From 328396c0d5d451f8f1ea028448e502383f59ad41 Mon Sep 17 00:00:00 2001 From: Juan Leyva Date: Fri, 2 Oct 2020 11:37:14 +0200 Subject: [PATCH] MDL-68406 tool_mobile: Allow users to log-out from the app In this commit, we also reorganised how the Mobile box is displayed in the user profile. We are allowing now site admins to see the user last access time. --- admin/tool/mobile/lang/en/tool_mobile.php | 1 + admin/tool/mobile/lib.php | 13 +++-- admin/tool/mobile/logout.php | 70 +++++++++++++++++++++++ 3 files changed, 79 insertions(+), 5 deletions(-) create mode 100644 admin/tool/mobile/logout.php diff --git a/admin/tool/mobile/lang/en/tool_mobile.php b/admin/tool/mobile/lang/en/tool_mobile.php index 6fafc5fbd54..f3e6d7db53a 100644 --- a/admin/tool/mobile/lang/en/tool_mobile.php +++ b/admin/tool/mobile/lang/en/tool_mobile.php @@ -83,6 +83,7 @@ $string['iosappid_desc'] = 'This setting may be left as default unless you have $string['loginintheapp'] = 'Via the app'; $string['logininthebrowser'] = 'Via a browser window (for SSO plugins)'; $string['loginintheembeddedbrowser'] = 'Via an embedded browser (for SSO plugins)'; +$string['logoutconfirmation'] = 'Are you sure you want to log out from the mobile app on your mobile devices? By logging out, you will then need to re-enter your username and password in the mobile app on all devices where you have the app installed.'; $string['mainmenu'] = 'Main menu'; $string['managefiletypes'] = 'Manage file types'; $string['minimumversion'] = 'If an app version is specified (3.8.0 or higher), any users using an older app version will be prompted to upgrade their app before being allowed access to the site.'; diff --git a/admin/tool/mobile/lib.php b/admin/tool/mobile/lib.php index 567af8b9ac7..6b9dbf3df2a 100644 --- a/admin/tool/mobile/lib.php +++ b/admin/tool/mobile/lib.php @@ -134,15 +134,11 @@ function tool_mobile_myprofile_navigation(\core_user\output\myprofile\tree $tree return; } - if (!$iscurrentuser) { - return; - } - $newnodes = []; $mobilesettings = get_config('tool_mobile'); // Check if we should display a QR code. - if (!empty($mobilesettings->qrcodetype)) { + if ($iscurrentuser && !empty($mobilesettings->qrcodetype)) { $mobileqr = null; $qrcodeforappstr = get_string('qrcodeformobileappaccess', 'tool_mobile'); @@ -182,6 +178,13 @@ function tool_mobile_myprofile_navigation(\core_user\output\myprofile\tree $tree $mobilestrconnected = get_string('lastsiteaccess'); if ($usertoken->lastaccess) { $mobilelastaccess = userdate($usertoken->lastaccess) . "  (" . format_time(time() - $usertoken->lastaccess) . ")"; + // Logout link. + $validtoken = empty($usertoken->validuntil) || time() < $usertoken->validuntil; + if ($iscurrentuser && $validtoken) { + $url = new moodle_url('/'.$CFG->admin.'/tool/mobile/logout.php', ['sesskey' => sesskey()]); + $logoutlink = html_writer::link($url, get_string('logout')); + $mobilelastaccess .= "  ($logoutlink)"; + } } else { // We should not reach this point. $mobilelastaccess = get_string("never"); diff --git a/admin/tool/mobile/logout.php b/admin/tool/mobile/logout.php new file mode 100644 index 00000000000..17a768ac777 --- /dev/null +++ b/admin/tool/mobile/logout.php @@ -0,0 +1,70 @@ +. + +/** + * Log out a user from his external mobile devices (phones, tables, Moodle Desktop app, etc..) + * + * @package tool_mobile + * @copyright 2020 Juan Leyva + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +require(__DIR__ . '/../../../config.php'); +require_once($CFG->dirroot . '/admin/tool/mobile/lib.php'); +require_once($CFG->dirroot . '/webservice/lib.php'); + +if (!$CFG->enablemobilewebservice) { + print_error('enablewsdescription', 'webservice'); +} + +require_login(null, false); + +// Require an active user: not guest, not suspended. +core_user::require_active_user($USER); + +$redirecturl = new \moodle_url('/user/profile.php'); + +if (optional_param('confirm', 0, PARAM_INT) && data_submitted()) { + require_sesskey(); + + // Get the mobile service token to be deleted. + $token = tool_mobile_get_token($USER->id); + + if ($token) { + $webservicemanager = new webservice(); + $webservicemanager->delete_user_ws_token($token->id); + } + redirect($redirecturl); +} + +// Page settings. +$title = get_string('logout'); +$context = context_system::instance(); +$PAGE->set_url(new \moodle_url('/'.$CFG->admin.'/tool/mobile/logout.php')); +$PAGE->navbar->add($title); +$PAGE->set_context($context); +$PAGE->set_title($SITE->fullname. ': ' . $title); + +// Display the page. +echo $OUTPUT->header(); + +$message = get_string('logoutconfirmation', 'tool_mobile'); +$confirmurl = new \moodle_url('logout.php', ['confirm' => 1]); +$yesbutton = new single_button($confirmurl, get_string('yes'), 'post'); +$nobutton = new single_button($redirecturl, get_string('no')); +echo $OUTPUT->confirm($message, $yesbutton, $nobutton); + +echo $OUTPUT->footer(); -- 2.43.0