Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-29276 META- Web service improvements for 2.2
  3. MDL-30045

Backport 2.2 changes for login/token.php in 2.1

XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Fixed
    • Icon: Minor Minor
    • 2.1.3
    • 2.1.2
    • Web Services
    • None
    • MOODLE_21_STABLE
    • MOODLE_21_STABLE
    • Hide

      1- create a web service (enabled and authorised for a specific username)
      2- in the mysql/postgres 'external_services' table, set manually the SHORTNAME
      3- Enter in your browser: http://yourmoodle/login/token.php?service=SHORTNAME&username=USERNAME&password=PASSWORD (do not test with an admin user expect if asked)

      //none admin username who hasn't the moodle/webservice:createtoken capability
      a) you already created a token in the admin with an expired valid date => error message (Moodle will fail to find a token, and try to create a new one)
      b) you already created a token in the admin with a different ip address => error message (Moodle will fail to find a token, and try to create a new one)
      c) you already created a token in the admin but for a different service => error message (Moodle will fail to find a token, and try to create a new one)
      d) you already created a token in the admin (the service is enabled and authorised for everybody, correct valid dates, correct ip restrictions) => the token is returned

      //none admin username who has the moodle/webservice:createtoken capbility (excepted if mentioned)
      e) the user is an admin
      f) the user is not authorised on a restricted service => error message
      g) the user is authorised but has a expired valid date (manage service admin page, click on authorised user then on the user full name link) => error message
      h) the user is authorised but has a different ip address => error message
      i) the user has not the capability to create a token (moodle/webservice:createtoken) => error message
      j) the user never visited his security keys page (i.e. not token was previously generated) and everything is set up correctly => a token is returned
      k) you run j) a new time (so a token has been generated) => the same token is returned.
      l) the user has not the service required capability.

      Now you are going to use the 'moodle_mobile_app' shortname (the mobile service). Enable it first in the administration. Redo i), it should success if the user doesn't have the 'moodle/webservice:createtoken' capability. Mobile service does not require the capability but the 'moodle/webservice:createmobiletoken' capability.

      Show
      1- create a web service (enabled and authorised for a specific username) 2- in the mysql/postgres 'external_services' table, set manually the SHORTNAME 3- Enter in your browser: http://yourmoodle/login/token.php?service=SHORTNAME&username=USERNAME&password=PASSWORD (do not test with an admin user expect if asked) //none admin username who hasn't the moodle/webservice:createtoken capability a) you already created a token in the admin with an expired valid date => error message (Moodle will fail to find a token, and try to create a new one) b) you already created a token in the admin with a different ip address => error message (Moodle will fail to find a token, and try to create a new one) c) you already created a token in the admin but for a different service => error message (Moodle will fail to find a token, and try to create a new one) d) you already created a token in the admin (the service is enabled and authorised for everybody, correct valid dates, correct ip restrictions) => the token is returned //none admin username who has the moodle/webservice:createtoken capbility (excepted if mentioned) e) the user is an admin f) the user is not authorised on a restricted service => error message g) the user is authorised but has a expired valid date (manage service admin page, click on authorised user then on the user full name link) => error message h) the user is authorised but has a different ip address => error message i) the user has not the capability to create a token (moodle/webservice:createtoken) => error message j) the user never visited his security keys page (i.e. not token was previously generated) and everything is set up correctly => a token is returned k) you run j) a new time (so a token has been generated) => the same token is returned. l) the user has not the service required capability. Now you are going to use the 'moodle_mobile_app' shortname (the mobile service). Enable it first in the administration. Redo i), it should success if the user doesn't have the 'moodle/webservice:createtoken' capability. Mobile service does not require the capability but the 'moodle/webservice:createmobiletoken' capability.

          jerome Jérôme Mouneyrac
          jerome Jérôme Mouneyrac
          Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
          Rossiani Wijaya Rossiani Wijaya
          Votes:
          0 Vote for this issue
          Watchers:
          1 Start watching this issue

            Created:
            Updated:
            Resolved:

              Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.