Add throwing an error if the plugin is disabled

2016-08-18 21:47:56 +10:00 · 2016-08-18 21:47:56 +10:00 · fc66e08628
commit fc66e08628
parent 52698e1d30
3 changed files with 87 additions and 0 deletions
--- a/externallib.php
+++ b/externallib.php
@ -23,6 +23,7 @@
 */

 require_once($CFG->libdir . "/externallib.php");
+require_once($CFG->dirroot . "/webservice/lib.php");
 require_once($CFG->dirroot . "/auth/userkey/auth.php");

 class auth_userkey_external extends external_api {
@ -48,9 +49,16 @@ class auth_userkey_external extends external_api {
     * @param array $user
     *
     * @return array
+     * @throws \dml_exception
+     * @throws \required_capability_exception
+     * @throws \webservice_access_exception
     */
    public static function request_login_url($user) {

+        if (!is_enabled_auth('userkey')) {
+            throw new webservice_access_exception('The userkey authentication plugin is disabled.');
+        }
+
        $context = context_system::instance();
        require_capability('auth/userkey:generatekey', $context);

--- a/login.php
+++ b/login.php
@ -24,4 +24,8 @@

 require_once(dirname(__FILE__) . '/../../config.php');

+if (!is_enabled_auth('userkey')) {
+    print_error('The userkey authentication plugin is disabled.');
+}
+
 get_auth_plugin('userkey')->user_login_userkey();
--- a/tests/externallib_test.php
+++ b/tests/externallib_test.php
@ -51,12 +51,30 @@ class auth_userkey_externallib_testcase extends advanced_testcase {
        $this->user = self::getDataGenerator()->create_user($user);
    }

+    /**
+     * Test call with incorrect required parameter.
+     *
+     * @expectedException webservice_access_exception
+     * @expectedExceptionMessage Access control exception (The userkey authentication plugin is disabled.)
+     */
+    public function test_throwing_plugin_disabled_exception() {
+        $this->setAdminUser();
+
+        $params = array(
+            'bla' => 'exists@test.com',
+        );
+        // Simulate the web service server.
+        $result = auth_userkey_external::request_login_url($params);
+        $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
+    }
+
    /**
     * Test successful web service calls.
     */
    public function test_successful_webservice_calls() {
        global $DB, $CFG;

+        $CFG->auth = "userkey";
        $this->setAdminUser();

        // Email.
@ -117,7 +135,10 @@ class auth_userkey_externallib_testcase extends advanced_testcase {
     * @expectedExceptionMessage Invalid parameter value detected (Required field "email" is not set or empty.)
     */
    public function test_request_incorrect_parameters() {
+        global $CFG;
+
        $this->setAdminUser();
+        $CFG->auth = "userkey";

        $params = array(
            'bla' => 'exists@test.com',
@ -134,7 +155,10 @@ class auth_userkey_externallib_testcase extends advanced_testcase {
     * @expectedExceptionMessage Invalid parameter value detected (User is not exist)
     */
    public function test_request_not_existing_user() {
+        global $CFG;
+
        $this->setAdminUser();
+        $CFG->auth = "userkey";

        $params = array(
            'email' => 'notexists@test.com',
@ -144,4 +168,55 @@ class auth_userkey_externallib_testcase extends advanced_testcase {
        $result = auth_userkey_external::request_login_url($params);
        $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
    }
+
+    /**
+     * Test that permission exception gets thrown if user doesn't have required permissions.
+     *
+     * @expectedException required_capability_exception
+     * @expectedExceptionMessage Sorry, but you do not currently have permissions to do that (Generate login user key)
+     */
+    public function test_throwing_of_permission_exception() {
+        global $CFG;
+
+        $this->setUser($this->user);
+        $CFG->auth = "userkey";
+
+        $params = array(
+            'email' => 'notexists@test.com',
+        );
+
+        // Simulate the web service server.
+        $result = auth_userkey_external::request_login_url($params);
+        $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
+    }
+
+    /**
+     * Test request gets executed correctly if use has required permissions.
+     */
+    public function test_request_gets_executed_if_user_has_permission() {
+        global $CFG, $DB;
+
+        $this->setUser($this->user);
+        $CFG->auth = "userkey";
+
+        $context = context_system::instance();
+        $studentrole = $DB->get_record('role', array('shortname'=>'student'), '*', MUST_EXIST);
+        assign_capability('auth/userkey:generatekey', CAP_ALLOW, $studentrole->id, $context->id);
+        role_assign($studentrole->id, $this->user->id, $context->id);
+
+        $params = array(
+            'email' => 'exists@test.com',
+        );
+
+        // Simulate the web service server.
+        $result = auth_userkey_external::request_login_url($params);
+        $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
+
+        $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
+        $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;
+
+        $this->assertTrue(is_array($result));
+        $this->assertTrue(key_exists('loginurl', $result));
+        $this->assertEquals($expectedurl, $result['loginurl']);
+    }
 }