documentation/moodle/tokens_8php_source.html

00001 <?php
00002
00003 // This file is part of Moodle - http://moodle.org/
00004 //
00005 // Moodle is free software: you can redistribute it and/or modify
00006 // it under the terms of the GNU General Public License as published by
00007 // the Free Software Foundation, either version 3 of the License, or
00008 // (at your option) any later version.
00009 //
00010 // Moodle is distributed in the hope that it will be useful,
00011 // but WITHOUT ANY WARRANTY; without even the implied warranty of
00012 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00013 // GNU General Public License for more details.
00014 //
00015 // You should have received a copy of the GNU General Public License
00016 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
00017
00026 require_once('../../config.php');
00027 require_once($CFG->libdir . '/adminlib.php');
00028 require_once($CFG->dirroot . '/' . $CFG->admin . '/webservice/forms.php');
00029 require_once($CFG->libdir . '/externallib.php');
00030
00031 $action = optional_param('action', '', PARAM_ACTION);
00032 $tokenid = optional_param('tokenid', '', PARAM_SAFEDIR);
00033 $confirm = optional_param('confirm', 0, PARAM_BOOL);
00034
00035 admin_externalpage_setup('addwebservicetoken');
00036
00037 //Deactivate the second 'Manage token' navigation node, and use the main 'Manage token' navigation node
00038 $node = $PAGE->settingsnav->find('addwebservicetoken', navigation_node::TYPE_SETTING);
00039 $newnode = $PAGE->settingsnav->find('webservicetokens', navigation_node::TYPE_SETTING);
00040 if ($node && $newnode) {
00041     $node->display = false;
00042     $newnode->make_active();
00043 }
00044
00045 require_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM));
00046
00047 $tokenlisturl = new moodle_url("/" . $CFG->admin . "/settings.php", array('section' => 'webservicetokens'));
00048
00049 require_once($CFG->dirroot . "/webservice/lib.php");
00050 $webservicemanager = new webservice();
00051
00052 switch ($action) {
00053
00054     case 'create':
00055         $mform = new web_service_token_form(null, array('action' => 'create'));
00056         $data = $mform->get_data();
00057         if ($mform->is_cancelled()) {
00058             redirect($tokenlisturl);
00059         } else if ($data and confirm_sesskey()) {
00060             ignore_user_abort(true);
00061
00062             //check the the user is allowed for the service
00063             $selectedservice = $webservicemanager->get_external_service_by_id($data->service);
00064             if ($selectedservice->restrictedusers) {
00065                 $restricteduser = $webservicemanager->get_ws_authorised_user($data->service, $data->user);
00066                 if (empty($restricteduser)) {
00067                     $allowuserurl = new moodle_url('/' . $CFG->admin . '/webservice/service_users.php',
00068                             array('id' => $selectedservice->id));
00069                     $allowuserlink = html_writer::tag('a', $selectedservice->name , array('href' => $allowuserurl));
00070                     $errormsg = $OUTPUT->notification(get_string('usernotallowed', 'webservice', $allowuserlink));
00071                 }
00072             }
00073
00074             //check if the user is deleted. unconfirmed, suspended or guest
00075             $user = $DB->get_record('user', array('id' => $data->user));
00076             if ($user->id == $CFG->siteguest or $user->deleted or !$user->confirmed or $user->suspended) {
00077                 throw new moodle_exception('forbiddenwsuser', 'webservice');
00078             }
00079
00080             //process the creation
00081             if (empty($errormsg)) {
00082                 //TODO improvement: either move this function from externallib.php to webservice/lib.php
00083                 // either move most of webservicelib.php functions into externallib.php
00084                 // (create externalmanager class) MDL-23523
00085                 external_generate_token(EXTERNAL_TOKEN_PERMANENT, $data->service,
00086                         $data->user, get_context_instance(CONTEXT_SYSTEM),
00087                         $data->validuntil, $data->iprestriction);
00088                 redirect($tokenlisturl);
00089             }
00090         }
00091
00092         //OUTPUT: create token form
00093         echo $OUTPUT->header();
00094         echo $OUTPUT->heading(get_string('createtoken', 'webservice'));
00095         if (!empty($errormsg)) {
00096             echo $errormsg;
00097         }
00098         $mform->display();
00099         echo $OUTPUT->footer();
00100         die;
00101         break;
00102
00103     case 'delete':
00104         $token = $webservicemanager->get_created_by_user_ws_token($USER->id, $tokenid);
00105
00106         //Delete the token
00107         if ($confirm and confirm_sesskey()) {
00108             $webservicemanager->delete_user_ws_token($token->id);
00109             redirect($tokenlisturl);
00110         }
00111
00113         echo $OUTPUT->header();
00114         $renderer = $PAGE->get_renderer('core', 'webservice');
00115         echo $renderer->admin_delete_token_confirmation($token);
00116         echo $OUTPUT->footer();
00117         die;
00118         break;
00119
00120     default:
00121         //wrong url access
00122         redirect($tokenlisturl);
00123         break;
00124 }