From dee9237381f88076d9c2d2195e19e696302088e7 Mon Sep 17 00:00:00 2001 From: Faustin Date: Tue, 27 Sep 2022 02:20:37 +0200 Subject: [PATCH 1/5] Scopes reported on token creation screen --- htdocs/admin/oauth.php | 6 +++++- htdocs/admin/oauthlogintokens.php | 7 +++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/htdocs/admin/oauth.php b/htdocs/admin/oauth.php index e50b4f772c6..c846ff003c7 100644 --- a/htdocs/admin/oauth.php +++ b/htdocs/admin/oauth.php @@ -85,7 +85,11 @@ if ($action == 'update') { } } if (GETPOSTISSET($constvalue.'_SCOPE')) { - $scopestring = implode(',', GETPOST($constvalue.'_SCOPE')); + if (is_array(GETPOST($constvalue.'_SCOPE'))) { + $scopestring = implode(',', GETPOST($constvalue.'_SCOPE')); + } else { + $scopestring = GETPOST($constvalue.'_SCOPE'); + } if (!dolibarr_set_const($db, $constvalue.'_SCOPE', $scopestring, 'chaine', 0, '', $conf->entity)) { $error++; } diff --git a/htdocs/admin/oauthlogintokens.php b/htdocs/admin/oauthlogintokens.php index fa1fd18f049..98b247e81eb 100644 --- a/htdocs/admin/oauthlogintokens.php +++ b/htdocs/admin/oauthlogintokens.php @@ -377,6 +377,13 @@ if ($mode == 'setup' && $user->admin) { print ''; } + // Scopes + print ''; + print ''.$langs->trans("Scopes").''; + print ''; + $currentscopes = getDolGlobalString($key[4]); + print $currentscopes; + print ''; print ''; print ''; From f7d345fcb80a032b3bca0357294dc8cbe529642c Mon Sep 17 00:00:00 2001 From: Faustin Date: Tue, 27 Sep 2022 05:22:39 +0200 Subject: [PATCH 2/5] Can now delete an oautch entry --- htdocs/admin/oauth.php | 63 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/htdocs/admin/oauth.php b/htdocs/admin/oauth.php index c846ff003c7..e3c1ce501d7 100644 --- a/htdocs/admin/oauth.php +++ b/htdocs/admin/oauth.php @@ -101,6 +101,7 @@ if ($action == 'update') { } } + if (!$error) { setEventMessages($langs->trans("SetupSaved"), null); } else { @@ -108,6 +109,48 @@ if ($action == 'update') { } } +if ($action == 'confirm_delete') { + $provider = GETPOST('provider', 'aZ09'); + $label = GETPOST('label'); + + $globalkey = empty($provider) ? $label : $label.'-'.$provider; + + if (getDolGlobalString($globalkey.'_ID') && getDolGlobalString($globalkey.'_SECRET')) { + $backtourl = DOL_URL_ROOT.'/admin/oauth.php?action=delete_entry&provider='.$provider.'&label='.$label.'&token='.newToken(); + $urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root)); + $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; + $callbacktodel = $urlwithroot; + if ($label == 'OAUTH_GOOGLE') { + $callbacktodel .= '/core/modules/oauth/google_oauthcallback.php?action=delete&keyforprovider='.$provider.'&token='.newToken().'&backtourl='.urlencode($backtourl); + } elseif ($label == 'OAUTH_GITHUB') { + $callbacktodel .= '/core/modules/oauth/github_oauthcallback.php?action=delete&keyforprovider='.$provider.'&token='.newToken().'&backtourl='.urlencode($backtourl); + } elseif ($label == 'OAUTH_STRIPE_LIVE') { + $callbacktodel .= '/core/modules/oauth/stripelive_oauthcallback.php?action=delete&keyforprovider='.$provider.'&token='.newToken().'&backtourl='.urlencode($backtourl); + } elseif ($label == 'OAUTH_STRIPE_TEST') { + $callbacktodel .= '/core/modules/oauth/stripetest_oauthcallback.php?action=delete&keyforprovider='.$provider.'&token='.newToken().'&backtourl='.urlencode($backtourl); + } elseif ($label == 'OAUTH_OTHER') { + $callbacktodel .= '/core/modules/oauth/generic_oauthcallback.php?action=delete&keyforprovider='.$provider.'&token='.newToken().'&backtourl='.urlencode($backtourl); + } + header("Location: ".$callbacktodel); + exit; + } else { + $action = 'delete_entry'; + } +} + +if ($action == 'delete_entry') { + $provider = GETPOST('provider', 'aZ09'); + $label = GETPOST('label'); + + $globalkey = empty($provider) ? $label : $label.'-'.$provider; + + if (!dolibarr_del_const($db, $globalkey.'_NAME', $conf->entity) || !dolibarr_del_const($db, $globalkey.'_ID', $conf->entity) || !dolibarr_del_const($db, $globalkey.'_SECRET', $conf->entity) || !dolibarr_del_const($db, $globalkey.'_URLAUTHORIZE', $conf->entity) || !dolibarr_del_const($db, $globalkey.'_SCOPE', $conf->entity)) { + setEventMessage("Error in entry deletion", 'errors'); + $error++; + } else { + setEventMessage("Entry deleted", 'mesgs'); + } +} /* * View @@ -116,6 +159,14 @@ if ($action == 'update') { llxHeader(); $form = new Form($db); +// Confirmation of action process +if ($action == 'delete') { + $formquestion = array(); + $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?provider='.GETPOST('provider').'&label='.GETPOST('label'), $langs->trans('OAuthServiceConfirmDelete'), $langs->trans('OAuthServiceConfirmDelete'), 'confirm_delete', $formquestion, 0, 1, 220); +} + +// Print form confirm +print $formconfirm; $linkback = ''.$langs->trans("BackToModuleList").''; print load_fiche_titre($langs->trans('ConfigOAuth'), $linkback, 'title_setup'); @@ -231,6 +282,18 @@ if (count($listinsetup) > 0) { print $langs->trans("OAUTH_URL_FOR_CREDENTIAL", $supportedoauth2array[$keyforsupportedoauth2array]['urlforcredentials']); } print ''; + + print ''; + + $label = preg_replace('/_NAME$/', '', $keyforsupportedoauth2array); + + print ''; + print img_picto('', 'delete'); + print ''; + + print ''; + print ''; + print ''; if ($supported) { From 1ba48092ae13509f2033442729112003f39616ab Mon Sep 17 00:00:00 2001 From: Faustin Date: Tue, 27 Sep 2022 11:09:09 +0200 Subject: [PATCH 3/5] Messages added --- htdocs/admin/oauth.php | 8 ++++---- htdocs/langs/en_US/admin.lang | 8 ++++++-- htdocs/langs/fr_FR/admin.lang | 4 ++++ 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/htdocs/admin/oauth.php b/htdocs/admin/oauth.php index e3c1ce501d7..1b0502a495a 100644 --- a/htdocs/admin/oauth.php +++ b/htdocs/admin/oauth.php @@ -115,7 +115,7 @@ if ($action == 'confirm_delete') { $globalkey = empty($provider) ? $label : $label.'-'.$provider; - if (getDolGlobalString($globalkey.'_ID') && getDolGlobalString($globalkey.'_SECRET')) { + if (getDolGlobalString($globalkey.'_ID') && getDolGlobalString($globalkey.'_SECRET')) { // If ID and secret exist, we delete first the token $backtourl = DOL_URL_ROOT.'/admin/oauth.php?action=delete_entry&provider='.$provider.'&label='.$label.'&token='.newToken(); $urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root)); $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; @@ -145,10 +145,10 @@ if ($action == 'delete_entry') { $globalkey = empty($provider) ? $label : $label.'-'.$provider; if (!dolibarr_del_const($db, $globalkey.'_NAME', $conf->entity) || !dolibarr_del_const($db, $globalkey.'_ID', $conf->entity) || !dolibarr_del_const($db, $globalkey.'_SECRET', $conf->entity) || !dolibarr_del_const($db, $globalkey.'_URLAUTHORIZE', $conf->entity) || !dolibarr_del_const($db, $globalkey.'_SCOPE', $conf->entity)) { - setEventMessage("Error in entry deletion", 'errors'); + setEventMessages($langs->trans("ErrorInEntryDeletion"), null, 'errors'); $error++; } else { - setEventMessage("Entry deleted", 'mesgs'); + setEventMessages($langs->trans("EntryDeleted"), null); } } @@ -162,7 +162,7 @@ $form = new Form($db); // Confirmation of action process if ($action == 'delete') { $formquestion = array(); - $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?provider='.GETPOST('provider').'&label='.GETPOST('label'), $langs->trans('OAuthServiceConfirmDelete'), $langs->trans('OAuthServiceConfirmDelete'), 'confirm_delete', $formquestion, 0, 1, 220); + $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?provider='.GETPOST('provider').'&label='.GETPOST('label'), $langs->trans('OAuthServiceConfirmDeleteTitle'), $langs->trans('OAuthServiceConfirmDeleteMessage'), 'confirm_delete', $formquestion, 0, 1, 220); } // Print form confirm diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 02b9ebc839a..502953f0140 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -1081,6 +1081,10 @@ DictionaryAssetDisposalType=Type of disposal of assets TypeOfUnit=Type of unit SetupSaved=Setup saved SetupNotSaved=Setup not saved +OAuthServiceConfirmDeleteTitle=Delete OAuth entry +OAuthServiceConfirmDeleteMessage=Are you sure you want to delete this OAuth entry ? All existing tokens for it will also be deleted. +ErrorInEntryDeletion=Error in entry deletion +EntryDeleted=Entry deleted BackToModuleList=Back to Module list BackToDictionaryList=Back to Dictionaries list TypeOfRevenueStamp=Type of tax stamp @@ -2310,7 +2314,7 @@ Images=Images Posts=Posts MaxNumberOfImagesInGetPost=Max number of images allowed in a HTML field submitted in a form MaxNumberOfPostOnPublicPagesByIP=Max number of posts on public pages with an IP Address -CIDLookupURL=The module brings an URL that can be used by an external tool to get the name of a thirdparty or contact from its phone number. URL to use is: +CIDLookupURL=The module brings an URL that can be used by an external tool to get the name of a thirdparty or contact from its phone number. URL to use is: ScriptIsEmpty=The script is empty ShowHideTheNRequests=Show/hide the %s SQL request(s) DefinedAPathForAntivirusCommandIntoSetup=Define a path for an antivirus program into %s @@ -2323,5 +2327,5 @@ CssOnList=Css on list pages HelpCssOnEditDesc=The Css used when editing the field.
Example: "minwiwdth100 maxwidth500 widthcentpercentminusx" HelpCssOnViewDesc=The Css used when viewing the field. HelpCssOnListDesc=The Css used when field is inside a list table.
Example: "tdoverflowmax200" -RECEPTION_PDF_HIDE_ORDERED=Hide the quantity ordered on the generated documents for receptions +RECEPTION_PDF_HIDE_ORDERED=Hide the quantity ordered on the generated documents for receptions MAIN_PDF_RECEPTION_DISPLAY_AMOUNT_HT=Show the price on the generated documents for receptions diff --git a/htdocs/langs/fr_FR/admin.lang b/htdocs/langs/fr_FR/admin.lang index c3de798bcef..313e151a044 100644 --- a/htdocs/langs/fr_FR/admin.lang +++ b/htdocs/langs/fr_FR/admin.lang @@ -1081,6 +1081,10 @@ DictionaryAssetDisposalType=Type de cession d'actifs TypeOfUnit=Type d'unité SetupSaved=Configuration sauvegardée SetupNotSaved=Configuration non enregistrée +OAuthServiceConfirmDeleteTitle=Suprresion d'entrée OAuth +OAuthServiceConfirmDeleteMessage=Êtes vous sur de vouloir supprimer cette entrée OAuth? Tous les jetons existants associés seront supprimés. +ErrorInEntryDeletion=Erreur dans la suppression +EntryDeleted=Entrée supprimée BackToModuleList=Retour liste des modules BackToDictionaryList=Retour liste des dictionnaires TypeOfRevenueStamp=Type de timbre fiscal From a7505384aa1b4f1b52ab8616ce6c2f50ae6cc0bc Mon Sep 17 00:00:00 2001 From: Faustin Date: Tue, 27 Sep 2022 11:12:26 +0200 Subject: [PATCH 4/5] Print popup wrong scope --- htdocs/admin/oauth.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/htdocs/admin/oauth.php b/htdocs/admin/oauth.php index 1b0502a495a..014d3844368 100644 --- a/htdocs/admin/oauth.php +++ b/htdocs/admin/oauth.php @@ -163,10 +163,9 @@ $form = new Form($db); if ($action == 'delete') { $formquestion = array(); $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?provider='.GETPOST('provider').'&label='.GETPOST('label'), $langs->trans('OAuthServiceConfirmDeleteTitle'), $langs->trans('OAuthServiceConfirmDeleteMessage'), 'confirm_delete', $formquestion, 0, 1, 220); + print $formconfirm; } -// Print form confirm -print $formconfirm; $linkback = ''.$langs->trans("BackToModuleList").''; print load_fiche_titre($langs->trans('ConfigOAuth'), $linkback, 'title_setup'); From efe77a20b5f495c98255d4469dca61334e66d7df Mon Sep 17 00:00:00 2001 From: Faustin Date: Tue, 27 Sep 2022 11:22:18 +0200 Subject: [PATCH 5/5] Scope line was on the wrong place --- htdocs/admin/oauthlogintokens.php | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/htdocs/admin/oauthlogintokens.php b/htdocs/admin/oauthlogintokens.php index 98b247e81eb..f798995d525 100644 --- a/htdocs/admin/oauthlogintokens.php +++ b/htdocs/admin/oauthlogintokens.php @@ -291,6 +291,14 @@ if ($mode == 'setup' && $user->admin) { print ''; print ''."\n"; + // Scopes + print ''; + print ''.$langs->trans("Scopes").''; + print ''; + $currentscopes = getDolGlobalString($key[4]); + print $currentscopes; + print ''; + print ''; print ''; //var_dump($key); @@ -377,13 +385,6 @@ if ($mode == 'setup' && $user->admin) { print ''; } - // Scopes - print ''; - print ''.$langs->trans("Scopes").''; - print ''; - $currentscopes = getDolGlobalString($key[4]); - print $currentscopes; - print ''; print ''; print '';