Merge pull request #4596 from dpalou/MOBILE-4919

MOBILE-4919 core: Allow overriding WS response via config

Author: crazyserver

.github/workflows/testing.yml

@@ -68,7 +68,7 @@ jobs:
           cat circular-dependencies
           lines=$(cat circular-dependencies | wc -l)
           echo "Total circular dependencies: $lines"
-          test $lines -eq 81
+          test $lines -eq 80
       - name: JavaScript code compatibility
         run: |
           # Check for ES2021 features, allowing ErrorCause feature.

src/core/classes/sites/authenticated-site.ts

@@ -37,7 +37,13 @@ import { Observable, ObservableInput, ObservedValueOf, OperatorFunction, Subject
 import { finalize, map, mergeMap } from 'rxjs/operators';
 import { CoreSiteError } from '@classes/errors/siteerror';
 import { CoreUserAuthenticatedSupportConfig } from '@features/user/classes/support/authenticated-support-config';
-import { CoreSiteInfo, CoreSiteInfoResponse, CoreSitePublicConfigResponse, CoreUnauthenticatedSite } from './unauthenticated-site';
+import {
+    CoreSiteInfo,
+    CoreSiteInfoResponse,
+    CoreSitePublicConfigResponse,
+    CoreUnauthenticatedSite,
+    CoreWSOverride,
+} from './unauthenticated-site';
 import { Md5 } from 'ts-md5';
 import { CoreSiteWSCacheRecord } from '@services/database/sites';
 import { CoreErrorLogs } from '@singletons/error-logs';
@@ -101,7 +107,7 @@ export class CoreAuthenticatedSite extends CoreUnauthenticatedSite {
     privateToken?: string;
     infos?: CoreSiteInfo;
 
-    protected logger: CoreLogger;
+    protected logger = CoreLogger.getInstance('CoreAuthenticatedSite');
     protected cleanUnicode = false;
     protected offlineDisabled = false;
     private memoryCache: Record<string, CoreSiteWSCacheRecord> = {};
@@ -125,7 +131,6 @@ export class CoreAuthenticatedSite extends CoreUnauthenticatedSite {
     ) {
         super(siteUrl, otherData.publicConfig);
 
-        this.logger = CoreLogger.getInstance('CoreAuthenticaedSite');
         this.token = token;
         this.privateToken = otherData.privateToken;
     }
@@ -466,8 +471,13 @@ export class CoreAuthenticatedSite extends CoreUnauthenticatedSite {
         }
 
         const observable = this.performRequest<T>(method, data, preSets, wsPreSets).pipe(
-            // Return a clone of the original object, this may prevent errors if in the callback the object is modified.
-            map((data) => CoreUtils.clone(data)),
+            map((data) => {
+                // Always clone the object because it can be modified when applying patches or in the caller function
+                // and we don't want to store the modified object in cache.
+                const clonedData = CoreUtils.clone(data);
+
+                return this.applyWSOverrides(method, clonedData);
+            }),
         );
 
         this.setOngoingRequest(cacheId, preSets, observable);
@@ -1361,13 +1371,13 @@ export class CoreAuthenticatedSite extends CoreUnauthenticatedSite {
      * @inheritdoc
      */
     async getPublicConfig(options: { readingStrategy?: CoreSitesReadingStrategy } = {}): Promise<CoreSitePublicConfigResponse> {
+        const method = 'tool_mobile_get_public_config';
         const ignoreCache = options.readingStrategy === CoreSitesReadingStrategy.ONLY_NETWORK ||
             options.readingStrategy ===  CoreSitesReadingStrategy.PREFER_NETWORK;
         if (!ignoreCache && this.publicConfig) {
-            return this.publicConfig;
+            return this.overridePublicConfig(this.publicConfig);
         }
 
-        const method = 'tool_mobile_get_public_config';
         const cacheId = this.getCacheId(method, {});
         const cachePreSets: CoreSiteWSPreSets = {
             getFromCache: true,
@@ -1392,8 +1402,7 @@ export class CoreAuthenticatedSite extends CoreUnauthenticatedSite {
 
         const subject = new Subject<CoreSitePublicConfigResponse>();
         const observable = subject.pipe(
-            // Return a clone of the original object, this may prevent errors if in the callback the object is modified.
-            map((data) => CoreUtils.clone(data)),
+            map((data) => this.overridePublicConfig(data)),
             finalize(() => {
                 this.clearOngoingRequest(cacheId, cachePreSets, observable);
             }),
@@ -1627,6 +1636,49 @@ export class CoreAuthenticatedSite extends CoreUnauthenticatedSite {
         CoreEvents.trigger(eventName, data);
     }
 
+    /**
+     * @inheritdoc
+     */
+    protected shouldApplyWSOverride(method: string, data: unknown, patch: CoreWSOverride): boolean {
+        if (!Number(patch.userid)) {
+            return true;
+        }
+
+        const info = this.infos ?? (method === 'core_webservice_get_site_info' ? (data as CoreSiteInfoResponse) : undefined);
+
+        if (!info?.userid) {
+            // Strange case, when doing WS calls the site should always have the userid already.
+            // Apply the patch to match the behaviour of unauthenticated site.
+            return true;
+        }
+
+        return Number(patch.userid) === info.userid;
+    }
+
+    /**
+     * Get the list of applicable WS overrides for this site.
+     *
+     * @returns WS overrides that should be applied for this site.
+     */
+    getApplicableWSOverrides(): Record<string, CoreWSOverride[]> {
+        if (!CoreConstants.CONFIG.wsOverrides) {
+            return {};
+        }
+
+        const effectiveOverrides: Record<string, CoreWSOverride[]> = {};
+
+        Object.keys(CoreConstants.CONFIG.wsOverrides).forEach((method) => {
+            const appliedPatches = CoreConstants.CONFIG.wsOverrides![method].filter((patch) =>
+                this.shouldApplyWSOverride(method, {}, patch));
+
+            if (appliedPatches.length) {
+                effectiveOverrides[method] = appliedPatches;
+            }
+        });
+
+        return effectiveOverrides;
+    }
+
 }
 
 /**

src/core/classes/sites/unauthenticated-site.ts

@@ -20,12 +20,17 @@ import { CoreText } from '@singletons/text';
 import { CoreUrl, CoreUrlPartNames } from '@singletons/url';
 import { CoreWS, CoreWSAjaxPreSets, CoreWSExternalWarning } from '@services/ws';
 import { CorePath } from '@singletons/path';
+import { CoreJsonPatch, JsonPatchOperation } from '@singletons/json-patch';
+import { CoreUtils } from '@singletons/utils';
+import { CoreLogger } from '@singletons/logger';
 
 /**
  * Class that represents a Moodle site where the user still hasn't authenticated.
  */
 export class CoreUnauthenticatedSite {
 
+    protected logger = CoreLogger.getInstance('CoreUnauthenticatedSite');
+
     siteUrl: string;
 
     protected publicConfig?: CoreSitePublicConfigResponse;
@@ -254,7 +259,7 @@ export class CoreUnauthenticatedSite {
         const ignoreCache = options.readingStrategy === CoreSitesReadingStrategy.ONLY_NETWORK ||
             options.readingStrategy ===  CoreSitesReadingStrategy.PREFER_NETWORK;
         if (!ignoreCache && this.publicConfig) {
-            return this.publicConfig;
+            return this.overridePublicConfig(this.publicConfig);
         }
 
         if (options.readingStrategy === CoreSitesReadingStrategy.ONLY_CACHE) {
@@ -266,7 +271,7 @@ export class CoreUnauthenticatedSite {
 
             this.setPublicConfig(config);
 
-            return config;
+            return this.overridePublicConfig(config);
         } catch (error) {
             if (options.readingStrategy === CoreSitesReadingStrategy.ONLY_NETWORK || !this.publicConfig) {
                 throw error;
@@ -298,6 +303,20 @@ export class CoreUnauthenticatedSite {
         return {};
     }
 
+    /**
+     * Apply overrides to the public config of the site.
+     *
+     * @param config Public config.
+     * @returns Public config with overrides if any.
+     */
+    protected overridePublicConfig(config: CoreSitePublicConfigResponse): CoreSitePublicConfigResponse {
+        // Always clone the object because it can be modified when applying patches or in the caller function
+        // and we don't want to modify the stored public config.
+        const clonedData = CoreUtils.clone(config);
+
+        return this.applyWSOverrides('tool_mobile_get_public_config', clonedData);
+    }
+
     /**
      * Perform a request to the server to get the public config of this site.
      *
@@ -437,7 +456,7 @@ export class CoreUnauthenticatedSite {
      *
      * @returns Disabled features.
      */
-    protected getDisabledFeatures(): string {
+    getDisabledFeatures(): string {
         const siteDisabledFeatures = this.getSiteDisabledFeatures() || undefined; // If empty string, use undefined.
         const appDisabledFeatures = CoreConstants.CONFIG.disabledFeatures;
 
@@ -486,6 +505,69 @@ export class CoreUnauthenticatedSite {
         return CoreText.addStartingSlash(CoreUrl.toRelativeURL(this.getURL(), url));
     }
 
+    /**
+     * Call a Moodle WS using the AJAX API and applies WebService overrides (if any) to the result.
+     *
+     * @param method WS method name.
+     * @param data Arguments to pass to the method.
+     * @param preSets Extra settings and information.
+     * @returns Promise resolved with the response data in success and rejected with CoreAjaxError.
+     */
+    async callAjax<T = unknown>(
+        method: string,
+        data: Record<string, unknown> = {},
+        preSets: Omit<CoreWSAjaxPreSets, 'siteUrl'> = {},
+    ): Promise<T> {
+        const result = await CoreWS.callAjax<T>(method, data, { ...preSets, siteUrl: this.siteUrl });
+
+        // No need to clone the data in this case because it's not stored in any cache.
+        return this.applyWSOverrides(method, result);
+    }
+
+    /**
+     * Apply WS overrides (if any) to the data of a WebService response.
+     *
+     * @param method WS method name.
+     * @param data WS response data.
+     * @returns Modified data (or original data if no overrides).
+     */
+    protected applyWSOverrides<T>(method: string, data: T): T {
+        if (!CoreConstants.CONFIG.wsOverrides || !CoreConstants.CONFIG.wsOverrides[method]) {
+            return data;
+        }
+
+        CoreConstants.CONFIG.wsOverrides[method].forEach((patch) => {
+            if (!this.shouldApplyWSOverride(method, data, patch)) {
+                this.logger.warn('Patch ignored, conditions not fulfilled:', method, patch);
+
+                return;
+            }
+
+            try {
+                CoreJsonPatch.applyPatch(data, patch);
+            } catch (error) {
+                this.logger.error('Error applying WS override:', error, patch);
+            }
+        });
+
+        return data;
+    }
+
+    /**
+     * Whether a patch should be applied as a WS override.
+     *
+     * @param method WS method name.
+     * @param data Data returned by the WS.
+     * @param patch Patch to check.
+     * @returns Whether it should be applied.
+     */
+    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+    protected shouldApplyWSOverride(method: string, data: unknown, patch: CoreWSOverride): boolean {
+        // Always apply patches for unauthenticated sites since we don't have user info.
+        // If the patch for an AJAX WebService contains an userid is probably by mistake.
+        return true;
+    }
+
 }
 
 /**
@@ -637,3 +719,10 @@ export enum TypeOfLogin {
     BROWSER = 2, // SSO in browser window is required.
     EMBEDDED = 3, // SSO in embedded browser is required.
 }
+
+/**
+ * WebService override patch.
+ */
+export type CoreWSOverride = JsonPatchOperation & {
+    userid?: number; // To apply the patch only if the current user matches this userid.
+};

src/core/features/login/pages/email-signup/email-signup.ts

@@ -192,7 +192,7 @@ export default class CoreLoginEmailSignupPage implements OnInit {
             if (configValid) {
                 // Check content verification.
                 if (this.ageDigitalConsentVerification === undefined) {
-                    this.ageDigitalConsentVerification = await CoreLoginSignUp.isAgeVerificationEnabled(this.site.getURL());
+                    this.ageDigitalConsentVerification = await CoreLoginSignUp.isAgeVerificationEnabled(this.site);
                 }
 
                 await this.getSignupSettings();
@@ -210,7 +210,7 @@ export default class CoreLoginEmailSignupPage implements OnInit {
      * Get signup settings from server.
      */
     protected async getSignupSettings(): Promise<void> {
-        this.settings = await CoreLoginSignUp.getEmailSignupSettings(this.site.getURL());
+        this.settings = await CoreLoginSignUp.getEmailSignupSettings(this.site);
 
         if (CoreUserProfileFieldDelegate.hasRequiredUnsupportedField(this.settings.profilefields)) {
             this.allRequiredSupported = false;
@@ -330,7 +330,7 @@ export default class CoreLoginEmailSignupPage implements OnInit {
                 this.signupForm.value,
             );
 
-            const result = await CoreLoginSignUp.emailSignup(userInfo, this.site.getURL(), {
+            const result = await CoreLoginSignUp.emailSignup(userInfo, this.site, {
                 recaptchaResponse, customProfileFields, redirect,
             });
 
@@ -410,7 +410,7 @@ export default class CoreLoginEmailSignupPage implements OnInit {
 
         try {
             const age = parseInt(this.ageVerificationForm.value.age, 10);
-            const isMinor = await CoreLoginSignUp.isMinor(age, this.ageVerificationForm.value.country, this.site.getURL());
+            const isMinor = await CoreLoginSignUp.isMinor(age, this.ageVerificationForm.value.country, this.site);
 
             CoreForms.triggerFormSubmittedEvent(this.ageFormElement(), true);
 

src/core/features/login/services/login-helper.ts

@@ -20,7 +20,7 @@ import { CoreApp, CoreStoreConfig } from '@services/app';
 import { CoreConfig } from '@services/config';
 import { CoreEvents, CoreEventSessionExpiredData, CoreEventSiteData } from '@singletons/events';
 import { CoreSites, CoreLoginSiteInfo, CoreSiteBasicInfo } from '@services/sites';
-import { CoreWS, CoreWSExternalWarning } from '@services/ws';
+import { CoreWSExternalWarning } from '@services/ws';
 import { CoreText } from '@singletons/text';
 import { CoreObject } from '@singletons/object';
 import { CoreConstants } from '@/core/constants';
@@ -71,6 +71,7 @@ import {
     AuthEmailSignupSettings,
     CoreLoginSignUp,
 } from './signup';
+import { CoreSitesFactory } from '@services/sites-factory';
 
 /**
  * Helper provider that provides some common features regarding authentication.
@@ -256,7 +257,7 @@ export class CoreLoginHelperProvider {
      * @deprecated since 5.2. Please use CoreLoginSignUp.getEmailSignupSettings instead.
      */
     async getEmailSignupSettings(siteUrl: string): Promise<AuthEmailSignupSettings> {
-        return CoreLoginSignUp.getEmailSignupSettings(siteUrl);
+        return CoreLoginSignUp.getEmailSignupSettings(CoreSitesFactory.makeUnauthenticatedSite(siteUrl));
     }
 
     /**
@@ -815,7 +816,7 @@ export class CoreLoginHelperProvider {
             params.email = email.trim().toLowerCase();
         }
 
-        return CoreWS.callAjax('core_auth_request_password_reset', params, { siteUrl });
+        return CoreSitesFactory.makeUnauthenticatedSite(siteUrl).callAjax('core_auth_request_password_reset', params);
     }
 
     /**
@@ -1023,13 +1024,11 @@ export class CoreLoginHelperProvider {
             // Call the WS to resend the confirmation email.
             const modal = await CoreLoadings.show('core.sending', true);
             const data = { username: username?.toLowerCase(), password };
-            const preSets = { siteUrl };
 
             try {
-                const result = <ResendConfirmationEmailResult> await CoreWS.callAjax(
+                const result = <ResendConfirmationEmailResult> await CoreSitesFactory.makeUnauthenticatedSite(siteUrl).callAjax(
                     'core_auth_resend_confirmation_email',
                     data,
-                    preSets,
                 );
 
                 if (!result.status) {
@@ -1062,7 +1061,7 @@ export class CoreLoginHelperProvider {
         // We don't have site info before login, the only way to check if the WS is available is by calling it.
         try {
             // This call will always fail because we aren't sending parameters.
-            await CoreWS.callAjax('core_auth_resend_confirmation_email', {}, { siteUrl });
+            await CoreSitesFactory.makeUnauthenticatedSite(siteUrl).callAjax('core_auth_resend_confirmation_email');
 
             return true; // We should never reach here.
         } catch (error) {