Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-67748

Improve the web services tokens management

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide

      Prepare a site with many users. Ideally you will want a few hundreds of users with predictable username (e.g. user1, user2, user3, ...) and identical password for them all.

      1. Log in as the site admin
      2. Enable web services under Site administration > Advanced features
      3. Enable web services for mobile devices under Site administration > Mobile app > Mobile settings
      4. Generate mobile app tokens for all the users via the login/token.php script. This can be performed by visting URLs like

        http://your.moodle.org/login/token.php?username=...&password=...&service=moodle_mobile_app
        

        with the username and password values provided.
        Tip: You may want to use some CLI script to perform this for you via the curl or so.

      5. Check that you can navigate to the web services management under the site administration > server
      6. Go to Site administration Server > Web services > External services
      7. Add a new service called "Cohorts management", leave the "Authorised users only" unchecked.
      8. Add a few external functions (such as those with the "cohort" substring in their name) to this new external service.
      9. Go to the Manage tokens page
      10. Click the "Create token" button
      11. Check that you can search the user for which you want to create a token
      12. Create a few tokens for some users allowing them to use the Cohorts management service
      13. Check that you can use the filter at the Manage tokens page to filter the displayed tokens
      Show
      Prepare a site with many users. Ideally you will want a few hundreds of users with predictable username (e.g. user1, user2, user3, ...) and identical password for them all. Log in as the site admin Enable web services under Site administration > Advanced features Enable web services for mobile devices under Site administration > Mobile app > Mobile settings Generate mobile app tokens for all the users via the login/token.php script. This can be performed by visting URLs like http://your.moodle.org/login/token.php?username=...&password=...&service=moodle_mobile_app with the username and password values provided. Tip: You may want to use some CLI script to perform this for you via the curl or so. Check that you can navigate to the web services management under the site administration > server Go to Site administration Server > Web services > External services Add a new service called "Cohorts management", leave the "Authorised users only" unchecked. Add a few external functions (such as those with the "cohort" substring in their name) to this new external service. Go to the Manage tokens page Click the "Create token" button Check that you can search the user for which you want to create a token Create a few tokens for some users allowing them to use the Cohorts management service Check that you can use the filter at the Manage tokens page to filter the displayed tokens
    • Affected Branches:
      MOODLE_38_STABLE
    • Epic Name:
      Web services management improvements
    • Pull from Repository:
    • Pull Master Branch:
      MDL-67748-master-managewebservices

      Description

      This originally started as a small project to make the Manage tokens more usable on moodle.org where we have many users and the current tokens management page makes it practically unusable

      While working on it, I realised there are a few other related areas that are worth fixing while doing this.

      Use case

      1. Have a site with several thousands users, most of them using the mobile app (and thence have a token).
      2. Create a custom service on such a site, for which you need to create a token manually and assign it to the user account representing the service client.
      3. After creating the token, there is no easy way to find it. No easy way to filter the list of tokens by the service or by the user to which it was assigned.
      4. If you know the token somehow (e.g. from the audit logs or so), there is no easy way to find out to which user and service it was assigned.

      The only way to get know all these at the moment, is going directly to the database. There should not be a need to do so.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              mudrd8mz David Mudrák (@mudrd8mz)
              Reporter:
              mudrd8mz David Mudrák (@mudrd8mz)
              Participants:
              Component watchers:
              Andrew Nicols, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze, Juan Leyva, Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Sara Arjona (@sarjona), Víctor Déniz Falcón
              Votes:
              2 Vote for this issue
              Watchers:
              6 Start watching this issue

                Dates

                Created:
                Updated:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 1 week
                  1w