lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow modify API key from user card

Browse Source
This commit is contained in:
jfefe 2015-05-29 16:05:52 +02:00
parent 06faf762d4
commit a618274760
3 changed files with 57 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
htdocs/langs/en_US/admin.lang
View File

@ -1567,6 +1567,7 @@ KeyForApiAccess=Key to use API (parameter "api_key")
ApiEndPointIs=You can access to the API at url
ApiExporerIs=You can explore the API at url
OnlyActiveElementsAreExposed=Only elements from enabled modules are exposed
ApiKey=Key for API
##### Bank #####
BankSetupModule=Bank module setup
FreeLegalTextOnChequeReceipts=Free text on cheque receipts

53
htdocs/user/card.php
View File

@ -9,6 +9,7 @@
* Copyright (C) 2012 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2013 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2013-2015 Alexandre Spangaro <alexandre.spangaro@gmail.com>
* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -188,6 +189,7 @@ if ($action == 'add' && $canadduser)
$object->lastname = GETPOST("lastname",'alpha');
$object->firstname = GETPOST("firstname",'alpha');
$object->login = GETPOST("login",'alpha');
$object->api_key = GETPOST("api_key",'alpha');
$object->admin = GETPOST("admin",'alpha');
$object->office_phone = GETPOST("office_phone",'alpha');
$object->office_fax = GETPOST("office_fax",'alpha');
@ -340,6 +342,7 @@ if ($action == 'update' && ! $_POST["cancel"])
$object->firstname = GETPOST("firstname",'alpha');
$object->login = GETPOST("login",'alpha');
$object->pass = GETPOST("password");
$object->api_key = GETPOST("api_key");
$object->admin = empty($user->admin)?0:GETPOST("admin"); // A user can only be set admin by an admin
$object->office_phone=GETPOST("office_phone",'alpha');
$object->office_fax = GETPOST("office_fax",'alpha');
@ -804,7 +807,18 @@ if (($action == 'create') || ($action == 'adduserldap'))
}
}
print '</td></tr>';
// API key
$generated_api_key = '';
require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
$generated_password=getRandomPassword(false);
print '<tr><td>'.$langs->trans("ApiKey").'</td>';
print '<td>';
print '<input size="30" maxsize="32" type="text" id="api_key" name="api_key" value="'.$api_key.'" autocomplete="off">';
if (! empty($conf->use_javascript_ajax))
print '&nbsp;'.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_api_key" class="linkobject"');
print '</td></tr>';
// Administrator
if (! empty($user->admin))
{
@ -1228,7 +1242,16 @@ else
print "</td>";
}
print '</tr>'."\n";
// API key
if($user->admin) {
print '<tr><td>'.$langs->trans("ApiKey").'</td>';
print '<td colspan="2">';
if (! empty($object->api_key))
print $langs->trans("Hidden");
print '<td>';
}
// Administrator
print '<tr><td>'.$langs->trans("Administrator").'</td><td colspan="2">';
if (! empty($conf->multicompany->enabled) && $object->admin && ! $object->entity)
@ -1791,6 +1814,16 @@ else
}
print $text;
print "</td></tr>\n";
// API key
if($user->admin) {
print '<tr><td>'.$langs->trans("ApiKey").'</td>';
print '<td>';
print '<input size="30" maxsize="32" type="text" id="api_key" name="api_key" value="'.$object->api_key.'" autocomplete="off">';
if (! empty($conf->use_javascript_ajax))
print '&nbsp;'.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_api_key" class="linkobject"');
print '</td></tr>';
}
// Administrator
print '<tr><td>'.$langs->trans("Administrator").'</td>';
@ -2164,6 +2197,22 @@ else
}
}
if (! empty($conf->use_javascript_ajax))
{
print "\n".'<script type="text/javascript">';
print '$(document).ready(function () {
$("#generate_api_key").click(function() {
$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
action: \'getrandompassword\',
generic: true
},
function(token) {
$("#api_key").val(token);
});
});
});';
print '</script>';
}
llxFooter();
$db->close();

6
htdocs/user/class/user.class.php
View File

@ -60,6 +60,7 @@ class User extends CommonObject
var $user_mobile;
var $admin;
var $login;
var $api_key;
var $entity;
//! Clear password in memory
@ -153,7 +154,7 @@ class User extends CommonObject
// Get user
$sql = "SELECT u.rowid, u.lastname, u.firstname, u.email, u.job, u.skype, u.signature, u.office_phone, u.office_fax, u.user_mobile,";
$sql.= " u.admin, u.login, u.note,";
$sql.= " u.pass, u.pass_crypted, u.pass_temp,";
$sql.= " u.pass, u.pass_crypted, u.pass_temp, u.api_key,";
$sql.= " u.fk_soc, u.fk_socpeople, u.fk_member, u.fk_user, u.ldap_sid,";
$sql.= " u.statut, u.lang, u.entity,";
$sql.= " u.datec as datec,";
@ -216,6 +217,7 @@ class User extends CommonObject
$this->pass_indatabase_crypted = $obj->pass_crypted;
$this->pass = $obj->pass;
$this->pass_temp = $obj->pass_temp;
$this->api_key = $obj->api_key;
$this->office_phone = $obj->office_phone;
$this->office_fax = $obj->office_fax;
$this->user_mobile = $obj->user_mobile;
@ -1130,6 +1132,7 @@ class User extends CommonObject
$this->firstname = trim($this->firstname);
$this->login = trim($this->login);
$this->pass = trim($this->pass);
$this->api_key = trim($this->api_key);
$this->office_phone = trim($this->office_phone);
$this->office_fax = trim($this->office_fax);
$this->user_mobile = trim($this->user_mobile);
@ -1161,6 +1164,7 @@ class User extends CommonObject
$sql.= " lastname = '".$this->db->escape($this->lastname)."'";
$sql.= ", firstname = '".$this->db->escape($this->firstname)."'";
$sql.= ", login = '".$this->db->escape($this->login)."'";
$sql.= ", api_key = '".$this->db->escape($this->api_key)."'";
$sql.= ", admin = ".$this->admin;
$sql.= ", address = '".$this->db->escape($this->address)."'";
$sql.= ", zip = '".$this->db->escape($this->zip)."'";