1a16eb76a9bf54b4aea746394eade82c83c9600f
[moodle.git] / admin / tool / mobile / tests / externallib_test.php
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
17 /**
18  * Moodle Mobile admin tool external functions tests.
19  *
20  * @package    tool_mobile
21  * @category   external
22  * @copyright  2016 Juan Leyva
23  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
24  * @since      Moodle 3.1
25  */
27 defined('MOODLE_INTERNAL') || die();
29 global $CFG;
31 require_once($CFG->dirroot . '/webservice/tests/helpers.php');
32 require_once($CFG->dirroot . '/admin/tool/mobile/tests/fixtures/output/mobile.php');
33 require_once($CFG->dirroot . '/webservice/lib.php');
35 use tool_mobile\external;
36 use tool_mobile\api;
38 /**
39  * Moodle Mobile admin tool external functions tests.
40  *
41  * @package     tool_mobile
42  * @copyright   2016 Juan Leyva
43  * @license     http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
44  * @since       Moodle 3.1
45  */
46 class tool_mobile_external_testcase extends externallib_advanced_testcase {
48     /**
49      * Test get_plugins_supporting_mobile.
50      * This is a very basic test because currently there aren't plugins supporting Mobile in core.
51      */
52     public function test_get_plugins_supporting_mobile() {
53         $result = external::get_plugins_supporting_mobile();
54         $result = external_api::clean_returnvalue(external::get_plugins_supporting_mobile_returns(), $result);
55         $this->assertCount(0, $result['warnings']);
56         $this->assertArrayHasKey('plugins', $result);
57         $this->assertTrue(is_array($result['plugins']));
58     }
60     public function test_get_public_config() {
61         global $CFG, $SITE, $OUTPUT;
63         $this->resetAfterTest(true);
64         $result = external::get_public_config();
65         $result = external_api::clean_returnvalue(external::get_public_config_returns(), $result);
67         // Test default values.
68         $context = context_system::instance();
69         list($authinstructions, $notusedformat) = external_format_text($CFG->auth_instructions, FORMAT_MOODLE, $context->id);
70         list($maintenancemessage, $notusedformat) = external_format_text($CFG->maintenance_message, FORMAT_MOODLE, $context->id);
72         $expected = array(
73             'wwwroot' => $CFG->wwwroot,
74             'httpswwwroot' => $CFG->wwwroot,
75             'sitename' => external_format_string($SITE->fullname, $context->id, true),
76             'guestlogin' => $CFG->guestloginbutton,
77             'rememberusername' => $CFG->rememberusername,
78             'authloginviaemail' => $CFG->authloginviaemail,
79             'registerauth' => $CFG->registerauth,
80             'forgottenpasswordurl' => $CFG->forgottenpasswordurl,
81             'authinstructions' => $authinstructions,
82             'authnoneenabled' => (int) is_enabled_auth('none'),
83             'enablewebservices' => $CFG->enablewebservices,
84             'enablemobilewebservice' => $CFG->enablemobilewebservice,
85             'maintenanceenabled' => $CFG->maintenance_enabled,
86             'maintenancemessage' => $maintenancemessage,
87             'typeoflogin' => api::LOGIN_VIA_APP,
88             'mobilecssurl' => '',
89             'tool_mobile_disabledfeatures' => '',
90             'launchurl' => "$CFG->wwwroot/$CFG->admin/tool/mobile/launch.php",
91             'country' => $CFG->country,
92             'agedigitalconsentverification' => \core_auth\digital_consent::is_age_digital_consent_verification_enabled(),
93             'autolang' => $CFG->autolang,
94             'lang' => $CFG->lang,
95             'langmenu' => $CFG->langmenu,
96             'langlist' => $CFG->langlist,
97             'locale' => $CFG->locale,
98             'tool_mobile_minimumversion' => '',
99             'tool_mobile_iosappid' => get_config('tool_mobile', 'iosappid'),
100             'tool_mobile_androidappid' => get_config('tool_mobile', 'androidappid'),
101             'tool_mobile_setuplink' => get_config('tool_mobile', 'setuplink'),
102             'warnings' => array()
103         );
104         $this->assertEquals($expected, $result);
106         $this->setAdminUser();
107         // Change some values.
108         set_config('registerauth', 'email');
109         $authinstructions = 'Something with <b>html tags</b>';
110         set_config('auth_instructions', $authinstructions);
111         set_config('typeoflogin', api::LOGIN_VIA_BROWSER, 'tool_mobile');
112         set_config('logo', 'mock.png', 'core_admin');
113         set_config('logocompact', 'mock.png', 'core_admin');
114         set_config('forgottenpasswordurl', 'mailto:fake@email.zy'); // Test old hack.
115         set_config('agedigitalconsentverification', 1);
116         set_config('autolang', 1);
117         set_config('lang', 'a_b');  // Set invalid lang.
118         set_config('disabledfeatures', 'myoverview', 'tool_mobile');
119         set_config('minimumversion', '3.8.0', 'tool_mobile');
121         // Enable couple of issuers.
122         $issuer = \core\oauth2\api::create_standard_issuer('google');
123         $irecord = $issuer->to_record();
124         $irecord->clientid = 'mock';
125         $irecord->clientsecret = 'mock';
126         core\oauth2\api::update_issuer($irecord);
128         set_config('hostname', 'localhost', 'auth_cas');
129         set_config('auth_logo', 'http://invalidurl.com//invalid/', 'auth_cas');
130         set_config('auth_name', 'CAS', 'auth_cas');
131         set_config('auth', 'oauth2,cas');
133         list($authinstructions, $notusedformat) = external_format_text($authinstructions, FORMAT_MOODLE, $context->id);
134         $expected['registerauth'] = 'email';
135         $expected['authinstructions'] = $authinstructions;
136         $expected['typeoflogin'] = api::LOGIN_VIA_BROWSER;
137         $expected['forgottenpasswordurl'] = ''; // Expect empty when it's not an URL.
138         $expected['agedigitalconsentverification'] = true;
139         $expected['supportname'] = $CFG->supportname;
140         $expected['supportemail'] = $CFG->supportemail;
141         $expected['autolang'] = '1';
142         $expected['lang'] = ''; // Expect empty because it was set to an invalid lang.
143         $expected['tool_mobile_disabledfeatures'] = 'myoverview';
144         $expected['tool_mobile_minimumversion'] = '3.8.0';
146         if ($logourl = $OUTPUT->get_logo_url()) {
147             $expected['logourl'] = $logourl->out(false);
148         }
149         if ($compactlogourl = $OUTPUT->get_compact_logo_url()) {
150             $expected['compactlogourl'] = $compactlogourl->out(false);
151         }
153         $result = external::get_public_config();
154         $result = external_api::clean_returnvalue(external::get_public_config_returns(), $result);
155         // First check providers.
156         $identityproviders = $result['identityproviders'];
157         unset($result['identityproviders']);
159         $this->assertEquals('Google', $identityproviders[0]['name']);
160         $this->assertEquals($irecord->image, $identityproviders[0]['iconurl']);
161         $this->assertContains($CFG->wwwroot, $identityproviders[0]['url']);
163         $this->assertEquals('CAS', $identityproviders[1]['name']);
164         $this->assertEmpty($identityproviders[1]['iconurl']);
165         $this->assertContains($CFG->wwwroot, $identityproviders[1]['url']);
167         $this->assertEquals($expected, $result);
169         // Change providers img.
170         $newurl = 'validimage.png';
171         set_config('auth_logo', $newurl, 'auth_cas');
172         $result = external::get_public_config();
173         $result = external_api::clean_returnvalue(external::get_public_config_returns(), $result);
174         $this->assertContains($newurl, $result['identityproviders'][1]['iconurl']);
175     }
177     /**
178      * Test get_config
179      */
180     public function test_get_config() {
181         global $CFG, $SITE;
182         require_once($CFG->dirroot . '/course/format/lib.php');
184         $this->resetAfterTest(true);
186         $mysitepolicy = 'http://mysite.is/policy/';
187         set_config('sitepolicy', $mysitepolicy);
189         $result = external::get_config();
190         $result = external_api::clean_returnvalue(external::get_config_returns(), $result);
192         // SITE summary is null in phpunit which gets transformed to an empty string by format_text.
193         list($sitesummary, $unused) = external_format_text($SITE->summary, $SITE->summaryformat, context_system::instance()->id);
195         // Test default values.
196         $context = context_system::instance();
197         $expected = array(
198             array('name' => 'fullname', 'value' => $SITE->fullname),
199             array('name' => 'shortname', 'value' => $SITE->shortname),
200             array('name' => 'summary', 'value' => $sitesummary),
201             array('name' => 'summaryformat', 'value' => FORMAT_HTML),
202             array('name' => 'frontpage', 'value' => $CFG->frontpage),
203             array('name' => 'frontpageloggedin', 'value' => $CFG->frontpageloggedin),
204             array('name' => 'maxcategorydepth', 'value' => $CFG->maxcategorydepth),
205             array('name' => 'frontpagecourselimit', 'value' => $CFG->frontpagecourselimit),
206             array('name' => 'numsections', 'value' => course_get_format($SITE)->get_last_section_number()),
207             array('name' => 'newsitems', 'value' => $SITE->newsitems),
208             array('name' => 'commentsperpage', 'value' => $CFG->commentsperpage),
209             array('name' => 'sitepolicy', 'value' => $mysitepolicy),
210             array('name' => 'sitepolicyhandler', 'value' => ''),
211             array('name' => 'disableuserimages', 'value' => $CFG->disableuserimages),
212             array('name' => 'mygradesurl', 'value' => user_mygrades_url()->out(false)),
213             array('name' => 'tool_mobile_forcelogout', 'value' => 0),
214             array('name' => 'tool_mobile_customlangstrings', 'value' => ''),
215             array('name' => 'tool_mobile_disabledfeatures', 'value' => ''),
216             array('name' => 'tool_mobile_filetypeexclusionlist', 'value' => ''),
217             array('name' => 'tool_mobile_custommenuitems', 'value' => ''),
218             array('name' => 'tool_mobile_apppolicy', 'value' => ''),
219             array('name' => 'calendartype', 'value' => $CFG->calendartype),
220             array('name' => 'calendar_site_timeformat', 'value' => $CFG->calendar_site_timeformat),
221             array('name' => 'calendar_startwday', 'value' => $CFG->calendar_startwday),
222             array('name' => 'calendar_adminseesall', 'value' => $CFG->calendar_adminseesall),
223             array('name' => 'calendar_lookahead', 'value' => $CFG->calendar_lookahead),
224             array('name' => 'calendar_maxevents', 'value' => $CFG->calendar_maxevents),
225         );
226         $colornumbers = range(1, 10);
227         foreach ($colornumbers as $number) {
228             $expected[] = [
229                 'name' => 'core_admin_coursecolor' . $number,
230                 'value' => get_config('core_admin', 'coursecolor' . $number)
231             ];
232         }
233         $this->assertCount(0, $result['warnings']);
234         $this->assertEquals($expected, $result['settings']);
236         // Change a value and retrieve filtering by section.
237         set_config('commentsperpage', 1);
238         $expected[10]['value'] = 1;
239         // Remove not expected elements.
240         array_splice($expected, 11);
242         $result = external::get_config('frontpagesettings');
243         $result = external_api::clean_returnvalue(external::get_config_returns(), $result);
244         $this->assertCount(0, $result['warnings']);
245         $this->assertEquals($expected, $result['settings']);
246     }
248     /*
249      * Test get_autologin_key.
250      */
251     public function test_get_autologin_key() {
252         global $DB, $CFG, $USER;
254         $this->resetAfterTest(true);
256         $user = $this->getDataGenerator()->create_user();
257         $this->setUser($user);
258         $service = $DB->get_record('external_services', array('shortname' => MOODLE_OFFICIAL_MOBILE_SERVICE));
260         $token = external_generate_token_for_current_user($service);
262         // Check we got the private token.
263         $this->assertTrue(isset($token->privatetoken));
265         // Enable requeriments.
266         $_GET['wstoken'] = $token->token;   // Mock parameters.
268         // Fake the app.
269         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
270                 'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
272         // Even if we force the password change for the current user we should be able to retrieve the key.
273         set_user_preference('auth_forcepasswordchange', 1, $user->id);
275         $this->setCurrentTimeStart();
276         $result = external::get_autologin_key($token->privatetoken);
277         $result = external_api::clean_returnvalue(external::get_autologin_key_returns(), $result);
278         // Validate the key.
279         $this->assertEquals(32, core_text::strlen($result['key']));
280         $key = $DB->get_record('user_private_key', array('value' => $result['key']));
281         $this->assertEquals($USER->id, $key->userid);
282         $this->assertTimeCurrent($key->validuntil - api::LOGIN_KEY_TTL);
284         // Now, try with an invalid private token.
285         set_user_preference('tool_mobile_autologin_request_last', time() - HOURSECS, $USER);
287         $this->expectException('moodle_exception');
288         $this->expectExceptionMessage(get_string('invalidprivatetoken', 'tool_mobile'));
289         $result = external::get_autologin_key(random_string('64'));
290     }
292     /**
293      * Test get_autologin_key missing ws.
294      */
295     public function test_get_autologin_key_missing_ws() {
296         global $CFG;
297         $this->resetAfterTest(true);
299         // Fake the app.
300         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
301             'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
303         // Need to disable webservices to verify that's checked.
304         $CFG->enablewebservices = 0;
305         $CFG->enablemobilewebservice = 0;
307         $this->setAdminUser();
308         $this->expectException('moodle_exception');
309         $this->expectExceptionMessage(get_string('enablewsdescription', 'webservice'));
310         $result = external::get_autologin_key('');
311     }
313     /**
314      * Test get_autologin_key missing https.
315      */
316     public function test_get_autologin_key_missing_https() {
317         global $CFG;
319         // Fake the app.
320         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
321             'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
323         // Need to simulate a non HTTPS site here.
324         $CFG->wwwroot = str_replace('https:', 'http:', $CFG->wwwroot);
326         $this->resetAfterTest(true);
327         $this->setAdminUser();
329         $this->expectException('moodle_exception');
330         $this->expectExceptionMessage(get_string('httpsrequired', 'tool_mobile'));
331         $result = external::get_autologin_key('');
332     }
334     /**
335      * Test get_autologin_key missing admin.
336      */
337     public function test_get_autologin_key_missing_admin() {
338         global $CFG;
340         $this->resetAfterTest(true);
341         $this->setAdminUser();
343         // Fake the app.
344         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
345             'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
347         $this->expectException('moodle_exception');
348         $this->expectExceptionMessage(get_string('autologinnotallowedtoadmins', 'tool_mobile'));
349         $result = external::get_autologin_key('');
350     }
352     /**
353      * Test get_autologin_key locked.
354      */
355     public function test_get_autologin_key_missing_locked() {
356         global $CFG, $DB, $USER;
358         $this->resetAfterTest(true);
359         $user = $this->getDataGenerator()->create_user();
360         $this->setUser($user);
362         $service = $DB->get_record('external_services', array('shortname' => MOODLE_OFFICIAL_MOBILE_SERVICE));
364         $token = external_generate_token_for_current_user($service);
365         $_GET['wstoken'] = $token->token;   // Mock parameters.
367         // Fake the app.
368         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
369             'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
371         $result = external::get_autologin_key($token->privatetoken);
372         $result = external_api::clean_returnvalue(external::get_autologin_key_returns(), $result);
374         // Mock last time request.
375         $mocktime = time() - 7 * MINSECS;
376         set_user_preference('tool_mobile_autologin_request_last', $mocktime, $USER);
377         $result = external::get_autologin_key($token->privatetoken);
378         $result = external_api::clean_returnvalue(external::get_autologin_key_returns(), $result);
380         // We just requested one token, we must wait.
381         $this->expectException('moodle_exception');
382         $this->expectExceptionMessage(get_string('autologinkeygenerationlockout', 'tool_mobile'));
383         $result = external::get_autologin_key($token->privatetoken);
384     }
386     /**
387      * Test get_autologin_key missing app_request.
388      */
389     public function test_get_autologin_key_missing_app_request() {
390         global $CFG;
392         $this->resetAfterTest(true);
393         $this->setAdminUser();
395         $this->expectException('moodle_exception');
396         $this->expectExceptionMessage(get_string('apprequired', 'tool_mobile'));
397         $result = external::get_autologin_key('');
398     }
400     /**
401      * Test get_content.
402      */
403     public function test_get_content() {
405         $paramval = 16;
406         $result = external::get_content('tool_mobile', 'test_view', array(array('name' => 'param1', 'value' => $paramval)));
407         $result = external_api::clean_returnvalue(external::get_content_returns(), $result);
408         $this->assertCount(1, $result['templates']);
409         $this->assertCount(1, $result['otherdata']);
410         $this->assertCount(2, $result['restrict']['users']);
411         $this->assertCount(2, $result['restrict']['courses']);
412         $this->assertEquals('alert();', $result['javascript']);
413         $this->assertEquals('main', $result['templates'][0]['id']);
414         $this->assertEquals('The HTML code', $result['templates'][0]['html']);
415         $this->assertEquals('otherdata1', $result['otherdata'][0]['name']);
416         $this->assertEquals($paramval, $result['otherdata'][0]['value']);
417         $this->assertEquals(array(1, 2), $result['restrict']['users']);
418         $this->assertEquals(array(3, 4), $result['restrict']['courses']);
419         $this->assertEmpty($result['files']);
420         $this->assertFalse($result['disabled']);
421     }
423     /**
424      * Test get_content disabled.
425      */
426     public function test_get_content_disabled() {
428         $paramval = 16;
429         $result = external::get_content('tool_mobile', 'test_view_disabled',
430             array(array('name' => 'param1', 'value' => $paramval)));
431         $result = external_api::clean_returnvalue(external::get_content_returns(), $result);
432         $this->assertTrue($result['disabled']);
433     }
435     /**
436      * Test get_content non existent function in valid component.
437      */
438     public function test_get_content_non_existent_function() {
440         $this->expectException('coding_exception');
441         $result = external::get_content('tool_mobile', 'test_blahblah');
442     }
444     /**
445      * Test get_content incorrect component.
446      */
447     public function test_get_content_invalid_component() {
449         $this->expectException('moodle_exception');
450         $result = external::get_content('tool_mobile\hack', 'test_view');
451     }
453     /**
454      * Test get_content non existent component.
455      */
456     public function test_get_content_non_existent_component() {
458         $this->expectException('moodle_exception');
459         $result = external::get_content('tool_blahblahblah', 'test_view');
460     }
462     public function test_call_external_functions() {
463         global $SESSION;
465         $this->resetAfterTest(true);
467         $category = self::getDataGenerator()->create_category(array('name' => 'Category 1'));
468         $course = self::getDataGenerator()->create_course([
469             'category' => $category->id,
470             'shortname' => 'c1',
471             'summary' => '<span lang="en" class="multilang">Course summary</span>'
472                 . '<span lang="eo" class="multilang">Kurso resumo</span>'
473                 . '@@PLUGINFILE@@/filename.txt'
474                 . '<!-- Comment stripped when formatting text -->',
475             'summaryformat' => FORMAT_MOODLE
476         ]);
477         $user1 = self::getDataGenerator()->create_user(['username' => 'user1', 'lastaccess' => time()]);
478         $user2 = self::getDataGenerator()->create_user(['username' => 'user2', 'lastaccess' => time()]);
480         self::setUser($user1);
482         // Setup WS token.
483         $webservicemanager = new \webservice;
484         $service = $webservicemanager->get_external_service_by_shortname(MOODLE_OFFICIAL_MOBILE_SERVICE);
485         $token = external_generate_token_for_current_user($service);
486         $_POST['wstoken'] = $token->token;
488         // Workaround for external_api::call_external_function requiring sesskey.
489         $_POST['sesskey'] = sesskey();
491         // Call some functions.
493         $requests = [
494             [
495                 'function' => 'core_course_get_courses_by_field',
496                 'arguments' => json_encode(['field' => 'id', 'value' => $course->id])
497             ],
498             [
499                 'function' => 'core_user_get_users_by_field',
500                 'arguments' => json_encode(['field' => 'id', 'values' => [$user1->id]])
501             ],
502             [
503                 'function' => 'core_user_get_user_preferences',
504                 'arguments' => json_encode(['name' => 'some_setting', 'userid' => $user2->id])
505             ],
506             [
507                 'function' => 'core_course_get_courses_by_field',
508                 'arguments' => json_encode(['field' => 'shortname', 'value' => $course->shortname])
509             ],
510         ];
511         $result = external::call_external_functions($requests);
513         // We need to execute the return values cleaning process to simulate the web service server.
514         $result = external_api::clean_returnvalue(external::call_external_functions_returns(), $result);
516         // Only 3 responses, the 4th request is not executed because the 3rd throws an exception.
517         $this->assertCount(3, $result['responses']);
519         $this->assertFalse($result['responses'][0]['error']);
520         $coursedata = external_api::clean_returnvalue(
521             core_course_external::get_courses_by_field_returns(),
522             core_course_external::get_courses_by_field('id', $course->id));
523          $this->assertEquals(json_encode($coursedata), $result['responses'][0]['data']);
525         $this->assertFalse($result['responses'][1]['error']);
526         $userdata = external_api::clean_returnvalue(
527             core_user_external::get_users_by_field_returns(),
528             core_user_external::get_users_by_field('id', [$user1->id]));
529         $this->assertEquals(json_encode($userdata), $result['responses'][1]['data']);
531         $this->assertTrue($result['responses'][2]['error']);
532         $exception = json_decode($result['responses'][2]['exception'], true);
533         $this->assertEquals('nopermissions', $exception['errorcode']);
535         // Call a function not included in the external service.
537         $_POST['wstoken'] = $token->token;
538         $functions = $webservicemanager->get_not_associated_external_functions($service->id);
539         $requests = [['function' => current($functions)->name]];
540         $result = external::call_external_functions($requests);
542         $this->assertTrue($result['responses'][0]['error']);
543         $exception = json_decode($result['responses'][0]['exception'], true);
544         $this->assertEquals('accessexception', $exception['errorcode']);
545         $this->assertEquals('webservice', $exception['module']);
547         // Call a function with different external settings.
549         filter_set_global_state('multilang', TEXTFILTER_ON);
550         $_POST['wstoken'] = $token->token;
551         $SESSION->lang = 'eo'; // Change default language, so we can test changing it to "en".
552         $requests = [
553             [
554                 'function' => 'core_course_get_courses_by_field',
555                 'arguments' => json_encode(['field' => 'id', 'value' => $course->id]),
556             ],
557             [
558                 'function' => 'core_course_get_courses_by_field',
559                 'arguments' => json_encode(['field' => 'id', 'value' => $course->id]),
560                 'settingraw' => '1'
561             ],
562             [
563                 'function' => 'core_course_get_courses_by_field',
564                 'arguments' => json_encode(['field' => 'id', 'value' => $course->id]),
565                 'settingraw' => '1',
566                 'settingfileurl' => '0'
567             ],
568             [
569                 'function' => 'core_course_get_courses_by_field',
570                 'arguments' => json_encode(['field' => 'id', 'value' => $course->id]),
571                 'settingfilter' => '1',
572                 'settinglang' => 'en'
573             ],
574         ];
575         $result = external::call_external_functions($requests);
577         $this->assertCount(4, $result['responses']);
579         $context = \context_course::instance($course->id);
580         $pluginfile = 'webservice/pluginfile.php';
582         $this->assertFalse($result['responses'][0]['error']);
583         $data = json_decode($result['responses'][0]['data']);
584         $expected = file_rewrite_pluginfile_urls($course->summary, $pluginfile, $context->id, 'course', 'summary', null);
585         $expected = format_text($expected, $course->summaryformat, ['para' => false, 'filter' => false]);
586         $this->assertEquals($expected, $data->courses[0]->summary);
588         $this->assertFalse($result['responses'][1]['error']);
589         $data = json_decode($result['responses'][1]['data']);
590         $expected = file_rewrite_pluginfile_urls($course->summary, $pluginfile, $context->id, 'course', 'summary', null);
591         $this->assertEquals($expected, $data->courses[0]->summary);
593         $this->assertFalse($result['responses'][2]['error']);
594         $data = json_decode($result['responses'][2]['data']);
595         $this->assertEquals($course->summary, $data->courses[0]->summary);
597         $this->assertFalse($result['responses'][3]['error']);
598         $data = json_decode($result['responses'][3]['data']);
599         $expected = file_rewrite_pluginfile_urls($course->summary, $pluginfile, $context->id, 'course', 'summary', null);
600         $SESSION->lang = 'en'; // We expect filtered text in english.
601         $expected = format_text($expected, $course->summaryformat, ['para' => false, 'filter' => true]);
602         $this->assertEquals($expected, $data->courses[0]->summary);
603     }
605     /*
606      * Test get_tokens_for_qr_login.
607      */
608     public function test_get_tokens_for_qr_login() {
609         global $DB, $CFG, $USER;
611         $this->resetAfterTest(true);
613         $user = $this->getDataGenerator()->create_user();
614         $this->setUser($user);
616         $qrloginkey = api::get_qrlogin_key();
618         // Generate new tokens, the ones we expect to receive.
619         $service = $DB->get_record('external_services', array('shortname' => MOODLE_OFFICIAL_MOBILE_SERVICE));
620         $token = external_generate_token_for_current_user($service);
622         // Fake the app.
623         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
624                 'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
626         $result = external::get_tokens_for_qr_login($qrloginkey, $USER->id);
627         $result = external_api::clean_returnvalue(external::get_tokens_for_qr_login_returns(), $result);
629         $this->assertEmpty($result['warnings']);
630         $this->assertEquals($token->token, $result['token']);
631         $this->assertEquals($token->privatetoken, $result['privatetoken']);
633         // Now, try with an invalid key.
634         $this->expectException('moodle_exception');
635         $this->expectExceptionMessage(get_string('invalidkey', 'error'));
636         $result = external::get_tokens_for_qr_login(random_string('64'), $user->id);
637     }
639     /**
640      * Test get_tokens_for_qr_login missing QR code enabled.
641      */
642     public function test_get_tokens_for_qr_login_missing_enableqr() {
643         global $CFG, $USER;
644         $this->resetAfterTest(true);
645         $this->setAdminUser();
647         set_config('qrcodetype', tool_mobile\api::QR_CODE_DISABLED, 'tool_mobile');
649         $this->expectExceptionMessage(get_string('qrcodedisabled', 'tool_mobile'));
650         $result = external::get_tokens_for_qr_login('', $USER->id);
651     }
653     /**
654      * Test get_tokens_for_qr_login missing ws.
655      */
656     public function test_get_tokens_for_qr_login_missing_ws() {
657         global $CFG;
658         $this->resetAfterTest(true);
660         $user = $this->getDataGenerator()->create_user();
661         $this->setUser($user);
663         // Fake the app.
664         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
665             'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
667         // Need to disable webservices to verify that's checked.
668         $CFG->enablewebservices = 0;
669         $CFG->enablemobilewebservice = 0;
671         $this->setAdminUser();
672         $this->expectException('moodle_exception');
673         $this->expectExceptionMessage(get_string('enablewsdescription', 'webservice'));
674         $result = external::get_tokens_for_qr_login('', $user->id);
675     }
677     /**
678      * Test get_tokens_for_qr_login missing https.
679      */
680     public function test_get_tokens_for_qr_login_missing_https() {
681         global $CFG, $USER;
683         // Fake the app.
684         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
685             'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
687         // Need to simulate a non HTTPS site here.
688         $CFG->wwwroot = str_replace('https:', 'http:', $CFG->wwwroot);
690         $this->resetAfterTest(true);
691         $this->setAdminUser();
693         $this->expectException('moodle_exception');
694         $this->expectExceptionMessage(get_string('httpsrequired', 'tool_mobile'));
695         $result = external::get_tokens_for_qr_login('', $USER->id);
696     }
698     /**
699      * Test get_tokens_for_qr_login missing admin.
700      */
701     public function test_get_tokens_for_qr_login_missing_admin() {
702         global $CFG, $USER;
704         $this->resetAfterTest(true);
705         $this->setAdminUser();
707         // Fake the app.
708         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
709             'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
711         $this->expectException('moodle_exception');
712         $this->expectExceptionMessage(get_string('autologinnotallowedtoadmins', 'tool_mobile'));
713         $result = external::get_tokens_for_qr_login('', $USER->id);
714     }
716     /**
717      * Test get_tokens_for_qr_login missing app_request.
718      */
719     public function test_get_tokens_for_qr_login_missing_app_request() {
720         global $CFG, $USER;
722         $this->resetAfterTest(true);
723         $this->setAdminUser();
725         $this->expectException('moodle_exception');
726         $this->expectExceptionMessage(get_string('apprequired', 'tool_mobile'));
727         $result = external::get_tokens_for_qr_login('', $USER->id);
728     }
730     /**
731      * Test validate subscription key.
732      */
733     public function test_validate_subscription_key_valid() {
734         $this->resetAfterTest(true);
736         $sitesubscriptionkey = ['validuntil' => time() + MINSECS, 'key' => complex_random_string(32)];
737         set_config('sitesubscriptionkey', json_encode($sitesubscriptionkey), 'tool_mobile');
739         $result = external::validate_subscription_key($sitesubscriptionkey['key']);
740         $result = external_api::clean_returnvalue(external::validate_subscription_key_returns(), $result);
741         $this->assertEmpty($result['warnings']);
742         $this->assertTrue($result['validated']);
743     }
745     /**
746      * Test validate subscription key invalid first and then a valid one.
747      */
748     public function test_validate_subscription_key_invalid_key_first() {
749         $this->resetAfterTest(true);
751         $sitesubscriptionkey = ['validuntil' => time() + MINSECS, 'key' => complex_random_string(32)];
752         set_config('sitesubscriptionkey', json_encode($sitesubscriptionkey), 'tool_mobile');
754         $result = external::validate_subscription_key('fakekey');
755         $result = external_api::clean_returnvalue(external::validate_subscription_key_returns(), $result);
756         $this->assertEmpty($result['warnings']);
757         $this->assertFalse($result['validated']);
759         // The valid one has been invalidated because the previous attempt.
760         $result = external::validate_subscription_key($sitesubscriptionkey['key']);
761         $result = external_api::clean_returnvalue(external::validate_subscription_key_returns(), $result);
762         $this->assertEmpty($result['warnings']);
763         $this->assertFalse($result['validated']);
764     }
766     /**
767      * Test validate subscription key invalid.
768      */
769     public function test_validate_subscription_key_invalid_key() {
770         $this->resetAfterTest(true);
772         $result = external::validate_subscription_key('fakekey');
773         $result = external_api::clean_returnvalue(external::validate_subscription_key_returns(), $result);
774         $this->assertEmpty($result['warnings']);
775         $this->assertFalse($result['validated']);
776     }
778     /**
779      * Test validate subscription key invalid.
780      */
781     public function test_validate_subscription_key_outdated() {
782         $this->resetAfterTest(true);
784         $sitesubscriptionkey = ['validuntil' => time() - MINSECS, 'key' => complex_random_string(32)];
785         set_config('sitesubscriptionkey', json_encode($sitesubscriptionkey), 'tool_mobile');
787         $result = external::validate_subscription_key($sitesubscriptionkey['key']);
788         $result = external_api::clean_returnvalue(external::validate_subscription_key_returns(), $result);
789         $this->assertEmpty($result['warnings']);
790         $this->assertFalse($result['validated']);
791     }