Commit 2a864ee9 authored by Andrew Nicols's avatar Andrew Nicols
Browse files

Merge branch 'MDL-56092-master' of git://github.com/jleyva/moodle

parents 5bba36f6 83e4dc17
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth external API
*
* @package core_auth
* @category external
* @copyright 2016 Juan Leyva <juan@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @since Moodle 3.2
*/
defined('MOODLE_INTERNAL') || die;
require_once($CFG->libdir . '/externallib.php');
require_once($CFG->libdir . '/authlib.php');
/**
* Auth external functions
*
* @package core_auth
* @category external
* @copyright 2016 Juan Leyva <juan@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @since Moodle 3.2
*/
class core_auth_external extends external_api {
/**
* Describes the parameters for confirm_user.
*
* @return external_external_function_parameters
* @since Moodle 3.2
*/
public static function confirm_user_parameters() {
return new external_function_parameters(
array(
'username' => new external_value(core_user::get_property_type('username'), 'User name'),
'secret' => new external_value(core_user::get_property_type('secret'), 'Confirmation secret'),
)
);
}
/**
* Confirm a user account.
*
* @param string $username user name
* @param string $secret confirmation secret (random string) used for validating the confirm request
* @return array warnings and success status (true if the user was confirmed, false if he was already confirmed)
* @since Moodle 3.2
* @throws moodle_exception
*/
public static function confirm_user($username, $secret) {
global $PAGE;
$warnings = array();
$params = self::validate_parameters(
self::confirm_user_parameters(),
array(
'username' => $username,
'secret' => $secret,
)
);
$context = context_system::instance();
$PAGE->set_context($context);
if (!$authplugin = signup_get_user_confirmation_authplugin()) {
throw new moodle_exception('confirmationnotenabled');
}
$confirmed = $authplugin->user_confirm($username, $secret);
if ($confirmed == AUTH_CONFIRM_ALREADY) {
$success = false;
$warnings[] = array(
'item' => 'user',
'itemid' => 0,
'warningcode' => 'alreadyconfirmed',
'message' => s(get_string('alreadyconfirmed'))
);
} else if ($confirmed == AUTH_CONFIRM_OK) {
$success = true;
} else {
throw new moodle_exception('invalidconfirmdata');
}
$result = array(
'success' => $success,
'warnings' => $warnings,
);
return $result;
}
/**
* Describes the confirm_user return value.
*
* @return external_single_structure
* @since Moodle 3.2
*/
public static function confirm_user_returns() {
return new external_single_structure(
array(
'success' => new external_value(PARAM_BOOL, 'True if the user was confirmed, false if he was already confirmed'),
'warnings' => new external_warnings(),
)
);
}
}
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth e-mail external API
*
* @package auth_email
* @category external
* @copyright 2016 Juan Leyva <juan@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @since Moodle 3.2
*/
defined('MOODLE_INTERNAL') || die;
require_once($CFG->libdir . '/externallib.php');
require_once($CFG->libdir . '/authlib.php');
require_once($CFG->dirroot . '/user/editlib.php');
require_once($CFG->dirroot . '/user/profile/lib.php');
/**
* Auth e-mail external functions
*
* @package auth_email
* @category external
* @copyright 2016 Juan Leyva <juan@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @since Moodle 3.2
*/
class auth_email_external extends external_api {
/**
* Check if registration is enabled in this site.
*
* @throws moodle_exception
* @since Moodle 3.2
*/
protected static function check_signup_enabled() {
global $CFG;
if (empty($CFG->registerauth) or $CFG->registerauth != 'email') {
throw new moodle_exception('registrationdisabled', 'error');
}
}
/**
* Describes the parameters for get_signup_settings.
*
* @return external_external_function_parameters
* @since Moodle 3.2
*/
public static function get_signup_settings_parameters() {
return new external_function_parameters(array());
}
/**
* Get the signup required settings and profile fields.
*
* @return array settings and possible warnings
* @since Moodle 3.2
* @throws moodle_exception
*/
public static function get_signup_settings() {
global $CFG, $PAGE;
$context = context_system::instance();
// We need this to make work the format text functions.
$PAGE->set_context($context);
self::check_signup_enabled();
$result = array();
$result['namefields'] = useredit_get_required_name_fields();
if (!empty($CFG->passwordpolicy)) {
$result['passwordpolicy'] = print_password_policy();
}
if (!empty($CFG->sitepolicy)) {
$result['sitepolicy'] = $CFG->sitepolicy;
}
if (!empty($CFG->defaultcity)) {
$result['defaultcity'] = $CFG->defaultcity;
}
if (!empty($CFG->country)) {
$result['country'] = $CFG->country;
}
if ($fields = profile_get_signup_fields()) {
$result['profilefields'] = array();
foreach ($fields as $field) {
$fielddata = $field->object->get_field_config_for_external();
$fielddata['categoryname'] = external_format_string($field->categoryname, $context->id);
$fielddata['name'] = external_format_string($fielddata['name'], $context->id);
list($fielddata['defaultdata'], $fielddata['defaultdataformat']) =
external_format_text($fielddata['defaultdata'], $fielddata['defaultdataformat'], $context->id);
$result['profilefields'][] = $fielddata;
}
}
if (signup_captcha_enabled()) {
require_once($CFG->libdir . '/recaptchalib.php');
// We return the public key, maybe we want to use the javascript api to get the image.
$result['recaptchapublickey'] = $CFG->recaptchapublickey;
list($result['recaptchachallengehash'], $result['recaptchachallengeimage'], $result['recaptchachallengejs']) =
recaptcha_get_challenge_hash_and_urls(RECAPTCHA_API_SECURE_SERVER, $CFG->recaptchapublickey);
}
$result['warnings'] = array();
return $result;
}
/**
* Describes the get_signup_settings return value.
*
* @return external_single_structure
* @since Moodle 3.2
*/
public static function get_signup_settings_returns() {
return new external_single_structure(
array(
'namefields' => new external_multiple_structure(
new external_value(PARAM_NOTAGS, 'The order of the name fields')
),
'passwordpolicy' => new external_value(PARAM_RAW, 'Password policy', VALUE_OPTIONAL),
'sitepolicy' => new external_value(PARAM_URL, 'Site policy url', VALUE_OPTIONAL),
'defaultcity' => new external_value(PARAM_NOTAGS, 'Default city', VALUE_OPTIONAL),
'country' => new external_value(PARAM_ALPHA, 'Default country', VALUE_OPTIONAL),
'profilefields' => new external_multiple_structure(
new external_single_structure(
array(
'id' => new external_value(PARAM_INT, 'Profile field id', VALUE_OPTIONAL),
'shortname' => new external_value(PARAM_ALPHANUM, 'Password policy', VALUE_OPTIONAL),
'name' => new external_value(PARAM_TEXT, 'Profield field name', VALUE_OPTIONAL),
'datatype' => new external_value(PARAM_ALPHANUMEXT, 'Profield field datatype', VALUE_OPTIONAL),
'description' => new external_value(PARAM_RAW, 'Profield field description', VALUE_OPTIONAL),
'descriptionformat' => new external_format_value('description'),
'categoryid' => new external_value(PARAM_INT, 'Profield field category id', VALUE_OPTIONAL),
'categoryname' => new external_value(PARAM_TEXT, 'Profield field category name', VALUE_OPTIONAL),
'sortorder' => new external_value(PARAM_INT, 'Profield field sort order', VALUE_OPTIONAL),
'required' => new external_value(PARAM_INT, 'Profield field required', VALUE_OPTIONAL),
'locked' => new external_value(PARAM_INT, 'Profield field locked', VALUE_OPTIONAL),
'visible' => new external_value(PARAM_INT, 'Profield field visible', VALUE_OPTIONAL),
'forceunique' => new external_value(PARAM_INT, 'Profield field unique', VALUE_OPTIONAL),
'signup' => new external_value(PARAM_INT, 'Profield field in signup form', VALUE_OPTIONAL),
'defaultdata' => new external_value(PARAM_RAW, 'Profield field default data', VALUE_OPTIONAL),
'defaultdataformat' => new external_format_value('defaultdata'),
'param1' => new external_value(PARAM_RAW, 'Profield field settings', VALUE_OPTIONAL),
'param2' => new external_value(PARAM_RAW, 'Profield field settings', VALUE_OPTIONAL),
'param3' => new external_value(PARAM_RAW, 'Profield field settings', VALUE_OPTIONAL),
'param4' => new external_value(PARAM_RAW, 'Profield field settings', VALUE_OPTIONAL),
'param5' => new external_value(PARAM_RAW, 'Profield field settings', VALUE_OPTIONAL),
)
), 'Required profile fields', VALUE_OPTIONAL
),
'recaptchapublickey' => new external_value(PARAM_RAW, 'Recaptcha public key', VALUE_OPTIONAL),
'recaptchachallengehash' => new external_value(PARAM_RAW, 'Recaptcha challenge hash', VALUE_OPTIONAL),
'recaptchachallengeimage' => new external_value(PARAM_URL, 'Recaptcha challenge <noscript> image', VALUE_OPTIONAL),
'recaptchachallengejs' => new external_value(PARAM_URL, 'Recaptcha challenge js url', VALUE_OPTIONAL),
'warnings' => new external_warnings(),
)
);
}
/**
* Describes the parameters for signup_user.
*
* @return external_external_function_parameters
* @since Moodle 3.2
*/
public static function signup_user_parameters() {
return new external_function_parameters(
array(
'username' => new external_value(core_user::get_property_type('username'), 'Username'),
'password' => new external_value(core_user::get_property_type('password'), 'Plain text password'),
'firstname' => new external_value(core_user::get_property_type('firstname'), 'The first name(s) of the user'),
'lastname' => new external_value(core_user::get_property_type('lastname'), 'The family name of the user'),
'email' => new external_value(core_user::get_property_type('email'), 'A valid and unique email address'),
'city' => new external_value(core_user::get_property_type('city'), 'Home city of the user', VALUE_DEFAULT, ''),
'country' => new external_value(core_user::get_property_type('country'), 'Home country code', VALUE_DEFAULT, ''),
'recaptchachallengehash' => new external_value(PARAM_RAW, 'Recaptcha challenge hash', VALUE_DEFAULT, ''),
'recaptcharesponse' => new external_value(PARAM_NOTAGS, 'Recaptcha response', VALUE_DEFAULT, ''),
'customprofilefields' => new external_multiple_structure(
new external_single_structure(
array(
'type' => new external_value(PARAM_ALPHANUMEXT, 'The type of the custom field'),
'name' => new external_value(PARAM_ALPHANUMEXT, 'The name of the custom field'),
'value' => new external_value(PARAM_RAW, 'Custom field value, can be an encoded json if required')
)
), 'User custom fields (also known as user profile fields)', VALUE_DEFAULT, array()
)
)
);
}
/**
* Get the signup required settings and profile fields.
*
* @param string $username username
* @param string $password plain text password
* @param string $firstname the first name(s) of the user
* @param string $lastname the family name of the user
* @param string $email a valid and unique email address
* @param string $city home city of the user
* @param string $country home country code
* @param string $recaptchachallengehash recaptcha challenge hash
* @param string $recaptcharesponse recaptcha response
* @param array $customprofilefields user custom fields (also known as user profile fields)
* @return array settings and possible warnings
* @since Moodle 3.2
* @throws moodle_exception
* @throws invalid_parameter_exception
*/
public static function signup_user($username, $password, $firstname, $lastname, $email, $city = '', $country = '',
$recaptchachallengehash = '', $recaptcharesponse = '', $customprofilefields = array()) {
global $CFG, $PAGE;
$warnings = array();
$params = self::validate_parameters(
self::signup_user_parameters(),
array(
'username' => $username,
'password' => $password,
'firstname' => $firstname,
'lastname' => $lastname,
'email' => $email,
'city' => $city,
'country' => $country,
'recaptchachallengehash' => $recaptchachallengehash,
'recaptcharesponse' => $recaptcharesponse,
'customprofilefields' => $customprofilefields,
)
);
// We need this to make work the format text functions.
$context = context_system::instance();
$PAGE->set_context($context);
self::check_signup_enabled();
// Validate profile fields param types.
$allowedfields = profile_get_signup_fields();
$fieldproperties = array();
$fieldsrequired = array();
foreach ($allowedfields as $field) {
$fieldproperties[$field->object->inputname] = $field->object->get_field_properties();
if ($field->object->is_required()) {
$fieldsrequired[$field->object->inputname] = true;
}
}
foreach ($params['customprofilefields'] as $profilefield) {
if (!array_key_exists($profilefield['name'], $fieldproperties)) {
throw new invalid_parameter_exception('Invalid field' . $profilefield['name']);
}
list($type, $allownull) = $fieldproperties[$profilefield['name']];
validate_param($profilefield['value'], $type, $allownull);
// Remove from the potential required list.
if (isset($fieldsrequired[$profilefield['name']])) {
unset($fieldsrequired[$profilefield['name']]);
}
}
if (!empty($fieldsrequired)) {
throw new invalid_parameter_exception('Missing required parameters: ' . implode(',', array_keys($fieldsrequired)));
}
// Validate the data sent.
$data = $params;
$data['email2'] = $data['email'];
unset($data['recaptcharesponse']);
unset($data['customprofilefields']);
// Add profile fields data.
foreach ($params['customprofilefields'] as $profilefield) {
// First, check if the value is a json (some profile fields like text area uses an array for sending data).
$datadecoded = json_decode($profilefield['value'], true);
if (is_array($datadecoded) && (json_last_error() == JSON_ERROR_NONE)) {
$data[$profilefield['name']] = $datadecoded;
} else {
$data[$profilefield['name']] = $profilefield['value'];
}
}
$errors = signup_validate_data($data, array());
// Validate recaptcha.
if (signup_captcha_enabled()) {
require_once($CFG->libdir . '/recaptchalib.php');
$response = recaptcha_check_answer($CFG->recaptchaprivatekey, getremoteaddr(), $params['recaptchachallengehash'],
$params['recaptcharesponse'], true);
if (!$response->is_valid) {
$errors['recaptcharesponse'] = $response->error;
}
}
if (!empty($errors)) {
foreach ($errors as $itemname => $message) {
$warnings[] = array(
'item' => $itemname,
'itemid' => 0,
'warningcode' => 'fielderror',
'message' => s($message)
);
}
$result = array(
'success' => false,
'warnings' => $warnings,
);
} else {
// Save the user.
$user = signup_setup_new_user((object) $data);
$authplugin = get_auth_plugin('email');
$authplugin->user_signup($user, false);
$result = array(
'success' => true,
'warnings' => array(),
);
}
return $result;
}
/**
* Describes the signup_user return value.
*
* @return external_single_structure
* @since Moodle 3.2
*/
public static function signup_user_returns() {
return new external_single_structure(
array(
'success' => new external_value(PARAM_BOOL, 'True if the user was created false otherwise'),
'warnings' => new external_warnings(),
)
);
}
}
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth email webservice definitions.
*
* @package auth_email
* @copyright 2016 Juan Leyva
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
$functions = array(
'auth_email_get_signup_settings' => array(
'classname' => 'auth_email_external',
'methodname' => 'get_signup_settings',
'description' => 'Get the signup required settings and profile fields.',
'type' => 'read',
'ajax' => true,
'loginrequired' => false,
),
'auth_email_signup_user' => array(
'classname' => 'auth_email_external',
'methodname' => 'signup_user',
'description' => 'Adds a new user (pendingto be confirmed) in the site.',
'type' => 'write',
'ajax' => true,
'loginrequired' => false,
),
);
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth email external functions tests.
*
* @package auth_email
* @category external
* @copyright 2016 Juan Leyva
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @since Moodle 3.2
*/
defined('MOODLE_INTERNAL') || die();
global $CFG;
require_once($CFG->dirroot . '/webservice/tests/helpers.php');
/**
* External auth email API tests.
*
* @package auth_email
* @copyright 2016 Juan Leyva
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @since Moodle 3.2
*/
class auth_email_external_testcase extends externallib_advanced_testcase {
/**
* Set up for every test
*/
public function setUp() {
global $CFG, $DB;
$this->resetAfterTest(true);
$CFG->registerauth = 'email';
$categoryid = $DB->insert_record('user_info_category', array('name' => 'Cat 1', 'sortorder' => 1));
$this->field1 = $DB->insert_record('user_info_field', array(
'shortname' => 'frogname', 'name' => 'Name of frog', 'categoryid' => $categoryid,
'datatype' => 'text', 'signup' => 1, 'visible' => 1, 'required' => 1));
$this->field2 = $DB->insert_record('user_info_field', array(
'shortname' => 'sometext', 'name' => 'Some text in textarea', 'categoryid' => $categoryid,
'datatype' => 'textarea', 'signup' => 1, 'visible' => 1, 'required' => 1));
}
public function test_get_signup_settings() {
global $CFG;
$CFG->defaultcity = 'Bcn';
$CFG->country = 'ES';
$CFG->sitepolicy = 'https://moodle.org';
$result = auth_email_external::get_signup_settings();
$result = external_api::clean_returnvalue(auth_email_external::get_signup_settings_returns(), $result);
// Check expected data.
$this->assertEquals(array('firstname', 'lastname'), $result['namefields']);
$this->assertEquals($CFG->defaultcity, $result['defaultcity']);
$this->assertEquals($CFG->country, $result['country']);
$this->assertEquals($CFG->sitepolicy, $result['sitepolicy']);
$this->assertEquals(print_password_policy(), $result['passwordpolicy']);
$this->assertNotContains('recaptchachallengehash', $result);
$this->assertNotContains('recaptchachallengeimage', $result);
$this->assertCount(2, $result['profilefields']);
$this->assertEquals('text', $result['profilefields'][0]['datatype']);
$this->assertEquals('textarea', $result['profilefields'][1]['datatype']);
}
public function test_signup_user() {
global $DB;
$username = 'pepe';
$password = 'abcdefAª.ªª!!3';