interface adjustments for apikey interaction
Signed-off-by: Michael Kaufmann <michael.kaufmann@aixit.com>
This commit is contained in:
Michael Kaufmann
33
api_keys.php
33
api_keys.php
@@ -27,7 +27,7 @@ $del_stmt = Database::prepare("DELETE FROM `" . TABLE_API_KEYS . "` WHERE id = :
|
||||
$success_message = "";
|
||||
$id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
|
||||
|
||||
// do the delete and then just show a success-message and the certificates list again
|
||||
// do the delete and then just show a success-message and the apikeys list again
|
||||
if ($action == 'delete') {
|
||||
if ($id > 0) {
|
||||
$chk = (AREA == 'admin' && $userinfo['customers_see_all'] == '1') ? true : false;
|
||||
@@ -65,20 +65,21 @@ if ($action == 'delete') {
|
||||
`apikey` = :key, `secret` = :secret, `adminid` = :aid, `customerid` = :cid, `valid_until` = '-1', `allowed_from` = ''
|
||||
");
|
||||
// customer generates for himself, admins will see a customer-select-box
|
||||
if (AREA == 'customer') {
|
||||
$key = hash('sha256', openssl_random_pseudo_bytes(64 * 64));
|
||||
$secret = hash('sha512', openssl_random_pseudo_bytes(64 * 64 * 4));
|
||||
Database::pexecute($ins_stmt, array(
|
||||
'key' => $key,
|
||||
'secret' => $secret,
|
||||
'aid' => $userinfo['adminid'],
|
||||
'cid' => $userinfo['customerid']
|
||||
));
|
||||
redirectTo($filename, array(
|
||||
'page' => $page,
|
||||
's' => $s
|
||||
));
|
||||
if (AREA == 'admin') {
|
||||
$cid = 0;
|
||||
}
|
||||
elseif (AREA == 'customer') {
|
||||
$cid = $userinfo['customerid'];
|
||||
}
|
||||
$key = hash('sha256', openssl_random_pseudo_bytes(64 * 64));
|
||||
$secret = hash('sha512', openssl_random_pseudo_bytes(64 * 64 * 4));
|
||||
Database::pexecute($ins_stmt, array(
|
||||
'key' => $key,
|
||||
'secret' => $secret,
|
||||
'aid' => $userinfo['adminid'],
|
||||
'cid' => $cid
|
||||
));
|
||||
$success_message = $lng['apikeys']['apikey_added'];
|
||||
}
|
||||
|
||||
$log->logAction(USR_ACTION, LOG_NOTICE, "viewed api::api_keys");
|
||||
@@ -167,8 +168,8 @@ if (count($all_keys) == 0) {
|
||||
$row = htmlentities_array($key);
|
||||
|
||||
// shorten keys
|
||||
$row['apikey'] = substr($row['apikey'], 0, 20) . '...';
|
||||
$row['secret'] = substr($row['secret'], 0, 20) . '...';
|
||||
$row['_apikey'] = substr($row['apikey'], 0, 20) . '...';
|
||||
$row['_secret'] = substr($row['secret'], 0, 20) . '...';
|
||||
|
||||
// check whether the api key is not valid anymore
|
||||
$isValid = true;
|
||||
|
||||
@@ -2135,3 +2135,9 @@ $lng['menue']['main']['apikeys'] = 'API keys';
|
||||
$lng['apikeys']['no_api_keys'] = 'No API keys found';
|
||||
$lng['apikeys']['key_add'] = 'Add new key';
|
||||
$lng['apikeys']['apikey_removed'] = 'The api key with the id #%s has been removed successfully';
|
||||
$lng['apikeys']['apikey_added'] = 'A new api key has been generated successfully';
|
||||
$lng['apikeys']['clicktoview'] = 'Click to view';
|
||||
$lng['apikeys']['allowed_from'] = 'Allowed from';
|
||||
$lng['apikeys']['allowed_from_help'] = 'Comma separated list of ip addresses. Default empty.';
|
||||
$lng['apikeys']['valid_until'] = 'Valid until';
|
||||
$lng['apikeys']['valid_until_help'] = 'Date until valid, format YYYY-MM-DD';
|
||||
|
||||
@@ -1785,3 +1785,7 @@ $lng['menue']['main']['apikeys'] = 'API Keys';
|
||||
$lng['apikeys']['no_api_keys'] = 'Keine API Keys gefunden';
|
||||
$lng['apikeys']['key_add'] = 'API Key hinzufügen';
|
||||
$lng['apikeys']['apikey_removed'] = 'Der API Key mit der ID #%s wurde erfolgreich gelöscht.';
|
||||
$lng['apikeys']['allowed_from'] = 'Erlaube Zugriff von';
|
||||
$lng['apikeys']['allowed_from_help'] = 'Komma getrennte Liste von IPs. Standard ist leer.';
|
||||
$lng['apikeys']['valid_until'] = 'Gültig bis';
|
||||
$lng['apikeys']['valid_until_help'] = 'Datum Gültigkeitsende, Format JJJJ-MM-TT';
|
||||
|
||||
25
templates/Sparkle/api_keys/keys_key.tpl
vendored
25
templates/Sparkle/api_keys/keys_key.tpl
vendored
@@ -3,10 +3,10 @@
|
||||
{$adminCustomerLink}
|
||||
</td>
|
||||
<td>
|
||||
{$row['apikey']}
|
||||
<span id="apikey-{$row['id']}" data-id="{$row['id']}" title="{$lng['apikeys']['clicktoview']}">{$row['_apikey']}</span>
|
||||
</td>
|
||||
<td>
|
||||
{$row['secret']}
|
||||
<span id="secret-{$row['id']}" data-id="{$row['id']}" title="{$lng['apikeys']['clicktoview']}">{$row['_secret']}</span>
|
||||
</td>
|
||||
<td>
|
||||
{$row['allowed_from']}
|
||||
@@ -23,5 +23,24 @@
|
||||
<a href="{$linker->getLink(array('section' => 'index', 'page' => $page, 'action' => 'delete', 'id' => $row['id']))}">
|
||||
<img src="templates/{$theme}/assets/img/icons/delete.png" alt="{$lng['panel']['delete']}" title="{$lng['panel']['delete']}" />
|
||||
</a>
|
||||
<div id="dialog-{$row['id']}" title="API-key / Secret" class="hidden api-dialog">
|
||||
<form action="{$linker->getLink(array('section' => 'apikeys'))}" method="post" enctype="application/x-www-form-urlencoded">
|
||||
<input type="hidden" name="id" value="{$row['id']}"/>
|
||||
<table class="full hl">
|
||||
<tr>
|
||||
<th>API-key</th><td><input type="text" value="{$row['apikey']}" readonly/></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>Secret</th><td><input type="text" value="{$row['secret']}" readonly/></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>{$lng['apikeys']['allowed_from']}<br><small>{$lng['apikeys']['allowed_from_help']}</small></th><td><input type="text" name="allowed_from" value="{$row['allowed_from']}"/></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>{$lng['apikeys']['valid_until']}<br><small>{$lng['apikeys']['valid_until_help']}</small></th><td><input type="text" name="valid_until" value="{$row['valid_until']}"/></td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
</tr>
|
||||
8
templates/Sparkle/api_keys/keys_list.tpl
vendored
8
templates/Sparkle/api_keys/keys_list.tpl
vendored
@@ -34,11 +34,11 @@
|
||||
<table class="full hl">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>User</th>
|
||||
<th>API-keys</th>
|
||||
<th>{$lng['login']['username']}</th>
|
||||
<th>API-key</th>
|
||||
<th>Secret</th>
|
||||
<th>Allowed from</th>
|
||||
<th>Valid until</th>
|
||||
<th>{$lng['apikeys']['allowed_from']}</th>
|
||||
<th>{$lng['apikeys']['valid_until']}</th>
|
||||
<th>{$lng['panel']['options']}</th>
|
||||
</tr>
|
||||
</thead>
|
||||
|
||||
45
templates/Sparkle/assets/js/apikey.js
vendored
Normal file
45
templates/Sparkle/assets/js/apikey.js
vendored
Normal file
@@ -0,0 +1,45 @@
|
||||
/**
|
||||
*
|
||||
*/
|
||||
$(document).ready(function() {
|
||||
|
||||
function editApikey(id) {
|
||||
var sid = getUrlParameter('s');
|
||||
var page = getUrlParameter('page');
|
||||
|
||||
var apikey_id = $('#dialog-' + id + ' input[name="id"]').val();
|
||||
var allowed_from = $('#dialog-' + id + ' input[name="allowed_from"]').val();
|
||||
var valid_until = $('#dialog-' + id + ' input[name="valid_until"]').val();
|
||||
|
||||
$.ajax({
|
||||
url: "admin_index.php?s="+sid+"&page="+page+"&action=jqEditApiKey",
|
||||
type: "POST",
|
||||
data: {
|
||||
id: apikey_id, allowed_from: allowed_from, valid_until: valid_until
|
||||
},
|
||||
dataType: "json",
|
||||
success: function(json) {
|
||||
$('#dialog-' + id).dialog("close");
|
||||
location.reload();
|
||||
},
|
||||
error: function(a, b) {
|
||||
console.log(a, b);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
$("span[id|='apikey'], span[id|='secret']").click(function() {
|
||||
var id = $(this).attr('data-id');
|
||||
$('#dialog-' + id).dialog({
|
||||
modal : true,
|
||||
buttons : {
|
||||
Ok : function() {
|
||||
editApikey(id);
|
||||
$(this).dialog("close");
|
||||
}
|
||||
},
|
||||
width : 800
|
||||
});
|
||||
});
|
||||
|
||||
});
|
||||
15
templates/Sparkle/assets/js/domains.js
vendored
15
templates/Sparkle/assets/js/domains.js
vendored
@@ -1,20 +1,5 @@
|
||||
$(document).ready(function() {
|
||||
|
||||
var getUrlParameter = function getUrlParameter(sParam) {
|
||||
var sPageURL = decodeURIComponent(window.location.search.substring(1)),
|
||||
sURLVariables = sPageURL.split('&'),
|
||||
sParameterName,
|
||||
i;
|
||||
|
||||
for (i = 0; i < sURLVariables.length; i++) {
|
||||
sParameterName = sURLVariables[i].split('=');
|
||||
|
||||
if (sParameterName[0] === sParam) {
|
||||
return sParameterName[1] === undefined ? true : sParameterName[1];
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
/**
|
||||
* disable unusable php-configuration by customer settings
|
||||
*/
|
||||
|
||||
16
templates/Sparkle/assets/js/main.js
vendored
16
templates/Sparkle/assets/js/main.js
vendored
@@ -5,6 +5,22 @@ function twoDigits(value) {
|
||||
return value;
|
||||
}
|
||||
$(document).ready(function() {
|
||||
|
||||
var getUrlParameter = function getUrlParameter(sParam) {
|
||||
var sPageURL = decodeURIComponent(window.location.search.substring(1)),
|
||||
sURLVariables = sPageURL.split('&'),
|
||||
sParameterName,
|
||||
i;
|
||||
|
||||
for (i = 0; i < sURLVariables.length; i++) {
|
||||
sParameterName = sURLVariables[i].split('=');
|
||||
|
||||
if (sParameterName[0] === sParam) {
|
||||
return sParameterName[1] === undefined ? true : sParameterName[1];
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
// Scroll to top
|
||||
$(window).scroll(function() {
|
||||
if ($(this).scrollTop() > 100) {
|
||||
|
||||
2
templates/Sparkle/config.json
vendored
2
templates/Sparkle/config.json
vendored
@@ -1 +1 @@
|
||||
{"variants":{"default":{"css":["main.css"],"js":["main.js"],"description":"Default"},"froxlor":{"css":["main.css","froxlor.css"],"js":["main.js"],"description":"Froxlor"}},"author":"Roman Schmerold"}
|
||||
{"variants":{"default":{"css":["main.css"],"js":["main.js", "apikey.js"],"description":"Default"},"froxlor":{"css":["main.css","froxlor.css"],"js":["main.js", "apikey.js"],"description":"Froxlor"}},"author":"Roman Schmerold"}
|
||||
|
||||
Reference in New Issue
Block a user