[moodle.git] / lib / externallib.php

<?php

// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.

/**
 * Support for external API
 *
 * @package    moodlecore
 * @subpackage webservice
 * @copyright  2008 Petr Skoda (http://skodak.org)
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 */

/**
 * Exception indicating user is not allowed to use external function in
 * the current context.
 */
class restricted_context_exception extends moodle_exception {
    /**
     * Constructor
     */
    function __construct() {
        parent::__construct('restrictedcontextexception', 'error');
    }
}

/**
 * Base class for external api methods.
 */
class external_api {


    private static $contextrestriction;

    public static function set_context_restriction($contex) {
        self::$contextrestriction = $context;
    }

    /**
     * Makes sure user may execute functions in this context.
     * @param object $context
     * @return void
     */
    protected static function validate_context($context) {
        if (empty(self::$contextrestriction)) {
            self::$contextrestriction = get_context_instance(CONTEXT_SYSTEM);
        }
        $rcontext = self::$contextrestriction;

        if ($rcontext->contextlevel == $context->contextlevel) {
            if ($rcontex->id != $context->id) {
                throw new restricted_context_exception();
            }
        } else if ($rcontext->contextlevel > $context->contextlevel) {
            throw new restricted_context_exception();
        } else {
            $parents = get_parent_contexts($context);
            if (!in_array($rcontext->id, $parents)) {
                throw new restricted_context_exception();
            }
        }

        if ($context->contextlevel >= CONTEXT_COURSE) {
            //TODO: temporary bloody hack, this needs to be replaced by
            //      proper enrolment and course visibility check
            //      similar to require_login() (which can not be used
            //      because it can be used only once and redirects)
            //      oh - did I tell we need to rewrite enrolments in 2.0
            //      to solve this bloody mess?
            //
            //      missing: hidden courses and categories, groupmembersonly,
            //      conditional activities, etc.
            require_capability('moodle/course:view', $context);
        }
    }

    /**
     * Some automatic type validation of parameters
     * @param string $functionname
     * @param mixed $params
     * @return mixed cleaned parameters
     */
    protected static function cleanparams($functionname, $params) {
        //TODO: implement cleaning
        //      do we need this? We need only basic data types for web services, right?
        return $params;
    }

    /**
     * Returns detailed information about external function
     * @param string $functionname name of external function
     * @return aray
     */
    public static function get_function_info($functionname) {
        global $CFG, $DB;

        //TODO: this is very slow, we should add some caching here
        $function = $DB->get_record('external_functions', array('name'=>$functionname), '*', MUST_EXIST);

        $defpath = get_component_directory($function->component);
        if (!file_exists("$defpath/db/services.php")) {
            //TODO: maybe better throw invalid parameter exception
            return null;
        }

        $functions = array();
        include("$defpath/db/services.php");

        if (empty($functions[$functionname])) {
            return null;
        }

        $desc = $functions[$functionname];
        if (empty($desc['classpath'])) {
            $desc['classpath'] = "$defpath/externallib.php";
        } else {
            $desc['classpath'] = "$CFG->dirroot/".$desc['classpath'];
        }
        $desc['component'] = $function->component;

        return $desc;
    }
}
Commit	Line	Data
9a0df45a	1	<?php
	2
	3	// This file is part of Moodle - http://moodle.org/
	4	//
	5	// Moodle is free software: you can redistribute it and/or modify
	6	// it under the terms of the GNU General Public License as published by
	7	// the Free Software Foundation, either version 3 of the License, or
	8	// (at your option) any later version.
	9	//
	10	// Moodle is distributed in the hope that it will be useful,
	11	// but WITHOUT ANY WARRANTY; without even the implied warranty of
	12	// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	13	// GNU General Public License for more details.
	14	//
	15	// You should have received a copy of the GNU General Public License
	16	// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
	17
	18	/**
	19	* Support for external API
	20	*
	21	* @package moodlecore
	22	* @subpackage webservice
	23	* @copyright 2008 Petr Skoda (http://skodak.org)
	24	* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
	25	*/
	26
	27	/**
	28	* Exception indicating user is not allowed to use external function in
	29	* the current context.
	30	*/
	31	class restricted_context_exception extends moodle_exception {
	32	/**
	33	* Constructor
	34	*/
	35	function __construct() {
	36	parent::__construct('restrictedcontextexception', 'error');
	37	}
	38	}
	39
	40	/**
	41	* Base class for external api methods.
	42	*/
	43	class external_api {
	44
	45
	46	private static $contextrestriction;
	47
	48	public static function set_context_restriction($contex) {
	49	self::$contextrestriction = $context;
	50	}
	51
	52	/**
	53	* Makes sure user may execute functions in this context.
	54	* @param object $context
	55	* @return void
	56	*/
	57	protected static function validate_context($context) {
	58	if (empty(self::$contextrestriction)) {
	59	self::$contextrestriction = get_context_instance(CONTEXT_SYSTEM);
	60	}
	61	$rcontext = self::$contextrestriction;
	62
	63	if ($rcontext->contextlevel == $context->contextlevel) {
	64	if ($rcontex->id != $context->id) {
65	throw new restricted_context_exception();
66	}
67	} else if ($rcontext->contextlevel > $context->contextlevel) {
68	throw new restricted_context_exception();
69	} else {
70	$parents = get_parent_contexts($context);
71	if (!in_array($rcontext->id, $parents)) {
72	throw new restricted_context_exception();
73	}
74	}
75
76	if ($context->contextlevel >= CONTEXT_COURSE) {
77	//TODO: temporary bloody hack, this needs to be replaced by
78	// proper enrolment and course visibility check
79	// similar to require_login() (which can not be used
80	// because it can be used only once and redirects)
81	// oh - did I tell we need to rewrite enrolments in 2.0
82	// to solve this bloody mess?
83	//
84	// missing: hidden courses and categories, groupmembersonly,
85	// conditional activities, etc.
86	require_capability('moodle/course:view', $context);
87	}
88	}
89
90	/**
91	* Some automatic type validation of parameters
92	* @param string $functionname
93	* @param mixed $params
94	* @return mixed cleaned parameters
95	*/
96	protected static function cleanparams($functionname, $params) {
97	//TODO: implement cleaning
98	// do we need this? We need only basic data types for web services, right?
99	return $params;
100	}
101
102	/**
103	* Returns detailed information about external function
104	* @param string $functionname name of external function
105	* @return aray
106	*/
107	public static function get_function_info($functionname) {
108	global $CFG, $DB;
109
110	//TODO: this is very slow, we should add some caching here
111	$function = $DB->get_record('external_functions', array('name'=>$functionname), '*', MUST_EXIST);
112
113	$defpath = get_component_directory($function->component);
114	if (!file_exists("$defpath/db/services.php")) {
115	//TODO: maybe better throw invalid parameter exception
116	return null;
117	}
118
119	$functions = array();
120	include("$defpath/db/services.php");
121
122	if (empty($functions[$functionname])) {
123	return null;
124	}
125
126	$desc = $functions[$functionname];
127	if (empty($desc['classpath'])) {
128	$desc['classpath'] = "$defpath/externallib.php";
129	} else {
130	$desc['classpath'] = "$CFG->dirroot/".$desc['classpath'];
131	}
132	$desc['component'] = $function->component;
133
134	return $desc;
135	}
136	}
137