Merge pull request #22429 from fboitel/NEW#22328

NEW #22328
2022-10-04 17:49:02 +02:00 · 2022-10-04 17:49:02 +02:00 · b53b0e4f9b
commit b53b0e4f9b
parent 1b8442962e efe77a20b5
4 changed files with 85 additions and 3 deletions
--- a/htdocs/admin/oauth.php
+++ b/htdocs/admin/oauth.php
@ -85,7 +85,11 @@ if ($action == 'update') {
 				}
 			}
 			if (GETPOSTISSET($constvalue.'_SCOPE')) {
-				$scopestring = implode(',', GETPOST($constvalue.'_SCOPE'));
+				if (is_array(GETPOST($constvalue.'_SCOPE'))) {
+					$scopestring = implode(',', GETPOST($constvalue.'_SCOPE'));
+				} else {
+					$scopestring = GETPOST($constvalue.'_SCOPE');
+				}
 				if (!dolibarr_set_const($db, $constvalue.'_SCOPE', $scopestring, 'chaine', 0, '', $conf->entity)) {
 					$error++;
 				}
@ -97,6 +101,7 @@ if ($action == 'update') {
 		}
 	}

+
 	if (!$error) {
 		setEventMessages($langs->trans("SetupSaved"), null);
 	} else {
@ -104,6 +109,48 @@ if ($action == 'update') {
 	}
 }

+if ($action == 'confirm_delete') {
+	$provider = GETPOST('provider', 'aZ09');
+	$label = GETPOST('label');
+
+	$globalkey = empty($provider) ? $label : $label.'-'.$provider;
+
+	if (getDolGlobalString($globalkey.'_ID') && getDolGlobalString($globalkey.'_SECRET')) { // If ID and secret exist, we delete first the token
+		$backtourl = DOL_URL_ROOT.'/admin/oauth.php?action=delete_entry&provider='.$provider.'&label='.$label.'&token='.newToken();
+		$urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
+		$urlwithroot = $urlwithouturlroot.DOL_URL_ROOT;
+		$callbacktodel = $urlwithroot;
+		if ($label == 'OAUTH_GOOGLE') {
+			$callbacktodel .= '/core/modules/oauth/google_oauthcallback.php?action=delete&keyforprovider='.$provider.'&token='.newToken().'&backtourl='.urlencode($backtourl);
+		} elseif ($label == 'OAUTH_GITHUB') {
+			$callbacktodel .= '/core/modules/oauth/github_oauthcallback.php?action=delete&keyforprovider='.$provider.'&token='.newToken().'&backtourl='.urlencode($backtourl);
+		} elseif ($label == 'OAUTH_STRIPE_LIVE') {
+			$callbacktodel .= '/core/modules/oauth/stripelive_oauthcallback.php?action=delete&keyforprovider='.$provider.'&token='.newToken().'&backtourl='.urlencode($backtourl);
+		} elseif ($label == 'OAUTH_STRIPE_TEST') {
+			$callbacktodel .= '/core/modules/oauth/stripetest_oauthcallback.php?action=delete&keyforprovider='.$provider.'&token='.newToken().'&backtourl='.urlencode($backtourl);
+		} elseif ($label == 'OAUTH_OTHER') {
+			$callbacktodel .= '/core/modules/oauth/generic_oauthcallback.php?action=delete&keyforprovider='.$provider.'&token='.newToken().'&backtourl='.urlencode($backtourl);
+		}
+		header("Location: ".$callbacktodel);
+		exit;
+	} else {
+		$action = 'delete_entry';
+	}
+}
+
+if ($action == 'delete_entry') {
+	$provider = GETPOST('provider', 'aZ09');
+	$label = GETPOST('label');
+
+	$globalkey = empty($provider) ? $label : $label.'-'.$provider;
+
+	if (!dolibarr_del_const($db, $globalkey.'_NAME', $conf->entity) || !dolibarr_del_const($db, $globalkey.'_ID', $conf->entity) || !dolibarr_del_const($db, $globalkey.'_SECRET', $conf->entity) ||  !dolibarr_del_const($db, $globalkey.'_URLAUTHORIZE', $conf->entity) || !dolibarr_del_const($db, $globalkey.'_SCOPE', $conf->entity)) {
+		setEventMessages($langs->trans("ErrorInEntryDeletion"), null, 'errors');
+		$error++;
+	} else {
+		setEventMessages($langs->trans("EntryDeleted"), null);
+	}
+}

 /*
 * View
@ -112,6 +159,13 @@ if ($action == 'update') {
 llxHeader();

 $form = new Form($db);
+// Confirmation of action process
+if ($action == 'delete') {
+	$formquestion = array();
+	$formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?provider='.GETPOST('provider').'&label='.GETPOST('label'), $langs->trans('OAuthServiceConfirmDeleteTitle'), $langs->trans('OAuthServiceConfirmDeleteMessage'), 'confirm_delete', $formquestion, 0, 1, 220);
+	print $formconfirm;
+}
+

 $linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';
 print load_fiche_titre($langs->trans('ConfigOAuth'), $linkback, 'title_setup');
@ -227,6 +281,18 @@ if (count($listinsetup) > 0) {
 			print $langs->trans("OAUTH_URL_FOR_CREDENTIAL", $supportedoauth2array[$keyforsupportedoauth2array]['urlforcredentials']);
 		}
 		print '</td>';
+
+		print '<td>';
+
+		$label = preg_replace('/_NAME$/', '', $keyforsupportedoauth2array);
+
+		print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&provider='.$keyforprovider.'&label='.$label.'">';
+		print img_picto('', 'delete');
+		print '</a>';
+
+		print '</form>';
+		print '</td>';
+
 		print '</tr>';

 		if ($supported) {
--- a/htdocs/admin/oauthlogintokens.php
+++ b/htdocs/admin/oauthlogintokens.php
@ -291,6 +291,14 @@ if ($mode == 'setup' && $user->admin) {
 		print '</td>';
 		print '</tr>'."\n";

+		// Scopes
+		print '<tr class="oddeven">';
+		print '<td>'.$langs->trans("Scopes").'</td>';
+		print '<td colspan="2">';
+		$currentscopes = getDolGlobalString($key[4]);
+		print $currentscopes;
+		print '</td></tr>';
+
 		print '<tr class="oddeven">';
 		print '<td'.(empty($key['required']) ? '' : ' class="required"').'>';
 		//var_dump($key);
--- a/htdocs/langs/en_US/admin.lang
+++ b/htdocs/langs/en_US/admin.lang
@ -1081,6 +1081,10 @@ DictionaryAssetDisposalType=Type of disposal of assets
 TypeOfUnit=Type of unit
 SetupSaved=Setup saved
 SetupNotSaved=Setup not saved
+OAuthServiceConfirmDeleteTitle=Delete OAuth entry
+OAuthServiceConfirmDeleteMessage=Are you sure you want to delete this OAuth entry ? All existing tokens for it will also be deleted.
+ErrorInEntryDeletion=Error in entry deletion
+EntryDeleted=Entry deleted
 BackToModuleList=Back to Module list
 BackToDictionaryList=Back to Dictionaries list
 TypeOfRevenueStamp=Type of tax stamp
@ -2310,7 +2314,7 @@ Images=Images
 Posts=Posts
 MaxNumberOfImagesInGetPost=Max number of images allowed in a HTML field submitted in a form
 MaxNumberOfPostOnPublicPagesByIP=Max number of posts on public pages with an IP Address
-CIDLookupURL=The module brings an URL that can be used by an external tool to get the name of a thirdparty or contact from its phone number. URL to use is: 
+CIDLookupURL=The module brings an URL that can be used by an external tool to get the name of a thirdparty or contact from its phone number. URL to use is:
 ScriptIsEmpty=The script is empty
 ShowHideTheNRequests=Show/hide the %s SQL request(s)
 DefinedAPathForAntivirusCommandIntoSetup=Define a path for an antivirus program into <b>%s</b>
@ -2323,5 +2327,5 @@ CssOnList=Css on list pages
 HelpCssOnEditDesc=The Css used when editing the field.<br>Example: "minwiwdth100 maxwidth500 widthcentpercentminusx"
 HelpCssOnViewDesc=The Css used when viewing the field.
 HelpCssOnListDesc=The Css used when field is inside a list table.<br>Example: "tdoverflowmax200"
-RECEPTION_PDF_HIDE_ORDERED=Hide the quantity ordered on the generated documents for receptions 
+RECEPTION_PDF_HIDE_ORDERED=Hide the quantity ordered on the generated documents for receptions
 MAIN_PDF_RECEPTION_DISPLAY_AMOUNT_HT=Show the price on the generated documents for receptions
--- a/htdocs/langs/fr_FR/admin.lang
+++ b/htdocs/langs/fr_FR/admin.lang
@ -1081,6 +1081,10 @@ DictionaryAssetDisposalType=Type de cession d'actifs
 TypeOfUnit=Type d'unité
 SetupSaved=Configuration sauvegardée
 SetupNotSaved=Configuration non enregistrée
+OAuthServiceConfirmDeleteTitle=Suprresion d'entrée OAuth
+OAuthServiceConfirmDeleteMessage=Êtes vous sur de vouloir supprimer cette entrée OAuth? Tous les jetons existants associés seront supprimés.
+ErrorInEntryDeletion=Erreur dans la suppression
+EntryDeleted=Entrée supprimée
 BackToModuleList=Retour liste des modules
 BackToDictionaryList=Retour liste des dictionnaires
 TypeOfRevenueStamp=Type de timbre fiscal