Skip to content

Commit

Permalink
MDL-67748 admin: Refactor tokens management as an external page
Browse files Browse the repository at this point in the history 
No need to have a dedicated admin_setting_managewebservicetokens admin
setting subclass, and yet do not use almost any of its features. So the
patch merges the list and the forms handling into a single external
page.

Similarly, it feels like overkill to have a renderer method for a
simple confirmation widget - especially given that the URLs were
hard-coded in it. So that one was dropped.
  • Loading branch information
@mudrd8mz
mudrd8mz committed Mar 15, 2021
1 parent 596b0bb commit 2c177ae
Show file tree
Hide file tree
Showing 5 changed files with 99 additions and 206 deletions.
13 changes: 2 additions & 11 deletions admin/settings/server.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -607,15 +607,6 @@
}

// Web services > Manage tokens.
$ADMIN->add('webservicesettings', new admin_externalpage('addwebservicetoken', new lang_string('managetokens', 'webservice'),
"{$CFG->wwwroot}/{$CFG->admin}/webservice/tokens.php", 'moodle/site:config', true));

$temp = new admin_settingpage('webservicetokens', new lang_string('managetokens', 'webservice'));
$temp->add(new admin_setting_managewebservicetokens());

if (empty($CFG->enablewebservices)) {
$temp->add(new admin_setting_heading('webservicesaredisabled', '', new lang_string('disabledwarning', 'webservice')));
}

$ADMIN->add('webservicesettings', $temp);
$ADMIN->add('webservicesettings', new admin_externalpage('webservicetokens', new lang_string('managetokens', 'webservice'),
new moodle_url('/admin/webservice/tokens.php')));
}
182 changes: 96 additions & 86 deletions admin/webservice/tokens.php
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
<?php

// This file is part of Moodle - http://moodle.org/
// This file is part of Moodle - https://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
Expand All @@ -16,111 +15,122 @@
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.

/**
* Web services tokens admin UI
* Web services / external tokens management UI.
*
* @package webservice
* @author Jerome Mouneyrac
* @copyright 2009 Moodle Pty Ltd (http://moodle.com)
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @package core_webservice
* @category admin
* @copyright 2009 Jerome Mouneyrac
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
require_once('../../config.php');

require(__DIR__ . '/../../config.php');
require_once($CFG->libdir . '/adminlib.php');
require_once($CFG->libdir . '/externallib.php');
require_once($CFG->dirroot . '/webservice/lib.php');

$action = optional_param('action', '', PARAM_ALPHANUMEXT);
$tokenid = optional_param('tokenid', '', PARAM_SAFEDIR);
$confirm = optional_param('confirm', 0, PARAM_BOOL);

admin_externalpage_setup('addwebservicetoken');

//Deactivate the second 'Manage token' navigation node, and use the main 'Manage token' navigation node
$node = $PAGE->settingsnav->find('addwebservicetoken', navigation_node::TYPE_SETTING);
$newnode = $PAGE->settingsnav->find('webservicetokens', navigation_node::TYPE_SETTING);
if ($node && $newnode) {
$node->display = false;
$newnode->make_active();
}
admin_externalpage_setup('webservicetokens');

if ($action === 'create') {
$webservicemanager = new webservice();
$mform = new \core_webservice\token_form(null, ['action' => 'create']);
$data = $mform->get_data();

$tokenlisturl = new moodle_url("/" . $CFG->admin . "/settings.php", array('section' => 'webservicetokens'));
if ($mform->is_cancelled()) {
redirect($PAGE->url);

require_once($CFG->dirroot . "/webservice/lib.php");
$webservicemanager = new webservice();
} else if ($data) {
ignore_user_abort(true);

switch ($action) {
// Check the user is allowed for the service.
$selectedservice = $webservicemanager->get_external_service_by_id($data->service);

case 'create':
$mform = new \core_webservice\token_form(null, array('action' => 'create'));
$data = $mform->get_data();
if ($mform->is_cancelled()) {
redirect($tokenlisturl);
} else if ($data and confirm_sesskey()) {
ignore_user_abort(true);
if ($selectedservice->restrictedusers) {
$restricteduser = $webservicemanager->get_ws_authorised_user($data->service, $data->user);

//check the the user is allowed for the service
$selectedservice = $webservicemanager->get_external_service_by_id($data->service);
if ($selectedservice->restrictedusers) {
$restricteduser = $webservicemanager->get_ws_authorised_user($data->service, $data->user);
if (empty($restricteduser)) {
$allowuserurl = new moodle_url('/' . $CFG->admin . '/webservice/service_users.php',
array('id' => $selectedservice->id));
$allowuserlink = html_writer::tag('a', $selectedservice->name , array('href' => $allowuserurl));
$errormsg = $OUTPUT->notification(get_string('usernotallowed', 'webservice', $allowuserlink));
}
if (empty($restricteduser)) {
$allowuserurl = new moodle_url('/admin/webservice/service_users.php', ['id' => $selectedservice->id]);
$allowuserlink = html_writer::link($selectedservice->name, $allowuserurl);
$errormsg = $OUTPUT->notification(get_string('usernotallowed', 'webservice', $allowuserlink));
}
}

//check if the user is deleted. unconfirmed, suspended or guest
$user = $DB->get_record('user', array('id' => $data->user));
if ($user->id == $CFG->siteguest or $user->deleted or !$user->confirmed or $user->suspended) {
throw new moodle_exception('forbiddenwsuser', 'webservice');
}
$user = \core_user::get_user($data->user, '*', MUST_EXIST);
\core_user::require_active_user($user);

//process the creation
if (empty($errormsg)) {
//TODO improvement: either move this function from externallib.php to webservice/lib.php
// either move most of webservicelib.php functions into externallib.php
// (create externalmanager class) MDL-23523
external_generate_token(EXTERNAL_TOKEN_PERMANENT, $data->service,
$data->user, context_system::instance(),
$data->validuntil, $data->iprestriction);
redirect($tokenlisturl);
}
// Generate the token.
if (empty($errormsg)) {
external_generate_token(EXTERNAL_TOKEN_PERMANENT, $data->service, $data->user, context_system::instance(),
$data->validuntil, $data->iprestriction);
redirect($PAGE->url);
}
}

echo $OUTPUT->header();
echo $OUTPUT->heading(get_string('createtoken', 'webservice'));
if (!empty($errormsg)) {
echo $errormsg;
}
$mform->display();
echo $OUTPUT->footer();
die();
}

//OUTPUT: create token form
echo $OUTPUT->header();
echo $OUTPUT->heading(get_string('createtoken', 'webservice'));
if (!empty($errormsg)) {
echo $errormsg;
}
$mform->display();
echo $OUTPUT->footer();
die;
break;
if ($action === 'delete') {
$webservicemanager = new webservice();
$token = $webservicemanager->get_token_by_id_with_details($tokenid);

if ($token->creatorid != $USER->id) {
require_capability('moodle/webservice:managealltokens', context_system::instance());
}

if ($confirm && confirm_sesskey()) {
$webservicemanager->delete_user_ws_token($token->id);
redirect($PAGE->url);
}

echo $OUTPUT->header();

echo $OUTPUT->confirm(
get_string('deletetokenconfirm', 'webservice', [
'user' => $token->firstname . ' ' . $token->lastname,
'service' => $token->name,
]),
new single_button(new moodle_url('/admin/webservice/tokens.php', [
'tokenid' => $token->id,
'action' => 'delete',
'confirm' => 1,
'sesskey' => sesskey(),
]), get_string('delete')),
$PAGE->url
);

echo $OUTPUT->footer();
die();
}

case 'delete':
$token = $webservicemanager->get_token_by_id_with_details($tokenid);
echo $OUTPUT->header();
echo $OUTPUT->heading(get_string('managetokens', 'core_webservice'));

if ($token->creatorid != $USER->id) {
require_capability("moodle/webservice:managealltokens", context_system::instance());
}
if (has_capability('moodle/webservice:managealltokens', context_system::instance())) {
echo html_writer::div(get_string('onlyseecreatedtokens', 'core_webservice'), 'alert alert-info');
}

//Delete the token
if ($confirm and confirm_sesskey()) {
$webservicemanager->delete_user_ws_token($token->id);
redirect($tokenlisturl);
}
$table = new \core_webservice\token_table('webservicetokens');
$table->define_baseurl($PAGE->url);
$table->attributes['class'] = 'admintable generaltable';
$table->data = [];
$table->out(30, false);

////OUTPUT: display delete token confirmation box
echo $OUTPUT->header();
$renderer = $PAGE->get_renderer('core', 'webservice');
echo $renderer->admin_delete_token_confirmation($token);
echo $OUTPUT->footer();
die;
break;

default:
//wrong url access
redirect($tokenlisturl);
break;
}
echo $OUTPUT->footer();

// TODO Add button
//$tokenpageurl = "$CFG->wwwroot/$CFG->admin/webservice/tokens.php?sesskey=" . sesskey();
//
//$return .= $OUTPUT->box_end();
//// add a token to the table
//$return .= "<a href=\"".$tokenpageurl."&amp;action=create\">";
//$return .= get_string('add')."</a>";
85 changes: 0 additions & 85 deletions lib/adminlib.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10395,91 +10395,6 @@ public function output_html($data, $query='') {
}
}


/**
* Special class for web service token administration.
*
* @author Jerome Mouneyrac
*/
class admin_setting_managewebservicetokens extends admin_setting {

/**
* Calls parent::__construct with specific arguments
*/
public function __construct() {
$this->nosave = true;
parent::__construct('webservicestokenui', get_string('managetokens', 'webservice'), '', '');
}

/**
* Always returns true, does nothing
*
* @return true
*/
public function get_setting() {
return true;
}

/**
* Always returns true, does nothing
*
* @return true
*/
public function get_defaultsetting() {
return true;
}

/**
* Always returns '', does not write anything
*
* @return string Always returns ''
*/
public function write_setting($data) {
// do not write any setting
return '';
}

/**
* Builds the XHTML to display the control
*
* @param string $data Unused
* @param string $query
* @return string
*/
public function output_html($data, $query='') {
global $CFG, $OUTPUT;

require_once($CFG->dirroot . '/webservice/classes/token_table.php');
$baseurl = new moodle_url('/' . $CFG->admin . '/settings.php?section=webservicetokens');

$return = $OUTPUT->box_start('generalbox webservicestokenui');

if (has_capability('moodle/webservice:managealltokens', context_system::instance())) {
$return .= \html_writer::div(get_string('onlyseecreatedtokens', 'webservice'));
}

$table = new \webservice\token_table('webservicetokens');
$table->define_baseurl($baseurl);
$table->attributes['class'] = 'admintable generaltable'; // Any need changing?
$table->data = array();
ob_start();
$table->out(10, false);
$tablehtml = ob_get_contents();
ob_end_clean();
$return .= $tablehtml;

$tokenpageurl = "$CFG->wwwroot/$CFG->admin/webservice/tokens.php?sesskey=" . sesskey();

$return .= $OUTPUT->box_end();
// add a token to the table
$return .= "<a href=\"".$tokenpageurl."&amp;action=create\">";
$return .= get_string('add')."</a>";

return highlight($query, $return);
}
}


/**
* Colour picker
*
Expand Down
2 changes: 1 addition & 1 deletion webservice/classes/token_table.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/

namespace webservice;
namespace core_webservice;

defined('MOODLE_INTERNAL') || die;

Expand Down
23 changes: 0 additions & 23 deletions webservice/renderer.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -184,29 +184,6 @@ public function admin_remove_service_confirmation($service) {
$formcontinue, $formcancel);
}

/**
* Display a confirmation page to delete a token
*
* @param stdClass $token Required properties: id (token id), firstname (user firstname), lastname (user lastname), name (service name)
* @return string html
*/
public function admin_delete_token_confirmation($token) {
global $CFG;
$optionsyes = array('tokenid' => $token->id, 'action' => 'delete',
'confirm' => 1, 'sesskey' => sesskey());
$optionsno = array('section' => 'webservicetokens', 'sesskey' => sesskey());
$formcontinue = new single_button(
new moodle_url('/' . $CFG->admin . '/webservice/tokens.php', $optionsyes),
get_string('delete'));
$formcancel = new single_button(
new moodle_url('/' . $CFG->admin . '/settings.php', $optionsno),
get_string('cancel'), 'get');
return $this->output->confirm(get_string('deletetokenconfirm', 'webservice',
(object) array('user' => $token->firstname . " "
. $token->lastname, 'service' => $token->name)),
$formcontinue, $formcancel);
}

/**
* Display a list of functions for a given service
* If the service is built-in, do not display remove/add operation (read-only)
Expand Down

0 comments on commit 2c177ae

Please sign in to comment.