3 # This file is part of Koha.
5 # Copyright 2015 BibLibre
7 # Koha is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
12 # Koha is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
33 my ( $template, $loggedinuser, $cookie ) = get_template_and_user
(
34 { template_name
=> 'members/apikeys.tt',
38 flagsrequired
=> { borrowers
=> 'edit_borrowers' },
43 my $patron_id = $cgi->param('patron_id') // '';
44 my $api_key = $cgi->param('key') // '';
46 $patron = Koha
::Patrons
->find($patron_id) if $patron_id;
48 if ( not defined $patron or
49 not C4
::Context
->preference('RESTOAuth2ClientCredentials') ) {
51 # patron_id invalid -> exit
52 print $cgi->redirect("/cgi-bin/koha/errors/404.pl"); # escape early
56 my $op = $cgi->param('op') // '';
58 if ( $op eq 'generate' or
63 die "Wrong CSRF token"
64 unless Koha
::Token
->new->check_csrf({
65 session_id
=> scalar $cgi->cookie('CGISESSID'),
66 token
=> scalar $cgi->param('csrf_token'),
71 if ( $op eq 'generate' ) {
72 my $description = $cgi->param('description') // '';
73 my $api_key = Koha
::ApiKey
->new(
74 { patron_id
=> $patron_id,
75 description
=> $description
79 print $cgi->redirect( '/cgi-bin/koha/members/apikeys.pl?patron_id=' . $patron_id );
83 if ( $op eq 'delete' ) {
84 my $api_key_id = $cgi->param('key');
85 my $key = Koha
::ApiKeys
->find({ patron_id
=> $patron_id, client_id
=> $api_key_id });
89 print $cgi->redirect( '/cgi-bin/koha/members/apikeys.pl?patron_id=' . $patron_id );
93 if ( $op eq 'revoke' ) {
94 my $api_key_id = $cgi->param('key');
95 my $key = Koha
::ApiKeys
->find({ patron_id
=> $patron_id, client_id
=> $api_key_id });
100 print $cgi->redirect( '/cgi-bin/koha/members/apikeys.pl?patron_id=' . $patron_id );
104 if ( $op eq 'activate' ) {
105 my $api_key_id = $cgi->param('key');
106 my $key = Koha
::ApiKeys
->find({ patron_id
=> $patron_id, client_id
=> $api_key_id });
111 print $cgi->redirect( '/cgi-bin/koha/members/apikeys.pl?patron_id=' . $patron_id );
116 my @api_keys = Koha
::ApiKeys
->search({ patron_id
=> $patron_id });
119 api_keys
=> \
@api_keys,
120 csrf_token
=> Koha
::Token
->new->generate_csrf({ session_id
=> scalar $cgi->cookie('CGISESSID') }),
124 output_html_with_http_headers
$cgi, $cookie, $template->output;