Commit 34226901 authored by Aaron Wells's avatar Aaron Wells Committed by Gerrit Code Review
Browse files

Merge changes Ic5b8fa93,Id3327939,Ic4292676,Iad1d39a1,I398479c3,Ib5dea8c9

* changes:
  Change webservice config to not have nested Pieforms (Bug #1397128)
  Fix data in service group on creation
  Restricting the institution get members (Bug 1393530)
  Handling webservices validate_password better (Bug 1393530)
  Tidying up the initial code to mahara standards (Bug #1393530)
  Adding the webservices plugin (Bug 1393530)
parents 2649e660 e8f546e7
......@@ -231,7 +231,7 @@ class AuthInternal extends Auth {
* @param string $salt The salt we have.
* @returns int 0 means not validated, 1 means validated, 2 means validated but needs updating
*/
private function validate_password($theysent, $wehave, $salt) {
protected function validate_password($theysent, $wehave, $salt) {
$this->must_be_ready();
if ($salt == '*') {
......
<?xml version="1.0" encoding="UTF-8" ?>
<XMLDB PATH="lib/db" VERSION="20060926" COMMENT="XMLDB file for Mahara files plugin tables"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="../../lib/xmldb/xmldb.xsd"
>
<TABLES>
<TABLE NAME="external_services" COMMENT="built in and custom external services">
<FIELDS>
<FIELD NAME="id" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="true" NEXT="name"/>
<FIELD NAME="name" TYPE="char" LENGTH="200" NOTNULL="true" SEQUENCE="false" PREVIOUS="id" NEXT="enabled"/>
<FIELD NAME="enabled" TYPE="int" LENGTH="1" NOTNULL="true" UNSIGNED="true" SEQUENCE="false" PREVIOUS="name" NEXT="restrictedusers"/>
<FIELD NAME="restrictedusers" TYPE="int" LENGTH="1" NOTNULL="true" UNSIGNED="true" SEQUENCE="false" PREVIOUS="enabled" NEXT="tokenusers"/>
<FIELD NAME="tokenusers" TYPE="int" LENGTH="1" NOTNULL="true" UNSIGNED="true" SEQUENCE="false" PREVIOUS="restrictedusers" NEXT="component"/>
<FIELD NAME="component" TYPE="char" LENGTH="100" NOTNULL="false" SEQUENCE="false" PREVIOUS="restrictedusers" NEXT="timecreated"/>
<FIELD NAME="timecreated" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="false" PREVIOUS="component" NEXT="timemodified"/>
<FIELD NAME="timemodified" TYPE="int" LENGTH="10" NOTNULL="false" UNSIGNED="true" SEQUENCE="false" PREVIOUS="timecreated"/>
</FIELDS>
<KEYS>
<KEY NAME="primary" TYPE="primary" FIELDS="id"/>
</KEYS>
<INDEXES>
<INDEX NAME="nameuk" UNIQUE="true" FIELDS="name"/>
</INDEXES>
</TABLE>
<TABLE NAME="external_functions" COMMENT="list of all external functions">
<FIELDS>
<FIELD NAME="id" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="true" NEXT="name"/>
<FIELD NAME="name" TYPE="char" LENGTH="200" NOTNULL="true" SEQUENCE="false" PREVIOUS="id" NEXT="classname"/>
<FIELD NAME="classname" TYPE="char" LENGTH="100" NOTNULL="true" SEQUENCE="false" PREVIOUS="name" NEXT="methodname"/>
<FIELD NAME="methodname" TYPE="char" LENGTH="100" NOTNULL="true" SEQUENCE="false" PREVIOUS="classname" NEXT="classpath"/>
<FIELD NAME="classpath" TYPE="char" LENGTH="255" NOTNULL="false" SEQUENCE="false" PREVIOUS="methodname" NEXT="component"/>
<FIELD NAME="component" TYPE="char" LENGTH="100" NOTNULL="true" SEQUENCE="false" PREVIOUS="classpath"/>
</FIELDS>
<KEYS>
<KEY NAME="primary" TYPE="primary" FIELDS="id"/>
</KEYS>
<INDEXES>
<INDEX NAME="nameuk" UNIQUE="true" FIELDS="name" COMMENT="the external function names must be globally unique"/>
</INDEXES>
</TABLE>
<TABLE NAME="external_services_functions" COMMENT="lists functions available in each service group">
<FIELDS>
<FIELD NAME="id" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="true" NEXT="externalserviceid"/>
<FIELD NAME="externalserviceid" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="false" PREVIOUS="id" NEXT="functionname"/>
<FIELD NAME="functionname" TYPE="char" LENGTH="200" NOTNULL="true" SEQUENCE="false" PREVIOUS="externalserviceid"/>
</FIELDS>
<KEYS>
<KEY NAME="primary" TYPE="primary" FIELDS="id" NEXT="externalserviceidfk"/>
<KEY NAME="externalserviceidfk" TYPE="foreign" FIELDS="externalserviceid" REFTABLE="external_services" REFFIELDS="id" PREVIOUS="primary"/>
</KEYS>
</TABLE>
<TABLE NAME="external_tokens" COMMENT="Security tokens for accessing of external services">
<FIELDS>
<FIELD NAME="id" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="true" NEXT="token"/>
<FIELD NAME="token" TYPE="char" LENGTH="128" NOTNULL="true" SEQUENCE="false" COMMENT="security token, aka private access key" PREVIOUS="id" NEXT="tokentype"/>
<FIELD NAME="tokentype" TYPE="int" LENGTH="4" NOTNULL="true" UNSIGNED="true" SEQUENCE="false" COMMENT="type of token: 0=permanent, no session; 1=linked to current browser session via sid; 2=permanent, with emulated session" PREVIOUS="token" NEXT="userid"/>
<FIELD NAME="userid" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="false" SEQUENCE="false" COMMENT="owner of the token" PREVIOUS="tokentype" NEXT="institution"/>
<FIELD NAME="institution" TYPE="char" LENGTH="255" NOTNULL="true" PREVIOUS="userid" NEXT="externalserviceid" />
<FIELD NAME="externalserviceid" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="false" PREVIOUS="institution" NEXT="sid"/>
<FIELD NAME="sid" TYPE="char" LENGTH="128" NOTNULL="false" SEQUENCE="false" COMMENT="link to browser or emulated session" PREVIOUS="externalserviceid" NEXT="creatorid"/>
<FIELD NAME="creatorid" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="false" DEFAULT="1" SEQUENCE="false" COMMENT="user id of the token creator (useful to know when the administrator created a token and so display the token to a specific administrator)" PREVIOUS="sid" NEXT="iprestriction"/>
<FIELD NAME="iprestriction" TYPE="char" LENGTH="255" NOTNULL="false" SEQUENCE="false" COMMENT="ip restriction" PREVIOUS="creatorid" NEXT="validuntil"/>
<FIELD NAME="validuntil" TYPE="int" LENGTH="10" NOTNULL="false" UNSIGNED="true" SEQUENCE="false" COMMENT="timestampt - valid until data" PREVIOUS="iprestriction" NEXT="timecreated"/>
<FIELD NAME="timecreated" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="false" COMMENT="created timestamp" PREVIOUS="validuntil" NEXT="lastaccess"/>
<FIELD NAME="lastaccess" TYPE="int" LENGTH="10" NOTNULL="false" UNSIGNED="true" SEQUENCE="false" COMMENT="last access timestamp" PREVIOUS="timecreated" NEXT="publickey"/>
<FIELD NAME="publickey" TYPE="text" NOTNULL="true" DEFAULT="" SEQUENCE="false" COMMENT="created timestamp" PREVIOUS="privatekey" NEXT="publickeyexpires"/>
<FIELD NAME="publickeyexpires" TYPE="int" LENGTH="10" NOTNULL="true" SEQUENCE="false" COMMENT="created timestamp" PREVIOUS="publickey" NEXT="wssigenc"/>
<FIELD NAME="wssigenc" TYPE="int" LENGTH="1" NOTNULL="true" UNSIGNED="true" SEQUENCE="false" PREVIOUS="publickeyexpires"/>
</FIELDS>
<KEYS>
<KEY NAME="primary" TYPE="primary" FIELDS="id" NEXT="useridfk"/>
<KEY NAME="useridfk" TYPE="foreign" FIELDS="userid" REFTABLE="usr" REFFIELDS="id" PREVIOUS="primary" NEXT="institutionfk"/>
<KEY NAME="institutionfk" TYPE="foreign" FIELDS="institution" REFTABLE="institution" REFFIELDS="name" PREVIOUS="useridfk" NEXT="externalserviceidfk"/>
<KEY NAME="externalserviceidfk" TYPE="foreign" FIELDS="externalserviceid" REFTABLE="external_services" REFFIELDS="id" PREVIOUS="institutionfk" NEXT="creatoridfk"/>
<KEY NAME="creatoridfk" TYPE="foreign" FIELDS="creatorid" REFTABLE="usr" REFFIELDS="id" PREVIOUS="externalserviceidfk"/>
</KEYS>
<INDEXES>
<INDEX NAME="tokenuk" UNIQUE="true" FIELDS="token"/>
</INDEXES>
</TABLE>
<TABLE NAME="external_services_users" COMMENT="users allowed to use services with restricted users flag">
<FIELDS>
<FIELD NAME="id" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="true" NEXT="externalserviceid"/>
<FIELD NAME="externalserviceid" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="false" PREVIOUS="id" NEXT="userid"/>
<FIELD NAME="userid" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="false" SEQUENCE="false" PREVIOUS="externalserviceid" NEXT="institution"/>
<FIELD NAME="institution" TYPE="char" LENGTH="255" NOTNULL="true" PREVIOUS="userid" NEXT="iprestriction" />
<FIELD NAME="iprestriction" TYPE="char" LENGTH="255" NOTNULL="false" SEQUENCE="false" COMMENT="ip restriction" PREVIOUS="institution" NEXT="validuntil"/>
<FIELD NAME="validuntil" TYPE="int" LENGTH="10" NOTNULL="false" UNSIGNED="true" SEQUENCE="false" COMMENT="timestampt - valid until data" PREVIOUS="iprestriction" NEXT="timecreated"/>
<FIELD NAME="timecreated" TYPE="int" LENGTH="10" NOTNULL="false" UNSIGNED="true" SEQUENCE="false" COMMENT="created timestamp" PREVIOUS="validuntil" NEXT="lastaccess"/>
<FIELD NAME="lastaccess" TYPE="int" LENGTH="10" NOTNULL="false" UNSIGNED="true" SEQUENCE="false" COMMENT="last access timestamp" PREVIOUS="timecreated" NEXT="publickey"/>
<FIELD NAME="publickey" TYPE="text" NOTNULL="true" DEFAULT="" SEQUENCE="false" COMMENT="created timestamp" PREVIOUS="privatekey" NEXT="publickeyexpires"/>
<FIELD NAME="publickeyexpires" TYPE="int" LENGTH="10" NOTNULL="true" SEQUENCE="false" COMMENT="created timestamp" PREVIOUS="publickey" NEXT="wssigenc"/>
<FIELD NAME="wssigenc" TYPE="int" LENGTH="1" NOTNULL="true" UNSIGNED="true" SEQUENCE="false" PREVIOUS="publickeyexpires"/>
</FIELDS>
<KEYS>
<KEY NAME="primary" TYPE="primary" FIELDS="id" NEXT="externalserviceid"/>
<KEY NAME="externalserviceidfk" TYPE="foreign" FIELDS="externalserviceid" REFTABLE="external_services" REFFIELDS="id" PREVIOUS="primary" NEXT="useridfk"/>
<KEY NAME="useridfk" TYPE="foreign" FIELDS="userid" REFTABLE="usr" REFFIELDS="id" PREVIOUS="externalserviceiduk" NEXT="institutionfk"/>
<KEY NAME="institutionfk" TYPE="foreign" FIELDS="institution" REFTABLE="institution" REFFIELDS="name" PREVIOUS="useridfk"/>
</KEYS>
</TABLE>
<TABLE NAME="oauth_server_registry" COMMENT="Table holding consumer key/secret combos an user issued to consumers">
<FIELDS>
<FIELD NAME="id" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="true" COMMENT="osr id" NEXT="userid"/>
<FIELD NAME="userid" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="false" SEQUENCE="false" COMMENT="usr ref" PREVIOUS="id" NEXT="consumer_key"/>
<FIELD NAME="externalserviceid" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="false" PREVIOUS="userid" NEXT="institution"/>
<FIELD NAME="institution" TYPE="char" LENGTH="255" NOTNULL="true" PREVIOUS="externalserviceid" NEXT="consumer_key" />
<FIELD NAME="consumer_key" TYPE="char" LENGTH="128" NOTNULL="true" DEFAULT="" COMMENT="consumer key" PREVIOUS="institution" NEXT="consumer_secret" />
<FIELD NAME="consumer_secret" TYPE="char" LENGTH="128" NOTNULL="true" SEQUENCE="false" COMMENT="consumer secret" PREVIOUS="consumer_key" NEXT="enabled"/>
<FIELD NAME="enabled" TYPE="int" LENGTH="1" NOTNULL="true" DEFAULT="0" COMMENT="enabled" PREVIOUS="enabled" NEXT="status"/>
<FIELD NAME="status" TYPE="char" LENGTH="255" NOTNULL="true" SEQUENCE="false" COMMENT="status" PREVIOUS="enabled" NEXT="requester_name"/>
<FIELD NAME="requester_name" TYPE="char" LENGTH="255" NOTNULL="true" SEQUENCE="false" COMMENT="requester name" PREVIOUS="status" NEXT="requester_email"/>
<FIELD NAME="requester_email" TYPE="char" LENGTH="255" NOTNULL="true" SEQUENCE="false" COMMENT="requester email" PREVIOUS="requester_name" NEXT="callback_uri"/>
<FIELD NAME="callback_uri" TYPE="text" NOTNULL="true" SEQUENCE="false" COMMENT="callback URI" PREVIOUS="requester_email" NEXT="application_uri"/>
<FIELD NAME="application_uri" TYPE="text" NOTNULL="true" SEQUENCE="false" COMMENT="application URI" PREVIOUS="callback_uri" NEXT="application_title"/>
<FIELD NAME="application_title" TYPE="char" LENGTH="255" NOTNULL="true" SEQUENCE="false" COMMENT="application title" PREVIOUS="application_uri" NEXT="application_descr"/>
<FIELD NAME="application_descr" TYPE="text" NOTNULL="true" SEQUENCE="false" COMMENT="application description" PREVIOUS="application_title" NEXT="application_notes"/>
<FIELD NAME="application_notes" TYPE="text" NOTNULL="true" SEQUENCE="false" COMMENT="application notes" PREVIOUS="application_descr" NEXT="application_type"/>
<FIELD NAME="application_type" TYPE="char" LENGTH="255" NOTNULL="true" SEQUENCE="false" COMMENT="application type" PREVIOUS="application_notes" NEXT="issue_date"/>
<FIELD NAME="issue_date" TYPE="datetime" NOTNULL="true" SEQUENCE="false" COMMENT="creation timestamp" PREVIOUS="application_type" NEXT="timestamp"/>
<FIELD NAME="timestamp" TYPE="datetime" NOTNULL="true" SEQUENCE="false" COMMENT="creation timestamp" PREVIOUS="issue_date"/>
</FIELDS>
<KEYS>
<KEY NAME="primary" TYPE="primary" FIELDS="id" NEXT="consumerkeyuk"/>
<KEY NAME="consumerkeyuk" TYPE="unique" FIELDS="consumer_key" PREVIOUS="primary" NEXT="useridfk"/>
<KEY NAME="useridfk" TYPE="foreign" FIELDS="userid" REFTABLE="usr" REFFIELDS="id" PREVIOUS="consumerkeyuk" NEXT="externalserviceidfk"/>
<KEY NAME="externalserviceidfk" TYPE="foreign" FIELDS="externalserviceid" REFTABLE="external_services" REFFIELDS="id" PREVIOUS="useriduk" NEXT="institutionfk"/>
<KEY NAME="institutionfk" TYPE="foreign" FIELDS="institution" REFTABLE="institution" REFFIELDS="name" PREVIOUS="externalserviceidfk"/>
</KEYS>
</TABLE>
<TABLE NAME="oauth_server_nonce" COMMENT="Nonce used by a certain consumer, every used nonce should be unique, this prevents replaying attacks">
<FIELDS>
<FIELD NAME="id" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="true" COMMENT="osn id" NEXT="consumer_key"/>
<FIELD NAME="consumer_key" TYPE="char" LENGTH="128" NOTNULL="true" DEFAULT="" COMMENT="consumer key" PREVIOUS="id" NEXT="token" />
<FIELD NAME="token" TYPE="char" LENGTH="64" NOTNULL="true" SEQUENCE="false" COMMENT="token" PREVIOUS="consumer_key" NEXT="nonce"/>
<FIELD NAME="nonce" TYPE="char" LENGTH="80" NOTNULL="true" SEQUENCE="false" COMMENT="nonce" PREVIOUS="token" NEXT="timestamp"/>
<FIELD NAME="timestamp" TYPE="datetime" NOTNULL="true" SEQUENCE="false" COMMENT="creation timestamp" PREVIOUS="nonce"/>
</FIELDS>
<KEYS>
<KEY NAME="primary" TYPE="primary" FIELDS="id" NEXT="keysuk"/>
<KEY NAME="keysuk" TYPE="unique" FIELDS="consumer_key,token,timestamp,nonce" PREVIOUS="primary"/>
</KEYS>
</TABLE>
<TABLE NAME="oauth_server_token" COMMENT="Table used to verify signed requests sent to a server by the consumer">
<FIELDS>
<FIELD NAME="id" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="true" COMMENT="ost id" NEXT="osr_id_ref"/>
<FIELD NAME="osr_id_ref" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="false" COMMENT="osr ref" PREVIOUS="id" NEXT="userid"/>
<FIELD NAME="userid" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="false" SEQUENCE="false" COMMENT="usr ref" PREVIOUS="osr_id_ref" NEXT="token"/>
<FIELD NAME="token" TYPE="char" LENGTH="64" NOTNULL="true" SEQUENCE="false" COMMENT="token" PREVIOUS="userid" NEXT="token_secret"/>
<FIELD NAME="token_secret" TYPE="char" LENGTH="64" NOTNULL="true" SEQUENCE="false" COMMENT="token secret" PREVIOUS="token" NEXT="token_type"/>
<FIELD NAME="token_type" TYPE="char" LENGTH="20" NOTNULL="true" COMMENT="token type" ENUM="true" ENUMVALUES="'request', 'access'" PREVIOUS="token_secret" NEXT="authorized"/>
<FIELD NAME="authorized" TYPE="int" LENGTH="1" NOTNULL="true" DEFAULT="0" COMMENT="authorised" PREVIOUS="token_type" NEXT="referrer_host"/>
<FIELD NAME="referrer_host" TYPE="char" LENGTH="128" NOTNULL="true" DEFAULT="" COMMENT="referrer host" PREVIOUS="authorized" NEXT="callback_uri" />
<FIELD NAME="callback_uri" TYPE="text" NOTNULL="true" SEQUENCE="false" COMMENT="callback URI" PREVIOUS="referrer_host" NEXT="verifier"/>
<FIELD NAME="verifier" TYPE="char" LENGTH="10" NOTNULL="true" SEQUENCE="false" COMMENT="verifier" PREVIOUS="callback_uri" NEXT="token_ttl"/>
<FIELD NAME="token_ttl" TYPE="datetime" NOTNULL="true" SEQUENCE="false" DEFAULT="'9999-12-31'" COMMENT="ttl for token" PREVIOUS="verifier" NEXT="timestamp"/>
<FIELD NAME="timestamp" TYPE="datetime" NOTNULL="true" SEQUENCE="false" COMMENT="creation timestamp" PREVIOUS="token_ttl"/>
</FIELDS>
<KEYS>
<KEY NAME="primary" TYPE="primary" FIELDS="id" NEXT="tokenuk"/>
<KEY NAME="tokenuk" TYPE="unique" FIELDS="token" PREVIOUS="primary" NEXT="osrrefidfk"/>
<KEY NAME="osrrefidfk" TYPE="foreign" FIELDS="osr_id_ref" REFTABLE="oauth_server_registry" REFFIELDS="id" PREVIOUS="tokenuk" NEXT="useridfk"/>
<KEY NAME="useridfk" TYPE="foreign" FIELDS="userid" REFTABLE="usr" REFFIELDS="id" PREVIOUS="osrrefidfk"/>
</KEYS>
</TABLE>
<TABLE NAME="external_services_logs" COMMENT="external services logs">
<FIELDS>
<FIELD NAME="id" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="true" NEXT="timelogged"/>
<FIELD NAME="timelogged" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="false" PREVIOUS="id" NEXT="userid"/>
<FIELD NAME="userid" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="false" SEQUENCE="false" COMMENT="usr ref" PREVIOUS="timelogged" NEXT="externalserviceid"/>
<FIELD NAME="externalserviceid" TYPE="int" LENGTH="10" NOTNULL="false" UNSIGNED="true" SEQUENCE="false" PREVIOUS="userid" NEXT="institution"/>
<FIELD NAME="institution" TYPE="char" LENGTH="255" NOTNULL="true" PREVIOUS="externalserviceid" NEXT="funcitonname" />
<FIELD NAME="protocol" TYPE="char" LENGTH="10" NOTNULL="true" PREVIOUS="institution" NEXT="auth" />
<FIELD NAME="auth" TYPE="char" LENGTH="10" NOTNULL="true" PREVIOUS="protocol" NEXT="funcitonname" />
<FIELD NAME="functionname" TYPE="char" LENGTH="200" NOTNULL="false" SEQUENCE="false" PREVIOUS="auth" NEXT="timetaken"/>
<FIELD NAME="timetaken" TYPE="number" LENGTH="10" DECIMALS="5" NOTNULL="true" UNSIGNED="false" SEQUENCE="false" PREVIOUS="funcitonname" NEXT="uri"/>
<FIELD NAME="uri" TYPE="char" LENGTH="255" NOTNULL="false" SEQUENCE="false" PREVIOUS="funcitonname" NEXT="info"/>
<FIELD NAME="info" TYPE="text" NOTNULL="false" SEQUENCE="false" PREVIOUS="uri" NEXT="ip"/>
<FIELD NAME="ip" TYPE="char" LENGTH="45" NOTNULL="false" SEQUENCE="false" PREVIOUS="info"/>
</FIELDS>
<KEYS>
<KEY NAME="primary" TYPE="primary" FIELDS="id"/>
<KEY NAME="useridfk" TYPE="foreign" FIELDS="userid" REFTABLE="usr" REFFIELDS="id"/>
</KEYS>
<INDEXES>
<INDEX NAME="externalserviceid" UNIQUE="false" FIELDS="externalserviceid"/>
<INDEX NAME="institution" UNIQUE="false" FIELDS="institution"/>
<INDEX NAME="functionname" UNIQUE="false" FIELDS="functionname"/>
<INDEX NAME="timelogged" UNIQUE="false" FIELDS="timelogged"/>
</INDEXES>
</TABLE>
</TABLES>
</XMLDB>
<?php
/**
*
* @package mahara
* @subpackage core
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
function xmldb_auth_webservice_upgrade($oldversion=0) {
$status = true;
/**
* Ensure that all the Web Services tables have been created - even if we
* are transitioning from artefact/webservice to webservice
*/
if ($oldversion < 2014112800) {
// Add in the Web Services subsystem
// ensure that redundant tables are removed from early days of artefact/webservice
$table = new XMLDBTable('oauth_consumer_token');
if (table_exists($table)) {
drop_table($table);
}
$table = new XMLDBTable('oauth_consumer_registry');
if (table_exists($table)) {
drop_table($table);
}
// Create the core services tables
$table = new XMLDBTable('external_services');
$table->addFieldInfo('id', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, XMLDB_SEQUENCE, null, null, null);
$table->addFieldInfo('name', XMLDB_TYPE_CHAR, 200, null, null);
$table->addFieldInfo('enabled', XMLDB_TYPE_INTEGER, 1, null, XMLDB_NOTNULL, null, null, null, 0);
$table->addFieldInfo('restrictedusers', XMLDB_TYPE_INTEGER, 1, null, XMLDB_NOTNULL, null, null, null, 0);
$table->addFieldInfo('tokenusers', XMLDB_TYPE_INTEGER, 1, null, XMLDB_NOTNULL, null, null, null, 0);
$table->addFieldInfo('component', XMLDB_TYPE_CHAR, 100, null, null);
$table->addFieldInfo('timecreated', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, null, null, null, null);
$table->addFieldInfo('timemodified', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, null, null, null, null);
$table->addKeyInfo('primary', XMLDB_KEY_PRIMARY, array('id'));
$table->addIndexInfo('nameuk', XMLDB_INDEX_UNIQUE, array('name'));
create_table($table);
$table = new XMLDBTable('external_functions');
$table->addFieldInfo('id', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, XMLDB_SEQUENCE, null, null, null);
$table->addFieldInfo('name', XMLDB_TYPE_CHAR, 200, null, null);
$table->addFieldInfo('classname', XMLDB_TYPE_CHAR, 100, null, null);
$table->addFieldInfo('methodname', XMLDB_TYPE_CHAR, 100, null, null);
$table->addFieldInfo('classpath', XMLDB_TYPE_CHAR, 255, null, null);
$table->addFieldInfo('component', XMLDB_TYPE_CHAR, 100, null, null);
$table->addKeyInfo('primary', XMLDB_KEY_PRIMARY, array('id'));
$table->addIndexInfo('nameuk', XMLDB_INDEX_UNIQUE, array('name'));
create_table($table);
$table = new XMLDBTable('external_services_functions');
$table->addFieldInfo('id', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, XMLDB_SEQUENCE, null, null, null);
$table->addFieldInfo('externalserviceid', XMLDB_TYPE_INTEGER, 10, null, null);
$table->addFieldInfo('functionname', XMLDB_TYPE_CHAR, 200, null, null);
$table->addKeyInfo('primary', XMLDB_KEY_PRIMARY, array('id'));
$table->addKeyInfo('externalserviceidfk', XMLDB_KEY_FOREIGN, array('externalserviceid'), 'external_services', array('id'));
create_table($table);
$table = new XMLDBTable('external_tokens');
$table->addFieldInfo('id', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, XMLDB_SEQUENCE, null, null, null);
$table->addFieldInfo('token', XMLDB_TYPE_CHAR, 128, null, null);
$table->addFieldInfo('tokentype', XMLDB_TYPE_INTEGER, 4, null, XMLDB_NOTNULL, null, null, null, 0);
$table->addFieldInfo('userid', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL);
$table->addFieldInfo('institution', XMLDB_TYPE_CHAR, 255, null, null);
$table->addFieldInfo('externalserviceid', XMLDB_TYPE_INTEGER, 10, null, null);
$table->addFieldInfo('sid', XMLDB_TYPE_CHAR, 128, null, null);
$table->addFieldInfo('creatorid', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, null, null, null, 1);
$table->addFieldInfo('iprestriction', XMLDB_TYPE_CHAR, 255, null, null);
$table->addFieldInfo('validuntil', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, null, null, null, null);
$table->addFieldInfo('timecreated', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, null, null, null, null);
$table->addFieldInfo('lastaccess', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, null, null, null, null);
$table->addFieldInfo('publickey', XMLDB_TYPE_TEXT, null, null, XMLDB_NOTNULL);
$table->addFieldInfo('publickeyexpires', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, null, null, null, null);
$table->addFieldInfo('wssigenc', XMLDB_TYPE_INTEGER, 1, null, XMLDB_NOTNULL, null, null, null, 0);
$table->addKeyInfo('primary', XMLDB_KEY_PRIMARY, array('id'));
$table->addKeyInfo('useridfk', XMLDB_KEY_FOREIGN, array('userid'), 'usr', array('id'));
$table->addKeyInfo('institutionfk', XMLDB_KEY_FOREIGN, array('institution'), 'institution', array('name'));
$table->addKeyInfo('externalserviceidfk', XMLDB_KEY_FOREIGN, array('externalserviceid'), 'external_services', array('id'));
$table->addKeyInfo('creatoridfk', XMLDB_KEY_FOREIGN, array('creatorid'), 'usr', array('id'));
$table->addIndexInfo('tokenuk', XMLDB_INDEX_UNIQUE, array('token'));
create_table($table);
$table = new XMLDBTable('external_services_users');
$table->addFieldInfo('id', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, XMLDB_SEQUENCE, null, null, null);
$table->addFieldInfo('externalserviceid', XMLDB_TYPE_INTEGER, 10, null, null);
$table->addFieldInfo('userid', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL);
$table->addFieldInfo('institution', XMLDB_TYPE_CHAR, 255, null, null);
$table->addFieldInfo('iprestriction', XMLDB_TYPE_CHAR, 255, null, null);
$table->addFieldInfo('validuntil', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, null, null, null, null);
$table->addFieldInfo('timecreated', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, null, null, null, null);
$table->addFieldInfo('lastaccess', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, null, null, null, null);
$table->addFieldInfo('publickey', XMLDB_TYPE_TEXT, null, null, XMLDB_NOTNULL);
$table->addFieldInfo('publickeyexpires', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, null, null, null, null);
$table->addFieldInfo('wssigenc', XMLDB_TYPE_INTEGER, 1, null, XMLDB_NOTNULL, null, null, null, 0);
$table->addKeyInfo('primary', XMLDB_KEY_PRIMARY, array('id'));
$table->addKeyInfo('externalserviceidfk', XMLDB_KEY_FOREIGN, array('externalserviceid'), 'external_services', array('id'));
$table->addKeyInfo('useridfk', XMLDB_KEY_FOREIGN, array('userid'), 'usr', array('id'));
$table->addKeyInfo('institutionfk', XMLDB_KEY_FOREIGN, array('institution'), 'institution', array('name'));
create_table($table);
$table = new XMLDBTable('external_services_logs');
$table->addFieldInfo('id', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, XMLDB_SEQUENCE, null, null, null);
$table->addFieldInfo('timelogged', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, null, null, null, null);
$table->addFieldInfo('userid', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL);
$table->addFieldInfo('externalserviceid', XMLDB_TYPE_INTEGER, 10, null, null);
$table->addFieldInfo('institution', XMLDB_TYPE_CHAR, 255, null, XMLDB_NOTNULL);
$table->addFieldInfo('protocol', XMLDB_TYPE_CHAR, 10, null, XMLDB_NOTNULL);
$table->addFieldInfo('auth', XMLDB_TYPE_CHAR, 10, null, XMLDB_NOTNULL);
$table->addFieldInfo('functionname', XMLDB_TYPE_CHAR, 200, null, XMLDB_NOTNULL);
$table->addFieldInfo('timetaken', XMLDB_TYPE_NUMBER, '10, 5', null, XMLDB_NOTNULL, null, null, null, null);
$table->addFieldInfo('uri', XMLDB_TYPE_CHAR, 255, null, null);
$table->addFieldInfo('info', XMLDB_TYPE_TEXT, null, null, XMLDB_NOTNULL);
$table->addFieldInfo('ip', XMLDB_TYPE_CHAR, 45, null, null);
$table->addKeyInfo('primary', XMLDB_KEY_PRIMARY, array('id'));
$table->addKeyInfo('useridfk', XMLDB_KEY_FOREIGN, array('userid'), 'usr', array('id'));
$table->addIndexInfo('externalserviceid', XMLDB_INDEX_NOTUNIQUE, array('externalserviceid'));
$table->addIndexInfo('institution', XMLDB_INDEX_NOTUNIQUE, array('institution'));
$table->addIndexInfo('functionname', XMLDB_INDEX_NOTUNIQUE, array('functionname'));
$table->addIndexInfo('timelogged', XMLDB_INDEX_NOTUNIQUE, array('timelogged'));
create_table($table);
// Create the OAuth server authentication tables
$table = new XMLDBTable('oauth_server_registry');
$table->addFieldInfo('id', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, XMLDB_SEQUENCE, null, null, null);
$table->addFieldInfo('userid', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL);
$table->addFieldInfo('externalserviceid', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL);
$table->addFieldInfo('institution', XMLDB_TYPE_CHAR, 255, null, XMLDB_NOTNULL);
$table->addFieldInfo('consumer_key', XMLDB_TYPE_CHAR, 128, null, XMLDB_NOTNULL);
$table->addFieldInfo('consumer_secret', XMLDB_TYPE_CHAR, 255, null, XMLDB_NOTNULL);
$table->addFieldInfo('enabled', XMLDB_TYPE_INTEGER, 1, null, XMLDB_NOTNULL, null, null, null, 0);
$table->addFieldInfo('status', XMLDB_TYPE_CHAR, 255, null, XMLDB_NOTNULL);
$table->addFieldInfo('requester_name', XMLDB_TYPE_CHAR, 255, null, XMLDB_NOTNULL);
$table->addFieldInfo('requester_email', XMLDB_TYPE_CHAR, 255, null, XMLDB_NOTNULL);
$table->addFieldInfo('callback_uri', XMLDB_TYPE_TEXT, null, null, XMLDB_NOTNULL);
$table->addFieldInfo('application_uri', XMLDB_TYPE_TEXT, null, null, XMLDB_NOTNULL);
$table->addFieldInfo('application_title', XMLDB_TYPE_CHAR, 255, null, XMLDB_NOTNULL);
$table->addFieldInfo('application_descr', XMLDB_TYPE_TEXT, null, null, XMLDB_NOTNULL);
$table->addFieldInfo('application_notes', XMLDB_TYPE_TEXT, null, null, XMLDB_NOTNULL);
$table->addFieldInfo('application_type', XMLDB_TYPE_CHAR, 255, null, XMLDB_NOTNULL);
$table->addFieldInfo('issue_date', XMLDB_TYPE_DATETIME, null, null, XMLDB_NOTNULL);
$table->addFieldInfo('timestamp', XMLDB_TYPE_DATETIME, null, null, XMLDB_NOTNULL);
$table->addKeyInfo('primary', XMLDB_KEY_PRIMARY, array('id'));
$table->addKeyInfo('useridfk', XMLDB_KEY_FOREIGN, array('userid'), 'usr', array('id'));
$table->addKeyInfo('externalserviceidfk', XMLDB_KEY_FOREIGN, array('externalserviceid'), 'external_services', array('id'));
$table->addKeyInfo('institutionfk', XMLDB_KEY_FOREIGN, array('institution'), 'institution', array('name'));
$table->addIndexInfo('consumerkeyuk', XMLDB_INDEX_UNIQUE, array('consumer_key'));
create_table($table);
$table = new XMLDBTable('oauth_server_nonce');
$table->addFieldInfo('id', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, XMLDB_SEQUENCE, null, null, null);
$table->addFieldInfo('consumer_key', XMLDB_TYPE_CHAR, 128, null, XMLDB_NOTNULL);
$table->addFieldInfo('token', XMLDB_TYPE_CHAR, 64, null, XMLDB_NOTNULL);
$table->addFieldInfo('nonce', XMLDB_TYPE_CHAR, 80, null, XMLDB_NOTNULL);
$table->addFieldInfo('timestamp', XMLDB_TYPE_DATETIME, null, null, XMLDB_NOTNULL);
$table->addKeyInfo('primary', XMLDB_KEY_PRIMARY, array('id'));
$table->addIndexInfo('keysuk', XMLDB_INDEX_UNIQUE, array('consumer_key', 'token', 'timestamp', 'nonce'));
create_table($table);
$table = new XMLDBTable('oauth_server_token');
$table->addFieldInfo('id', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, XMLDB_SEQUENCE, null, null, null);
$table->addFieldInfo('osr_id_ref', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL);
$table->addFieldInfo('userid', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL);
$table->addFieldInfo('token', XMLDB_TYPE_CHAR, 64, null, XMLDB_NOTNULL);
$table->addFieldInfo('token_secret', XMLDB_TYPE_CHAR, 64, null, XMLDB_NOTNULL);
$table->addFieldInfo('token_type', XMLDB_TYPE_CHAR, 20, null, XMLDB_NOTNULL, null, true, array('request', 'access'));
$table->addFieldInfo('authorized', XMLDB_TYPE_INTEGER, 1, null, XMLDB_NOTNULL, null, null, null, 0);
$table->addFieldInfo('referrer_host', XMLDB_TYPE_CHAR, 128, null, XMLDB_NOTNULL);
$table->addFieldInfo('callback_uri', XMLDB_TYPE_TEXT, null, null, XMLDB_NOTNULL);
$table->addFieldInfo('verifier', XMLDB_TYPE_CHAR, 10, null, XMLDB_NOTNULL);
$table->addFieldInfo('token_ttl', XMLDB_TYPE_DATETIME, null, null, XMLDB_NOTNULL, null, null, null, "'9999-12-31'");
$table->addFieldInfo('timestamp', XMLDB_TYPE_DATETIME, null, null, XMLDB_NOTNULL);
$table->addKeyInfo('primary', XMLDB_KEY_PRIMARY, array('id'));
$table->addKeyInfo('osrrefidfk', XMLDB_KEY_FOREIGN, array('osr_id_ref'), 'oauth_server_registry', array('id'));
$table->addKeyInfo('useridfk', XMLDB_KEY_FOREIGN, array('userid'), 'usr', array('id'));
$table->addIndexInfo('tokenuk', XMLDB_INDEX_UNIQUE, array('token'));
$table->addIndexInfo('i_token_ttl', XMLDB_INDEX_NOTUNIQUE, array('token_ttl'));
create_table($table);
// Install a cron job to clean webservices logs
if (!get_record('cron', 'callfunction', 'webservice_clean_webservice_logs')) {
$cron = new StdClass;
$cron->callfunction = 'webservice_clean_webservice_logs';
$cron->minute = '5';
$cron->hour = '01';
$cron->day = '*';
$cron->month = '*';
$cron->dayofweek = '*';
insert_record('cron', $cron);
}
// ensure that we have a webservice auth_instance
$authinstance = get_record('auth_instance', 'institution', 'mahara', 'authname', 'webservice');
if (empty($authinstance)) {
$authinstance = (object)array(
'instancename' => 'webservice',
'priority' => 2,
'institution' => 'mahara',
'authname' => 'webservice',
);
insert_record('auth_instance', $authinstance);
}
// activate webservices
foreach (array('soap', 'xmlrpc', 'rest', 'oauth') as $proto) {
set_config('webservice_' . $proto . '_enabled', 1);
}
}
// sweep for webservice updates everytime
$status = external_reload_webservices();
return $status;
}
<?php
/**
*
* @package mahara
* @subpackage core
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
defined('INTERNAL') || die();
$string['webservice'] = 'Webservice';
$string['title'] = 'Webservice';
$string['description'] = 'Webservice only users Authenticated against Mahara\'s database';
$string['completeregistration'] = 'Complete Registration';
$string['emailalreadytaken'] = 'This e-mail address has already registered here';
$string['iagreetothetermsandconditions'] = 'I agree to the Terms and Conditions';
$string['passwordformdescription'] = 'Your password must be at least six characters long and contain at least one digit and two letters';
$string['passwordinvalidform'] = 'Your password must be at least six characters long and contain at least one digit and two letters';
$string['registeredemailsubject'] = 'You have registered at %s';
$string['registeredemailmessagetext'] = 'Hi %s,
Thank you for registering an account on %s. Please follow this link to
complete the signup process:
%sregister.php?key=%s
The link will expire in 24 hours.
--
Regards,
The %s Team';
$string['registeredemailmessagehtml'] = '<p>Hi %s,</p>
<p>Thank you for registering an account on %s. Please follow this link
to complete the signup process:</p>
<p><a href="%sregister.php?key=%s">%sregister.php?key=%s</a></p>
<p>The link will expire in 24 hours.</p>
<pre>--
Regards,
The %s Team</pre>';
$string['registeredok'] = '<p>You have successfully registered. Please check your e-mail account for instructions on how to activate your account</p>';
$string['registrationnosuchkey'] = 'Sorry, there does not seem to be a registration with this key. Perhaps you waited longer than 24 hours to complete your registration? Otherwise, it might be our fault.';
$string['registrationunsuccessful'] = 'Sorry, your registration attempt was unsuccessful. This is our fault, not yours. Please try again later.';
$string['usernamealreadytaken'] = 'Sorry, this username is already taken';
$string['usernameinvalidform'] = 'Usernames may contain letters, numbers and most common symbols, and must be from 3 to 30 characters in length. Spaces are not allowed.';
$string['usernameinvalidadminform'] = 'Usernames may contain letters, numbers and most common symbols, and must be from 3 to 236 characters in length. Spaces are not allowed.';
$string['youmaynotregisterwithouttandc'] = 'You may not register unless you agree to abide by the <a href="terms.php">Terms and Conditions</a>';
// core webservices strings start here
$string['control_webservices'] = 'Switch ALL WebServices on or off: ';
$string['enabled'] = 'enabled';
$string['disabled'] = 'disabled';
$string['masterswitch'] = 'WebServices master switch';
$string['formatdate'] = '';
$string['protocolswitches'] = 'Switch On/Off Protocols';
$string['manage_protocols'] = 'Enable or Disable protocols that are to be supported by this installation:';
$string['protocol'] = 'Protocol';
$string['rest'] = 'REST';
$string['soap'] = 'SOAP';
$string['xmlrpc'] = 'XML-RPC';
$string['manage_certificates'] = 'These are the Certificates generated as part of <a href="%s">Networking</a> services. These values are used by Mahara when WS-Security Signatures, and Encryption are enabled for a particular wstoken or service user (Only XML-RPC and legacy MNet).';
$string['certificates'] = 'Networking Certificates';
$string['servicefunctiongroups'] = 'Manage Service Groups';
$string['servicegroups'] = 'Service Groups';
$string['sfgdescription'] = 'Build lists of functions into service groups, that can be allocated to users authorised for execution';
$string['name'] = 'Name';
$string['component'] = 'Component';
$string['functions'] = 'Functions';
$string['enableservice'] = 'Enable/disable Service';
$string['existingserviceusers'] = 'Cannot switch to token only users, as service users are linked to this service';
$string['existingtokens'] = 'Cannot switch to authorisaed service users as token users exist for this service';
$string['usersonly'] = 'currently Users only';
$string['tokensonly'] = 'currently Tokens only';
$string['switchtousers'] = 'Switch to Users';
$string['switchtotokens'] = 'Switch to Tokens';
$string['invalidservice'] = 'Invalid Service selected ';
$string['invalidfunction'] = 'Invalid Function selected ';
$string['tokengenerationfailed'] = 'Token generation failed';
$string['parametercannotbevalueoptional'] = 'Parameter cannot be value optional';
$string['invalidresponse'] = 'Invalid response ';
$string['invalidstatedetected'] = 'Invalid state detected ';
$string['codingerror'] = 'Codding error ';
$string['accessextfunctionnotconf'] = 'Access to external function not configured';
$string['missingfuncname'] = 'Missing function name';
$string['invalidretdesc'] = 'Invalid return description';
$string['invalidparamdesc'] = 'Invalid parameters description';
$string['missingretvaldesc'] = 'Missing returned values description';
$string['missingparamdesc'] = 'Missing parameters description';
$string['missingimplofmeth'] = 'Missing implementation method of ';
$string['cannotfindimplfile'] = 'Cannot find file with external function implementation';
$string['apptokens'] = 'Application Connections';
$string['servicetokens'] = 'Manage Service Access Tokens';
$string['tokens'] = 'Service Access Tokens';
$string['users'] = 'Service Users';
$string['stdescription'] = 'Generate access tokens, and allocate users to Service Groups';
$string['username'] = 'User';
$string['owner'] = 'Owner';
$string['servicename'] = 'Service';
$string['generate'] = 'Generate token';
$string['invalidtoken'] = 'Invalid token selected';
$string['token'] = 'Token';
$string['invaliduserselected'] = 'Invalid user selected';
$string['invaliduserselectedinstitution'] = 'Invalid user for token institution selected from user search';
$string['noservices'] = 'No services configured';
$string['wssigenc'] = 'Enble WS-Security (XML-RPC Only)';
$string['titlewssigenc'] = 'WSSecurity';
$string['last_access'] = 'Last Access';
$string['verifier'] = 'Verifier Token';
$string['oob'] = 'Out Of Band OAuth Verfication';
$string['oobinfo'] = 'The following is your verification code that will authorise your external application to have access to the approved data. Please copy and paste the code into the associated application prompt to continue.';
$string['instructions'] = 'Instructions';