Loading...

XML

Word

Printable

Type: Improvement
Resolution: Fixed
Priority: Minor
Fix Version/s: 3.2
Affects Version/s: 3.1.2
Component/s: Web Services
Labels:
- ci
- triaged

Affected Branches:
MOODLE_31_STABLE
Fixed Branches:
MOODLE_32_STABLE
Pull from Repository:
git://github.com/jleyva/moodle.git
Pull Main Branch:
~~MDL-56126~~-master
Pull Main Diff URL:
https://github.com/jleyva/moodle/compare/c956886...MDL-56126-master
Testing Instructions:
Hide

Add a new sitepolicy to the site (a link to any page)

Create a new user in Moodle (do not log-in with that user in Moodle)

Enable "Mobile services": Plugins ► Web Services ► Mobile

Now, get a ws token via login/token.php (passing the username, password and moodle_mobile_app as $service)

Next, you can do a CURL REST call simulating a WS client with the user.

You need to replace the wstoken, useridto and the URL of your moodle instance

curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'useridto=120&useridfrom=0&type=notifications&read=0&newestfirst=1&limitfrom=0&limitnum=20&moodlewssettingfilter=true&moodlewssettingfileurl=true&wsfunction=core_message_get_messages&wstoken=df1bfa97aed575da512382a1f80e2273' --compressed

Confirm that you receive a moodle_exception with a sitepolicynotagreed errorcode and that in the message you see the URL to the site policy

Now, execute the WS to agree to the site policy

curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'wsfunction=core_user_agree_site_policy&wstoken=df1bfa97aed575da512382a1f80e2273' | python -m "json.tool"

Confirm that you see a success = true and 0 warnings

Now, execute the first curl request and check that now you don't get errors

Confirm that you can log-in with the user in Moodle web normally (the site policy not displayed)

If you execute again the CURL request to confirm the site policy you will get a warning "alreadyagreed"

If you disable the site policy in the site and you execute the curl request you'll get a nositepolicy warning
Show
Add a new sitepolicy to the site (a link to any page) Create a new user in Moodle (do not log-in with that user in Moodle) Enable "Mobile services": Plugins ► Web Services ► Mobile Now, get a ws token via login/token.php (passing the username, password and moodle_mobile_app as $service) Next, you can do a CURL REST call simulating a WS client with the user. You need to replace the wstoken, useridto and the URL of your moodle instance curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'useridto=120&useridfrom=0&type=notifications&read=0&newestfirst=1&limitfrom=0&limitnum=20&moodlewssettingfilter=true&moodlewssettingfileurl=true&wsfunction=core_message_get_messages&wstoken=df1bfa97aed575da512382a1f80e2273' --compressed Confirm that you receive a moodle_exception with a sitepolicynotagreed errorcode and that in the message you see the URL to the site policy Now, execute the WS to agree to the site policy curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'wsfunction=core_user_agree_site_policy&wstoken=df1bfa97aed575da512382a1f80e2273' | python -m "json.tool" Confirm that you see a success = true and 0 warnings Now, execute the first curl request and check that now you don't get errors Confirm that you can log-in with the user in Moodle web normally (the site policy not displayed) If you execute again the CURL request to confirm the site policy you will get a warning "alreadyagreed" If you disable the site policy in the site and you execute the curl request you'll get a nositepolicy warning

In sites where there is a "site policy" and the user hasn't agreed to it we have this scenario:

We can generate tokens for the user via Web Services
The user can access to the site via the Mobile app because a token is generated.
But he can't do anything in the app, he always get a require_login_exception('Policy not agreed')

Required changes:

Return a proper exception that can be translated (with a code that we can detect in the app), something like: require_login_exception('policynotagreed'), ideally the exception should include in some way the link to the site policy.
In the app, detect the exception and show the translated message so the user can open the link and review the site policy and a check for indicating that he accept it.
Develop a new WS that does not call require_login to indicate to Moodle that the user accepted the policy.

I don't see any possible solution, not returning the token at all is not an option because we won't have a way to accept the policy from outside Moodle.

blocks

MOBILE-1812 Accept the site policy in the app

Closed

has been marked as being related by

MDL-56822 sitepolicynotagreed error appears on site policy page on clean

Closed

Assignee:: Juan Leyva

Reporter:: Juan Leyva

Peer reviewer:: Dani Palou

Integrator:: Eloy Lafuente (stronk7)

Tester:: Mark Nelson

Participants:: Andrew Lyons, CiBoT, Dani Palou, Dan Poltawski, Eloy Lafuente (stronk7), Juan Leyva, Mark Nelson

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 27/Sep/16 12:20 PM

Updated:: 08/Nov/16 7:59 PM

Resolved:: 07/Oct/16 5:26 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates

Clockify