Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[GT-184] Apply styles for the PR #464 #484

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

[GT-184] Apply styles for the PR #464 #484

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
78 changes: 56 additions & 22 deletions htdocs/web_portal/controllers/site/edit_api_auth.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,11 @@
<?php

/*______________________________________________________
*======================================================
* File: edit_api_auth.php
* Author: George Ryall
* Description: Processes a edit API Authentication entity request. If the user
* hasn't POSTed any data we draw the new site
* Description: Processes a edit API Authentication entity request.
* If the user hasn't POSTed any data we draw the new site
* form. If they post data we assume they've posted it from
* the form and validate then insert it into the DB.
*
Expand All @@ -21,24 +22,38 @@
* See the License for the specific language governing permissions and
* limitations under the License.
/*======================================================*/
require_once __DIR__.'/../../../web_portal/components/Get_User_Principle.php';
require_once __DIR__.'/../utils.php';
require_once __DIR__.'/../../../../lib/Gocdb_Services/Factory.php';
require_once __DIR__
. '/../../../web_portal/components/Get_User_Principle.php';
require_once __DIR__ . '/../utils.php';
require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php';

use Exception;

/**
* Controller to edit authentication entity request
* @global array $_POST only set if the browser has POSTed data
*
* @global array $_POST only set if the browser has posted data
*
* @return null
*/
function edit_entity() {
function edit_entity()
{
$dn = Get_User_Principle();
$user = \Factory::getUserService()->getUserByPrinciple($dn);

//Check the portal is not in read only mode, returns exception if it is and user is not an admin
/**
* Check the portal is not in read only mode,
* returns exception if it is and user is not an admin
*/
checkPortalIsNotReadOnlyOrUserIsAdmin($user);

if (!isset($_REQUEST['authentityid']) || !is_numeric($_REQUEST['authentityid']) ){
throw new Exception("A authentication entity id must be specified in the url");
if (
!isset($_REQUEST['authentityid'])
|| !is_numeric($_REQUEST['authentityid'])
) {
throw new Exception(
"A authentication entity id must be specified in the url"
);
}

$serv = \Factory::getSiteService();
Expand All @@ -47,48 +62,67 @@ function edit_entity() {

// Validate the user has permission to edit properties
if (!$serv->userCanEditSite($user, $site)) {
throw new \Exception("Permission denied: a site role is required to edit authentication entities at " . $site->getShortName());
throw new Exception(
"Permission denied: a site role is required to edit "
. "authentication entities at "
. $site->getShortName()
);
}

if($_POST) { // If we receive a POST request it's to edit an authentication entity
// If we receive a POST request it's to edit an authentication entity
if ($_POST) {
submit($user, $authEnt, $site, $serv);
} else { // If there is no post data, draw the edit authentication entity form
} else {
// If there is no post data, draw the edit authentication entity form
draw($user, $authEnt, $site);
}
}

function draw(\User $user = null, \APIAuthentication $authEnt = null, \Site $site = null) {
if(is_null($user)){
throw new Exception("Unregistered users can't edit authentication credentials");
function draw(
\User $user = null,
\APIAuthentication $authEnt = null,
\Site $site = null
) {
if (is_null($user)) {
throw new Exception(
"Unregistered users can't edit authentication credentials"
);
}

$params = array();
$params['site'] = $site;
$params['authEnt'] = $authEnt;
$params['authTypes'] = array();
$params['authTypes'][]='X.509';
$params['authTypes'][]='OIDC Subject';
$params['authTypes'][] = 'X.509';
$params['authTypes'][] = 'OIDC Subject';
$params['user'] = $user;

show_view("site/edit_api_auth.php", $params);

die();
}

function submit(\User $user, \APIAuthentication $authEnt, \Site $site, org\gocdb\services\Site $serv) {
function submit(
\User $user,
\APIAuthentication $authEnt,
\Site $site,
org\gocdb\services\Site $serv
) {
$newValues = getAPIAuthenticationFromWeb();

try {
$authEnt = $serv->editAPIAuthEntity($authEnt, $user, $newValues);
} catch(Exception $e) {
} catch (Exception $e) {
show_view('error.php', $e->getMessage());

die();
}

$params = array();
$params['apiAuthenticationEntity'] = $authEnt;
$params['site'] = $site;
show_view("site/edited_api_auth.php", $params);
die();

show_view("site/edited_api_auth.php", $params);

die();
}
82 changes: 62 additions & 20 deletions htdocs/web_portal/views/site/edit_api_auth.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
<div class="rightPageContainer">
<?php

$user = $params['user'];
$entUser = $params['authEnt']->getUser();

Expand All @@ -9,7 +8,6 @@
echo('</h1>');

if (!is_null($entUser)) {

echo('<h4>This credential is linked to GOCDB user ');
echo('<a href="');
xecho(\GocContextPath::getPath());
Expand All @@ -27,46 +25,90 @@
echo("' to '");
xecho($user->getFullname());
echo("'. Click the browser Back button to cancel the edit.</div>");
}

} else {
// This clause should be deleted or replaced with exception after all
// authentication entities are assigned a user.
echo('<div class="input_warning">');
echo("WARNING: editing will link user '");
xecho($user->getFullname());
echo("' to this credential. Click the browser Back button to cancel the edit.</div>");
}
} else {
/**
* This clause should be deleted or replaced with exception after
* all authentication entities are assigned a user.
*/
echo('<div class="input_warning">');
echo("WARNING: editing will link user '");
xecho($user->getFullname());
echo(
"' to this credential. Click the browser Back button "
. "to cancel the edit.</div>"
);
}
?>
<form class="inputForm" method="post" action="index.php?Page_Type=Edit_API_Authentication_Entity&parentid=<?php echo($params['site']->getId())?>&authentityid=<?php xecho($params['authEnt']->getId())?>" name="addAPIAuthenticationEntity">
<form
class="inputForm"
method="post"
action="<?php
echo "index.php?Page_Type=Edit_API_Authentication_Entity",
"&parentid=",
$params['site']->getId(),
"&authentityid=",
xecho($params['authEnt']->getId());
?>"
name="addAPIAuthenticationEntity"
>
<div style="margin-bottom: 0.5em;">
<span class="input_name">Identifier (e.g. Certificate DN or OIDC Subject)*</span>
<input type="text" value="<?php xecho($params['authEnt']->getIdentifier()) ?>" name="IDENTIFIER" class="input_input_text">
<span class="input_name">
Identifier (e.g. Certificate DN or OIDC Subject)*
</span>

<input
type="text"
value="<?php xecho($params['authEnt']->getIdentifier()); ?>"
name="IDENTIFIER"
class="input_input_text"
>
</div>

<div style="margin-bottom: 0.5em;">
<span class="input_name">Credential type*</span>

<select name="TYPE" class="input_input_text">
<?php foreach($params['authTypes'] as $authType) {?>
<option value="<?php xecho($authType) ?>"<?php if ($params['authEnt']->getType() == $authType) {echo " selected=\"selected\"";} ?>>
<?php foreach ($params['authTypes'] as $authType) { ?>
<option
value="<?php xecho($authType); ?>"
<?php
if ($params['authEnt']->getType() == $authType) {
echo " selected=\"selected\"";
}
?>
>
<?php xecho($authType) ?>
</option>
<?php } ?>
</select>
</div>

<div style="margin-bottom: 1em">
<div class="input_warning">
WARNING: it is possible to delete information using the write functionality of the API. Leave Allow API write unchecked if
WARNING: it is possible to delete information using the write
functionality of the API. Leave Allow API write unchecked if
you do not need to write data.
</div>

<div class="input_checkbox">
<input type="checkbox" name="ALLOW_WRITE" id="ALLOW_WRITE" value="checked"
<input
type="checkbox"
name="ALLOW_WRITE"
id="ALLOW_WRITE"
value="checked"
<?php
if ($params['authEnt']->getAllowAPIWrite()) { echo('checked="checked"');}
if ($params['authEnt']->getAllowAPIWrite()) {
echo('checked="checked"');
}
?>
/>
<label class="input_label" for="ALLOW_WRITE">Allow API write</label>
<label class="input_label" for="ALLOW_WRITE">
Allow API write
</label>
</div>
</div>

<input type="submit" value="Edit credential" class="input_button">
</form>
</div>
13 changes: 10 additions & 3 deletions htdocs/web_portal/views/site/edited_api_auth.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,14 @@
<div class="rightPageContainer">
<h1 class="Success">Success</h1><br />
The API authenication credential has now been updated. Type:<?php xecho($params['apiAuthenticationEntity']->getType()) ?>, identifier: <?php xecho($params['apiAuthenticationEntity']->getIdentifier()) ?>.
The API authenication credential has now been updated.
Type: <?php xecho($params['apiAuthenticationEntity']->getType()); ?>,
identifier: <?php
xecho($params['apiAuthenticationEntity']->getIdentifier());
?>.
<br />
<a href="index.php?Page_Type=Site&amp;id=<?php echo $params['site']->getID(); ?>">
View site</a>
<a
href="<?php
echo "index.php?Page_Type=Site&amp;id=", $params['site']->getID();
?>"
>View site</a>
</div>
Loading
Loading