From 4407fc2c5d47ee1a7dfb8bfdfd47e73b22ec7e2a Mon Sep 17 00:00:00 2001 From: Fabio Comuni Date: Mon, 7 Nov 2011 17:38:30 +0100 Subject: [PATCH] oauth apps/authorization management in settings page --- mod/settings.php | 119 +++++++++++++++++++++++++++++++++++ view/settings_oauth.tpl | 26 +++++++- view/settings_oauth_edit.tpl | 17 +++++ 3 files changed, 160 insertions(+), 2 deletions(-) create mode 100644 view/settings_oauth_edit.tpl diff --git a/mod/settings.php b/mod/settings.php index ca9b4bd542..2b9cde7353 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -47,6 +47,58 @@ function settings_post(&$a) { return; } + if(($a->argc > 1) && ($a->argv[1] === 'oauth') && x($_POST,'remove')){ + $key = $_POST['remove']; + q("DELETE FROM tokens WHERE id='%s' AND uid=%d", + dbesc($key), + local_user()); + goaway($a->get_baseurl()."/settings/oauth/"); + return; + } + + if(($a->argc > 2) && ($a->argv[1] === 'oauth') && ($a->argv[2] === 'edit') && x($_POST,'submit')) { + + $name = ((x($_POST,'name')) ? $_POST['name'] : ''); + $key = ((x($_POST,'key')) ? $_POST['key'] : ''); + $secret = ((x($_POST,'secret')) ? $_POST['secret'] : ''); + $redirect = ((x($_POST,'redirect')) ? $_POST['redirect'] : ''); + $icon = ((x($_POST,'icon')) ? $_POST['icon'] : ''); + if ($name=="" || $key=="" || $secret==""){ + notice(t("Missing some important data!")); + + } else { + if ($_POST['submit']==t("Update")){ + $r = q("UPDATE clients SET + client_id='%s', + pw='%s', + name='%s', + redirect_uri='%s', + icon='%s', + uid=%d + WHERE client_id='%s'", + dbesc($key), + dbesc($secret), + dbesc($name), + dbesc($redirect), + dbesc($icon), + local_user(), + dbesc($key)); + } else { + $r = q("INSERT INTO clients + (client_id, pw, name, redirect_uri, icon, uid) + VALUES ('%s','%s','%s','%s','%s',%d)", + dbesc($key), + dbesc($secret), + dbesc($name), + dbesc($redirect), + dbesc($icon), + local_user()); + } + } + goaway($a->get_baseurl()."/settings/oauth/"); + return; + } + if(($a->argc > 1) && ($a->argv[1] == 'addon')) { call_hooks('plugin_settings_post', $_POST); return; @@ -358,10 +410,77 @@ function settings_content(&$a) { if(($a->argc > 1) && ($a->argv[1] === 'oauth')) { + if(($a->argc > 2) && ($a->argv[2] === 'add')) { + $tpl = get_markup_template("settings_oauth_edit.tpl"); + $o .= replace_macros($tpl, array( + '$tabs' => $tabs, + '$title' => t('Add application'), + '$submit' => t('Submit'), + '$cancel' => t('Cancel'), + '$name' => array('name', t('Name'), '', ''), + '$key' => array('key', t('Consumer Key'), '', ''), + '$secret' => array('secret', t('Consumer Secret'), '', ''), + '$redirect' => array('redirect', t('Redirect'), '', ''), + '$icon' => array('icon', t('Icon url'), '', ''), + )); + return $o; + } + + if(($a->argc > 3) && ($a->argv[2] === 'edit')) { + $r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", + dbesc($a->argv[3]), + local_user()); + + if (!count($r)){ + notice(t("You can't edit this application.")); + return; + } + $app = $r[0]; + + $tpl = get_markup_template("settings_oauth_edit.tpl"); + $o .= replace_macros($tpl, array( + '$tabs' => $tabs, + '$title' => t('Add application'), + '$submit' => t('Update'), + '$cancel' => t('Cancel'), + '$name' => array('name', t('Name'), $app['name'] , ''), + '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), + '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), + '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), + '$icon' => array('icon', t('Icon url'), $app['icon'], ''), + )); + return $o; + } + + if(($a->argc > 3) && ($a->argv[2] === 'delete')) { + $r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", + dbesc($a->argv[3]), + local_user()); + goaway($a->get_baseurl()."/settings/oauth/"); + return; + } + + + $r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my + FROM clients + LEFT JOIN tokens ON clients.client_id=tokens.client_id + WHERE clients.uid IN (%d,0)", + local_user(), + local_user()); + + $tpl = get_markup_template("settings_oauth.tpl"); $o .= replace_macros($tpl, array( + '$baseurl' => $a->get_baseurl(), '$title' => t('Connected Apps'), + '$add' => t('Add application'), + '$edit' => t('Edit'), + '$delete' => t('Delete'), + '$consumerkey' => t('Client key starts with'), + '$noname' => t('No name'), + '$remove' => t('Remove authorization'), '$tabs' => $tabs, + '$apps' => $r, )); return $o; diff --git a/view/settings_oauth.tpl b/view/settings_oauth.tpl index 87fd6d1ee8..bc5866bec9 100644 --- a/view/settings_oauth.tpl +++ b/view/settings_oauth.tpl @@ -3,8 +3,30 @@ $tabs

$title

-
+ + + -$settings_addons + {{ for $apps as $app }} +
+ + {{ if $app.name }}

$app.name

{{ else }}

$noname

{{ endif }} + {{ if $app.my }} + {{ if $app.oauth_token }} +
+ {{ endif }} + {{ endif }} + {{ if $app.my }} +   +   + {{ endif }} +
+ {{ endfor }}
diff --git a/view/settings_oauth_edit.tpl b/view/settings_oauth_edit.tpl new file mode 100644 index 0000000000..98b7457aa4 --- /dev/null +++ b/view/settings_oauth_edit.tpl @@ -0,0 +1,17 @@ +$tabs + +

$title

+ +
+{{ inc field_input.tpl with $field=$name }}{{ endinc }} +{{ inc field_input.tpl with $field=$key }}{{ endinc }} +{{ inc field_input.tpl with $field=$secret }}{{ endinc }} +{{ inc field_input.tpl with $field=$redirect }}{{ endinc }} +{{ inc field_input.tpl with $field=$icon }}{{ endinc }} + +
+ + +
+ +