2 // This file is part of Moodle - http://moodle.org/
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
18 * External tool module external functions tests
22 * @copyright 2015 Juan Leyva <juan@moodle.com>
23 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
27 defined('MOODLE_INTERNAL') || die();
31 require_once($CFG->dirroot . '/webservice/tests/helpers.php');
32 require_once($CFG->dirroot . '/mod/lti/lib.php');
35 * External tool module external functions tests
39 * @copyright 2015 Juan Leyva <juan@moodle.com>
40 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
43 class mod_lti_external_testcase extends externallib_advanced_testcase {
46 * Set up for every test
48 public function setUp() {
49 $this->resetAfterTest();
53 * Sets up some basic test data including course, users, roles, and an lti instance, for use in some tests.
56 protected function setup_test_data() {
58 $this->setAdminUser();
61 $course = $this->getDataGenerator()->create_course();
62 $lti = $this->getDataGenerator()->create_module(
64 ['course' => $course->id, 'toolurl' => 'http://localhost/not/real/tool.php']
66 $context = context_module::instance($lti->cmid);
67 $cm = get_coursemodule_from_instance('lti', $lti->id);
70 $student = self::getDataGenerator()->create_user();
71 $teacher = self::getDataGenerator()->create_user();
74 $studentrole = $DB->get_record('role', array('shortname' => 'student'));
75 $teacherrole = $DB->get_record('role', array('shortname' => 'editingteacher'));
76 $this->getDataGenerator()->enrol_user($student->id, $course->id, $studentrole->id, 'manual');
77 $this->getDataGenerator()->enrol_user($teacher->id, $course->id, $teacherrole->id, 'manual');
82 'context' => $context,
84 'student' => $student,
85 'teacher' => $teacher,
86 'studentrole' => $studentrole,
87 'teacherrole' => $teacherrole
92 * Test get_tool_launch_data.
94 public function test_get_tool_launch_data() {
100 ] = $this->setup_test_data();
102 $result = mod_lti_external::get_tool_launch_data($lti->id);
103 $result = external_api::clean_returnvalue(mod_lti_external::get_tool_launch_data_returns(), $result);
105 // Basic test, the function returns what it's expected.
106 self::assertEquals($lti->toolurl, $result['endpoint']);
107 self::assertCount(36, $result['parameters']);
109 // Check some parameters.
110 $parameters = array();
111 foreach ($result['parameters'] as $param) {
112 $parameters[$param['name']] = $param['value'];
114 self::assertEquals($lti->resourcekey, $parameters['oauth_consumer_key']);
115 self::assertEquals($course->fullname, $parameters['context_title']);
116 self::assertEquals($course->shortname, $parameters['context_label']);
117 self::assertEquals($USER->id, $parameters['user_id']);
118 self::assertEquals($USER->firstname, $parameters['lis_person_name_given']);
119 self::assertEquals($USER->lastname, $parameters['lis_person_name_family']);
120 self::assertEquals(fullname($USER), $parameters['lis_person_name_full']);
121 self::assertEquals($USER->username, $parameters['ext_user_username']);
122 self::assertEquals("phpunit", $parameters['tool_consumer_instance_name']);
123 self::assertEquals("PHPUnit test site", $parameters['tool_consumer_instance_description']);
127 * Test get_ltis_by_courses.
129 public function test_mod_lti_get_ltis_by_courses() {
133 'student' => $student,
134 'teacher' => $teacher,
135 'studentrole' => $studentrole,
136 ] = $this->setup_test_data();
138 // Create additional course.
139 $course2 = self::getDataGenerator()->create_course();
142 $record = new stdClass();
143 $record->course = $course2->id;
144 $lti2 = self::getDataGenerator()->create_module('lti', $record);
146 // Execute real Moodle enrolment as we'll call unenrol() method on the instance later.
147 $enrol = enrol_get_plugin('manual');
148 $enrolinstances = enrol_get_instances($course2->id, true);
149 foreach ($enrolinstances as $courseenrolinstance) {
150 if ($courseenrolinstance->enrol == "manual") {
151 $instance2 = $courseenrolinstance;
155 $enrol->enrol_user($instance2, $student->id, $studentrole->id);
157 self::setUser($student);
159 $returndescription = mod_lti_external::get_ltis_by_courses_returns();
161 // Create what we expect to be returned when querying the two courses.
162 // First for the student user.
163 $expectedfields = array('id', 'coursemodule', 'course', 'name', 'intro', 'introformat', 'introfiles',
164 'launchcontainer', 'showtitlelaunch', 'showdescriptionlaunch', 'icon', 'secureicon');
166 // Add expected coursemodule and data.
168 $lti1->coursemodule = $lti1->cmid;
169 $lti1->introformat = 1;
171 $lti1->visible = true;
172 $lti1->groupmode = 0;
173 $lti1->groupingid = 0;
174 $lti1->introfiles = [];
176 $lti2->coursemodule = $lti2->cmid;
177 $lti2->introformat = 1;
179 $lti2->visible = true;
180 $lti2->groupmode = 0;
181 $lti2->groupingid = 0;
182 $lti2->introfiles = [];
184 foreach ($expectedfields as $field) {
185 $expected1[$field] = $lti1->{$field};
186 $expected2[$field] = $lti2->{$field};
189 $expectedltis = array($expected2, $expected1);
191 // Call the external function passing course ids.
192 $result = mod_lti_external::get_ltis_by_courses(array($course2->id, $course->id));
193 $result = external_api::clean_returnvalue($returndescription, $result);
195 $this->assertEquals($expectedltis, $result['ltis']);
196 $this->assertCount(0, $result['warnings']);
198 // Call the external function without passing course id.
199 $result = mod_lti_external::get_ltis_by_courses();
200 $result = external_api::clean_returnvalue($returndescription, $result);
201 $this->assertEquals($expectedltis, $result['ltis']);
202 $this->assertCount(0, $result['warnings']);
204 // Unenrol user from second course and alter expected ltis.
205 $enrol->unenrol_user($instance2, $student->id);
206 array_shift($expectedltis);
208 // Call the external function without passing course id.
209 $result = mod_lti_external::get_ltis_by_courses();
210 $result = external_api::clean_returnvalue($returndescription, $result);
211 $this->assertEquals($expectedltis, $result['ltis']);
213 // Call for the second course we unenrolled the user from, expected warning.
214 $result = mod_lti_external::get_ltis_by_courses(array($course2->id));
215 $result = external_api::clean_returnvalue($returndescription, $result);
216 $this->assertCount(1, $result['warnings']);
217 $this->assertEquals('1', $result['warnings'][0]['warningcode']);
218 $this->assertEquals($course2->id, $result['warnings'][0]['itemid']);
220 // Now, try as a teacher for getting all the additional fields.
221 self::setUser($teacher);
223 $additionalfields = array('timecreated', 'timemodified', 'typeid', 'toolurl', 'securetoolurl',
224 'instructorchoicesendname', 'instructorchoicesendemailaddr', 'instructorchoiceallowroster',
225 'instructorchoiceallowsetting', 'instructorcustomparameters', 'instructorchoiceacceptgrades', 'grade',
226 'resourcekey', 'password', 'debuglaunch', 'servicesalt', 'visible', 'groupmode', 'groupingid');
228 foreach ($additionalfields as $field) {
229 $expectedltis[0][$field] = $lti1->{$field};
232 $result = mod_lti_external::get_ltis_by_courses();
233 $result = external_api::clean_returnvalue($returndescription, $result);
234 $this->assertEquals($expectedltis, $result['ltis']);
236 // Admin also should get all the information.
237 self::setAdminUser();
239 $result = mod_lti_external::get_ltis_by_courses(array($course->id));
240 $result = external_api::clean_returnvalue($returndescription, $result);
241 $this->assertEquals($expectedltis, $result['ltis']);
243 // Now, prohibit capabilities.
244 $this->setUser($student);
245 $contextcourse1 = context_course::instance($course->id);
246 // Prohibit capability = mod:lti:view on Course1 for students.
247 assign_capability('mod/lti:view', CAP_PROHIBIT, $studentrole->id, $contextcourse1->id);
248 // Empty all the caches that may be affected by this change.
249 accesslib_clear_all_caches_for_unit_testing();
250 course_modinfo::clear_instance_cache();
252 $ltis = mod_lti_external::get_ltis_by_courses(array($course->id));
253 $ltis = external_api::clean_returnvalue(mod_lti_external::get_ltis_by_courses_returns(), $ltis);
254 $this->assertCount(0, $ltis['ltis']);
258 * Test view_lti with an invalid instance id.
260 public function test_view_lti_invalid_instanceid() {
261 $this->expectException(moodle_exception::class);
262 mod_lti_external::view_lti(0);
266 * Test view_lti as a user who is not enrolled in the course.
268 public function test_view_lti_no_enrolment() {
271 ] = $this->setup_test_data();
273 // Test not-enrolled user.
274 $usernotenrolled = self::getDataGenerator()->create_user();
275 $this->setUser($usernotenrolled);
277 $this->expectException(moodle_exception::class);
278 mod_lti_external::view_lti($lti->id);
282 * Test view_lti for a user without the mod/lti:view capability.
284 public function test_view_lti_no_capability() {
287 'student' => $student,
288 'studentrole' => $studentrole,
289 'context' => $context,
290 ] = $this->setup_test_data();
292 $this->setUser($student);
294 // We need a explicit prohibit since this capability is only defined in authenticated user and guest roles.
295 assign_capability('mod/lti:view', CAP_PROHIBIT, $studentrole->id, $context->id);
296 // Empty all the caches that may be affected by this change.
297 accesslib_clear_all_caches_for_unit_testing();
298 course_modinfo::clear_instance_cache();
300 $this->expectException(moodle_exception::class);
301 mod_lti_external::view_lti($lti->id);
305 * Test view_lti for a user with the mod/lti:view capability in the course.
307 public function test_view_lti() {
310 'context' => $context,
312 'student' => $student,
313 ] = $this->setup_test_data();
315 // Test user with full capabilities.
316 $this->setUser($student);
318 // Trigger and capture the event.
319 $sink = $this->redirectEvents();
321 $result = mod_lti_external::view_lti($lti->id);
322 // The value of the result isn't needed but validation is.
323 external_api::clean_returnvalue(mod_lti_external::view_lti_returns(), $result);
325 $events = $sink->get_events();
326 $this->assertCount(1, $events);
327 $event = array_shift($events);
329 // Checking that the event contains the expected values.
330 $this->assertInstanceOf('\mod_lti\event\course_module_viewed', $event);
331 $this->assertEquals($context, $event->get_context());
332 $moodlelti = new moodle_url('/mod/lti/view.php', array('id' => $cm->id));
333 $this->assertEquals($moodlelti, $event->get_url());
334 $this->assertEventContextNotUsed($event);
335 $this->assertNotEmpty($event->get_name());
339 * Test create_tool_proxy.
341 public function test_mod_lti_create_tool_proxy() {
342 $this->setAdminUser();
343 $capabilities = ['AA', 'BB'];
344 $proxy = mod_lti_external::create_tool_proxy('Test proxy', $this->getExternalTestFileUrl('/test.html'), $capabilities, []);
345 $proxy = (object) external_api::clean_returnvalue(mod_lti_external::create_tool_proxy_returns(), $proxy);
347 $this->assertEquals('Test proxy', $proxy->name);
348 $this->assertEquals($this->getExternalTestFileUrl('/test.html'), $proxy->regurl);
349 $this->assertEquals(LTI_TOOL_PROXY_STATE_PENDING, $proxy->state);
350 $this->assertEquals(implode("\n", $capabilities), $proxy->capabilityoffered);
354 * Test create_tool_proxy with a duplicate url.
356 public function test_mod_lti_create_tool_proxy_duplicateurl() {
357 $this->setAdminUser();
358 mod_lti_external::create_tool_proxy('Test proxy 1', $this->getExternalTestFileUrl('/test.html'), array(), array());
360 $this->expectException(moodle_exception::class);
361 mod_lti_external::create_tool_proxy('Test proxy 2', $this->getExternalTestFileUrl('/test.html'), array(), array());
365 * Test create_tool_proxy for a user without the required capability.
367 public function test_mod_lti_create_tool_proxy_without_capability() {
368 $course = $this->getDataGenerator()->create_course();
369 $teacher = $this->getDataGenerator()->create_and_enrol($course, 'editingteacher');
370 $this->setUser($teacher);
371 $this->expectException(required_capability_exception::class);
372 mod_lti_external::create_tool_proxy('Test proxy', $this->getExternalTestFileUrl('/test.html'), array(), array());
376 * Test delete_tool_proxy.
378 public function test_mod_lti_delete_tool_proxy() {
379 $this->setAdminUser();
380 $proxy = mod_lti_external::create_tool_proxy('Test proxy', $this->getExternalTestFileUrl('/test.html'), array(), array());
381 $proxy = (object) external_api::clean_returnvalue(mod_lti_external::create_tool_proxy_returns(), $proxy);
382 $this->assertNotEmpty(lti_get_tool_proxy($proxy->id));
384 $proxy = mod_lti_external::delete_tool_proxy($proxy->id);
385 $proxy = (object) external_api::clean_returnvalue(mod_lti_external::delete_tool_proxy_returns(), $proxy);
387 $this->assertEquals('Test proxy', $proxy->name);
388 $this->assertEquals($this->getExternalTestFileUrl('/test.html'), $proxy->regurl);
389 $this->assertEquals(LTI_TOOL_PROXY_STATE_PENDING, $proxy->state);
390 $this->assertEmpty(lti_get_tool_proxy($proxy->id));
394 * Test get_tool_proxy_registration_request.
396 public function test_mod_lti_get_tool_proxy_registration_request() {
397 $this->setAdminUser();
398 $proxy = mod_lti_external::create_tool_proxy('Test proxy', $this->getExternalTestFileUrl('/test.html'), array(), array());
399 $proxy = (object) external_api::clean_returnvalue(mod_lti_external::create_tool_proxy_returns(), $proxy);
401 $request = mod_lti_external::get_tool_proxy_registration_request($proxy->id);
402 $request = external_api::clean_returnvalue(mod_lti_external::get_tool_proxy_registration_request_returns(),
405 $this->assertEquals('ToolProxyRegistrationRequest', $request['lti_message_type']);
406 $this->assertEquals('LTI-2p0', $request['lti_version']);
410 * Test get_tool_types.
412 public function test_mod_lti_get_tool_types() {
413 // Create a tool proxy.
414 $this->setAdminUser();
415 $proxy = mod_lti_external::create_tool_proxy('Test proxy', $this->getExternalTestFileUrl('/test.html'), array(), array());
416 $proxy = (object) external_api::clean_returnvalue(mod_lti_external::create_tool_proxy_returns(), $proxy);
418 // Create a tool type, associated with that proxy.
419 $type = new stdClass();
420 $data = new stdClass();
421 $type->state = LTI_TOOL_STATE_CONFIGURED;
422 $type->name = "Test tool";
423 $type->description = "Example description";
424 $type->toolproxyid = $proxy->id;
425 $type->baseurl = $this->getExternalTestFileUrl('/test.html');
426 lti_add_type($type, $data);
428 $types = mod_lti_external::get_tool_types($proxy->id);
429 $types = external_api::clean_returnvalue(mod_lti_external::get_tool_types_returns(), $types);
431 $this->assertCount(1, $types);
433 $this->assertEquals('Test tool', $type['name']);
434 $this->assertEquals('Example description', $type['description']);
438 * Test create_tool_type.
440 public function test_mod_lti_create_tool_type() {
441 $this->setAdminUser();
442 $type = mod_lti_external::create_tool_type($this->getExternalTestFileUrl('/ims_cartridge_basic_lti_link.xml'), '', '');
443 $type = external_api::clean_returnvalue(mod_lti_external::create_tool_type_returns(), $type);
445 $this->assertEquals('Example tool', $type['name']);
446 $this->assertEquals('Example tool description', $type['description']);
447 $this->assertEquals('https://download.moodle.org/unittest/test.jpg', $type['urls']['icon']);
448 $typeentry = lti_get_type($type['id']);
449 $this->assertEquals('http://www.example.com/lti/provider.php', $typeentry->baseurl);
450 $config = lti_get_type_config($type['id']);
451 $this->assertTrue(isset($config['sendname']));
452 $this->assertTrue(isset($config['sendemailaddr']));
453 $this->assertTrue(isset($config['acceptgrades']));
454 $this->assertTrue(isset($config['forcessl']));
458 * Test create_tool_type failure from non existent file.
460 public function test_mod_lti_create_tool_type_nonexistant_file() {
461 $this->expectException(moodle_exception::class);
462 mod_lti_external::create_tool_type($this->getExternalTestFileUrl('/doesntexist.xml'), '', '');
466 * Test create_tool_type failure from xml that is not a cartridge.
468 public function test_mod_lti_create_tool_type_bad_file() {
469 $this->expectException(moodle_exception::class);
470 mod_lti_external::create_tool_type($this->getExternalTestFileUrl('/rsstest.xml'), '', '');
474 * Test create_tool_type as a user without the required capability.
476 public function test_mod_lti_create_tool_type_without_capability() {
477 $course = $this->getDataGenerator()->create_course();
478 $teacher = $this->getDataGenerator()->create_and_enrol($course, 'editingteacher');
479 $this->setUser($teacher);
480 $this->expectException(required_capability_exception::class);
481 mod_lti_external::create_tool_type($this->getExternalTestFileUrl('/ims_cartridge_basic_lti_link.xml'), '', '');
485 * Test update_tool_type.
487 public function test_mod_lti_update_tool_type() {
488 $this->setAdminUser();
489 $type = mod_lti_external::create_tool_type($this->getExternalTestFileUrl('/ims_cartridge_basic_lti_link.xml'), '', '');
490 $type = external_api::clean_returnvalue(mod_lti_external::create_tool_type_returns(), $type);
492 $type = mod_lti_external::update_tool_type($type['id'], 'New name', 'New description', LTI_TOOL_STATE_PENDING);
493 $type = external_api::clean_returnvalue(mod_lti_external::update_tool_type_returns(), $type);
495 $this->assertEquals('New name', $type['name']);
496 $this->assertEquals('New description', $type['description']);
497 $this->assertEquals('Pending', $type['state']['text']);
501 * Test delete_tool_type for a user with the required capability.
503 public function test_mod_lti_delete_tool_type() {
504 $this->setAdminUser();
505 $type = mod_lti_external::create_tool_type($this->getExternalTestFileUrl('/ims_cartridge_basic_lti_link.xml'), '', '');
506 $type = external_api::clean_returnvalue(mod_lti_external::create_tool_type_returns(), $type);
507 $this->assertNotEmpty(lti_get_type($type['id']));
509 $type = mod_lti_external::delete_tool_type($type['id']);
510 $type = external_api::clean_returnvalue(mod_lti_external::delete_tool_type_returns(), $type);
511 $this->assertEmpty(lti_get_type($type['id']));
515 * Test delete_tool_type for a user without the required capability.
517 public function test_mod_lti_delete_tool_type_without_capability() {
518 $this->setAdminUser();
519 $type = mod_lti_external::create_tool_type($this->getExternalTestFileUrl('/ims_cartridge_basic_lti_link.xml'), '', '');
520 $type = external_api::clean_returnvalue(mod_lti_external::create_tool_type_returns(), $type);
521 $this->assertNotEmpty(lti_get_type($type['id']));
523 $course = $this->getDataGenerator()->create_course();
524 $teacher = $this->getDataGenerator()->create_and_enrol($course, 'editingteacher');
525 $this->setUser($teacher);
526 $this->expectException(required_capability_exception::class);
527 mod_lti_external::delete_tool_type($type['id']);
533 public function test_mod_lti_is_cartridge() {
534 $this->setAdminUser();
535 $result = mod_lti_external::is_cartridge($this->getExternalTestFileUrl('/ims_cartridge_basic_lti_link.xml'));
536 $result = external_api::clean_returnvalue(mod_lti_external::is_cartridge_returns(), $result);
537 $this->assertTrue($result['iscartridge']);
539 $result = mod_lti_external::is_cartridge($this->getExternalTestFileUrl('/test.html'));
540 $result = external_api::clean_returnvalue(mod_lti_external::is_cartridge_returns(), $result);
541 $this->assertFalse($result['iscartridge']);