Commit cd43240d authored by Juan Leyva's avatar Juan Leyva
Browse files

MDL-66376 webservice: Return user private access key for fetching files

parent 0dca9577
......@@ -207,6 +207,9 @@ class core_webservice_external extends external_api {
$siteinfo['usercalendartype'] = $USER->calendartype;
}
// User key, to avoid using the WS token for fetching assets.
$siteinfo['userprivateaccesskey'] = get_user_key('core_files', $USER->id);
// Current theme.
$siteinfo['theme'] = clean_param($PAGE->theme->name, PARAM_THEME); // We always clean to avoid problem with old sites.
......@@ -272,6 +275,8 @@ class core_webservice_external extends external_api {
'userhomepage' => new external_value(PARAM_INT,
'the default home page for the user: 0 for the site home, 1 for dashboard',
VALUE_OPTIONAL),
'userprivateaccesskey' => new external_value(PARAM_ALPHANUM, 'Private user access key for fetching files.',
VALUE_OPTIONAL),
'siteid' => new external_value(PARAM_INT, 'Site course ID', VALUE_OPTIONAL),
'sitecalendartype' => new external_value(PARAM_PLUGIN, 'Calendar type set in the site.', VALUE_OPTIONAL),
'usercalendartype' => new external_value(PARAM_PLUGIN, 'Calendar typed used by the user.', VALUE_OPTIONAL),
......
......@@ -122,6 +122,8 @@ class core_webservice_externallib_testcase extends externallib_advanced_testcase
// covered below for admin user. This test is for user not allowed to ignore limits.
$this->assertEquals(get_max_upload_file_size($maxbytes), $siteinfo['usermaxuploadfilesize']);
$this->assertEquals(true, $siteinfo['usercanmanageownfiles']);
$userkey = get_user_key('core_files', $USER->id);
$this->assertEquals($userkey, $siteinfo['userprivateaccesskey']);
$this->assertEquals(HOMEPAGE_MY, $siteinfo['userhomepage']);
$this->assertEquals($CFG->calendartype, $siteinfo['sitecalendartype']);
......
......@@ -9,6 +9,9 @@ This information is intended for authors of webservices, not people writing webs
is passed and the web service call does not require the user to be logged in we will attempt to use GET for the
request. This allows for things like proxy caching on URLs. The cache key must be changed if we do not want to
retrieve what has been cached and want to perform the request again.
* External function core_webservice_external::get_site_info() now returns the user private access key "userprivateaccesskey".
This key could be used for fetching files via the tokenpluginfile.php script instead webservice/pluginfile.php to avoid
multiple GET requests that include the WS token as a visible parameter.
=== 3.7 ===
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment