Web service MDL-17135 add web services administration

admin/settings/security.php

@@ -10,6 +10,21 @@
     $temp->add(new admin_setting_configiplist('blockedip', get_string('blockediplist', 'admin'),
                                                 '', ''));
     $ADMIN->add('security', $temp);
+
+    // "web service" settingpage
+    $temp = new admin_settingpage('webservices', get_string('webservices', 'admin'));
+    $temp->add(new admin_setting_heading('webserviceprotocols', get_string('webserviceprotocols', 'admin'), ''));
+    $temp->add(new admin_setting_managewsprotocols());
+    $url = $CFG->wwwroot.'/'.$CFG->admin.'/wsprotocols.php';
+    $ADMIN->add('security', new admin_externalpage('managews',
+        get_string('managews', 'admin'), $url, 'moodle/site:config', true),
+        '', $url);
+    $temp->add(new admin_setting_heading('webservicesystemsettings', get_string('webservicesystemsettings', 'admin'), ''));
+    $temp->add(new admin_setting_configiplist('ipwhitelist', get_string('ipwhitelist', 'admin'),'', ''));
+    $temp->add(new admin_setting_heading('webserviceusersettings', get_string('webserviceusersettings', 'admin'), ''));
+    $temp->add(new admin_setting_managewsusersettings());
+    $ADMIN->add('security', $temp);
+
     // "sitepolicies" settingpage
     $temp = new admin_settingpage('sitepolicies', get_string('sitepolicies', 'admin'));
     $temp->add(new admin_setting_configcheckbox('protectusernames', get_string('protectusernames', 'admin'), get_string('configprotectusernames', 'admin'), 1));

admin/wsprotocols.php

@@ -0,0 +1,53 @@
+<?php
+// $Id$
+require_once(dirname(dirname(__FILE__)) . '/config.php');
+require_once($CFG->dirroot . '/webservice/lib.php');
+require_once($CFG->libdir . '/adminlib.php');
+
+$CFG->pagepath = 'admin/managewsprotocols';
+
+$hide    = optional_param('hide', '', PARAM_ALPHANUM);
+$username    = optional_param('username', '', PARAM_ALPHANUM);
+
+$pagename = 'managews';
+
+admin_externalpage_setup($pagename);
+require_login(SITEID, false);
+require_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM));
+
+$baseurl    = "$CFG->wwwroot/$CFG->admin/settings.php?section=webservices";
+
+if (!empty($hide)) {
+    if (!confirm_sesskey()) {
+        print_error('confirmsesskeybad', '', $baseurl);
+    }
+    set_config("enable", !get_config($hide, "enable"), $hide);   
+    $return = true;
+} else if (!empty($username)) {
+    admin_externalpage_print_header();
+    $mform = new wsuser_form('', array('username' => $username));
+    if ($mform->is_cancelled()){
+        redirect($baseurl);
+        exit;
+    }
+    $fromform = $mform->get_data();
+
+
+
+    if (!empty($fromform)) {
+        $wsuser = $DB->get_record("user", array("username" => $fromform->username));
+        set_user_preference("ipwhitelist", $fromform->ipwhitelist, $wsuser->id);
+        redirect($baseurl,get_string("changessaved"));
+    }
+
+    print_simple_box_start();
+    $mform->display();
+    print_simple_box_end();
+
+}
+
+if (!empty($return)) {
+    redirect($baseurl);
+}
+
+admin_externalpage_print_footer();

lang/en_utf8/admin.php

@@ -480,6 +480,8 @@
 IP address location is displayed on simple map or using Google Maps. Please note that you need to have a Google account and apply for free Google Maps API key to enable interactive maps.';
 $string['iplookupmaxmindnote'] = 'This product includes GeoLite data created by MaxMind, available from <a href=\"http://www.maxmind.com/\">http://www.maxmind.com/</a>.';
 $string['iplookupnetgeonote'] = 'The NetGeo server is currently being used to look up geographical information. For more accurate results we recommend installing a local copy of the MaxMind GeoLite database.';
+$string['ipwhitelist'] = 'IP whitelist';
+$string['ipwhitelistdesc'] = 'When not empty, only IP set here are allowed to use web service with the username: <strong>$a->username</strong>';
 $string['keeptagnamecase'] = 'Keep tag name casing';
 $string['lang'] = 'Default language';
 $string['lang16notify'] = 'Moodle 1.6 and above allows you to install and update language packs directly from download.moodle.org by following the link below';
@@ -522,6 +524,7 @@
 $string['maintinprogress'] = 'Maintenance is in progress...';
 $string['managelang'] = 'Manage';
 $string['manageqtypes'] = 'Manage question types';
+$string['managews'] = 'Manage web services';
 $string['maintenancemode'] = 'In Maintenance Mode';
 $string['maxbytes'] = 'Maximum uploaded file size';
 $string['maxeditingtime'] = 'Maximum time to edit posts';
@@ -866,6 +869,10 @@
 $string['warningcurrentsetting'] = 'Invalid current value: $a';
 $string['webproxy'] = 'Web proxy';
 $string['webproxyinfo'] = 'Fill in following options if your Moodle server can not access internet directly. Internet access is required for download of environment data, language packs, RSS feeds, timezones, etc.<br /><em>PHP cURL extension is highly recommended.</em>';
+$string['webservices'] = 'Web services';
+$string['webserviceprotocols'] = 'Web service servers';
+$string['webservicesystemsettings'] = 'common settings';
+$string['webserviceusersettings'] = 'Web service users settings';
 $string['xmlrpcrecommended'] = 'Installing the optional xmlrpc extension is useful for Moodle Networking functionality.';
 $string['xmlstrictheaders'] = 'XML strict headers';
 $string['ziprequired'] = 'The Zip PHP extension is now required by Moodle, info-ZIP binaries or PclZip library are not used anymore.';

lib/adminlib.php

@@ -4863,3 +4863,100 @@ public function output_html($data, $query='') {
         return highlight($query, $output);
     }
 }
+
+class admin_setting_managewsprotocols extends admin_setting {
+    private $baseurl;
+    public function __construct() {
+        global $CFG;
+        parent::__construct('managewsprotocols', get_string('managewsprotocols', 'admin'), '', '');
+        $this->baseurl = $CFG->wwwroot . '/' . $CFG->admin . '/wsprotocols.php?sesskey=' . sesskey();
+    }
+
+    public function get_setting() {
+        return true;
+    }
+
+    public function write_setting($data) {
+        $url = $this->baseurl . '&new=' . $data;
+        return '';
+    }
+
+    public function output_html($data, $query='') {
+        global $CFG;
+
+        $namestr = get_string('name');
+        $settingsstr = get_string('settings');
+        $hiddenstr = get_string('hiddenshow', 'repository');
+        require_once("../webservice/lib.php");
+        $protocols = webservice_lib::get_list_protocols();
+        $table = new StdClass;
+        $table->head = array($namestr, $hiddenstr);
+        $table->align = array('left', 'center');
+        $table->data = array();
+
+        foreach ($protocols as $i) {
+            $hidetitle = $i->get_protocolname() ? get_string('clicktohide', 'repository') : get_string('clicktoshow', 'repository');
+            $hiddenshow = ' <a href="' . $this->baseurl . '&amp;hide=' . $i->get_protocolname() . '">'
+                          .'<img src="' . $CFG->pixpath . '/i/' . ($i->get_enable() ? 'hide' : 'show') . '.gif"'
+                              .' alt="' . $hidetitle . '" '
+                              .' title="' . $hidetitle . '" />'
+                          .'</a>' . "\n";
+
+            $table->data[] = array($i->get_protocolname(), $hiddenshow);
+
+            //display a grey row if the type is defined as not visible
+            if (!$i->get_enable()){
+                $table->rowclass[] = 'dimmed_text';
+            } else{
+                $table->rowclass[] = '';
+            }
+        }
+        $output = print_table($table, true);
+
+        return highlight($query, $output);
+    }
+}
+
+class admin_setting_managewsusersettings extends admin_setting {
+    private $baseurl;
+    public function __construct() {
+        global $CFG;
+        parent::__construct('managewsusersettings', get_string('managewsusersettings', 'admin'), '', '');
+        $this->baseurl = $CFG->wwwroot . '/' . $CFG->admin . '/wsprotocols.php?sesskey=' . sesskey();
+    }
+
+    public function get_setting() {
+        return true;
+    }
+
+    public function write_setting($data) {
+        $url = $this->baseurl . '&amp;new=' . $data;
+        return '';
+    }
+
+    public function output_html($data, $query='') {
+        global $CFG;
+        $output = "";
+
+        //search all web service users
+        $users = get_users(true, '', false, null, 'firstname ASC','', '', '', 1000);
+
+        $table = new StdClass;
+        $table->head = array('username', 'whitelist');
+        $table->align = array('left', 'center');
+        $table->data = array();
+
+        foreach ($users as $user) {
+            if ( true) { //test if the users has has_capability('use_webservice')
+                $wsusersetting = ' <a href="' . $this->baseurl . '&amp;username=' . $user->username . '">'
+                . get_string("settings")
+                          .'</a>' . "\n";
+                $textfield = print_textfield('whitelist_'.$user->username, '', '', 50, 0, true);
+                $table->data[] = array($user->username, $wsusersetting);
+            }
+        }
+
+        $output .= print_table($table, true);
+        return highlight($query, $output);
+    }
+}

webservice/amf/lib.php

@@ -24,7 +24,7 @@
  */
 
 
-require_once('../lib.php');
+require_once($CFG->dirroot.'/webservice/lib.php');
 
 /*
  * AMF server class
@@ -41,6 +41,10 @@ public function __construct() {
      * Run the AMF server
      */
     public function run() {
+        $enable = $this->get_enable();
+        if (empty($enable)) {
+            die;
+        }
         include "Zend/Loader.php";
         Zend_Loader::registerAutoload();
 

webservice/lib.php

@@ -23,6 +23,7 @@
  * @license   http://www.gnu.org/copyleft/gpl.html     GNU GPL License
  */
 
+require_once(dirname(dirname(__FILE__)) . '/lib/formslib.php');
 
 /**
  * web service library
@@ -47,7 +48,9 @@ public static function get_list_protocols() {
                 $path = $directorypath . '/' . $file;
              ///browse the subfolder
                 if( is_dir($path) ) {
-                     $protocols[] = $file;
+                        require_once($path."/lib.php");
+                        $classname = $file."_server";
+                     $protocols[] = new $classname;
                 }
              ///retrieve api.php file
                 else  {
@@ -82,6 +85,43 @@ public static function mock_check_token($token) {
         }
     }
 
+    /**
+     * Retrieve all external.php from Moodle (except the one of the exception list)
+     * @param <type> $
+     * @param <type> $directorypath
+     * @return boolean true if n
+     */
+    public static function setListApiFiles( &$files, $directorypath )
+    {
+        global $CFG;
+
+        if(is_dir($directorypath)){ //check that we are browsing a folder not a file
+
+            if( $dh = opendir($directorypath))
+            {
+                while( false !== ($file = readdir($dh)))
+                {
+
+                    if( $file == '.' || $file == '..') {   // Skip '.' and '..'
+                        continue;
+                    }
+                    $path = $directorypath . '/' . $file;
+                 ///browse the subfolder
+                    if( is_dir($path) ) {
+                         webservice_lib::setListApiFiles($files, $path);
+                    }
+                 ///retrieve api.php file
+                    else if ($file == "external.php") {
+                        $files[] = $path;
+                    }
+                }
+                closedir($dh);
+
+            }
+        }
+
+    }
+
 }
 
 /**
@@ -95,12 +135,6 @@ abstract class webservice_server {
      */
     private $protocolname;
 
-    /**
-     * if set to false the server cannot be run
-     * @var String
-     */
-    private $enable;
-
     public function __construct() {
     }
 
@@ -115,11 +149,11 @@ public function set_protocolname($protocolname) {
     }
 
     public function get_enable() {
-        return $this->enable;
+        return get_config($this->get_protocolname(), "enable");
     }
 
     public function set_enable($enable) {
-        $this->enable = $enable;
+        set_config("enable", $enable, $this->get_protocolname());
     }
 
 }
@@ -142,4 +176,32 @@ function tmp_get_token($params) {
     }
 }
 
+/**
+ * Form for web service user settings (administration)
+ */
+final class wsuser_form extends moodleform {
+    protected $username;
+
+    /**
+     * Definition of the moodleform
+     */
+    public function definition() {
+        global $DB;
+        $this->username = $this->_customdata['username'];
+        $mform =& $this->_form;
+
+        $strrequired = get_string('required');
+
+        $mform->addElement('hidden', 'username', $this->username);
+        $param = new stdClass();
+        $param->username = $this->username;
+        $wsuser = $DB->get_record("user", array("username" => $this->username));
+
+        $mform->addElement('text', 'ipwhitelist', get_string('ipwhitelist', 'admin'), array('value'=>get_user_preferences("ipwhitelist", "", $wsuser->id),'size' => '40'));
+        $mform->addElement('static', null, '',  get_string('ipwhitelistdesc','admin', $param));
+
+        $this->add_action_buttons(true, get_string('savechanges','admin'));
+    }
+}
+
 ?>

webservice/rest/lib.php

@@ -23,7 +23,7 @@
  * @license   http://www.gnu.org/copyleft/gpl.html     GNU GPL License
  */
 
-require_once('../lib.php');
+require_once($CFG->dirroot.'/webservice/lib.php');
 
 /*
  * Rest server class
@@ -39,6 +39,11 @@ public function __construct() {
      * Run REST server
      */
     public function run() {
+         $enable = $this->get_enable();
+        if (empty($enable)) {
+            die;
+        }
+
         require_once('locallib.php');
         //retrieve path and function name from the URL
         $rest_arguments = get_file_argument('server.php');
@@ -51,6 +56,10 @@ public function run() {
      * @global object $USER .
      */
     public function zend_run() {
+        $enable = $this->get_enable();
+        if (empty($enable)) {
+            die;
+        }
         include "Zend/Loader.php";
         Zend_Loader::registerAutoload();