Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-72880

core_badges_get_user_badges can be broken if site name has HTML tags

XMLWordPrintable

    • MOODLE_311_STABLE, MOODLE_400_STABLE
    • MOODLE_311_STABLE
    • Hide

      Testing instructions refer to 3.11, I have noted differences in navigation for 4.0

      Setup

      1. Log in as admin
      2. Navigate to Site administration > Front page > Front page settings in site administration
        • 4.0 Site administration > Site home > Site home settings
      3. Set Full site name to the following:

        <span class="multilang" lang="en">Moodle (EN)</span><span class="multilang" lang="de">Moodle (DE)</span>
        

      4. Navigate to Plugins > Filters > Manage filters in site administration
      5. Set Multi-Language Content to On and Apply to: Content and headings
      6. Create a new user
      7. Enable web services
      8. Generate (and make note of) token for test user
        • Navigate to Server > Web services > Manage tokens in site administration
        • Press Create token
        • Select your test user, press Save changes
        • Copy the Token value for the user

      Issue a site badge

      1. Navigate to Badges > Add a new badge in site administration
      2. Fill in required fields
      3. Press Create badge
      4. Add badge criteria Manual issue by role
      5. Select all roles, press Save
      6. Press Enable access > Continue
      7. Press Recipients
        • 4.0 Select Recipients from the dropdown navigation (next to the Back button)
      8. Press Award Badge
      9. Select Manager role
      10. Select test user from Potential badge recipients, press Award Badge

      Manual test

      1. Execute the following command from a terminal:

        $ curl -s '<WWWROOT>/webservice/rest/server.php?moodlewsrestformat=json' --data "wsfunction=core_badges_get_user_badges&moodlewssettingfilter=1&wstoken=<TOKEN>" | python -m json.tool
        

      2. Confirm the request completes without exceptions
      3. Confirm the issuername property of the awarded badge looks like the following in returned structure:

        "issuername": "Moodle (EN)",
        

      Show
      Testing instructions refer to 3.11, I have noted differences in navigation for 4.0 Setup Log in as admin Navigate to Site administration > Front page > Front page settings in site administration 4.0 Site administration > Site home > Site home settings Set Full site name to the following: <span class="multilang" lang="en">Moodle (EN)</span><span class="multilang" lang="de">Moodle (DE)</span> Navigate to Plugins > Filters > Manage filters in site administration Set Multi-Language Content to On and Apply to: Content and headings Create a new user Enable web services Generate (and make note of) token for test user Navigate to Server > Web services > Manage tokens in site administration Press Create token Select your test user, press Save changes Copy the Token value for the user Issue a site badge Navigate to Badges > Add a new badge in site administration Fill in required fields Press Create badge Add badge criteria Manual issue by role Select all roles, press Save Press Enable access > Continue Press Recipients 4.0 Select Recipients from the dropdown navigation (next to the Back button) Press Award Badge Select Manager role Select test user from Potential badge recipients , press Award Badge Manual test Execute the following command from a terminal: $ curl -s '<WWWROOT>/webservice/rest/server.php?moodlewsrestformat=json' --data "wsfunction=core_badges_get_user_badges&moodlewssettingfilter=1&wstoken=<TOKEN>" | python -m json.tool Confirm the request completes without exceptions Confirm the issuername property of the awarded badge looks like the following in returned structure: "issuername": "Moodle (EN)",

      In user_badge_exporter, the issuername is defined as PARAM_NOTAGS. However, by default the issuername is set as the site name, and the site name can contain HTML tags (e.g. for multilang). In that case, calling the WebService core_badges_get_user_badges returns an invalid response exception.

      How to reproduce:

      1. As admin, hange the name of your site to include HTML tags. E.g.: <span lang="en" class="multilang">My Site</span><span lang="es" class="multilang">Mi sitio</span>
      2. Add a new user to the site (Site administration ► Users ► Add a new user).
      3. Go to Site Administration ► Badges ► Add a new badge.
      4. Fill the required fields and create the badge.
      5. Go to the Criteria tab and add the criteria "Manual issue by role".
      6. Enable the badge so it can be awarded.
      7. Go to recipients and award the badge to the user you created before.
      8. Enable "Mobile services": Site administration ► Mobile app ► Mobile settings
      9. Create a Token in the mobile app service for the user you created before.
        • Click on Site administration ► Plugins ► Web services ► Manage tokens
      10. Open the console an execute this curl request, replacing WSTOKEN with the token you just created and the site url with yours. The USERID value has to be replaced with the id of the user you created before.

        curl 'http://SITE_URL/webservice/rest/server.php?moodlewsrestformat=json' --data 'userid=USERID&courseid=0&moodlewssettingfilter=true&moodlewssettingfileurl=true&wsfunction=core_badges_get_user_badges&wstoken=WSTOKEN' --compressed

      1. Check that you receive an invalid response exception.

        1. MDL-72880_master.png
          125 kB
          Angelia Dela Cruz
        2. MDL-72880_v311.png
          135 kB
          Angelia Dela Cruz

            pholden Paul Holden
            dpalou Dani Palou
            Amaia Anabitarte Amaia Anabitarte
            Shamim Rezaie Shamim Rezaie
            Angelia Dela Cruz Angelia Dela Cruz
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 3 hours, 25 minutes
                3h 25m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.