Netsyms/Mods-for-HESK-Netsyms
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

more user security stuff

Browse Source
This commit is contained in:
Mike Koch 2015-11-18 22:04:34 -05:00
parent 97d7f2d849
commit d23b80a37c
2 changed files with 62 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
admin/api_settings.php
View File

@ -141,36 +141,55 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
User Security User Security
</div> </div>
<?php <?php
$users = [];
$userRs = hesk_dbQuery("SELECT `id`, `user`, `name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `active` = '1'"); $userRs = hesk_dbQuery("SELECT `id`, `user`, `name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `active` = '1'");
while ($row = hesk_dbFetchAssoc($userRs)) {
$row['number_of_tokens'] = 0;
$users[$row['user']] = $row;
}
$tokensRs = hesk_dbQuery("SELECT `user_id`, 1 FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "user_api_tokens`");
while ($row = hesk_dbFetchAssoc($tokensRs)) {
$users[$row['user_id']]['number_of_tokens']++;
}
?> ?>
<table class="table table-striped"> <table class="table table-striped">
<thead> <thead>
<tr> <tr>
<th>Username</th> <th>Username</th>
<th>Name</th> <th>Name</th>
<th>Number of Tokens</th>
<th>Actions</th> <th>Actions</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
while ($row = hesk_dbFetchAssoc($userRs)): foreach ($users as $row):
?> ?>
<tr> <tr>
<td><?php echo $row['user']; ?></td> <td><?php echo $row['user']; ?></td>
<td><?php echo $row['name']; ?></td> <td><?php echo $row['name']; ?></td>
<td><?php echo $row['number_of_tokens']; ?></td>
<td> <td>
<div class="btn-group"> <span class="btn-group">
<button class="btn btn-default btn-xs" onclick="generateToken(<?php echo $row['id']; ?>)"> <button class="btn btn-default btn-xs" onclick="generateToken(<?php echo $row['id']; ?>)">
<i class="fa fa-plus-circle"></i> Generate New Token <i class="fa fa-plus-circle"></i> Generate New Token
</button> </button>
<button class="btn btn-danger btn-xs" onclick="clearTokens(<?php echo $row['id']; ?>)"> <button class="btn btn-danger btn-xs" onclick="clearTokens(<?php echo $row['id']; ?>)">
<i class="fa fa-undo"></i> Reset Tokens <i class="fa fa-undo"></i> Reset Tokens
</button> </button>
</div> </span>
<span>
<i id="token-<?php echo $row['id']; ?>-success" class="fa fa-check-circle fa-2x green hide media-middle"
data-toggle="tooltip" title="Changes saved!"></i>
<i id="token-<?php echo $row['id']; ?>-failure" class="fa fa-times-circle fa-2x red hide media-middle"
data-toggle="tooltip" title="Saving changes failed. Check the logs for more information."></i>
<i id="token-<?php echo $row['id']; ?>-saving" class="fa fa-spin fa-spinner fa-2x hide media-middle"
data-toggle="tooltip" title="Saving..."></i>
</span>
</td> </td>
</tr> </tr>
<?php <?php
endwhile; endforeach;
?> ?>
</tbody> </tbody>
</table> </table>

47
internal-api/js/api-settings.js
View File

@ -16,9 +16,7 @@ function updatePublicApi(enable) {
}; };
$('#enable-api-button').addClass('disabled'); $('#enable-api-button').addClass('disabled');
$('#disable-api-button').addClass('disabled'); $('#disable-api-button').addClass('disabled');
$('#public-api-saving').removeClass('hide'); markSaving('public-api');
$('#public-api-success').addClass('hide');
$('#public-api-failure').addClass('hide');
$.ajax({ $.ajax({
url: endpoint, url: endpoint,
data: data, data: data,
@ -26,8 +24,7 @@ function updatePublicApi(enable) {
success: function() { success: function() {
$('#enable-api-button').removeClass('disabled'); $('#enable-api-button').removeClass('disabled');
$('#disable-api-button').removeClass('disabled'); $('#disable-api-button').removeClass('disabled');
$('#public-api-saving').addClass('hide'); markSuccess('public-api');
$('#public-api-success').removeClass('hide');
if (enable == '1') { if (enable == '1') {
$('#public-api-sidebar').addClass('success') $('#public-api-sidebar').addClass('success')
@ -45,14 +42,48 @@ function updatePublicApi(enable) {
console.error(data); console.error(data);
$('#enable-api-button').removeClass('disabled'); $('#enable-api-button').removeClass('disabled');
$('#disable-api-button').removeClass('disabled'); $('#disable-api-button').removeClass('disabled');
$('#public-api-saving').addClass('hide'); markFailure('public-api');
$('#public-api-failure').removeClass('hide');
} }
}); });
} }
function markSuccess(id) {
$('#' + id + '-saving').addClass('hide');
$('#' + id + '-failure').addClass('hide');
$('#' + id + '-success').removeClass('hide');
}
function markSaving(id) {
$('#' + id + '-saving').removeClass('hide');
$('#' + id + '-failure').addClass('hide');
$('#' + id + '-success').addClass('hide');
}
function markFailure(id) {
$('#' + id + '-saving').addClass('hide');
$('#' + id + '-failure').removeClass('hide');
$('#' + id + '-success').addClass('hide');
}
function generateToken(userId) { function generateToken(userId) {
alert(userId); var endpoint = getHelpdeskUrl();
endpoint += '/internal-api/admin/api-authentication/';
markSaving('token-' + userId);
var data = {
userId: userId,
action: 'generate'
};
$.ajax({
url: endpoint,
data: data,
method: 'POST',
success: function (data) {
markSuccess('token-' + userId);
},
error: function (data) {
markFailure('token-' + userId);
}
});
} }
function clearTokens(userId) { function clearTokens(userId) {