lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CLOSE #18689 REST API module: add api key generate / modify right.

Browse Source
This commit is contained in:
lainwir3d 2021-09-12 15:47:56 +04:00
parent ffdcd88007
commit af75d519e2
3 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/core/ajax/security.php
View File

@ -53,7 +53,7 @@ top_httphead();
// Registering the location of boxes // Registering the location of boxes
if (isset($_GET['action']) && !empty($_GET['action'])) { if (isset($_GET['action']) && !empty($_GET['action'])) {
if ($_GET['action'] == 'getrandompassword' && $user->admin) { if ($_GET['action'] == 'getrandompassword' && ($user->admin || $user->rights->api->apikey->generate)) {
require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
$generic = $_GET['generic'] ? true : false; $generic = $_GET['generic'] ? true : false;
echo getRandomPassword($generic); echo getRandomPassword($generic);

14
htdocs/core/modules/modApi.class.php
View File

@ -134,16 +134,18 @@ class modApi extends DolibarrModules
// Permissions // Permissions
$this->rights = array(); // Permission array used by this module $this->rights = array(); // Permission array used by this module
$this->rights_admin_allowed = 1; // Admin is always granted of permission (even when module is disabled)
$r = 0; $r = 0;
// Add here list of permission defined by an id, a label, a boolean and two constant strings. // Add here list of permission defined by an id, a label, a boolean and two constant strings.
// Example: // Example:
// $this->rights[$r][0] = $this->numero + $r; // Permission id (must not be already used) $this->rights[$r][0] = $this->numero + $r; // Permission id (must not be already used)
// $this->rights[$r][1] = 'Permision label'; // Permission label $this->rights[$r][1] = 'Générer / modifier la clé API des utilisateurs'; // Permission label
// $this->rights[$r][3] = 0; // Permission by default for new user (0/1) $this->rights[$r][3] = 0; // Permission by default for new user (0/1)
// $this->rights[$r][4] = 'level1'; // In php code, permission will be checked by test if ($user->rights->permkey->level1->level2) $this->rights[$r][4] = 'apikey'; // In php code, permission will be checked by test if ($user->rights->permkey->level1->level2)
// $this->rights[$r][5] = 'level2'; // In php code, permission will be checked by test if ($user->rights->permkey->level1->level2) $this->rights[$r][5] = 'generate'; // In php code, permission will be checked by test if ($user->rights->permkey->level1->level2)
// $r++; $r++;
// Main menu entries // Main menu entries

4
htdocs/user/card.php
View File

@ -1786,7 +1786,7 @@ if ($action == 'create' || $action == 'adduserldap') {
print '</tr>'."\n"; print '</tr>'."\n";
// API key // API key
if (!empty($conf->api->enabled) && ($user->id == $id || $user->admin)) { if (!empty($conf->api->enabled) && ($user->id == $id || $user->admin || $user->rights->api->apikey->generate)) {
print '<tr><td>'.$langs->trans("ApiKey").'</td>'; print '<tr><td>'.$langs->trans("ApiKey").'</td>';
print '<td>'; print '<td>';
if (!empty($object->api_key)) { if (!empty($object->api_key)) {
@ -2309,7 +2309,7 @@ if ($action == 'create' || $action == 'adduserldap') {
print "</td></tr>\n"; print "</td></tr>\n";
// API key // API key
if (!empty($conf->api->enabled) && ($user->id == $id || $user->admin)) { if (!empty($conf->api->enabled) && ($user->id == $id || $user->admin || $user->rights->api->apikey->generate)) {
print '<tr><td>'.$langs->trans("ApiKey").'</td>'; print '<tr><td>'.$langs->trans("ApiKey").'</td>';
print '<td>'; print '<td>';
print '<input class="minwidth300" maxsize="32" type="text" id="api_key" name="api_key" value="'.$object->api_key.'" autocomplete="off">'; print '<input class="minwidth300" maxsize="32" type="text" id="api_key" name="api_key" value="'.$object->api_key.'" autocomplete="off">';