Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/koha-tmpl/intranet-tmpl/prog/en/modules/members/apikeys.tt
Tomas Cohen Arazi da758626fe Bug 28772: Display API secret once 
This patch makes the apikeys.pl display the generated API secret once,
when generated. After that, it won't be displayed by the UI.

To test:
1. Generate a new API key
=> FAIL: The secret is displayed in the API keys table
2. Visit some other page, and go back to the API keys page
=> FAIL: The API key secret is there
3. Apply this patch
4. Go to More > Manage API keys
=> SUCCESS: It no longer displays the secret
5. Generate a new API key
=> SUCCESS: The API key details (including the secret) are displayed.
=> SUCCESS: A message telling to copy the secret because it won't be
            displayed again is shown.
6. Repeat 4
=> SUCCESS: The secret is no longer displayed
7. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-09-30 09:19:05 +02:00

148 lines
7.1 KiB
Text
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[% USE raw %]
[% USE Koha %]
[% USE Asset %]
[% SET footerjs = 1 %]
[% INCLUDE 'doc-head-open.inc' %]
<title>API Keys &rsaquo; Patrons &rsaquo; Koha</title>
[% INCLUDE 'doc-head-close.inc' %]
</head>
<body id="pat_apikeys" class="pat">
[% INCLUDE 'header.inc' %]
[% INCLUDE 'patron-search.inc' %]
<nav id="breadcrumbs" aria-label="Breadcrumb" class="breadcrumb">
<ol>
<li>
<a href="/cgi-bin/koha/mainpage.pl">Home</a>
</li>
<li>
<a href="/cgi-bin/koha/members/members-home.pl">Patrons</a>
</li>
<li>
<a href="#" aria-current="page">
API Keys for [% INCLUDE 'patron-title.inc' %]
</a>
</li>
</ol>
</nav>
<div class="main container-fluid">
<div class="row">
<div class="col-sm-10 col-sm-push-2">
<main>
[% INCLUDE 'members-toolbar.inc' %]
<h1>API keys for [% INCLUDE 'patron-title.inc' %]</h1>
[% IF fresh_api_key %]
[%# A fresh api key was generated, display the secret, only once %]
<div class="rows">
<span class="alert">Make sure to copy your API secret now. You wont be able to see it again!</span>
<ol>
<li>
<span class="label">Description: </span>
[% fresh_api_key.description | html %]
</li>
<li>
<span class="label">Client ID: </span>
[% fresh_api_key.client_id | html %]
</li>
<li>
<span class="label">Secret: </span>
[% fresh_api_key.plain_text_secret | html %]
</li>
</ol>
</div>
[% END %]
<form id="add-api-key" action="/cgi-bin/koha/members/apikeys.pl" method="post" style="display:none">
<input type="hidden" name="patron_id" value="[% patron.id | html %]" />
<input type="hidden" name="csrf_token" value="[% csrf_token | html %]" />
<input type="hidden" name="op" value="generate" />
<fieldset class="brief">
<legend>Generate new client id/secret pair</legend>
<ol>
<li>
<label for="description">Description: </label>
<input type="text" name="description" />
<input type="submit" value="Save" />
<a href="#" class="cancel toggle_element" data-element="#add-api-key">Cancel</a>
</li>
</ol>
</fieldset>
</form>
<div id="keys">
[% IF api_keys && api_keys.size > 0 %]
<p>
<button class="btn btn-default toggle_element" type="submit" id="show-api-form" data-element="#add-api-key"><i class="fa fa-plus"></i> Generate a new client id/key pair</button>
</p>
<table>
<thead>
<tr>
<th>Description</th>
<th>Client ID</th>
<th>Active</th>
<th class="noExport">Actions</th>
</tr>
</thead>
<tbody>
[% FOREACH key IN api_keys %]
<tr>
<td>[% key.description | html %]</td>
<td>[% key.client_id | html %]</td>
<td>[% IF key.active %]Yes[% ELSE %]No[% END %]</td>
<td>
<form action="/cgi-bin/koha/members/apikeys.pl" method="post">
<input type="hidden" name="patron_id" value="[% patron.id | html %]" />
<input type="hidden" name="key" value="[% key.id | html %]" />
<input type="hidden" name="csrf_token" value="[% csrf_token | html %]" />
<input type="hidden" name="op" value="delete" />
<button class="btn btn-default btn-xs delete" type="submit"><i class="fa fa-trash"></i> Delete</button>
</form>
<form action="/cgi-bin/koha/members/apikeys.pl" method="post">
<input type="hidden" name="patron_id" value="[% patron.id | html %]" />
<input type="hidden" name="key" value="[% key.id | html %]" />
<input type="hidden" name="csrf_token" value="[% csrf_token | html %]" />
[% IF key.active %]
<input type="hidden" name="op" value="revoke" />
<button class="btn btn-default btn-xs" type="submit"><i class="fa fa-remove"></i> Revoke</button>
[% ELSE %]
<input type="hidden" name="op" value="activate" />
<button class="btn btn-default btn-xs" type="submit"><i class="fa fa-play"></i> Activate</button>
[% END %]
</form>
</td>
</tr>
[% END %]
</tbody>
</table>
[% ELSE %]
<div class="dialog message">No keys defined for the current patron. <a href="#" class="toggle_element" data-element="#add-api-key" id="show-api-form"><i class="fa fa-plus"></i> Generate a new client id/secret pair</div>
[% END %]
</div>
</main>
</div> <!-- /.col-sm-10.col-sm-push-2 -->
<div class="col-sm-2 col-sm-pull-10">
<aside>
[% INCLUDE 'circ-menu.inc' %]
</aside>
</div> <!-- /.col-sm-2.col-sm-pull-10 -->
</div> <!-- /.row -->
[% MACRO jsinclude BLOCK %]
[% INCLUDE 'str/members-menu.inc' %]
[% Asset.js("js/members-menu.js") | $raw %]
<script>
$(document).ready(function(){
$(".delete").on("click", function(e){
return confirmDelete(_("Are you sure you want to delete this key?"));
});
});
</script>
[% END %]
[% INCLUDE 'intranet-bottom.inc' %]
View git blame Copy permalink