Merge branch 'MDL-66582-master' of git://github.com/jleyva/moodle

2025-04-21 16:32:18 +02:00 · 2019-11-04 19:39:24 +08:00 · 2019-11-04 19:39:24 +08:00 · 08636b8524
commit 08636b8524
parent f025022d62 62a08b1df8
4 changed files with 62 additions and 13 deletions
--- a/admin/tool/mobile/classes/api.php
+++ b/admin/tool/mobile/classes/api.php
@ -210,6 +210,12 @@ class api {
        $identityprovidersdata = \auth_plugin_base::prepare_identity_providers_for_output($identityproviders, $OUTPUT);
        if (!empty($identityprovidersdata)) {
            $settings['identityproviders'] = $identityprovidersdata;
+            // Clean URLs to avoid breaking Web Services.
+            // We can't do it in prepare_identity_providers_for_output() because it may break the web output.
+            foreach ($settings['identityproviders'] as &$ip) {
+                $ip['url'] = (!empty($ip['url'])) ? clean_param($ip['url'], PARAM_URL) : '';
+                $ip['iconurl'] = (!empty($ip['iconurl'])) ? clean_param($ip['iconurl'], PARAM_URL) : '';
+            }
        }

        // If age is verified, return also the admin contact details.
--- a/admin/tool/mobile/tests/externallib_test.php
+++ b/admin/tool/mobile/tests/externallib_test.php
@ -103,6 +103,7 @@ class tool_mobile_external_testcase extends externallib_advanced_testcase {
        );
        $this->assertEquals($expected, $result);

+        $this->setAdminUser();
        // Change some values.
        set_config('registerauth', 'email');
        $authinstructions = 'Something with <b>html tags</b>';
@ -117,6 +118,18 @@ class tool_mobile_external_testcase extends externallib_advanced_testcase {
        set_config('disabledfeatures', 'myoverview', 'tool_mobile');
        set_config('minimumversion', '3.8.0', 'tool_mobile');

+        // Enable couple of issuers.
+        $issuer = \core\oauth2\api::create_standard_issuer('google');
+        $irecord = $issuer->to_record();
+        $irecord->clientid = 'mock';
+        $irecord->clientsecret = 'mock';
+        core\oauth2\api::update_issuer($irecord);
+
+        set_config('hostname', 'localhost', 'auth_cas');
+        set_config('auth_logo', 'http://invalidurl.com//invalid/', 'auth_cas');
+
+        set_config('auth', 'oauth2,cas');
+
        list($authinstructions, $notusedformat) = external_format_text($authinstructions, FORMAT_MOODLE, $context->id);
        $expected['registerauth'] = 'email';
        $expected['authinstructions'] = $authinstructions;
@ -139,7 +152,26 @@ class tool_mobile_external_testcase extends externallib_advanced_testcase {

        $result = external::get_public_config();
        $result = external_api::clean_returnvalue(external::get_public_config_returns(), $result);
+        // First check providers.
+        $identityproviders = $result['identityproviders'];
+        unset($result['identityproviders']);
+
+        $this->assertEquals('Google', $identityproviders[0]['name']);
+        $this->assertEquals($irecord->image, $identityproviders[0]['iconurl']);
+        $this->assertContains($CFG->wwwroot, $identityproviders[0]['url']);
+
+        $this->assertEquals('CAS', $identityproviders[1]['name']);
+        $this->assertEmpty($identityproviders[1]['iconurl']);
+        $this->assertContains($CFG->wwwroot, $identityproviders[1]['url']);
+
        $this->assertEquals($expected, $result);
+
+        // Change providers img.
+        $newurl = 'validimage.png';
+        set_config('auth_logo', $newurl, 'auth_cas');
+        $result = external::get_public_config();
+        $result = external_api::clean_returnvalue(external::get_public_config_returns(), $result);
+        $this->assertContains($newurl, $result['identityproviders'][1]['iconurl']);
    }

    /**
--- a/auth/cas/auth.php
+++ b/auth/cas/auth.php
@ -365,13 +365,17 @@ class auth_plugin_cas extends auth_plugin_ldap {
            return [];
        }

-        $iconurl = moodle_url::make_pluginfile_url(
-            context_system::instance()->id,
-            'auth_cas',
-            'logo',
-            null,
-            '/',
-            $this->config->auth_logo);
+        if ($this->config->auth_logo) {
+            $iconurl = moodle_url::make_pluginfile_url(
+                context_system::instance()->id,
+                'auth_cas',
+                'logo',
+                null,
+                null,
+                $this->config->auth_logo);
+        } else {
+            $iconurl = null;
+        }

        return [
            [
--- a/auth/shibboleth/auth.php
+++ b/auth/shibboleth/auth.php
@ -294,12 +294,19 @@ class auth_plugin_shibboleth extends auth_plugin_base {
        }

        $url = new moodle_url('/auth/shibboleth/index.php');
-        $iconurl = moodle_url::make_pluginfile_url(context_system::instance()->id,
-                                                   'auth_shibboleth',
-                                                   'logo',
-                                                   null,
-                                                   '/',
-                                                   $config->auth_logo);
+
+        if ($config->auth_logo) {
+            $iconurl = moodle_url::make_pluginfile_url(
+                context_system::instance()->id,
+                'auth_shibboleth',
+                'logo',
+                null,
+                null,
+                $config->auth_logo);
+        } else {
+            $iconurl = null;
+        }
+
        $result[] = ['url' => $url, 'iconurl' => $iconurl, 'name' => $config->login_name];
        return $result;
    }