From 2f8d4ae853044b17ab9dd9b648edf8531fcdbbe0 Mon Sep 17 00:00:00 2001 From: Ad Schellevis Date: Tue, 10 Nov 2015 10:10:07 +0000 Subject: [PATCH] (legacy) add api keys to system_usermanager.php + fix issue when removing user (regression) --- src/www/system_usermanager.php | 137 ++++++++++++++++++++++++++++++++- 1 file changed, 134 insertions(+), 3 deletions(-) diff --git a/src/www/system_usermanager.php b/src/www/system_usermanager.php index ca900a3e5..ae18ebb29 100644 --- a/src/www/system_usermanager.php +++ b/src/www/system_usermanager.php @@ -205,6 +205,33 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { gettext("association removed."); redirectHeader("system_usermanager.php?savemsg=".$savemsg."&act=edit&userid=".$id); exit; + } elseif ($act == "newApiKey" && isset($id)) { + // every action is using the sequence of the user, to keep it understandable, we will use + // the same strategy here (although we need a username to work with) + // + // the client side is (jquery) generates the actual download file. + $username = $a_user[$id]['name']; + $authFactory = new \OPNsense\Auth\AuthenticationFactory; + $authenticator = $authFactory->get("Local API"); + $keyData = $authenticator->createKey($username); + if ($keyData != null) { + echo json_encode($keyData); + } + exit; + } elseif ($act =='delApiKey' && isset($id)) { + $username = $a_user[$id]['name']; + if (!empty($pconfig['api_delete'])) { + $authFactory = new \OPNsense\Auth\AuthenticationFactory; + $authenticator = $authFactory->get("Local API"); + $authenticator->dropKey($username, $pconfig['api_delete']); + $savemsg = gettext("API key")." {$pconfig['api_delete']} ". + gettext("removed."); + } else { + $savemsg = gettext('No API key found'); + } + // redirect + redirectHeader("system_usermanager.php?savemsg=".$savemsg."&act=edit&userid=".$id); + exit; } elseif (isset($pconfig['save'])) { // save user /* input validation */ @@ -509,11 +536,12 @@ $( document ).ready(function() { // remove user $(".act-del-user").click(function(event){ var userid = $(this).data('userid'); + var username = $(this).data('username'); event.preventDefault(); BootstrapDialog.show({ type:BootstrapDialog.TYPE_INFO, title: "", - message: '' + '
('+userid+")", + message: '' + '
('+username+")", buttons: [{ label: "", action: function(dialogRef) { @@ -521,7 +549,7 @@ $( document ).ready(function() { }}, { label: "", action: function(dialogRef) { - $("#username").val(userid); + $("#userid").val(userid); $("#act2").val("deluser"); $("#iform2").submit(); } @@ -549,6 +577,53 @@ $( document ).ready(function() { } }); + + // generate a new API key for this user + $("#newApiKey").click(function(event){ + event.preventDefault(); + $.post(window.location, {act: 'newApiKey', userid: $("#userid").val() }, function(data) { + if (data['key'] != undefined) { + // only generate a key file if there's data + output_data = 'key='+data['key'] +'\n' + 'secret='+data['secret'] +'\n'; + // create link, click and send to client + $('') + .attr('id','downloadFile') + .attr('href','data:text/csv;charset=utf8,' + encodeURIComponent(output_data)) + .attr('download','apikey.ini') + .appendTo('body'); + + $('#downloadFile').ready(function() { + $('#downloadFile').get(0).click(); + }); + // reload form + location.reload(); + } + },'json'); + }); + + // delete API key + $(".act-del-api-key").click(function(event){ + event.preventDefault(); + var apiKey = $(this).data('key'); + BootstrapDialog.show({ + type:BootstrapDialog.TYPE_INFO, + title: "", + message: '' + '
('+apiKey.substring(0,40)+"...)", + buttons: [{ + label: "", + action: function(dialogRef) { + dialogRef.close(); + }}, { + label: "", + action: function(dialogRef) { + $("#act").val("delApiKey"); + $("#api_delete").val(apiKey); + $("#iform").submit(); + } + }] + }); + }); + }); @@ -572,6 +647,7 @@ $( document ).ready(function() { + @@ -800,6 +876,60 @@ $( document ).ready(function() {
+ + + + + + + + + + + + + + + + + + + + + + + + + +
+ + +
+ + + + + + + +
+ +
+ + + 0) : @@ -943,7 +1073,8 @@ $( document ).ready(function() {