General developer forum

add moodle/webservice:createtoken capability to all students

 
 
Anne Krijger
add moodle/webservice:createtoken capability to all students
 

I seem to be missing something when it comes to allowing users, students in particular, to generate the token needed to access Webservices.

I can't change the (pre-defined) student role because I need to add the moodle/webservice:createtoken capability at the System level and this role only sets capabilities at the Course and Module level.

So how would I go about giving all Students the capability to generate a token (at System level)?

Or am I missing something and should I be going about this differently?

Anne.

 
Average of ratings: -
Tim at Lone Pine Koala Sanctuary
Re: add moodle/webservice:createtoken capability to all students
Group DevelopersGroup Documentation writersGroup Particularly helpful Moodlers

Give the capability to the authenticated user role.

 
Average of ratings:Useful (1)
Anne Krijger
Re: add moodle/webservice:createtoken capability to all students
 

Hi Tim,

Thanks, that worked and will do for now.
This will give all authenticated users access to the Webservice.

I noticed that for the Authenticated user role there is no Context selected by default.
Looking at set_role_contextlevels(...) and mdl_role_context_levels that means that no records will be present for that role(id).

Looking at the code I gather it is not possible to give a role certain capabilities in one Context and other capabilities in another Context. Is that correct?

If I remember correctly you also can't assign more than one role to a user in a given context (course being the most obvious). I also didn't see a way to create a role as an extension of another role. So if I will need to assign the Webservice access capability only to students, how would I go about that?

I still feel like I'm not seeing something smile

Anne.

 
Average of ratings: -
Tim at Lone Pine Koala Sanctuary
Re: add moodle/webservice:createtoken capability to all students
Group DevelopersGroup Documentation writersGroup Particularly helpful Moodlers

Lots of misconceptions here:

1. Assigning that capability will let any user create a web service token. That will not necessarily let them call any given web service. More permisison checks will be done when they call the service.

2. There are no explicity role-assignments to authenticated user in the database. Since every single user has this role (in the system context) when we are logged in, that role assignment is handled by the code in accesslib.php. That give better performance than storing it in the database.

3. A role can have different permisisons in different contexts. That is what permission overrides are for.

4. A user can have any number of roles in each context.

 
Average of ratings: -
Anne Krijger
Re: add moodle/webservice:createtoken capability to all students
 

Hi Tim,

1. Correct, I also allow them webservice/rest:use and have Webservices and REST enabled on the site.
2. Seems to make sense.

3. I know I can override a permission in for example the course context,
but I can't give the existing student role the createtoken capability at the System context level, right?

4. When enrolling a user in a course, their role is selected.
You can later add another role for that user (Course admin - Users enrolled users),
but you can not select multiple roles at enrolment time, right?

To give my questions a bit more context;

I'm creating a question type that integrates with a custom mobile app.
That means that the students in a course that has a quiz which contains that question type, should have access to the REST Webservice that handles the interaction.

For now I'll enable WS and REST protocol at the site level, and moodle/webservice:createtoken and webservice/rest:use at the authenticated user level.

But what I was looking for, and haven't found yet, was a way to only let those students that need it access the WS.

Mind you; I do check if the person using the WS is enrolled in the course etc, so it is more or less covered. But I was wondering it I could even stop then from accessing the WS.

Anne.

BTW This is a rework of the POC that copied the entire quiz engine smile

 
Average of ratings: -
Picture of Juliana Sobreira
Re: add moodle/webservice:createtoken capability to all students
 

Do you have any solution? I have been struggling on this problem for a while too.

 
Average of ratings: -