From 9c9b343571b50177d9a4fac9a0f86f7a7360c826 Mon Sep 17 00:00:00 2001 From: Tim Schilling Date: Wed, 6 Mar 2024 16:34:56 -0600 Subject: [PATCH] Validate the site admins API function is used by site administrator. --- classes/external/get_site_admins.php | 16 ++++++++++------ classes/external/get_users_by_roles.php | 2 ++ lang/en/local_aspiredu.php | 1 + tests/get_site_admins_test.php | 1 + version.php | 2 +- 5 files changed, 15 insertions(+), 7 deletions(-) diff --git a/classes/external/get_site_admins.php b/classes/external/get_site_admins.php index 518348d..1d91689 100644 --- a/classes/external/get_site_admins.php +++ b/classes/external/get_site_admins.php @@ -18,9 +18,12 @@ defined('MOODLE_INTERNAL') || die(); +global $CFG; + require_once($CFG->dirroot . '/user/externallib.php'); require_once("$CFG->dirroot/lib/externallib.php"); +use context_system; use external_api; use external_function_parameters; use external_multiple_structure; @@ -29,7 +32,7 @@ use local_aspiredu\local\lib; /** - * Get users by role external function. + * Get site admin users external function. * * @package local_aspiredu * @copyright 2022 3ipunt @@ -48,15 +51,16 @@ public static function execute_parameters(): external_function_parameters { } /** - * Returns a list of users given a list of roles. + * Returns a list of users who are site admins * - * @param array $roleids - * @param int|null $page current page - * @param int|null $perpage items per page * @return array of warnings and users */ public static function execute(): array { global $CFG, $DB; + // Context validation. + $context = context_system::instance(); + self::validate_context($context); + require_capability('moodle/site:config', $context); return [ 'users' => lib::get_users($DB->get_records_list('user', 'id', explode(',', $CFG->siteadmins))), @@ -65,7 +69,7 @@ public static function execute(): array { } /** - * Describes the get_users_by_roles return value. + * Describes the get_site_admins return value. * * @return external_single_structure */ diff --git a/classes/external/get_users_by_roles.php b/classes/external/get_users_by_roles.php index aa2e765..829d4ab 100644 --- a/classes/external/get_users_by_roles.php +++ b/classes/external/get_users_by_roles.php @@ -18,6 +18,8 @@ defined('MOODLE_INTERNAL') || die(); +global $CFG; + require_once($CFG->dirroot.'/user/externallib.php'); require_once("$CFG->dirroot/lib/externallib.php"); diff --git a/lang/en/local_aspiredu.php b/lang/en/local_aspiredu.php index 9f1ba1d..c7974f0 100755 --- a/lang/en/local_aspiredu.php +++ b/lang/en/local_aspiredu.php @@ -47,6 +47,7 @@ $string['instcourse'] = 'Only instructors with course'; $string['aspiredu:viewdropoutdetective'] = 'View Dropout Detective'; $string['aspiredu:viewinstructorinsight'] = 'View Instructor Insight'; +$string['aspiredu:inaccessmanagement'] = 'Available as admin in Dropout Detective and Instructor Insight'; // Privacy. $string['privacy:metadata:aspiredu_provider'] = 'The AspirEDU plugin provides user information and context to the AspirEDU servers.'; $string['privacy:metadata:aspiredu_provider:courseid'] = 'The ID of the course the user is enrolled.'; diff --git a/tests/get_site_admins_test.php b/tests/get_site_admins_test.php index 52f8e98..3938d51 100644 --- a/tests/get_site_admins_test.php +++ b/tests/get_site_admins_test.php @@ -39,6 +39,7 @@ class get_site_admins_test extends \externallib_advanced_testcase { */ public function test_get_site_admins() { $this->resetAfterTest(); + static::setAdminUser(); $datagenerator = $this->getDataGenerator(); $user = $datagenerator->create_user(); diff --git a/version.php b/version.php index 9cb4a23..27c498b 100755 --- a/version.php +++ b/version.php @@ -27,7 +27,7 @@ defined('MOODLE_INTERNAL') || die; -$plugin->version = 2024030400; +$plugin->version = 2024030600; $plugin->requires = 2022041900.00; $plugin->component = 'local_aspiredu'; $plugin->release = '5.2.0';