Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-67748

Improve the web services tokens management

XMLWordPrintable

    • MOODLE_310_STABLE, MOODLE_311_STABLE, MOODLE_38_STABLE, MOODLE_400_STABLE
    • MOODLE_311_STABLE
    • MDL-67748-master-managewebservices
    • Hide

      Prepare a site with many users. Ideally you will want a few hundreds of users with predictable username (e.g. user1, user2, user3, ...) and identical password for them all. You can use the attached Users.csv and load them from Admin -> Users -> Upload users".

      1. Log in as the site admin
      2. Enable web services under Site administration > Advanced features
      3. Enable web services for mobile devices under Site administration > Mobile app > Mobile settings
      4. Generate mobile app tokens for all the users via the login/token.php script. This can be performed by visiting URLs like

        http://your.moodle.org/login/token.php?username=...&password=...&service=moodle_mobile_app
        

        with the username and password values provided.
        Tip: You may want to use some CLI script to perform this for you via the curl or so, e.g.:

        for i in $(seq 1 150); do curl "http://your.moodle.org/login/token.php?username=user${i}&password=pass&service=moodle_mobile_app"; done
        

      5. Check that you can navigate to the web services management under the site administration > server
      6. Go to Site administration Server > Web services > External services
      7. Add a new service called "Cohorts management", leave the "Authorised users only" unchecked.
      8. Add a few external functions (such as those with the "cohort" substring in their name) to this new external service.
      9. Go to the Manage tokens page
      10. Click the "Create token" button
      11. Check that you can search the user for which you want to create a token
      12. Create a few tokens for some users allowing them to use the Cohorts management service
      13. Check that you can use the filter at the Manage tokens page to filter the displayed tokens
      Show
      Prepare a site with many users. Ideally you will want a few hundreds of users with predictable username (e.g. user1, user2, user3, ...) and identical password for them all. You can use the attached Users.csv and load them from Admin -> Users -> Upload users". Log in as the site admin Enable web services under Site administration > Advanced features Enable web services for mobile devices under Site administration > Mobile app > Mobile settings Generate mobile app tokens for all the users via the login/token.php script. This can be performed by visiting URLs like http://your.moodle.org/login/token.php?username=...&password=...&service=moodle_mobile_app with the username and password values provided. Tip: You may want to use some CLI script to perform this for you via the curl or so, e.g.: for i in $(seq 1 150); do curl "http://your.moodle.org/login/token.php?username=user${i}&password=pass&service=moodle_mobile_app"; done Check that you can navigate to the web services management under the site administration > server Go to Site administration Server > Web services > External services Add a new service called "Cohorts management", leave the "Authorised users only" unchecked. Add a few external functions (such as those with the "cohort" substring in their name) to this new external service. Go to the Manage tokens page Click the "Create token" button Check that you can search the user for which you want to create a token Create a few tokens for some users allowing them to use the Cohorts management service Check that you can use the filter at the Manage tokens page to filter the displayed tokens

      This originally started as a small project to make the Manage tokens more usable on moodle.org where we have many users and the current tokens management page makes it practically unusable

      While working on it, I realised there are a few other related areas that are worth fixing while doing this.

      Use case

      1. Have a site with several thousands users, most of them using the mobile app (and thence have a token).
      2. Create a custom service on such a site, for which you need to create a token manually and assign it to the user account representing the service client.
      3. After creating the token, there is no easy way to find it. No easy way to filter the list of tokens by the service or by the user to which it was assigned.
      4. If you know the token somehow (e.g. from the audit logs or so), there is no easy way to find out to which user and service it was assigned.

      The only way to get know all these at the moment, is going directly to the database. There should not be a need to do so.

        1. 0001-MDL-67748-webservice-Create-behat-data-generators.patch
          12 kB
          Andrew Lyons
        2. image-2021-03-17-10-00-42-913.png
          99 kB
          Janelle Barcega
        3. screenshot-1.png
          98 kB
          David Mudrák (@mudrd8mz)
        4. screenshot-2.png
          35 kB
          David Mudrák (@mudrd8mz)
        5. screenshot-3.png
          9 kB
          David Mudrák (@mudrd8mz)
        6. screenshot-4.png
          45 kB
          David Mudrák (@mudrd8mz)
        7. Users.csv
          6 kB
          Paul Holden

            mudrd8mz David Mudrák (@mudrd8mz)
            mudrd8mz David Mudrák (@mudrd8mz)
            Paul Holden Paul Holden
            Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
            Janelle Barcega Janelle Barcega
            Votes:
            4 Vote for this issue
            Watchers:
            13 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 week, 1 day, 2 hours, 20 minutes
                1w 1d 2h 20m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.