From 7686effc8ccbfb0088070eafe322fd4af95f90a7 Mon Sep 17 00:00:00 2001
From: Michael Kaufmann <d00p@froxlor.org>
Date: Fri, 3 Feb 2023 14:16:37 +0100
Subject: [PATCH] new setting to select default value of 'allow api access' for
 new customers; fixes #1087

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
---
 actions/admin/settings/120.system.php                | 12 ++++++++++++
 install/froxlor.sql.php                              |  3 ++-
 install/updates/froxlor/update_2.x.inc.php           |  8 ++++++++
 lib/Froxlor/Api/Commands/Customers.php               |  2 +-
 lib/Froxlor/Froxlor.php                              |  2 +-
 .../admin/customer/formfield.customer_add.php        |  2 +-
 lng/de.lng.php                                       |  1 +
 lng/en.lng.php                                       |  1 +
 8 files changed, 27 insertions(+), 4 deletions(-)

diff --git a/actions/admin/settings/120.system.php b/actions/admin/settings/120.system.php
index b304fd43..f2d263f5 100644
--- a/actions/admin/settings/120.system.php
+++ b/actions/admin/settings/120.system.php
@@ -109,6 +109,18 @@ return [
 					'default' => false,
 					'save_method' => 'storeSettingField'
 				],
+				'api_customer_default' => [
+					'label' => lng('serversettings.api_customer_default'),
+					'settinggroup' => 'api',
+					'varname' => 'customer_default',
+					'type' => 'select',
+					'default' => 1,
+					'select_var' => [
+						1 => lng('panel.yes'),
+						0 => lng('panel.no')
+					],
+					'save_method' => 'storeSettingField'
+				],
 				'update_channel' => [
 					'label' => lng('serversettings.update_channel'),
 					'settinggroup' => 'system',
diff --git a/install/froxlor.sql.php b/install/froxlor.sql.php
index 5cd69dad..216550bf 100644
--- a/install/froxlor.sql.php
+++ b/install/froxlor.sql.php
@@ -700,6 +700,7 @@ opcache.validate_timestamps'),
 	('system', 'update_notify_last', '2.0.10'),
 	('system', 'traffictool', 'goaccess'),
 	('api', 'enabled', '0'),
+	('api', 'customer_default', '1'),
 	('2fa', 'enabled', '1'),
 	('panel', 'decimal_places', '4'),
 	('panel', 'adminmail', 'admin@SERVERNAME'),
@@ -742,7 +743,7 @@ opcache.validate_timestamps'),
 	('panel', 'logo_overridecustom', '0'),
 	('panel', 'settings_mode', '0'),
 	('panel', 'version', '2.0.10'),
-	('panel', 'db_version', '202301180');
+	('panel', 'db_version', '202302030');
 
 
 DROP TABLE IF EXISTS `panel_tasks`;
diff --git a/install/updates/froxlor/update_2.x.inc.php b/install/updates/froxlor/update_2.x.inc.php
index 63603ebf..446e5257 100644
--- a/install/updates/froxlor/update_2.x.inc.php
+++ b/install/updates/froxlor/update_2.x.inc.php
@@ -382,3 +382,11 @@ if (Froxlor::isFroxlorVersion('2.0.9')) {
 	Update::showUpdateStep("Updating from 2.0.9 to 2.0.10", false);
 	Froxlor::updateToVersion('2.0.10');
 }
+
+if (Froxlor::isDatabaseVersion('202301180')) {
+	Update::showUpdateStep("Adding new setting for 'Allow API access' default value for new customers");
+	Settings::AddNew("api.customer_default", "1");
+	Update::lastStepStatus(0);
+
+	Froxlor::updateToDbVersion('202302030');
+}
diff --git a/lib/Froxlor/Api/Commands/Customers.php b/lib/Froxlor/Api/Commands/Customers.php
index 6c8621da..e4c23e6c 100644
--- a/lib/Froxlor/Api/Commands/Customers.php
+++ b/lib/Froxlor/Api/Commands/Customers.php
@@ -298,7 +298,7 @@ class Customers extends ApiCommand implements ResourceEntity
 				$fax = $this->getParam('fax', true, '');
 				$customernumber = $this->getParam('customernumber', true, '');
 				$def_language = $this->getParam('def_language', true, Settings::Get('panel.standardlanguage'));
-				$api_allowed = $this->getBoolParam('api_allowed', true, Settings::Get('api.enabled'));
+				$api_allowed = $this->getBoolParam('api_allowed', true, (Settings::Get('api.enabled') && Settings::Get('api.customer_default')));
 				$gender = (int)$this->getParam('gender', true, 0);
 				$custom_notes = $this->getParam('custom_notes', true, '');
 				$custom_notes_show = $this->getBoolParam('custom_notes_show', true, 0);
diff --git a/lib/Froxlor/Froxlor.php b/lib/Froxlor/Froxlor.php
index 910268fd..553d2262 100644
--- a/lib/Froxlor/Froxlor.php
+++ b/lib/Froxlor/Froxlor.php
@@ -34,7 +34,7 @@ final class Froxlor
 	const VERSION = '2.0.10';
 
 	// Database version (YYYYMMDDC where C is a daily counter)
-	const DBVERSION = '202301180';
+	const DBVERSION = '202302030';
 
 	// Distribution branding-tag (used for Debian etc.)
 	const BRANDING = '';
diff --git a/lib/formfields/admin/customer/formfield.customer_add.php b/lib/formfields/admin/customer/formfield.customer_add.php
index b2ff9f92..53bb2c76 100644
--- a/lib/formfields/admin/customer/formfield.customer_add.php
+++ b/lib/formfields/admin/customer/formfield.customer_add.php
@@ -87,7 +87,7 @@ return [
 						'desc' => lng('usersettings.api_allowed.description'),
 						'type' => 'checkbox',
 						'value' => '1',
-						'checked' => Settings::Get('api.enabled') == '1',
+						'checked' => Settings::Get('api.enabled') == '1' && Settings::Get('api.customer_default'),
 						'visible' => Settings::Get('api.enabled') == '1'
 					]
 				]
diff --git a/lng/de.lng.php b/lng/de.lng.php
index 5f1deb38..a82b4599 100644
--- a/lng/de.lng.php
+++ b/lng/de.lng.php
@@ -1984,6 +1984,7 @@ Vielen Dank, Ihr Administrator',
 			'title' => 'Aktiviere externe API Nutzung',
 			'description' => 'Um die froxlor API nutzen zu können, muss diese Option aktiviert sein. Für detaillierte Informationen siehe <a href="https://docs.froxlor.org/latest/api-guide/" target="_new">https://docs.froxlor.org/</a>',
 		],
+		'api_customer_default' => '"Erlaube API Nutzung" Vorbelegung für neue Kunden',
 		'dhparams_file' => [
 			'title' => 'DHParams Datei (Diffie–Hellman key exchange)',
 			'description' => 'Wird eine dhparams.pem Datei hier angegeben, wir sie in die Webserver Konfiguration mit eingefügt.<br>Beispiel: /etc/ssl/webserver/dhparams.pem<br><br>Existiert die Datei nicht, wird sie wie folgt erstellt: <code>openssl dhparam -out /etc/ssl/webserver/dhparams.pem 4096</code>. Es wird empfohlen die Datei zu erstellen, bevor sie hier angegeben wird, da die Erstellung längere Zeit in Anspruch nimmt und den Cronjob blockiert.',
diff --git a/lng/en.lng.php b/lng/en.lng.php
index f778dfd8..7da617bb 100644
--- a/lng/en.lng.php
+++ b/lng/en.lng.php
@@ -2103,6 +2103,7 @@ Yours sincerely, your administrator',
 			'title' => 'Enable external API usage',
 			'description' => 'In order to use the froxlor API you need to activate this option. For more detailed information see <a href="https://docs.froxlor.org/latest/api-guide/" target="_new">https://docs.froxlor.org/</a>',
 		],
+		'api_customer_default' => '"Allow API access" default value for new customers',
 		'dhparams_file' => [
 			'title' => 'DHParams file (Diffie–Hellman key exchange)',
 			'description' => 'If a dhparams.pem file is specified here it will be included in the webserver configuration. Leave empty to disable.<br>Example: /etc/ssl/webserver/dhparams.pem<br><br>If the file does not exist, it will be created automatically with the following command: <code>openssl dhparam -out /etc/ssl/webserver/dhparams.pem 4096</code>. It is recommended to create the file prior to specifying it here as the creation takes quite a while and blocks the cronjob.',