MOBILE-4919 site: Allow apply WS override only for certain user

Author: dpalou

src/core/classes/sites/authenticated-site.ts

@@ -37,7 +37,13 @@ import { Observable, ObservableInput, ObservedValueOf, OperatorFunction, Subject
 import { finalize, map, mergeMap } from 'rxjs/operators';
 import { CoreSiteError } from '@classes/errors/siteerror';
 import { CoreUserAuthenticatedSupportConfig } from '@features/user/classes/support/authenticated-support-config';
-import { CoreSiteInfo, CoreSiteInfoResponse, CoreSitePublicConfigResponse, CoreUnauthenticatedSite } from './unauthenticated-site';
+import {
+    CoreSiteInfo,
+    CoreSiteInfoResponse,
+    CoreSitePublicConfigResponse,
+    CoreUnauthenticatedSite,
+    CoreWSOverride,
+} from './unauthenticated-site';
 import { Md5 } from 'ts-md5';
 import { CoreSiteWSCacheRecord } from '@services/database/sites';
 import { CoreErrorLogs } from '@singletons/error-logs';
@@ -100,7 +106,7 @@ export class CoreAuthenticatedSite extends CoreUnauthenticatedSite {
     privateToken?: string;
     infos?: CoreSiteInfo;
 
-    protected logger: CoreLogger;
+    protected logger = CoreLogger.getInstance('CoreAuthenticatedSite');
     protected cleanUnicode = false;
     protected offlineDisabled = false;
     private memoryCache: Record<string, CoreSiteWSCacheRecord> = {};
@@ -124,7 +130,6 @@ export class CoreAuthenticatedSite extends CoreUnauthenticatedSite {
     ) {
         super(siteUrl, otherData.publicConfig);
 
-        this.logger = CoreLogger.getInstance('CoreAuthenticaedSite');
         this.token = token;
         this.privateToken = otherData.privateToken;
     }
@@ -1617,6 +1622,23 @@ export class CoreAuthenticatedSite extends CoreUnauthenticatedSite {
         CoreEvents.trigger(eventName, data);
     }
 
+    /**
+     * @inheritdoc
+     */
+    protected shouldApplyWSOverride(patch: CoreWSOverride): boolean {
+        if (!Number(patch.userid)) {
+            return true;
+        }
+
+        if (!this.infos?.userid) {
+            // Strange case, when doing WS calls the site should always have the userid already.
+            // Apply the patch to match the behaviour of unauthenticated site.
+            return true;
+        }
+
+        return Number(patch.userid) === this.infos.userid;
+    }
+
 }
 
 /**

src/core/classes/sites/unauthenticated-site.ts

@@ -20,14 +20,17 @@ import { CoreText } from '@singletons/text';
 import { CoreUrl, CoreUrlPartNames } from '@singletons/url';
 import { CoreWS, CoreWSAjaxPreSets, CoreWSExternalWarning } from '@services/ws';
 import { CorePath } from '@singletons/path';
-import { CoreJsonPatch } from '@singletons/json-patch';
+import { CoreJsonPatch, JsonPatchOperation } from '@singletons/json-patch';
 import { CoreUtils } from '@singletons/utils';
+import { CoreLogger } from '@singletons/logger';
 
 /**
  * Class that represents a Moodle site where the user still hasn't authenticated.
  */
 export class CoreUnauthenticatedSite {
 
+    protected logger = CoreLogger.getInstance('CoreUnauthenticatedSite');
+
     siteUrl: string;
 
     protected publicConfig?: CoreSitePublicConfigResponse;
@@ -499,7 +502,34 @@ export class CoreUnauthenticatedSite {
             return data;
         }
 
-        return CoreJsonPatch.applyPatches(data, CoreConstants.CONFIG.wsOverrides[method]);
+        CoreConstants.CONFIG.wsOverrides[method].forEach((patch) => {
+            if (!this.shouldApplyWSOverride(patch)) {
+                this.logger.warn('Patch ignored, conditions not fulfilled:', patch);
+
+                return;
+            }
+
+            try {
+                CoreJsonPatch.applyPatch(data, patch);
+            } catch (error) {
+                this.logger.error('Error applying WS override:', error, patch);
+            }
+        });
+
+        return data;
+    }
+
+    /**
+     * Whether a patch should be applied as a WS override.
+     *
+     * @param patch Patch to check.
+     * @returns Whether it should be applied.
+     */
+    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+    protected shouldApplyWSOverride(patch: CoreWSOverride): boolean {
+        // Always apply patches for unauthenticated sites since we don't have user info.
+        // If the pacth for an AJAX WebService contains an userid is probably by mistake.
+        return true;
     }
 
 }
@@ -653,3 +683,10 @@ export enum TypeOfLogin {
     BROWSER = 2, // SSO in browser window is required.
     EMBEDDED = 3, // SSO in embedded browser is required.
 }
+
+/**
+ * WebService override patch.
+ */
+export type CoreWSOverride = JsonPatchOperation & {
+    userid?: number; // To apply the patch only if the current user matches this userid.
+};

src/types/config.d.ts

@@ -19,7 +19,7 @@ import { OpenFileAction } from '@singletons/opener';
 import { CoreLoginSiteFinderSettings, CoreLoginSiteSelectorListMethod } from '@features/login/services/login-helper';
 import { CoreDatabaseConfiguration } from '@classes/database/database-table';
 import { ToastDuration } from '@services/overlays/toasts';
-import { JsonPatchOperation } from '@singletons/json-patch';
+import { CoreWSOverride } from '@classes/sites/unauthenticated-site';
 
 /* eslint-disable @typescript-eslint/naming-convention */
 
@@ -81,5 +81,5 @@ export interface EnvironmentConfig {
     clearIABSessionWhenAutoLogin?: 'android' | 'ios' | 'all'; // Clear the session every time a new IAB is opened with auto-login.
     disabledFeatures?: string; // Disabled features for the whole app, using the same format as tool_mobile_disabledfeatures.
     collapsibleItemsExpanded: boolean; // Expand or collapse the collapsible items by default.
-    wsOverrides: Record<string, JsonPatchOperation[]>; // Overrides to apply to WS calls.
+    wsOverrides: Record<string, CoreWSOverride[]>; // Overrides to apply to WS calls.
 }