mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-14 04:52:36 +02:00
Code Issues Projects Releases Wiki Activity

MDL-32941 complete unit tests and webform

Browse Source
This commit is contained in:
Fábio Souto 2012-03-28 18:29:17 +01:00 committed by Jerome Mouneyrac
parent 95693c43aa
commit be05180890
3 changed files with 116 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
admin/webservice/testclient_forms.php
View File

@ -727,3 +727,76 @@ class moodle_group_delete_groupmembers_form extends moodleform {
return $params;
}
}
/**
* Form class for create_categories() web service function test.
*/
class core_course_create_categories_form extends moodleform {
/**
* The form definition.
*/
public function definition() {
global $CFG;
$mform = $this->_form;
$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));
// Note: these values are intentionally PARAM_RAW - we want users to test any rubbish as parameters.
$data = $this->_customdata;
if ($data['authmethod'] == 'simple') {
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
} else if ($data['authmethod'] == 'token') {
$mform->addElement('text', 'token', 'token');
}
$mform->addElement('hidden', 'authmethod', $data['authmethod']);
$mform->setType('authmethod', PARAM_SAFEDIR);
$mform->addElement('text', 'name[0]', 'name[0]');
$mform->addElement('text', 'parent[0]', 'parent[0]');
$mform->addElement('text', 'idnumber[0]', 'idnumber[0]');
$mform->addElement('text', 'description[0]', 'description[0]');
$mform->addElement('text', 'name[1]', 'name[1]');
$mform->addElement('text', 'parent[1]', 'parent[1]');
$mform->addElement('text', 'idnumber[1]', 'idnumber[1]');
$mform->addElement('text', 'description[1]', 'description[1]');
$mform->addElement('hidden', 'function');
$mform->setType('function', PARAM_SAFEDIR);
$mform->addElement('hidden', 'protocol');
$mform->setType('protocol', PARAM_SAFEDIR);
$this->add_action_buttons(true, get_string('execute', 'webservice'));
}
/**
* Get the parameters that the user submitted using the form.
* @return array|null
*/
public function get_params() {
if (!$data = $this->get_data()) {
return null;
}
// Remove unused from form data.
unset($data->submitbutton);
unset($data->protocol);
unset($data->function);
unset($data->wsusername);
unset($data->wspassword);
unset($data->token);
unset($data->authmethod);
$params = array();
$params['categories'] = array();
for ($i=0; $i<10; $i++) {
if (empty($data->name[$i]) or empty($data->parent[$i])) {
continue;
}
$params['categories'][] = array('name'=>$data->name[$i], 'parent'=>$data->parent[$i],
'idnumber'=>$data->idnumber[$i], 'description'=>$data->description[$i]);
}
return $params;
}
}

94
course/externallib.php
View File

@ -419,14 +419,11 @@ class core_course_external extends external_api {
}
/**
* Returns description of method parameters
*
* @return external_function_parameters
* @since Moodle 2.3
* TODO is PARAM_CLEANHTML for the description enough secured?
* Is it possible to still pass some script tag that pass PARAM_CLEANHTML
* and execute dangereous javascript in the browser?
*/
* Returns description of method parameters
*
* @return external_function_parameters
* @since Moodle 2.3
*/
public static function create_categories_parameters() {
return new external_function_parameters(
array(
@ -434,11 +431,15 @@ class core_course_external extends external_api {
new external_single_structure(
array(
'name' => new external_value(PARAM_TEXT, 'new category name'),
'parent' => new external_value(PARAM_INT, 'the parent category id inside which the new category will be created'),
'idnumber' => new external_value(PARAM_RAW, 'the new category idnumber', VALUE_OPTIONAL),
'description' => new external_value(PARAM_CLEANHTML, 'the new category description', VALUE_OPTIONAL),
'parent' => new external_value(PARAM_INT,
'the parent category id inside which the new category will be created'),
'idnumber' => new external_value(PARAM_RAW,
'the new category idnumber', VALUE_OPTIONAL),
'description' => new external_value(PARAM_RAW,
'the new category description', VALUE_OPTIONAL),
'theme' => new external_value(PARAM_THEME,
'the new category theme. This option must be enabled on moodle', VALUE_OPTIONAL),
'the new category theme. This option must be enabled on moodle',
VALUE_OPTIONAL),
)
)
)
@ -452,7 +453,6 @@ class core_course_external extends external_api {
* @param array $categories - see create_categories_parameters() for the array structure
* @return array - see create_categories_returns() for the array structure
* @since Moodle 2.3
* TODO: check exceptions
*/
public static function create_categories($categories) {
global $CFG, $DB;
@ -462,65 +462,53 @@ class core_course_external extends external_api {
array('categories' => $categories));
$transaction = $DB->start_delegated_transaction();
$createdcategories = array();
foreach($params['categories'] as $category) {
$newcategory = new stdClass();
$newcategory->sortorder = 999; //same as in the course/editcategory.php
$newcategory->parent = $category['parent'];
foreach ($params['categories'] as $category) {
if ($category['parent']) {
if (!$DB->record_exists('course_categories', array('id' => $category['parent']))) {
throw new moodle_exception('unknowncategory');
throw new moodle_exception('unknowcategory');
}
$context = context_coursecat::instance($category['parent']);
}
else {
} else {
$context = context_system::instance();
}
self::validate_context($context);
require_capability('moodle/category:manage', $context);
//check id number
if (!empty($category['idnumber'])) { //same as in course/editcategory_form.php
if (strlen($category['idnumber'])>100) {
throw new moodle_exception('id number is too long');
}
// Check id number.
if (!empty($category['idnumber'])) { // Same as in course/editcategory_form.php .
if (textlib::strlen($category['idnumber'])>100) {
throw new moodle_exception('idnumbertoolong');
}
if ($existing = $DB->get_record('course_categories', array('idnumber' => $category['idnumber']))) {
if ($existing->id) {
throw new moodle_exception('idnumbertaken');
}
}
}
$newcategory->idnumber = $category['idnumber'];
//check name
if (strlen($category['name'])>30) {
throw new moodle_exception('category name is too long.');
// Check name.
if (textlib::strlen($category['name'])>30) {
throw new moodle_exception('categorytoolong');
}
$newcategory->name = $category['name'];
//Format the description
if (!empty($newcategory->description)) {
$options = new stdClass();
$options->para = false;
$options->newlines = false;
$options->context = $context;
$newcategory->description = format_text($category['description'], FORMAT_HTML, $options);
$newcategory = new stdClass();
$newcategory->name = $category['name'];
$newcategory->parent = $category['parent'];
$newcategory->idnumber = $category['idnumber'];
$newcategory->sortorder = 999; // Same as in the course/editcategory.php .
// Format the description.
if (!empty($category['description'])) {
$newcategory->description = $category['description'];
}
$newcategory->descriptionformat = FORMAT_HTML;
if (isset($category['theme']) and !empty($CFG->allowcategorythemes)) {
$newcategory->theme = $category['theme'];
}
$newcategory->id = $DB->insert_record('course_categories', $newcategory);
$newcategory->context = context_coursecat::instance($newcategory->id);
mark_context_dirty($newcategory->context->path);
//populate special fields
fix_course_sortorder();
$newcategory = create_course_category($newcategory);
// Populate special fields.
fix_course_sortorder();
$createdcategories[] = array('id' => $newcategory->id, 'name' => $newcategory->name);
}
@ -531,11 +519,11 @@ class core_course_external extends external_api {
}
/**
* Returns description of method parameters
*
* @return external_function_parameters
* @since Moodle 2.3
*/
* Returns description of method parameters
*
* @return external_function_parameters
* @since Moodle 2.3
*/
public static function create_categories_returns() {
return new external_multiple_structure(
new external_single_structure(

2
lang/en/error.php
View File

@ -158,6 +158,7 @@ $string['cannotviewprofile'] = 'You cannot view the profile of this user';
$string['cannotviewreport'] = 'You cannot view this report';
$string['cannotwritefile'] = 'Cannot write to file ({$a})';
$string['categoryerror'] = 'Category error';
$string['categorytoolong'] = 'Category name too long';
$string['commentmisconf'] = 'Comment ID is misconfigured';
$string['componentisuptodate'] = 'Component is up-to-date';
$string['confirmsesskeybad'] = 'Sorry, but your session key could not be confirmed to carry out this action. This security feature prevents against accidental or malicious execution of important functions in your name. Please make sure you really wanted to execute this function.';
@ -250,6 +251,7 @@ $string['hackdetected'] = 'Hack attack detected!';
$string['hashpoolproblem'] = 'Incorrect pool file content {$a}.';
$string['headersent'] = 'Headers already sent';
$string['idnumbertaken'] = 'ID number is already used for another course';
$string['idnumbertoolong'] = 'ID number is too long';
$string['importformatnotimplement'] = 'Sorry, importing this format is not yet implemented!';
$string['incorrectext'] = 'File has an incorrect extension';
$string['installproblem'] = 'It is usually not possible to recover from errors triggered during installation, you may need to create a new database or use a different database prefix if you want to retry the installation.';