"Fossies" - the Fresh Open Source Software Archive

Member "koha-19.11.15/members/apikeys.pl" (23 Feb 2021, 3623 Bytes) of package /linux/misc/koha-19.11.15.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Perl source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "apikeys.pl" see the Fossies "Dox" file reference documentation and the last Fossies "Diffs" side-by-side code changes report: 20.05.06_vs_20.11.00.

    1 #!/usr/bin/perl
    2 
    3 # This file is part of Koha.
    4 #
    5 # Copyright 2015 BibLibre
    6 #
    7 # Koha is free software; you can redistribute it and/or modify it
    8 # under the terms of the GNU General Public License as published by
    9 # the Free Software Foundation; either version 3 of the License, or
   10 # (at your option) any later version.
   11 #
   12 # Koha is distributed in the hope that it will be useful, but
   13 # WITHOUT ANY WARRANTY; without even the implied warranty of
   14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
   15 # GNU General Public License for more details.
   16 #
   17 # You should have received a copy of the GNU General Public License
   18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
   19 
   20 use Modern::Perl;
   21 
   22 use CGI;
   23 
   24 use C4::Auth;
   25 use C4::Output;
   26 
   27 use Koha::ApiKeys;
   28 use Koha::Patrons;
   29 use Koha::Token;
   30 
   31 my $cgi = new CGI;
   32 
   33 my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
   34     {   template_name   => 'members/apikeys.tt',
   35         query           => $cgi,
   36         type            => 'intranet',
   37         flagsrequired   => { borrowers => 'edit_borrowers' },
   38     }
   39 );
   40 
   41 my $patron;
   42 my $patron_id = $cgi->param('patron_id') // '';
   43 my $api_key   = $cgi->param('key')       // '';
   44 
   45 $patron = Koha::Patrons->find($patron_id) if $patron_id;
   46 
   47 if ( not defined $patron or
   48      not C4::Context->preference('RESTOAuth2ClientCredentials') ) {
   49 
   50     # patron_id invalid -> exit
   51     print $cgi->redirect("/cgi-bin/koha/errors/404.pl"); # escape early
   52     exit;
   53 }
   54 
   55 my $op = $cgi->param('op') // '';
   56 
   57 if ( $op eq 'generate' or
   58      $op eq 'delete' or
   59      $op eq 'revoke' or
   60      $op eq 'activate' ) {
   61 
   62     output_and_exit( $cgi, $cookie, $template, 'wrong_csrf_token' )
   63         unless Koha::Token->new->check_csrf({
   64             session_id => scalar $cgi->cookie('CGISESSID'),
   65             token      => scalar $cgi->param('csrf_token'),
   66         });
   67 }
   68 
   69 if ($op) {
   70     if ( $op eq 'generate' ) {
   71         my $description = $cgi->param('description') // '';
   72         my $api_key = Koha::ApiKey->new(
   73             {   patron_id   => $patron_id,
   74                 description => $description
   75             }
   76         );
   77         $api_key->store;
   78         print $cgi->redirect( '/cgi-bin/koha/members/apikeys.pl?patron_id=' . $patron_id );
   79         exit;
   80     }
   81 
   82     if ( $op eq 'delete' ) {
   83         my $api_key_id = $cgi->param('key');
   84         my $key = Koha::ApiKeys->find({ patron_id => $patron_id, client_id => $api_key_id });
   85         if ($key) {
   86             $key->delete;
   87         }
   88         print $cgi->redirect( '/cgi-bin/koha/members/apikeys.pl?patron_id=' . $patron_id );
   89         exit;
   90     }
   91 
   92     if ( $op eq 'revoke' ) {
   93         my $api_key_id = $cgi->param('key');
   94         my $key = Koha::ApiKeys->find({ patron_id => $patron_id, client_id => $api_key_id });
   95         if ($key) {
   96             $key->active(0);
   97             $key->store;
   98         }
   99         print $cgi->redirect( '/cgi-bin/koha/members/apikeys.pl?patron_id=' . $patron_id );
  100         exit;
  101     }
  102 
  103     if ( $op eq 'activate' ) {
  104         my $api_key_id = $cgi->param('key');
  105         my $key = Koha::ApiKeys->find({ patron_id => $patron_id, client_id => $api_key_id });
  106         if ($key) {
  107             $key->active(1);
  108             $key->store;
  109         }
  110         print $cgi->redirect( '/cgi-bin/koha/members/apikeys.pl?patron_id=' . $patron_id );
  111         exit;
  112     }
  113 }
  114 
  115 my @api_keys = Koha::ApiKeys->search({ patron_id => $patron_id });
  116 
  117 $template->param(
  118     api_keys   => \@api_keys,
  119     csrf_token => Koha::Token->new->generate_csrf({ session_id => scalar $cgi->cookie('CGISESSID') }),
  120     patron     => $patron
  121 );
  122 
  123 output_html_with_http_headers $cgi, $cookie, $template->output;