sitepolicynotagreed errorcode and that in the message you see the URL to the site policy
      7. Now, execute the WS to agree to the site policy

        curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'wsfunction=core_user_agree_site_policy&wstoken=df1bfa97aed575da512382a1f80e2273' | python -m "json.tool"

      8. Confirm that you see a success = true and 0 warnings
      9. Now, execute the first curl request and check that now you don't get errors
      10. Confirm that you can log-in with the user in Moodle web normally (the site policy not displayed)
      11. If you execute again the CURL request to confirm the site policy you will get a warning "alreadyagreed"
      12. If you disable the site policy in the site and you execute the curl request you'll get a nositepolicy warning
      Show
      Add a new sitepolicy to the site (a link to any page) Create a new user in Moodle (do not log-in with that user in Moodle) Enable "Mobile services": Plugins ► Web Services ► Mobile Now, get a ws token via login/token.php (passing the username, password and moodle_mobile_app as $service) Next, you can do a CURL REST call simulating a WS client with the user. You need to replace the wstoken, useridto and the URL of your moodle instance curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'useridto=120&useridfrom=0&type=notifications&read=0&newestfirst=1&limitfrom=0&limitnum=20&moodlewssettingfilter=true&moodlewssettingfileurl=true&wsfunction=core_message_get_messages&wstoken=df1bfa97aed575da512382a1f80e2273' --compressed Confirm that you receive a moodle_exception with a sitepolicynotagreed errorcode and that in the message you see the URL to the site policy Now, execute the WS to agree to the site policy curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'wsfunction=core_user_agree_site_policy&wstoken=df1bfa97aed575da512382a1f80e2273' | python -m "json.tool" Confirm that you see a success = true and 0 warnings Now, execute the first curl request and check that now you don't get errors Confirm that you can log-in with the user in Moodle web normally (the site policy not displayed) If you execute again the CURL request to confirm the site policy you will get a warning "alreadyagreed" If you disable the site policy in the site and you execute the curl request you'll get a nositepolicy warning
    • Affected Branches:
      MOODLE_31_STABLE
    • Fixed Branches:
      MOODLE_32_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-56126-master

      Description

      In sites where there is a "site policy" and the user hasn't agreed to it we have this scenario:

      • We can generate tokens for the user via Web Services
      • The user can access to the site via the Mobile app because a token is generated.
      • But he can't do anything in the app, he always get a require_login_exception('Policy not agreed')

      Required changes:

      • Return a proper exception that can be translated (with a code that we can detect in the app), something like: require_login_exception('policynotagreed'), ideally the exception should include in some way the link to the site policy.
      • In the app, detect the exception and show the translated message so the user can open the link and review the site policy and a check for indicating that he accept it.
      • Develop a new WS that does not call require_login to indicate to Moodle that the user accepted the policy.

      I don't see any possible solution, not returning the token at all is not an option because we won't have a way to accept the policy from outside Moodle.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  5/Dec/16