From 9007b25d0920dff1d0f7f976f4de866a7e1f20f0 Mon Sep 17 00:00:00 2001 From: Tomas Cohen Arazi Date: Sat, 14 Apr 2018 17:38:03 -0300 Subject: [PATCH] Bug 20568: API key management for OPAC users This patch makes the OPAC interface for API keys management work with the new lib. Verify all actions work for a logged user. Users without login should be redirected to an error page. The AllowPatronsManageAPIKeysInOPAC syspref is added to control if the OPAC feature is enabled or not. To test: - Verify the syspref works - Verify users can manage their API keys Signed-off-by: Kyle M Hall Signed-off-by: Julian Maurice Signed-off-by: Jonathan Druart --- .../atomicupdate/bug_20568_api_keys.perl | 7 ++ installer/data/mysql/sysprefs.sql | 1 + .../admin/preferences/web_services.pref | 6 ++ .../prog/en/modules/members/apikeys.tt | 8 +- .../bootstrap/en/includes/usermenu.inc | 13 ++-- .../bootstrap/en/modules/opac-apikeys.tt | 29 +++++--- opac/opac-apikeys.pl | 73 +++++++++++-------- 7 files changed, 85 insertions(+), 52 deletions(-) diff --git a/installer/data/mysql/atomicupdate/bug_20568_api_keys.perl b/installer/data/mysql/atomicupdate/bug_20568_api_keys.perl index 7467a10a53..5748a01062 100644 --- a/installer/data/mysql/atomicupdate/bug_20568_api_keys.perl +++ b/installer/data/mysql/atomicupdate/bug_20568_api_keys.perl @@ -24,6 +24,13 @@ if(CheckVersion($DBversion)) { ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; }); + $dbh->do(q{ + INSERT IGNORE INTO `systempreferences` + (variable,value,explanation,options,type) + VALUES + ('AllowPatronsManageAPIKeysInOPAC', '0', 'If enabled, patrons can manage their own API keys in the OPAC', NULL, 'YesNo'); + }); + print "Upgrade to $DBversion done (Bug 20568 - Add API key management interface for patrons)\n"; SetVersion($DBversion); } diff --git a/installer/data/mysql/sysprefs.sql b/installer/data/mysql/sysprefs.sql index 4a594f0fbb..5b8a43a31c 100644 --- a/installer/data/mysql/sysprefs.sql +++ b/installer/data/mysql/sysprefs.sql @@ -30,6 +30,7 @@ INSERT INTO systempreferences ( `variable`, `value`, `options`, `explanation`, ` ('AllowNotForLoanOverride','0','','If ON, Koha will allow the librarian to loan a not for loan item.','YesNo'), ('AllowOfflineCirculation','0','','If on, enables HTML5 offline circulation functionality.','YesNo'), ('AllowPatronToSetCheckoutsVisibilityForGuarantor', '0', NULL, 'If enabled, the patron can set checkouts to be visible to his or her guarantor', 'YesNo'), +('AllowPatronsManageAPIKeysInOPAC', '0', NULL, 'If enabled, patrons can manage their own API keys in the OPAC', 'YesNo'), ('AllowPKIAuth','None','None|Common Name|emailAddress','Use the field from a client-side SSL certificate to look a user in the Koha database','Choice'), ('AllowPurchaseSuggestionBranchChoice','0','1','Allow user to choose branch when making a purchase suggestion','YesNo'), ('AllowRenewalIfOtherItemsAvailable','0',NULL,'If enabled, allow a patron to renew an item with unfilled holds if other available items can fill that hold.','YesNo'), diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/web_services.pref b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/web_services.pref index 82f7501e38..351104e5a6 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/web_services.pref +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/web_services.pref @@ -5,6 +5,12 @@ Web services: - pref: "RESTdefaultPageSize" class: integer - "per page" + - + - pref: AllowPatronsManageAPIKeysInOPAC + choices: + yes: Allow + no: "Don't allow" + - "patrons to manage their own API keys in the OPAC." OAI-PMH: - - pref: OAI-PMH diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/members/apikeys.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/members/apikeys.tt index db283460e6..22a9b2cf91 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/members/apikeys.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/members/apikeys.tt @@ -1,6 +1,6 @@ [% USE Koha %] [% INCLUDE 'doc-head-open.inc' %] -Koha › Patrons [% IF ( searching ) %]› API Keys[% END %] +Koha › Patrons › API Keys [% INCLUDE 'doc-head-close.inc' %] @@ -56,17 +56,17 @@ - +
[% IF key.active %] - + [% ELSE %] - + [% END %]
diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/includes/usermenu.inc b/koha-tmpl/opac-tmpl/bootstrap/en/includes/usermenu.inc index 2b7845037a..3024121344 100644 --- a/koha-tmpl/opac-tmpl/bootstrap/en/includes/usermenu.inc +++ b/koha-tmpl/opac-tmpl/bootstrap/en/includes/usermenu.inc @@ -124,12 +124,15 @@ your interlibrary loan requests [% END %] - [% IF apikeysview %] -
  • - [% ELSE %] -
  • + + [% IF Koha.Preference('AllowPatronsManageAPIKeysInOPAC') %] + [% IF apikeysview %] +
  • + [% ELSE %] +
  • + [% END %] + your API keys [% END %] - your API keys
  • diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-apikeys.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-apikeys.tt index c2235b421a..13be49b58d 100644 --- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-apikeys.tt +++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-apikeys.tt @@ -1,5 +1,5 @@ [% INCLUDE 'doc-head-open.inc' %] -[% IF ( LibraryNameTitle ) %][% LibraryNameTitle %][% ELSE %]Koha online[% END %] catalog › Your library home +[% IF ( LibraryNameTitle ) %][% LibraryNameTitle %][% ELSE %]Koha online[% END %] catalog › Your API keys [% INCLUDE 'doc-head-close.inc' %] [% BLOCK cssinclude %][% END %] @@ -11,7 +11,7 @@
  • Home
  • - [% INCLUDE 'patron-title.inc' category_type = borrower.category_type firstname = borrower.firstname surname = borrower.surname othernames = borrower.othernames %] + [% INCLUDE 'patron-title.inc' category_type=patron.category.category_type firstname=patron.firstname surname=patron.surname othernames=patron.othernames %]
  • @@ -30,14 +30,18 @@

    Your API keys

    - - + + + + +
    - [% IF api_keys.size > 0 %] + [% IF api_keys && api_keys.size > 0 %] + @@ -46,22 +50,23 @@ [% FOREACH key IN api_keys %] - + + @@ -69,6 +74,8 @@ [% END %]
    Description Key Active Actions
    [% key.api_key %][% key.description %][% key.value %] [% IF key.active %]Yes[% ELSE %]No[% END %]
    - + - +
    - + [% IF key.active %] - + [% ELSE %] - + [% END %]
    + [% ELSE %] + No keys defined for the current patron. [% END %] diff --git a/opac/opac-apikeys.pl b/opac/opac-apikeys.pl index a2008a90b7..5dbd18ccb4 100755 --- a/opac/opac-apikeys.pl +++ b/opac/opac-apikeys.pl @@ -1,52 +1,62 @@ #!/usr/bin/env perl -# Copyright 2015 BibLibre -# # This file is part of Koha. # -# Koha is free software; you can redistribute it and/or modify it under the -# terms of the GNU General Public License as published by the Free Software -# Foundation; either version 2 of the License, or (at your option) any later -# version. +# Copyright 2015 BibLibre # -# Koha is distributed in the hope that it will be useful, but WITHOUT ANY -# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR -# A PARTICULAR PURPOSE. See the GNU General Public License for more details. +# Koha is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. # -# You should have received a copy of the GNU General Public License along -# with Koha; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# Koha is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Koha; if not, see . use Modern::Perl; use CGI; -use String::Random; use C4::Auth; -use C4::Members; use C4::Output; + use Koha::ApiKeys; -use Koha::ApiKey; +use Koha::Patrons; my $cgi = new CGI; my ($template, $loggedinuser, $cookie) = get_template_and_user({ - template_name => 'opac-apikeys.tt', - query => $cgi, - type => 'opac', - authnotrequired => 0, - flagsrequired => {borrow => 1}, + template_name => 'opac-apikeys.tt', + query => $cgi, + type => 'opac', + authnotrequired => 0 }); -my $borrowernumber = $loggedinuser; -my $borrower = C4::Members::GetMember(borrowernumber => $borrowernumber); +my $patron_id = $loggedinuser; +my $patron = Koha::Patrons->find( $patron_id ); + +if ( not defined $patron + or C4::Context->preference('AllowPatronsManageAPIKeysInOPAC') ) +{ + # patron_id invalid -> exit + print $cgi->redirect("/cgi-bin/koha/errors/404.pl"); # escape early + exit; +} + + my $op = $cgi->param('op'); if ($op) { if ($op eq 'generate') { - my $apikey = new Koha::ApiKey; - $apikey->borrowernumber($borrowernumber); - $apikey->api_key(String::Random->new->randregex('[a-zA-Z0-9]{32}')); + my $description = $cgi->param('description') // ''; + my $apikey = Koha::ApiKey->new({ + patron_id => $patron_id, + description => $description + }); $apikey->store; print $cgi->redirect('/cgi-bin/koha/opac-apikeys.pl'); exit; @@ -54,7 +64,7 @@ if ($op) { if ($op eq 'delete') { my $key = $cgi->param('key'); - my $api_key = Koha::ApiKeys->find({borrowernumber => $borrowernumber, api_key => $key}); + my $api_key = Koha::ApiKeys->find({ patron_id => $patron_id, value => $key}); if ($api_key) { $api_key->delete; } @@ -64,7 +74,7 @@ if ($op) { if ($op eq 'revoke') { my $key = $cgi->param('key'); - my $api_key = Koha::ApiKeys->find({borrowernumber => $borrowernumber, api_key => $key}); + my $api_key = Koha::ApiKeys->find({ patron_id => $patron_id, value => $key }); if ($api_key) { $api_key->active(0); $api_key->store; @@ -75,7 +85,7 @@ if ($op) { if ($op eq 'activate') { my $key = $cgi->param('key'); - my $api_key = Koha::ApiKeys->find({borrowernumber => $borrowernumber, api_key => $key}); + my $api_key = Koha::ApiKeys->find({ patron_id => $patron_id, value => $key }); if ($api_key) { $api_key->active(1); $api_key->store; @@ -85,13 +95,12 @@ if ($op) { } } -my @api_keys = Koha::ApiKeys->search({borrowernumber => $borrowernumber}); +my @api_keys = Koha::ApiKeys->search({ patron_id => $patron_id }); $template->param( + api_keys => \@api_keys, apikeysview => 1, - api_keys => \@api_keys, - borrower => $borrower, - borrowernumber => $borrowernumber, + patron => $patron ); output_html_with_http_headers $cgi, $cookie, $template->output; -- 2.39.5