mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-22 06:30:59 +01:00
WIP REST API: show checkbox in application password to (re-)generate new token and display it
This commit is contained in:
parent
ec664540fd
commit
333750587c
@ -484,6 +484,7 @@ forward only disables imap mailbox / storing of mails and just forwards them to
|
|||||||
full name admin de Vollständiger Name
|
full name admin de Vollständiger Name
|
||||||
general admin de Allgemein
|
general admin de Allgemein
|
||||||
generate certificate admin de Zertifikat erzeugen
|
generate certificate admin de Zertifikat erzeugen
|
||||||
|
generate new token and display it once after saving admin de Neues Token erzeugen und einmalig nach dem Speichern anzeigen
|
||||||
git clone admin de Git Clone
|
git clone admin de Git Clone
|
||||||
global categories common de Globale Kategorien
|
global categories common de Globale Kategorien
|
||||||
global options admin de Globale Optionen
|
global options admin de Globale Optionen
|
||||||
@ -911,7 +912,6 @@ the name used internaly (<= 20 chars), changeing it makes existing data unava
|
|||||||
the name used internaly (<= 20 chars), changeing it makes existing data unavailible admin de intern benutzter Name (<= 20 Buchstaben), Veränderungen machen existierende Daten unerreichbar!
|
the name used internaly (<= 20 chars), changeing it makes existing data unavailible admin de intern benutzter Name (<= 20 Buchstaben), Veränderungen machen existierende Daten unerreichbar!
|
||||||
the testjob sends you a mail everytime it is called. admin de Der Testjob sendet Ihnen jedes mal eine E-Mail wenn er aufgerufen wird.
|
the testjob sends you a mail everytime it is called. admin de Der Testjob sendet Ihnen jedes mal eine E-Mail wenn er aufgerufen wird.
|
||||||
the text displayed to the user admin de Für den Benutzer angezeigter Text
|
the text displayed to the user admin de Für den Benutzer angezeigter Text
|
||||||
the token is displayed once after saving. admin de Das Token wird nach dem Speichern einmalig angezeigt.
|
|
||||||
the two passwords are not the same admin de Die beiden Passwörter stimmen nicht überein
|
the two passwords are not the same admin de Die beiden Passwörter stimmen nicht überein
|
||||||
the users bellow are still members of group %1 admin de Die unten angezeigten Benutzer sind Mitglied der Gruppe %1
|
the users bellow are still members of group %1 admin de Die unten angezeigten Benutzer sind Mitglied der Gruppe %1
|
||||||
there already is a group with this name. userid's can not have the same name as a groupid admin de Es gibt bereits ein Gruppe mit diesem Namen. Benutzernamen dürfen nicht identisch mit Gruppennamen sein.
|
there already is a group with this name. userid's can not have the same name as a groupid admin de Es gibt bereits ein Gruppe mit diesem Namen. Benutzernamen dürfen nicht identisch mit Gruppennamen sein.
|
||||||
|
@ -487,6 +487,7 @@ forward only disables imap mailbox / storing of mails and just forwards them to
|
|||||||
full name admin en Full name
|
full name admin en Full name
|
||||||
general admin en General
|
general admin en General
|
||||||
generate certificate admin en Generate Certificate
|
generate certificate admin en Generate Certificate
|
||||||
|
generate new token and display it once after saving admin en Generate new token and display it once after saving
|
||||||
git clone admin en Git clone
|
git clone admin en Git clone
|
||||||
global categories common en Global categories
|
global categories common en Global categories
|
||||||
global options admin en Global options
|
global options admin en Global options
|
||||||
@ -914,7 +915,6 @@ the name used internaly (<= 20 chars), changeing it makes existing data unava
|
|||||||
the name used internaly (<= 20 chars), changeing it makes existing data unavailible admin en The name used internally, <= 20 chars, changing it makes existing data unavailable.
|
the name used internaly (<= 20 chars), changeing it makes existing data unavailible admin en The name used internally, <= 20 chars, changing it makes existing data unavailable.
|
||||||
the testjob sends you a mail everytime it is called. admin en The TestJob sends you a mail every time it is called.
|
the testjob sends you a mail everytime it is called. admin en The TestJob sends you a mail every time it is called.
|
||||||
the text displayed to the user admin en The text displayed to the user
|
the text displayed to the user admin en The text displayed to the user
|
||||||
the token is displayed once after saving. admin en The token is displayed once after saving.
|
|
||||||
the two passwords are not the same admin en Passwords are not the same
|
the two passwords are not the same admin en Passwords are not the same
|
||||||
the users bellow are still members of group %1 admin en The users below are still members of group %1
|
the users bellow are still members of group %1 admin en The users below are still members of group %1
|
||||||
there already is a group with this name. userid's can not have the same name as a groupid admin en There is already a group with this name. User ID's can not have the same name as a group ID.
|
there already is a group with this name. userid's can not have the same name as a groupid admin en There is already a group with this name. User ID's can not have the same name as a group ID.
|
||||||
|
@ -60,7 +60,7 @@ class Token
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
$content = $this->token->init();
|
$content = $this->token->init()+['new_token' => true];
|
||||||
if (empty($GLOBALS['egw_info']['user']['apps']['admin']))
|
if (empty($GLOBALS['egw_info']['user']['apps']['admin']))
|
||||||
{
|
{
|
||||||
$content['account_id'] = $GLOBALS['egw_info']['user']['account_id'];
|
$content['account_id'] = $GLOBALS['egw_info']['user']['account_id'];
|
||||||
@ -77,24 +77,16 @@ class Token
|
|||||||
case 'save':
|
case 'save':
|
||||||
case 'apply':
|
case 'apply':
|
||||||
$content['token_limits'] = Api\Auth\Token::apps2limits($content['token_apps']);
|
$content['token_limits'] = Api\Auth\Token::apps2limits($content['token_apps']);
|
||||||
if (empty($content['token_id']))
|
if (empty($content['token_id']) || $content['new_token'])
|
||||||
{
|
{
|
||||||
$content = Api\Auth\Token::create($content['account_id'] ?: 0, $content['token_valid_until'], $content['token_remark'],
|
$content['new_token'] = true;
|
||||||
$content['token_limits']);
|
|
||||||
Api\Framework::refresh_opener(lang('Token created.'),
|
|
||||||
self::APP, $this->token->data['token_id'],'add');
|
|
||||||
$button = 'apply'; // must not close window to show token
|
$button = 'apply'; // must not close window to show token
|
||||||
}
|
}
|
||||||
elseif (!$this->token->save($content))
|
$this->token->save($content);
|
||||||
{
|
Api\Framework::refresh_opener(empty($content['new_token']) ? lang('Token saved.') : lang('Token created.'),
|
||||||
Api\Framework::refresh_opener(lang('Token saved.'),
|
self::APP, $this->token->data['token_id'],'edit');
|
||||||
self::APP, $this->token->data['token_id'],'edit');
|
unset($content['new_token']);
|
||||||
$content = array_merge($content, $this->token->data);
|
$content = array_merge($content, $this->token->data);
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
throw new \Exception(lang('Error storing token!'));
|
|
||||||
}
|
|
||||||
if ($button === 'save')
|
if ($button === 'save')
|
||||||
{
|
{
|
||||||
Api\Framework::window_close(); // does NOT return
|
Api\Framework::window_close(); // does NOT return
|
||||||
|
@ -45,8 +45,16 @@
|
|||||||
<et2-date-time id="token_updated" readonly="true" align="right"></et2-date-time>
|
<et2-date-time id="token_updated" readonly="true" align="right"></et2-date-time>
|
||||||
</et2-hbox>
|
</et2-hbox>
|
||||||
</row>
|
</row>
|
||||||
|
<row disabled="!@token_revoked">
|
||||||
|
<et2-description value="Revoked"></et2-description>
|
||||||
|
<et2-hbox>
|
||||||
|
<et2-select-account id="token_revoked_by" readonly="true"></et2-select-account>
|
||||||
|
<et2-date-time id="token_revoked" readonly="true" align="right"></et2-date-time>
|
||||||
|
</et2-hbox>
|
||||||
|
</row>
|
||||||
<row disabled="@token">
|
<row disabled="@token">
|
||||||
<et2-description value="The token is displayed once after saving." span="all"></et2-description>
|
<et2-description></et2-description>
|
||||||
|
<et2-checkbox id="new_token" label="Generate new token and display it once after saving" span="all"></et2-checkbox>
|
||||||
</row>
|
</row>
|
||||||
<row>
|
<row>
|
||||||
<et2-hbox span="all">
|
<et2-hbox span="all">
|
||||||
|
@ -88,20 +88,17 @@ class Token extends APi\Storage\Base
|
|||||||
{
|
{
|
||||||
$account_id = $GLOBALS['egw_info']['user']['account_id'];
|
$account_id = $GLOBALS['egw_info']['user']['account_id'];
|
||||||
}
|
}
|
||||||
$token = Api\Auth::randomstring(16);
|
|
||||||
$inst = self::getInstance();
|
$inst = self::getInstance();
|
||||||
$inst->init([
|
$inst->init([
|
||||||
'account_id' => $account_id,
|
'account_id' => $account_id,
|
||||||
'token_hash' => password_hash($token, PASSWORD_DEFAULT),
|
'new_token' => true,
|
||||||
'token_valid_until' => $until,
|
'token_valid_until' => $until,
|
||||||
'token_remark' => $remark,
|
'token_remark' => $remark,
|
||||||
'token_limits' => $limits,
|
'token_limits' => $limits,
|
||||||
]);
|
]);
|
||||||
$inst->save();
|
$inst->save();
|
||||||
|
|
||||||
return $inst->data+[
|
return $inst->data;
|
||||||
'token' => self::PREFIX.$inst->data['token_id'].'_'.$token,
|
|
||||||
];
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -130,7 +127,6 @@ class Token extends APi\Storage\Base
|
|||||||
* @param string|array $extra_where =null extra where clause, eg. to check an etag, returns true if no affected rows!
|
* @param string|array $extra_where =null extra where clause, eg. to check an etag, returns true if no affected rows!
|
||||||
* @return int|boolean 0 on success, or errno != 0 on error, or true if $extra_where is given and no rows affected
|
* @return int|boolean 0 on success, or errno != 0 on error, or true if $extra_where is given and no rows affected
|
||||||
* @throws Api\Exception\NoPermission\Admin if non-admin user tries to create token for anyone else
|
* @throws Api\Exception\NoPermission\Admin if non-admin user tries to create token for anyone else
|
||||||
* @throws Api\Exception\NotFound if token_id does NOT exist
|
|
||||||
* @throws Api\Db\Exception if token could not be stored
|
* @throws Api\Db\Exception if token could not be stored
|
||||||
*/
|
*/
|
||||||
function save($keys=null,$extra_where=null)
|
function save($keys=null,$extra_where=null)
|
||||||
@ -152,10 +148,20 @@ class Token extends APi\Storage\Base
|
|||||||
$this->data['token_updated_by'] = $GLOBALS['egw_info']['user']['account_id'];
|
$this->data['token_updated_by'] = $GLOBALS['egw_info']['user']['account_id'];
|
||||||
$this->data['token_updated'] = $this->now;
|
$this->data['token_updated'] = $this->now;
|
||||||
}
|
}
|
||||||
|
if (!empty($keys['new_token']))
|
||||||
|
{
|
||||||
|
$token = Api\Auth::randomstring(16);
|
||||||
|
$this->data['token_hash'] = password_hash($token, PASSWORD_DEFAULT);
|
||||||
|
$this->data['token_revoked'] = null;
|
||||||
|
}
|
||||||
if (($ret = parent::save(null, $extra_where)))
|
if (($ret = parent::save(null, $extra_where)))
|
||||||
{
|
{
|
||||||
throw new Api\Db\Exception(lang('Error storing token'));
|
throw new Api\Db\Exception(lang('Error storing token'));
|
||||||
}
|
}
|
||||||
|
if (isset($token))
|
||||||
|
{
|
||||||
|
$this->data['token'] = self::PREFIX.$this->data['token_id'].'_'.$token;
|
||||||
|
}
|
||||||
return $ret;
|
return $ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user