Commit 797cff78 authored by Paul Holden's avatar Paul Holden
Browse files

MDL-72464 webservice: fix detection of non-expiring external tokens.

parent e746dc75
@core @core_user
Feature: Enable/disable password field based on authentication selected.
Feature: Edit a users password
In order edit a user password properly
As an admin
I need to be able to notice if the change in password is allowed by athuentication plugin or not
I need to be able to edit their profile and change their password
@javascript
Scenario: Verify the password field is enabled/disabled based on authentication selected, in user edit advanced page.
......@@ -15,3 +15,34 @@ Feature: Enable/disable password field based on authentication selected.
And the "New password" "field" should be enabled
# We need to cancel/submit a form that has been modified.
And I press "Create user"
Scenario: Sign out everywhere field is not present if user doesn't have active token
Given the following "users" exist:
| username | firstname | lastname | email |
| user01 | User | One | user01@example.com |
And I log in as "admin"
When I navigate to "Users > Accounts > Browse list of users" in site administration
And I click on "User One" "link" in the "users" "table"
And I click on "Edit profile" "link"
Then "Sign out everywhere" "field" should not exist
Scenario Outline: Sign out everywhere field is present based on expiry of active token
Given the following "users" exist:
| username | firstname | lastname | email |
| user01 | User | One | user01@example.com |
And the following "core_webservice > Service" exist:
| shortname | name |
| mytestservice | My test service |
And the following "core_webservice > Tokens" exist:
| user | service | validuntil |
| user01 | mytestservice | <validuntil> |
And I log in as "admin"
When I navigate to "Users > Accounts > Browse list of users" in site administration
And I click on "User One" "link" in the "users" "table"
And I click on "Edit profile" "link"
Then "Sign out everywhere" "field" <shouldornot> exist
Examples:
| validuntil | shouldornot |
| ## -1 month ## | should not |
| 0 | should |
| ## +1 month ## | should |
......@@ -866,7 +866,7 @@ class webservice {
$sql = 'SELECT t.*, s.name as servicename FROM {external_tokens} t JOIN
{external_services} s ON t.externalserviceid = s.id WHERE
t.userid = :userid AND (t.validuntil IS NULL OR t.validuntil > :now)';
t.userid = :userid AND (COALESCE(t.validuntil, 0) = 0 OR t.validuntil > :now)';
$params = array('userid' => $userid, 'now' => time());
return $DB->get_records_sql($sql, $params);
}
......
......@@ -49,6 +49,7 @@ class core_webservice_generator extends component_generator_base {
}
$optionalfields = [
'enabled' => false,
'requiredcapability' => '',
'restrictedusers' => 0,
'component' => '',
......
......@@ -252,6 +252,47 @@ class webservice_test extends advanced_testcase {
$this->assertContains('moodle/course:managegroups', $missing[$user3->id]);
}
/**
* Data provider for {@see test_get_active_tokens}
*
* @return array
*/
public function get_active_tokens_provider(): array {
return [
'No expiration' => [0, true],
'Active' => [time() + DAYSECS, true],
'Expired' => [time() - DAYSECS, false],
];
}
/**
* Test getting active tokens for a user
*
* @param int $validuntil
* @param bool $expectedactive
*
* @dataProvider get_active_tokens_provider
*/
public function test_get_active_tokens(int $validuntil, bool $expectedactive): void {
$this->resetAfterTest();
$user = $this->getDataGenerator()->create_user();
/** @var core_webservice_generator $generator */
$generator = $this->getDataGenerator()->get_plugin_generator('core_webservice');
$service = $generator->create_service(['name' => 'My test service', 'shortname' => 'mytestservice']);
$generator->create_token(['userid' => $user->id, 'service' => $service->shortname, 'validuntil' => $validuntil]);
$tokens = webservice::get_active_tokens($user->id);
if ($expectedactive) {
$this->assertCount(1, $tokens);
$this->assertEquals($service->id, reset($tokens)->externalserviceid);
} else {
$this->assertEmpty($tokens);
}
}
/**
* Utility method that tests the parameter type of a method info's input/output parameter.
*
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment