Merge branch 'MDL-57682-master' of git://github.com/rezaies/moodle
[moodle.git] / admin / tool / mobile / tests / externallib_test.php
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
17 /**
18  * Moodle Mobile admin tool external functions tests.
19  *
20  * @package    tool_mobile
21  * @category   external
22  * @copyright  2016 Juan Leyva
23  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
24  * @since      Moodle 3.1
25  */
27 defined('MOODLE_INTERNAL') || die();
29 global $CFG;
31 require_once($CFG->dirroot . '/webservice/tests/helpers.php');
32 require_once($CFG->dirroot . '/admin/tool/mobile/tests/fixtures/output/mobile.php');
33 require_once($CFG->dirroot . '/webservice/lib.php');
35 use tool_mobile\external;
36 use tool_mobile\api;
38 /**
39  * Moodle Mobile admin tool external functions tests.
40  *
41  * @package     tool_mobile
42  * @copyright   2016 Juan Leyva
43  * @license     http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
44  * @since       Moodle 3.1
45  */
46 class tool_mobile_external_testcase extends externallib_advanced_testcase {
48     /**
49      * Test get_plugins_supporting_mobile.
50      * This is a very basic test because currently there aren't plugins supporting Mobile in core.
51      */
52     public function test_get_plugins_supporting_mobile() {
53         $result = external::get_plugins_supporting_mobile();
54         $result = external_api::clean_returnvalue(external::get_plugins_supporting_mobile_returns(), $result);
55         $this->assertCount(0, $result['warnings']);
56         $this->assertArrayHasKey('plugins', $result);
57         $this->assertTrue(is_array($result['plugins']));
58     }
60     public function test_get_public_config() {
61         global $CFG, $SITE, $OUTPUT;
63         $this->resetAfterTest(true);
64         $result = external::get_public_config();
65         $result = external_api::clean_returnvalue(external::get_public_config_returns(), $result);
67         // Test default values.
68         $context = context_system::instance();
69         list($authinstructions, $notusedformat) = external_format_text($CFG->auth_instructions, FORMAT_MOODLE, $context->id);
70         list($maintenancemessage, $notusedformat) = external_format_text($CFG->maintenance_message, FORMAT_MOODLE, $context->id);
72         $expected = array(
73             'wwwroot' => $CFG->wwwroot,
74             'httpswwwroot' => $CFG->wwwroot,
75             'sitename' => external_format_string($SITE->fullname, $context->id, true),
76             'guestlogin' => $CFG->guestloginbutton,
77             'rememberusername' => $CFG->rememberusername,
78             'authloginviaemail' => $CFG->authloginviaemail,
79             'registerauth' => $CFG->registerauth,
80             'forgottenpasswordurl' => $CFG->forgottenpasswordurl,
81             'authinstructions' => $authinstructions,
82             'authnoneenabled' => (int) is_enabled_auth('none'),
83             'enablewebservices' => $CFG->enablewebservices,
84             'enablemobilewebservice' => $CFG->enablemobilewebservice,
85             'maintenanceenabled' => $CFG->maintenance_enabled,
86             'maintenancemessage' => $maintenancemessage,
87             'typeoflogin' => api::LOGIN_VIA_APP,
88             'mobilecssurl' => '',
89             'tool_mobile_disabledfeatures' => '',
90             'launchurl' => "$CFG->wwwroot/$CFG->admin/tool/mobile/launch.php",
91             'country' => $CFG->country,
92             'agedigitalconsentverification' => \core_auth\digital_consent::is_age_digital_consent_verification_enabled(),
93             'autolang' => $CFG->autolang,
94             'lang' => $CFG->lang,
95             'langmenu' => $CFG->langmenu,
96             'langlist' => $CFG->langlist,
97             'locale' => $CFG->locale,
98             'tool_mobile_minimumversion' => '',
99             'tool_mobile_iosappid' => get_config('tool_mobile', 'iosappid'),
100             'tool_mobile_androidappid' => get_config('tool_mobile', 'androidappid'),
101             'tool_mobile_setuplink' => get_config('tool_mobile', 'setuplink'),
102             'warnings' => array()
103         );
104         $this->assertEquals($expected, $result);
106         $this->setAdminUser();
107         // Change some values.
108         set_config('registerauth', 'email');
109         $authinstructions = 'Something with <b>html tags</b>';
110         set_config('auth_instructions', $authinstructions);
111         set_config('typeoflogin', api::LOGIN_VIA_BROWSER, 'tool_mobile');
112         set_config('logo', 'mock.png', 'core_admin');
113         set_config('logocompact', 'mock.png', 'core_admin');
114         set_config('forgottenpasswordurl', 'mailto:fake@email.zy'); // Test old hack.
115         set_config('agedigitalconsentverification', 1);
116         set_config('autolang', 1);
117         set_config('lang', 'a_b');  // Set invalid lang.
118         set_config('disabledfeatures', 'myoverview', 'tool_mobile');
119         set_config('minimumversion', '3.8.0', 'tool_mobile');
121         // Enable couple of issuers.
122         $issuer = \core\oauth2\api::create_standard_issuer('google');
123         $irecord = $issuer->to_record();
124         $irecord->clientid = 'mock';
125         $irecord->clientsecret = 'mock';
126         core\oauth2\api::update_issuer($irecord);
128         set_config('hostname', 'localhost', 'auth_cas');
129         set_config('auth_logo', 'http://invalidurl.com//invalid/', 'auth_cas');
130         set_config('auth_name', 'CAS', 'auth_cas');
131         set_config('auth', 'oauth2,cas');
133         list($authinstructions, $notusedformat) = external_format_text($authinstructions, FORMAT_MOODLE, $context->id);
134         $expected['registerauth'] = 'email';
135         $expected['authinstructions'] = $authinstructions;
136         $expected['typeoflogin'] = api::LOGIN_VIA_BROWSER;
137         $expected['forgottenpasswordurl'] = ''; // Expect empty when it's not an URL.
138         $expected['agedigitalconsentverification'] = true;
139         $expected['supportname'] = $CFG->supportname;
140         $expected['supportemail'] = $CFG->supportemail;
141         $expected['autolang'] = '1';
142         $expected['lang'] = ''; // Expect empty because it was set to an invalid lang.
143         $expected['tool_mobile_disabledfeatures'] = 'myoverview';
144         $expected['tool_mobile_minimumversion'] = '3.8.0';
146         if ($logourl = $OUTPUT->get_logo_url()) {
147             $expected['logourl'] = $logourl->out(false);
148         }
149         if ($compactlogourl = $OUTPUT->get_compact_logo_url()) {
150             $expected['compactlogourl'] = $compactlogourl->out(false);
151         }
153         $result = external::get_public_config();
154         $result = external_api::clean_returnvalue(external::get_public_config_returns(), $result);
155         // First check providers.
156         $identityproviders = $result['identityproviders'];
157         unset($result['identityproviders']);
159         $this->assertEquals('Google', $identityproviders[0]['name']);
160         $this->assertEquals($irecord->image, $identityproviders[0]['iconurl']);
161         $this->assertContains($CFG->wwwroot, $identityproviders[0]['url']);
163         $this->assertEquals('CAS', $identityproviders[1]['name']);
164         $this->assertEmpty($identityproviders[1]['iconurl']);
165         $this->assertContains($CFG->wwwroot, $identityproviders[1]['url']);
167         $this->assertEquals($expected, $result);
169         // Change providers img.
170         $newurl = 'validimage.png';
171         set_config('auth_logo', $newurl, 'auth_cas');
172         $result = external::get_public_config();
173         $result = external_api::clean_returnvalue(external::get_public_config_returns(), $result);
174         $this->assertContains($newurl, $result['identityproviders'][1]['iconurl']);
175     }
177     /**
178      * Test get_config
179      */
180     public function test_get_config() {
181         global $CFG, $SITE;
182         require_once($CFG->dirroot . '/course/format/lib.php');
184         $this->resetAfterTest(true);
186         $mysitepolicy = 'http://mysite.is/policy/';
187         set_config('sitepolicy', $mysitepolicy);
189         $result = external::get_config();
190         $result = external_api::clean_returnvalue(external::get_config_returns(), $result);
192         // SITE summary is null in phpunit which gets transformed to an empty string by format_text.
193         list($sitesummary, $unused) = external_format_text($SITE->summary, $SITE->summaryformat, context_system::instance()->id);
195         // Test default values.
196         $context = context_system::instance();
197         $expected = array(
198             array('name' => 'fullname', 'value' => $SITE->fullname),
199             array('name' => 'shortname', 'value' => $SITE->shortname),
200             array('name' => 'summary', 'value' => $sitesummary),
201             array('name' => 'summaryformat', 'value' => FORMAT_HTML),
202             array('name' => 'frontpage', 'value' => $CFG->frontpage),
203             array('name' => 'frontpageloggedin', 'value' => $CFG->frontpageloggedin),
204             array('name' => 'maxcategorydepth', 'value' => $CFG->maxcategorydepth),
205             array('name' => 'frontpagecourselimit', 'value' => $CFG->frontpagecourselimit),
206             array('name' => 'numsections', 'value' => course_get_format($SITE)->get_last_section_number()),
207             array('name' => 'newsitems', 'value' => $SITE->newsitems),
208             array('name' => 'commentsperpage', 'value' => $CFG->commentsperpage),
209             array('name' => 'sitepolicy', 'value' => $mysitepolicy),
210             array('name' => 'sitepolicyhandler', 'value' => ''),
211             array('name' => 'disableuserimages', 'value' => $CFG->disableuserimages),
212             array('name' => 'mygradesurl', 'value' => user_mygrades_url()->out(false)),
213             array('name' => 'tool_mobile_forcelogout', 'value' => 0),
214             array('name' => 'tool_mobile_customlangstrings', 'value' => ''),
215             array('name' => 'tool_mobile_disabledfeatures', 'value' => ''),
216             array('name' => 'tool_mobile_custommenuitems', 'value' => ''),
217             array('name' => 'tool_mobile_apppolicy', 'value' => ''),
218             array('name' => 'calendartype', 'value' => $CFG->calendartype),
219             array('name' => 'calendar_site_timeformat', 'value' => $CFG->calendar_site_timeformat),
220             array('name' => 'calendar_startwday', 'value' => $CFG->calendar_startwday),
221             array('name' => 'calendar_adminseesall', 'value' => $CFG->calendar_adminseesall),
222             array('name' => 'calendar_lookahead', 'value' => $CFG->calendar_lookahead),
223             array('name' => 'calendar_maxevents', 'value' => $CFG->calendar_maxevents),
224         );
225         $colornumbers = range(1, 10);
226         foreach ($colornumbers as $number) {
227             $expected[] = [
228                 'name' => 'core_admin_coursecolor' . $number,
229                 'value' => get_config('core_admin', 'coursecolor' . $number)
230             ];
231         }
232         $this->assertCount(0, $result['warnings']);
233         $this->assertEquals($expected, $result['settings']);
235         // Change a value and retrieve filtering by section.
236         set_config('commentsperpage', 1);
237         $expected[10]['value'] = 1;
238         // Remove not expected elements.
239         array_splice($expected, 11);
241         $result = external::get_config('frontpagesettings');
242         $result = external_api::clean_returnvalue(external::get_config_returns(), $result);
243         $this->assertCount(0, $result['warnings']);
244         $this->assertEquals($expected, $result['settings']);
245     }
247     /*
248      * Test get_autologin_key.
249      */
250     public function test_get_autologin_key() {
251         global $DB, $CFG, $USER;
253         $this->resetAfterTest(true);
255         $user = $this->getDataGenerator()->create_user();
256         $this->setUser($user);
257         $service = $DB->get_record('external_services', array('shortname' => MOODLE_OFFICIAL_MOBILE_SERVICE));
259         $token = external_generate_token_for_current_user($service);
261         // Check we got the private token.
262         $this->assertTrue(isset($token->privatetoken));
264         // Enable requeriments.
265         $_GET['wstoken'] = $token->token;   // Mock parameters.
267         // Fake the app.
268         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
269                 'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
271         // Even if we force the password change for the current user we should be able to retrieve the key.
272         set_user_preference('auth_forcepasswordchange', 1, $user->id);
274         $this->setCurrentTimeStart();
275         $result = external::get_autologin_key($token->privatetoken);
276         $result = external_api::clean_returnvalue(external::get_autologin_key_returns(), $result);
277         // Validate the key.
278         $this->assertEquals(32, core_text::strlen($result['key']));
279         $key = $DB->get_record('user_private_key', array('value' => $result['key']));
280         $this->assertEquals($USER->id, $key->userid);
281         $this->assertTimeCurrent($key->validuntil - api::LOGIN_KEY_TTL);
283         // Now, try with an invalid private token.
284         set_user_preference('tool_mobile_autologin_request_last', time() - HOURSECS, $USER);
286         $this->expectException('moodle_exception');
287         $this->expectExceptionMessage(get_string('invalidprivatetoken', 'tool_mobile'));
288         $result = external::get_autologin_key(random_string('64'));
289     }
291     /**
292      * Test get_autologin_key missing ws.
293      */
294     public function test_get_autologin_key_missing_ws() {
295         global $CFG;
296         $this->resetAfterTest(true);
298         // Fake the app.
299         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
300             'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
302         // Need to disable webservices to verify that's checked.
303         $CFG->enablewebservices = 0;
304         $CFG->enablemobilewebservice = 0;
306         $this->setAdminUser();
307         $this->expectException('moodle_exception');
308         $this->expectExceptionMessage(get_string('enablewsdescription', 'webservice'));
309         $result = external::get_autologin_key('');
310     }
312     /**
313      * Test get_autologin_key missing https.
314      */
315     public function test_get_autologin_key_missing_https() {
316         global $CFG;
318         // Fake the app.
319         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
320             'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
322         // Need to simulate a non HTTPS site here.
323         $CFG->wwwroot = str_replace('https:', 'http:', $CFG->wwwroot);
325         $this->resetAfterTest(true);
326         $this->setAdminUser();
328         $this->expectException('moodle_exception');
329         $this->expectExceptionMessage(get_string('httpsrequired', 'tool_mobile'));
330         $result = external::get_autologin_key('');
331     }
333     /**
334      * Test get_autologin_key missing admin.
335      */
336     public function test_get_autologin_key_missing_admin() {
337         global $CFG;
339         $this->resetAfterTest(true);
340         $this->setAdminUser();
342         // Fake the app.
343         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
344             'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
346         $this->expectException('moodle_exception');
347         $this->expectExceptionMessage(get_string('autologinnotallowedtoadmins', 'tool_mobile'));
348         $result = external::get_autologin_key('');
349     }
351     /**
352      * Test get_autologin_key locked.
353      */
354     public function test_get_autologin_key_missing_locked() {
355         global $CFG, $DB, $USER;
357         $this->resetAfterTest(true);
358         $user = $this->getDataGenerator()->create_user();
359         $this->setUser($user);
361         $service = $DB->get_record('external_services', array('shortname' => MOODLE_OFFICIAL_MOBILE_SERVICE));
363         $token = external_generate_token_for_current_user($service);
364         $_GET['wstoken'] = $token->token;   // Mock parameters.
366         // Fake the app.
367         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
368             'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
370         $result = external::get_autologin_key($token->privatetoken);
371         $result = external_api::clean_returnvalue(external::get_autologin_key_returns(), $result);
373         // Mock last time request.
374         $mocktime = time() - 7 * MINSECS;
375         set_user_preference('tool_mobile_autologin_request_last', $mocktime, $USER);
376         $result = external::get_autologin_key($token->privatetoken);
377         $result = external_api::clean_returnvalue(external::get_autologin_key_returns(), $result);
379         // We just requested one token, we must wait.
380         $this->expectException('moodle_exception');
381         $this->expectExceptionMessage(get_string('autologinkeygenerationlockout', 'tool_mobile'));
382         $result = external::get_autologin_key($token->privatetoken);
383     }
385     /**
386      * Test get_autologin_key missing app_request.
387      */
388     public function test_get_autologin_key_missing_app_request() {
389         global $CFG;
391         $this->resetAfterTest(true);
392         $this->setAdminUser();
394         $this->expectException('moodle_exception');
395         $this->expectExceptionMessage(get_string('apprequired', 'tool_mobile'));
396         $result = external::get_autologin_key('');
397     }
399     /**
400      * Test get_content.
401      */
402     public function test_get_content() {
404         $paramval = 16;
405         $result = external::get_content('tool_mobile', 'test_view', array(array('name' => 'param1', 'value' => $paramval)));
406         $result = external_api::clean_returnvalue(external::get_content_returns(), $result);
407         $this->assertCount(1, $result['templates']);
408         $this->assertCount(1, $result['otherdata']);
409         $this->assertCount(2, $result['restrict']['users']);
410         $this->assertCount(2, $result['restrict']['courses']);
411         $this->assertEquals('alert();', $result['javascript']);
412         $this->assertEquals('main', $result['templates'][0]['id']);
413         $this->assertEquals('The HTML code', $result['templates'][0]['html']);
414         $this->assertEquals('otherdata1', $result['otherdata'][0]['name']);
415         $this->assertEquals($paramval, $result['otherdata'][0]['value']);
416         $this->assertEquals(array(1, 2), $result['restrict']['users']);
417         $this->assertEquals(array(3, 4), $result['restrict']['courses']);
418         $this->assertEmpty($result['files']);
419         $this->assertFalse($result['disabled']);
420     }
422     /**
423      * Test get_content disabled.
424      */
425     public function test_get_content_disabled() {
427         $paramval = 16;
428         $result = external::get_content('tool_mobile', 'test_view_disabled',
429             array(array('name' => 'param1', 'value' => $paramval)));
430         $result = external_api::clean_returnvalue(external::get_content_returns(), $result);
431         $this->assertTrue($result['disabled']);
432     }
434     /**
435      * Test get_content non existent function in valid component.
436      */
437     public function test_get_content_non_existent_function() {
439         $this->expectException('coding_exception');
440         $result = external::get_content('tool_mobile', 'test_blahblah');
441     }
443     /**
444      * Test get_content incorrect component.
445      */
446     public function test_get_content_invalid_component() {
448         $this->expectException('moodle_exception');
449         $result = external::get_content('tool_mobile\hack', 'test_view');
450     }
452     /**
453      * Test get_content non existent component.
454      */
455     public function test_get_content_non_existent_component() {
457         $this->expectException('moodle_exception');
458         $result = external::get_content('tool_blahblahblah', 'test_view');
459     }
461     public function test_call_external_functions() {
462         global $SESSION;
464         $this->resetAfterTest(true);
466         $category = self::getDataGenerator()->create_category(array('name' => 'Category 1'));
467         $course = self::getDataGenerator()->create_course([
468             'category' => $category->id,
469             'shortname' => 'c1',
470             'summary' => '<span lang="en" class="multilang">Course summary</span>'
471                 . '<span lang="eo" class="multilang">Kurso resumo</span>'
472                 . '@@PLUGINFILE@@/filename.txt'
473                 . '<!-- Comment stripped when formatting text -->',
474             'summaryformat' => FORMAT_MOODLE
475         ]);
476         $user1 = self::getDataGenerator()->create_user(['username' => 'user1', 'lastaccess' => time()]);
477         $user2 = self::getDataGenerator()->create_user(['username' => 'user2', 'lastaccess' => time()]);
479         self::setUser($user1);
481         // Setup WS token.
482         $webservicemanager = new \webservice;
483         $service = $webservicemanager->get_external_service_by_shortname(MOODLE_OFFICIAL_MOBILE_SERVICE);
484         $token = external_generate_token_for_current_user($service);
485         $_POST['wstoken'] = $token->token;
487         // Workaround for external_api::call_external_function requiring sesskey.
488         $_POST['sesskey'] = sesskey();
490         // Call some functions.
492         $requests = [
493             [
494                 'function' => 'core_course_get_courses_by_field',
495                 'arguments' => json_encode(['field' => 'id', 'value' => $course->id])
496             ],
497             [
498                 'function' => 'core_user_get_users_by_field',
499                 'arguments' => json_encode(['field' => 'id', 'values' => [$user1->id]])
500             ],
501             [
502                 'function' => 'core_user_get_user_preferences',
503                 'arguments' => json_encode(['name' => 'some_setting', 'userid' => $user2->id])
504             ],
505             [
506                 'function' => 'core_course_get_courses_by_field',
507                 'arguments' => json_encode(['field' => 'shortname', 'value' => $course->shortname])
508             ],
509         ];
510         $result = external::call_external_functions($requests);
512         // We need to execute the return values cleaning process to simulate the web service server.
513         $result = external_api::clean_returnvalue(external::call_external_functions_returns(), $result);
515         // Only 3 responses, the 4th request is not executed because the 3rd throws an exception.
516         $this->assertCount(3, $result['responses']);
518         $this->assertFalse($result['responses'][0]['error']);
519         $coursedata = external_api::clean_returnvalue(
520             core_course_external::get_courses_by_field_returns(),
521             core_course_external::get_courses_by_field('id', $course->id));
522          $this->assertEquals(json_encode($coursedata), $result['responses'][0]['data']);
524         $this->assertFalse($result['responses'][1]['error']);
525         $userdata = external_api::clean_returnvalue(
526             core_user_external::get_users_by_field_returns(),
527             core_user_external::get_users_by_field('id', [$user1->id]));
528         $this->assertEquals(json_encode($userdata), $result['responses'][1]['data']);
530         $this->assertTrue($result['responses'][2]['error']);
531         $exception = json_decode($result['responses'][2]['exception'], true);
532         $this->assertEquals('nopermissions', $exception['errorcode']);
534         // Call a function not included in the external service.
536         $_POST['wstoken'] = $token->token;
537         $functions = $webservicemanager->get_not_associated_external_functions($service->id);
538         $requests = [['function' => current($functions)->name]];
539         $result = external::call_external_functions($requests);
541         $this->assertTrue($result['responses'][0]['error']);
542         $exception = json_decode($result['responses'][0]['exception'], true);
543         $this->assertEquals('accessexception', $exception['errorcode']);
544         $this->assertEquals('webservice', $exception['module']);
546         // Call a function with different external settings.
548         filter_set_global_state('multilang', TEXTFILTER_ON);
549         $_POST['wstoken'] = $token->token;
550         $SESSION->lang = 'eo'; // Change default language, so we can test changing it to "en".
551         $requests = [
552             [
553                 'function' => 'core_course_get_courses_by_field',
554                 'arguments' => json_encode(['field' => 'id', 'value' => $course->id]),
555             ],
556             [
557                 'function' => 'core_course_get_courses_by_field',
558                 'arguments' => json_encode(['field' => 'id', 'value' => $course->id]),
559                 'settingraw' => '1'
560             ],
561             [
562                 'function' => 'core_course_get_courses_by_field',
563                 'arguments' => json_encode(['field' => 'id', 'value' => $course->id]),
564                 'settingraw' => '1',
565                 'settingfileurl' => '0'
566             ],
567             [
568                 'function' => 'core_course_get_courses_by_field',
569                 'arguments' => json_encode(['field' => 'id', 'value' => $course->id]),
570                 'settingfilter' => '1',
571                 'settinglang' => 'en'
572             ],
573         ];
574         $result = external::call_external_functions($requests);
576         $this->assertCount(4, $result['responses']);
578         $context = \context_course::instance($course->id);
579         $pluginfile = 'webservice/pluginfile.php';
581         $this->assertFalse($result['responses'][0]['error']);
582         $data = json_decode($result['responses'][0]['data']);
583         $expected = file_rewrite_pluginfile_urls($course->summary, $pluginfile, $context->id, 'course', 'summary', null);
584         $expected = format_text($expected, $course->summaryformat, ['para' => false, 'filter' => false]);
585         $this->assertEquals($expected, $data->courses[0]->summary);
587         $this->assertFalse($result['responses'][1]['error']);
588         $data = json_decode($result['responses'][1]['data']);
589         $expected = file_rewrite_pluginfile_urls($course->summary, $pluginfile, $context->id, 'course', 'summary', null);
590         $this->assertEquals($expected, $data->courses[0]->summary);
592         $this->assertFalse($result['responses'][2]['error']);
593         $data = json_decode($result['responses'][2]['data']);
594         $this->assertEquals($course->summary, $data->courses[0]->summary);
596         $this->assertFalse($result['responses'][3]['error']);
597         $data = json_decode($result['responses'][3]['data']);
598         $expected = file_rewrite_pluginfile_urls($course->summary, $pluginfile, $context->id, 'course', 'summary', null);
599         $SESSION->lang = 'en'; // We expect filtered text in english.
600         $expected = format_text($expected, $course->summaryformat, ['para' => false, 'filter' => true]);
601         $this->assertEquals($expected, $data->courses[0]->summary);
602     }
604     /*
605      * Test get_tokens_for_qr_login.
606      */
607     public function test_get_tokens_for_qr_login() {
608         global $DB, $CFG, $USER;
610         $this->resetAfterTest(true);
612         $user = $this->getDataGenerator()->create_user();
613         $this->setUser($user);
615         $qrloginkey = api::get_qrlogin_key();
617         // Generate new tokens, the ones we expect to receive.
618         $service = $DB->get_record('external_services', array('shortname' => MOODLE_OFFICIAL_MOBILE_SERVICE));
619         $token = external_generate_token_for_current_user($service);
621         // Fake the app.
622         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
623                 'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
625         $result = external::get_tokens_for_qr_login($qrloginkey, $USER->id);
626         $result = external_api::clean_returnvalue(external::get_tokens_for_qr_login_returns(), $result);
628         $this->assertEmpty($result['warnings']);
629         $this->assertEquals($token->token, $result['token']);
630         $this->assertEquals($token->privatetoken, $result['privatetoken']);
632         // Now, try with an invalid key.
633         $this->expectException('moodle_exception');
634         $this->expectExceptionMessage(get_string('invalidkey', 'error'));
635         $result = external::get_tokens_for_qr_login(random_string('64'), $user->id);
636     }
638     /**
639      * Test get_tokens_for_qr_login missing QR code enabled.
640      */
641     public function test_get_tokens_for_qr_login_missing_enableqr() {
642         global $CFG, $USER;
643         $this->resetAfterTest(true);
644         $this->setAdminUser();
646         set_config('qrcodetype', tool_mobile\api::QR_CODE_DISABLED, 'tool_mobile');
648         $this->expectExceptionMessage(get_string('qrcodedisabled', 'tool_mobile'));
649         $result = external::get_tokens_for_qr_login('', $USER->id);
650     }
652     /**
653      * Test get_tokens_for_qr_login missing ws.
654      */
655     public function test_get_tokens_for_qr_login_missing_ws() {
656         global $CFG;
657         $this->resetAfterTest(true);
659         $user = $this->getDataGenerator()->create_user();
660         $this->setUser($user);
662         // Fake the app.
663         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
664             'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
666         // Need to disable webservices to verify that's checked.
667         $CFG->enablewebservices = 0;
668         $CFG->enablemobilewebservice = 0;
670         $this->setAdminUser();
671         $this->expectException('moodle_exception');
672         $this->expectExceptionMessage(get_string('enablewsdescription', 'webservice'));
673         $result = external::get_tokens_for_qr_login('', $user->id);
674     }
676     /**
677      * Test get_tokens_for_qr_login missing https.
678      */
679     public function test_get_tokens_for_qr_login_missing_https() {
680         global $CFG, $USER;
682         // Fake the app.
683         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
684             'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
686         // Need to simulate a non HTTPS site here.
687         $CFG->wwwroot = str_replace('https:', 'http:', $CFG->wwwroot);
689         $this->resetAfterTest(true);
690         $this->setAdminUser();
692         $this->expectException('moodle_exception');
693         $this->expectExceptionMessage(get_string('httpsrequired', 'tool_mobile'));
694         $result = external::get_tokens_for_qr_login('', $USER->id);
695     }
697     /**
698      * Test get_tokens_for_qr_login missing admin.
699      */
700     public function test_get_tokens_for_qr_login_missing_admin() {
701         global $CFG, $USER;
703         $this->resetAfterTest(true);
704         $this->setAdminUser();
706         // Fake the app.
707         core_useragent::instance(true, 'Mozilla/5.0 (Linux; Android 7.1.1; Moto G Play Build/NPIS26.48-43-2; wv) ' .
708             'AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.99 Mobile Safari/537.36 MoodleMobile');
710         $this->expectException('moodle_exception');
711         $this->expectExceptionMessage(get_string('autologinnotallowedtoadmins', 'tool_mobile'));
712         $result = external::get_tokens_for_qr_login('', $USER->id);
713     }
715     /**
716      * Test get_tokens_for_qr_login missing app_request.
717      */
718     public function test_get_tokens_for_qr_login_missing_app_request() {
719         global $CFG, $USER;
721         $this->resetAfterTest(true);
722         $this->setAdminUser();
724         $this->expectException('moodle_exception');
725         $this->expectExceptionMessage(get_string('apprequired', 'tool_mobile'));
726         $result = external::get_tokens_for_qr_login('', $USER->id);
727     }
729     /**
730      * Test validate subscription key.
731      */
732     public function test_validate_subscription_key_valid() {
733         $this->resetAfterTest(true);
735         $sitesubscriptionkey = ['validuntil' => time() + MINSECS, 'key' => complex_random_string(32)];
736         set_config('sitesubscriptionkey', json_encode($sitesubscriptionkey), 'tool_mobile');
738         $result = external::validate_subscription_key($sitesubscriptionkey['key']);
739         $result = external_api::clean_returnvalue(external::validate_subscription_key_returns(), $result);
740         $this->assertEmpty($result['warnings']);
741         $this->assertTrue($result['validated']);
742     }
744     /**
745      * Test validate subscription key invalid first and then a valid one.
746      */
747     public function test_validate_subscription_key_invalid_key_first() {
748         $this->resetAfterTest(true);
750         $sitesubscriptionkey = ['validuntil' => time() + MINSECS, 'key' => complex_random_string(32)];
751         set_config('sitesubscriptionkey', json_encode($sitesubscriptionkey), 'tool_mobile');
753         $result = external::validate_subscription_key('fakekey');
754         $result = external_api::clean_returnvalue(external::validate_subscription_key_returns(), $result);
755         $this->assertEmpty($result['warnings']);
756         $this->assertFalse($result['validated']);
758         // The valid one has been invalidated because the previous attempt.
759         $result = external::validate_subscription_key($sitesubscriptionkey['key']);
760         $result = external_api::clean_returnvalue(external::validate_subscription_key_returns(), $result);
761         $this->assertEmpty($result['warnings']);
762         $this->assertFalse($result['validated']);
763     }
765     /**
766      * Test validate subscription key invalid.
767      */
768     public function test_validate_subscription_key_invalid_key() {
769         $this->resetAfterTest(true);
771         $result = external::validate_subscription_key('fakekey');
772         $result = external_api::clean_returnvalue(external::validate_subscription_key_returns(), $result);
773         $this->assertEmpty($result['warnings']);
774         $this->assertFalse($result['validated']);
775     }
777     /**
778      * Test validate subscription key invalid.
779      */
780     public function test_validate_subscription_key_outdated() {
781         $this->resetAfterTest(true);
783         $sitesubscriptionkey = ['validuntil' => time() - MINSECS, 'key' => complex_random_string(32)];
784         set_config('sitesubscriptionkey', json_encode($sitesubscriptionkey), 'tool_mobile');
786         $result = external::validate_subscription_key($sitesubscriptionkey['key']);
787         $result = external_api::clean_returnvalue(external::validate_subscription_key_returns(), $result);
788         $this->assertEmpty($result['warnings']);
789         $this->assertFalse($result['validated']);
790     }