Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-78533

gradereport_user_get_grade_items returns invalid_response_exception when html tags are used in grade item names

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • 4.1.6, 4.2.3
    • 4.1.3, 4.2
    • Gradebook
    • MOODLE_401_STABLE, MOODLE_402_STABLE
    • MOODLE_401_STABLE, MOODLE_402_STABLE
    • MDL-78533-401
    • Hide
      1. Log in as admin
      2. Enable web services
      3. Create a service token for admin user
      4. Navigate to Appearance > HTML settings in site administration
      5. Uncheck Remove HTML tags from all activity names and save changes
      6. Create a user (make a note if their ID)
      7. Create a course (make a note of it's ID)
      8. Enrol user as student in course
      9. Add an Assignment activity with the following name: 

        My work <b>Awesome</b>

      10. Execute the following: 

        $ curl --silent "<WWWROOT>/webservice/rest/server.php?moodlewsrestformat=json" --data "wstoken=<TOKEN>&wsfunction=gradereport_user_get_grade_items&courseid=<COURSEID>&userid=<USERID>" | python -m "json.tool"

      11. Confirm there are no exceptions
      12. Confirm the My work <b>Awesome</b> item name is present in returned structure
      13. Execute the following (master/402 only): 

        $ curl --silent "<WWWROOT>/webservice/rest/server.php?moodlewsrestformat=json" --data "wstoken=<TOKEN>&wsfunction=core_grades_get_gradeitems&courseid=<COURSEID>" | python -m "json.tool"

      14. Confirm there are no exceptions
      15. Confirm the My work <b>Awesome</b> item name is present in returned structure
      Show
      Log in as admin Enable web services Create a service token for admin user Navigate to Appearance > HTML settings in site administration Uncheck Remove HTML tags from all activity names and save changes Create a user (make a note if their ID) Create a course (make a note of it's ID) Enrol user as student in course Add an Assignment activity with the following name: My work <b>Awesome</b> Execute the following: $ curl --silent "<WWWROOT>/webservice/rest/server.php?moodlewsrestformat=json" --data "wstoken=<TOKEN>&wsfunction=gradereport_user_get_grade_items&courseid=<COURSEID>&userid=<USERID>" | python -m "json.tool" Confirm there are no exceptions Confirm the My work <b>Awesome</b> item name is present in returned structure Execute the following (master/402 only): $ curl --silent "<WWWROOT>/webservice/rest/server.php?moodlewsrestformat=json" --data "wstoken=<TOKEN>&wsfunction=core_grades_get_gradeitems&courseid=<COURSEID>" | python -m "json.tool" Confirm there are no exceptions Confirm the My work <b>Awesome</b> item name is present in returned structure

      We discovered that for select courses, the WS function gradereport_user_get_grade_items would return

      {"exception":"invalid_response_exception","errorcode":"invalidresponse","message":"Invalid response value detected"}

      After some investigation, we tracked the issue down to some teachers using HTML tags in the name of their activities; specifically "<b></b>"

      This seems to be failing validation in the structure defined in: /grade/report/user/classes/external/user.php line 511. itemname is set to be PARAM_TEXT which invalidated the web function results.

      Two possible solutions we see are:
      1) Change the structure definition to PARAM_RAW to allow the HTML tags,
      2) Prevent users from saving an activity or grade item name with HTML tags.

        1. MDL-78533.png
          MDL-78533.png
          124 kB

            pholden Paul Holden
            goshanikiforov Gosha Nikiforov
            Andrew Lyons Andrew Lyons
            Glyn (Mathew) May Glyn (Mathew) May
            Ron Carl Alfon Yu Ron Carl Alfon Yu
            Votes:
            1 Vote for this issue
            Watchers:
            10 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 hour, 39 minutes
                1h 39m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.