Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-67748

Improve the web services tokens management

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide

      Prepare a site with many users. Ideally you will want a few hundreds of users with predictable username (e.g. user1, user2, user3, ...) and identical password for them all. You can use the attached Users.csv and load them from Admin -> Users -> Upload users".

      1. Log in as the site admin
      2. Enable web services under Site administration > Advanced features
      3. Enable web services for mobile devices under Site administration > Mobile app > Mobile settings
      4. Generate mobile app tokens for all the users via the login/token.php script. This can be performed by visiting URLs like

        http://your.moodle.org/login/token.php?username=...&password=...&service=moodle_mobile_app
        

        with the username and password values provided.
        Tip: You may want to use some CLI script to perform this for you via the curl or so, e.g.:

        for i in $(seq 1 150); do curl "http://your.moodle.org/login/token.php?username=user${i}&password=pass&service=moodle_mobile_app"; done
        

      5. Check that you can navigate to the web services management under the site administration > server
      6. Go to Site administration Server > Web services > External services
      7. Add a new service called "Cohorts management", leave the "Authorised users only" unchecked.
      8. Add a few external functions (such as those with the "cohort" substring in their name) to this new external service.
      9. Go to the Manage tokens page
      10. Click the "Create token" button
      11. Check that you can search the user for which you want to create a token
      12. Create a few tokens for some users allowing them to use the Cohorts management service
      13. Check that you can use the filter at the Manage tokens page to filter the displayed tokens
      Show
      Prepare a site with many users. Ideally you will want a few hundreds of users with predictable username (e.g. user1, user2, user3, ...) and identical password for them all. You can use the attached Users.csv and load them from Admin -> Users -> Upload users". Log in as the site admin Enable web services under Site administration > Advanced features Enable web services for mobile devices under Site administration > Mobile app > Mobile settings Generate mobile app tokens for all the users via the login/token.php script. This can be performed by visiting URLs like http://your.moodle.org/login/token.php?username=...&password=...&service=moodle_mobile_app with the username and password values provided. Tip: You may want to use some CLI script to perform this for you via the curl or so, e.g.: for i in $(seq 1 150); do curl "http://your.moodle.org/login/token.php?username=user${i}&password=pass&service=moodle_mobile_app"; done Check that you can navigate to the web services management under the site administration > server Go to Site administration Server > Web services > External services Add a new service called "Cohorts management", leave the "Authorised users only" unchecked. Add a few external functions (such as those with the "cohort" substring in their name) to this new external service. Go to the Manage tokens page Click the "Create token" button Check that you can search the user for which you want to create a token Create a few tokens for some users allowing them to use the Cohorts management service Check that you can use the filter at the Manage tokens page to filter the displayed tokens
    • Affected Branches:
      MOODLE_310_STABLE, MOODLE_311_STABLE, MOODLE_38_STABLE, MOODLE_400_STABLE
    • Fixed Branches:
      MOODLE_311_STABLE
    • Pull from Repository:
    • Pull 3.11 Branch:
      MDL-67748-311-managewebservices
    • Pull Master Branch:
      MDL-67748-master-managewebservices

      Description

      This originally started as a small project to make the Manage tokens more usable on moodle.org where we have many users and the current tokens management page makes it practically unusable

      While working on it, I realised there are a few other related areas that are worth fixing while doing this.

      Use case

      1. Have a site with several thousands users, most of them using the mobile app (and thence have a token).
      2. Create a custom service on such a site, for which you need to create a token manually and assign it to the user account representing the service client.
      3. After creating the token, there is no easy way to find it. No easy way to filter the list of tokens by the service or by the user to which it was assigned.
      4. If you know the token somehow (e.g. from the audit logs or so), there is no easy way to find out to which user and service it was assigned.

      The only way to get know all these at the moment, is going directly to the database. There should not be a need to do so.

        Attachments

        1. 0001-MDL-67748-webservice-Create-behat-data-generators.patch
          12 kB
        2. image-2021-03-17-10-00-42-913.png
          image-2021-03-17-10-00-42-913.png
          99 kB
        3. screenshot-1.png
          screenshot-1.png
          98 kB
        4. screenshot-2.png
          screenshot-2.png
          35 kB
        5. screenshot-3.png
          screenshot-3.png
          9 kB
        6. screenshot-4.png
          screenshot-4.png
          45 kB
        7. Users.csv
          6 kB

          Issue Links

            Activity

              People

              Assignee:
              mudrd8mz David Mudrák (@mudrd8mz)
              Reporter:
              mudrd8mz David Mudrák (@mudrd8mz)
              Peer reviewer:
              Paul Holden
              Integrator:
              Eloy Lafuente (stronk7)
              Tester:
              Janelle Barcega
              Participants:
              Component watchers:
              Andrew Nicols, Dongsheng Cai, Huong Nguyen, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze, Juan Leyva, Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Ilya Tregubov, Sara Arjona (@sarjona)
              Votes:
              4 Vote for this issue
              Watchers:
              13 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Fix Release Date:
                10/May/21

                  Time Tracking

                  Estimated:
                  Original Estimate - 0 minutes
                  0m
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 1 week, 1 day, 2 hours, 20 minutes
                  1w 1d 2h 20m