) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
});
+ $dbh->do(q{
+ INSERT IGNORE INTO `systempreferences`
+ (variable,value,explanation,options,type)
+ VALUES
+ ('AllowPatronsManageAPIKeysInOPAC', '0', 'If enabled, patrons can manage their own API keys in the OPAC', NULL, 'YesNo');
+ });
+
print "Upgrade to $DBversion done (Bug 20568 - Add API key management interface for patrons)\n";
SetVersion($DBversion);
}
('AllowNotForLoanOverride','0','','If ON, Koha will allow the librarian to loan a not for loan item.','YesNo'),
('AllowOfflineCirculation','0','','If on, enables HTML5 offline circulation functionality.','YesNo'),
('AllowPatronToSetCheckoutsVisibilityForGuarantor', '0', NULL, 'If enabled, the patron can set checkouts to be visible to his or her guarantor', 'YesNo'),
+('AllowPatronsManageAPIKeysInOPAC', '0', NULL, 'If enabled, patrons can manage their own API keys in the OPAC', 'YesNo'),
('AllowPKIAuth','None','None|Common Name|emailAddress','Use the field from a client-side SSL certificate to look a user in the Koha database','Choice'),
('AllowPurchaseSuggestionBranchChoice','0','1','Allow user to choose branch when making a purchase suggestion','YesNo'),
('AllowRenewalIfOtherItemsAvailable','0',NULL,'If enabled, allow a patron to renew an item with unfilled holds if other available items can fill that hold.','YesNo'),
- pref: "RESTdefaultPageSize"
class: integer
- "per page"
+ -
+ - pref: AllowPatronsManageAPIKeysInOPAC
+ choices:
+ yes: Allow
+ no: "Don't allow"
+ - "patrons to manage their own API keys in the OPAC."
OAI-PMH:
-
- pref: OAI-PMH
[% USE Koha %]
[% INCLUDE 'doc-head-open.inc' %]
-<title>Koha › Patrons [% IF ( searching ) %]› API Keys[% END %]</title>
+<title>Koha › Patrons › API Keys</title>
[% INCLUDE 'doc-head-close.inc' %]
</head>
<body id="pat_apikeys" class="pat">
<input type="hidden" name="patron_id" value="[% patron.id %]">
<input type="hidden" name="key" value="[% key.value %]">
<input type="hidden" name="op" value="delete">
- <input type="submit" value="Delete">
+ <button class="btn btn-default btn-sm" type="submit">Delete</button>
</form>
<form action="/cgi-bin/koha/members/apikeys.pl" method="post">
<input type="hidden" name="patron_id" value="[% patron.id %]">
<input type="hidden" name="key" value="[% key.value %]">
[% IF key.active %]
<input type="hidden" name="op" value="revoke">
- <input type="submit" value="Revoke">
+ <button class="btn btn-default btn-sm" type="submit">Revoke</button>
[% ELSE %]
<input type="hidden" name="op" value="activate">
- <input type="submit" value="Activate">
+ <button class="btn btn-default btn-sm" type="submit">Activate</button>
[% END %]
</form>
</td>
<a href="/cgi-bin/koha/opac-illrequests.pl">your interlibrary loan requests</a></li>
[% END %]
- [% IF apikeysview %]
- <li class="active">
- [% ELSE %]
- <li>
+
+ [% IF Koha.Preference('AllowPatronsManageAPIKeysInOPAC') %]
+ [% IF apikeysview %]
+ <li class="active">
+ [% ELSE %]
+ <li>
+ [% END %]
+ <a href="/cgi-bin/koha/opac-apikeys.pl">your API keys</a>
[% END %]
- <a href="/cgi-bin/koha/opac-apikeys.pl">your API keys</a>
</li>
</ul>
</div>
[% INCLUDE 'doc-head-open.inc' %]
-[% IF ( LibraryNameTitle ) %][% LibraryNameTitle %][% ELSE %]Koha online[% END %] catalog › Your library home
+<title>[% IF ( LibraryNameTitle ) %][% LibraryNameTitle %][% ELSE %]Koha online[% END %] catalog › Your API keys</title>
[% INCLUDE 'doc-head-close.inc' %]
[% BLOCK cssinclude %][% END %]
</head>
<li><a href="/cgi-bin/koha/opac-main.pl">Home</a> <span class="divider">›</span></li>
<li>
<a href="/cgi-bin/koha/opac-user.pl">
- [% INCLUDE 'patron-title.inc' category_type = borrower.category_type firstname = borrower.firstname surname = borrower.surname othernames = borrower.othernames %]
+ [% INCLUDE 'patron-title.inc' category_type=patron.category.category_type firstname=patron.firstname surname=patron.surname othernames=patron.othernames %]
</a>
<span class="divider">›</span>
</li>
<h1>Your API keys</h1>
<div>
<form action="/cgi-bin/koha/opac-apikeys.pl" method="post">
- <input type="hidden" name="op" value="generate">
- <input type="submit" value="Generate new key">
+ <input type="hidden" name="patron_id" value="[% patron.id %]">
+ <input type="hidden" name="op" value="generate">
+ <label for="description">Description: </label>
+ <input type="text" name="description">
+ <button class="btn btn-default btn-sm" type="submit"><i class="fa fa-plus"></i> Generate a new key</span></button>
</form>
</div>
- [% IF api_keys.size > 0 %]
+ [% IF api_keys && api_keys.size > 0 %]
<table class="table table-bordered table-striped">
<thead>
<tr>
+ <th>Description</th>
<th>Key</th>
<th>Active</th>
<th>Actions</th>
<tbody>
[% FOREACH key IN api_keys %]
<tr>
- <td>[% key.api_key %]</td>
+ <td>[% key.description %]</td>
+ <td>[% key.value %]</td>
<td>[% IF key.active %]Yes[% ELSE %]No[% END %]</td>
<td>
<form action="/cgi-bin/koha/opac-apikeys.pl" method="post" class="form-inline">
- <input type="hidden" name="key" value="[% key.api_key %]">
+ <input type="hidden" name="key" value="[% key.value %]">
<input type="hidden" name="op" value="delete">
- <input type="submit" value="Delete">
+ <button class="btn btn-default btn-sm" type="submit">Delete</button>
</form>
<form action="/cgi-bin/koha/opac-apikeys.pl" method="post" class="form-inline">
- <input type="hidden" name="key" value="[% key.api_key %]">
+ <input type="hidden" name="key" value="[% key.value %]">
[% IF key.active %]
<input type="hidden" name="op" value="revoke">
- <input type="submit" value="Revoke">
+ <button class="btn btn-default btn-sm" type="submit">Revoke</button>
[% ELSE %]
<input type="hidden" name="op" value="activate">
- <input type="submit" value="Activate">
+ <button class="btn btn-default btn-sm" type="submit">Activate</button>
[% END %]
</form>
</td>
[% END %]
</tbody>
</table>
+ [% ELSE %]
+ <span class="warn">No keys defined for the current patron.</span>
[% END %]
</div> <!-- /#apikeys -->
</div> <!-- /.span10 -->
#!/usr/bin/env perl
-# Copyright 2015 BibLibre
-#
# This file is part of Koha.
#
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
+# Copyright 2015 BibLibre
#
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
#
-# You should have received a copy of the GNU General Public License along
-# with Koha; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
use Modern::Perl;
use CGI;
-use String::Random;
use C4::Auth;
-use C4::Members;
use C4::Output;
+
use Koha::ApiKeys;
-use Koha::ApiKey;
+use Koha::Patrons;
my $cgi = new CGI;
my ($template, $loggedinuser, $cookie) = get_template_and_user({
- template_name => 'opac-apikeys.tt',
- query => $cgi,
- type => 'opac',
- authnotrequired => 0,
- flagsrequired => {borrow => 1},
+ template_name => 'opac-apikeys.tt',
+ query => $cgi,
+ type => 'opac',
+ authnotrequired => 0
});
-my $borrowernumber = $loggedinuser;
-my $borrower = C4::Members::GetMember(borrowernumber => $borrowernumber);
+my $patron_id = $loggedinuser;
+my $patron = Koha::Patrons->find( $patron_id );
+
+if ( not defined $patron
+ or C4::Context->preference('AllowPatronsManageAPIKeysInOPAC') )
+{
+ # patron_id invalid -> exit
+ print $cgi->redirect("/cgi-bin/koha/errors/404.pl"); # escape early
+ exit;
+}
+
+
my $op = $cgi->param('op');
if ($op) {
if ($op eq 'generate') {
- my $apikey = new Koha::ApiKey;
- $apikey->borrowernumber($borrowernumber);
- $apikey->api_key(String::Random->new->randregex('[a-zA-Z0-9]{32}'));
+ my $description = $cgi->param('description') // '';
+ my $apikey = Koha::ApiKey->new({
+ patron_id => $patron_id,
+ description => $description
+ });
$apikey->store;
print $cgi->redirect('/cgi-bin/koha/opac-apikeys.pl');
exit;
if ($op eq 'delete') {
my $key = $cgi->param('key');
- my $api_key = Koha::ApiKeys->find({borrowernumber => $borrowernumber, api_key => $key});
+ my $api_key = Koha::ApiKeys->find({ patron_id => $patron_id, value => $key});
if ($api_key) {
$api_key->delete;
}
if ($op eq 'revoke') {
my $key = $cgi->param('key');
- my $api_key = Koha::ApiKeys->find({borrowernumber => $borrowernumber, api_key => $key});
+ my $api_key = Koha::ApiKeys->find({ patron_id => $patron_id, value => $key });
if ($api_key) {
$api_key->active(0);
$api_key->store;
if ($op eq 'activate') {
my $key = $cgi->param('key');
- my $api_key = Koha::ApiKeys->find({borrowernumber => $borrowernumber, api_key => $key});
+ my $api_key = Koha::ApiKeys->find({ patron_id => $patron_id, value => $key });
if ($api_key) {
$api_key->active(1);
$api_key->store;
}
}
-my @api_keys = Koha::ApiKeys->search({borrowernumber => $borrowernumber});
+my @api_keys = Koha::ApiKeys->search({ patron_id => $patron_id });
$template->param(
+ api_keys => \@api_keys,
apikeysview => 1,
- api_keys => \@api_keys,
- borrower => $borrower,
- borrowernumber => $borrowernumber,
+ patron => $patron
);
output_html_with_http_headers $cgi, $cookie, $template->output;