apps.php 10.2 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295
<?php
/**
 *
 * @package    mahara
 * @subpackage module-mobileapi
 * @author     Catalyst IT Ltd
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
 * @copyright  For copyright information on Mahara, please see the README file distributed with this software.
 *
 */

/**
 * This page lets non-admin users manage which apps they've granted
 * webservice access tokens to.
 *
 * See /webservice/apptokens.php for the more complex admin version.
 */
define('INTERNAL', 1);
define('MENUITEM', 'settings/webservice');
define('SECTION_PLUGINTYPE', 'core');
define('SECTION_PLUGINNAME', 'account');
define('SECTION_PAGE', 'webservice');

require('./../../init.php');
require_once($CFG->docroot . 'webservice/lib.php');
safe_require('module', 'mobileapi');
define('TITLE', get_string('mytokenspagetitle', 'module.mobileapi'));

// Users shouldn't be able to access this page if webservices are not enabled.
if (!PluginModuleMobileapi::is_service_ready()) {
    throw new AccessDeniedException(get_string('featuredisabled', 'auth.webservice'));
}

// get the list of services that are available for User Access Tokens usage
// determine if there is a corresponding token for the service
$dbservices = get_records_sql_array(
    "SELECT
        es.id || '_' || et.id || '_' || es.id as dispid,
        es.id,
        es.name,
        es.enabled,
        es.restrictedusers,
        et.token,
        " . db_format_tsfield('et.mtime', 'token_mtime') . ',
        ' . db_format_tsfield('et.ctime', 'token_ctime') . ',
        et.institution,
        et.validuntil as token_validuntil,
        et.clientname,
        et.clientenv,
        esu.validuntil as user_validuntil,
        esu.iprestriction
    FROM
        {external_services} es
        LEFT JOIN {external_tokens} et
            ON et.externalserviceid = es.id
            AND et.userid = ?
            AND et.tokentype = ?
        LEFT JOIN {external_services_users} esu
            ON esu.externalserviceid = es.id
            AND esu.userid = ?
    WHERE
        es.tokenusers = 1
        AND (es.restrictedusers = 0 OR esu.id IS NOT NULL)
        AND (et.id IS NOT NULL OR esu.id IS NOT NULL)'
    ,array(
        $USER->get('id'),
        EXTERNAL_TOKEN_USER,
        $USER->get('id')
    )
);

/*
 * display the access tokens for services
 */
if (empty($dbservices)) {
    $userform = get_string('nopersonaltokens', 'module.mobileapi');
}
else {
    $userform = array(
        'name'            => 'webservices_user_tokens',
        'elementclasses'  => false,
        'successcallback' => 'webservices_user_tokens_submit',
        'renderer'   => 'multicolumntable',
    );
    $elements = array();
    $elements['client_info'] = array(
        'title' => ' ',
        'datatable' => true,
        'type' => 'html',
        'value' => get_string('clientinfo', 'module.mobileapi'),
    );

    if (get_config_plugin('module', 'mobileapi', 'manualtokens')) {
        $elements['token'] = array(
            'title' => ' ',
            'datatable' => true,
            'type'  => 'html',
            'value' => get_string('token', 'module.mobileapi'),
        );
    }

    $elements['created'] = array(
        'title' => ' ',
        'datatable' => true,
        'type'  => 'html',
        'value' => get_string('tokencreated', 'module.mobileapi'),
    );

    // Action buttons (no title)
    $elements['actions'] = array(
        'title' => ' ',
        'datatable' => true,
        'type' => 'html',
        'value' => '',
    );
    $userform['elements'] = $elements;

    foreach ($dbservices as $service) {

        $client = '<h3 class="title">';
        if ($service->clientname) {
            $client .= $service->clientname;
        }
        else {
            $client .= get_string('clientnotspecified', 'module.mobileapi');
        }
        $client .= '</h3>';

        if ($service->clientenv) {
            $client .= " ({$service->clientenv})";
        }

        // information about the client that generated it
        $userform['elements']['id' . $service->dispid . '_client_info'] = array(
            'value'        =>  $client,
            'type'         => 'html',
            'key'        => $service->dispid,
        );

        if (get_config_plugin('module', 'mobileapi', 'manualtokens')) {
            $userform['elements']['id' . $service->dispid . '_token'] = array(
                'value'        =>  $service->token,
                'type'         => 'html',
                'key'        => $service->dispid,
            );
        }

        $userform['elements']['id' . $service->dispid . '_ctime'] = array(
            'value' => format_date($service->token_ctime),
            'type' => 'html',
            'key' => $service->dispid,
        );

        // generate button
        // delete button
        $userform['elements']['id' . $service->dispid . '_actions'] = array(
            'value' => pieform(
                array(
                    'name'            => 'webservices_user_token_delete_' . $service->dispid,
                    'renderer'        => 'div',
                    'elementclasses'  => false,
                    'successcallback' => 'webservices_user_token_submit',
                    'class'           => 'form-as-button pull-left',
                    'jsform'          => false,
                    'elements' => array(
                        'token'    => array('type' => 'hidden', 'value' => $service->token),
                        'action'     => array('type' => 'hidden', 'value' => 'delete'),
                        'submit'     => array(
                                'type'  => 'button',
                                'usebuttontag' => true,
                                'class' => 'btn-default btn-sm',
                                'value' => '<span class="icon icon-trash icon-lg text-danger left" role="presentation" aria-hidden="true"></span>' . get_string('delete'),
                                'elementtitle' => get_string('deletespecific', 'mahara', $service->dispid),
                            ),
                    ),
                )
            ),
            'type'         => 'html',
            'key'        => $service->dispid,
            'class'        => 'webserviceconfigcontrols' . (empty($service->token) ? ' only-button only-button-top' : ''),
        );
    }
    $pieform = pieform_instance($userform);
    $userform = $pieform->build(false);
}

$page_elements = array(
    // fieldset for managing service function list
    'user_tokens' => array(
        'type' => 'fieldset',
        'legend' => get_string('mytokenspagedesc', 'module.mobileapi'),
        'elements' => array(
            'sflist' => array(
                'type'         => 'html',
                'value' =>     $userform,
            )
        ),
        'collapsible' => false,
    )
);

// TODO: Currently this is hardcoded to only allow self-generation of the
// maharamobile service.
$service = get_record('external_services', 'component', 'module/mobileapi', 'shortname', 'maharamobile');
if (get_config_plugin('module', 'mobileapi', 'manualtokens')) {
    $page_elements['generate_user_token'] = array(
        'type' => 'fieldset',
        'legend' => get_string('generateusertoken', 'module.mobileapi'),
        'elements' => array(
            'generate_user_token_html' => array(
                'type' => 'html',
                'value' => pieform(
                    array(
                        'name'            => 'webservices_user_token_generate_' . $service->id,
                        'renderer'        => 'div',
                        'elementclasses'  => false,
                        'successcallback' => 'webservices_user_token_submit',
                        'class'           => 'form-as-button pull-left',
                        'jsform'          => false,
                        'elements' => array(
                            'action'     => array('type' => 'hidden', 'value' => 'generate'),
                            'submit'     => array(
                                    'type'  => 'button',
                                    'usebuttontag' => true,
                                    'class' => 'btn-default btn-sm',
                                    'value'   => '<span class="icon icon-refresh"></span> ' . get_string('gen', 'auth.webservice'),
                                    'elementtitle' => get_string('gen', 'auth.webservice')
                                ),
                        ),
                    )
                )
            )
        )
    );
}

$form = array(
    'renderer' => 'div',
    'type' => 'div',
    'id' => 'maintable',
    'name' => 'maincontainer',
    'dieaftersubmit' => false,
    'successcallback' => 'webservice_main_submit',
    'elements' => $page_elements,
);

/**
 * handle the callback for actions on the user token panel
 *  - generate noew token
 *  - delete token
 *
 * @param Pieform $form
 * @param array $values
 */
function webservices_user_token_submit(Pieform $form, $values) {
    global $USER, $SESSION;
    if ($values['action'] == 'generate') {
        // TODO: Currently this is hard-coded to only the maharamobile service
        if (
            get_config_plugin('module', 'mobileapi', 'manualtokens')
            && ($service = get_record('external_services', 'component', 'module/mobileapi', 'shortname', 'maharamobile', 'tokenusers', 1))
        ) {
            $token = webservice_generate_token(
                EXTERNAL_TOKEN_USER,
                $service,
                $USER->get('id'),
                null,
                null,
                null,
                get_string('tokenmanuallycreated', 'auth.webservice')
            );
            $SESSION->add_ok_msg(get_string('token_generated', 'auth.webservice'));
        }
        else {
            $SESSION->add_error_msg(get_string('noservices', 'auth.webservice'));
        }
    }
    else if ($values['action'] == 'delete') {
        delete_records('external_tokens', 'userid', $USER->get('id'), 'token', $values['token']);
        $SESSION->add_ok_msg(get_string('appaccessrevoked', 'module.mobileapi'));
    }
    redirect('/module/mobileapi/apps.php');
}

// render the page
$pieform = pieform_instance($form);
$form = $pieform->build(false);

$smarty = smarty();
setpageicon($smarty, 'icon-globe');
safe_require('auth', 'webservice');

$smarty->assign('form', $form);

$smarty->display('form.tpl');