Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/matomo-org/matomo.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/plugins/UsersManager/templates
diff options
context:
space:
mode:
authorThomas Steur <tsteur@users.noreply.github.com>2020-03-18 06:04:12 +0300
committerGitHub <noreply@github.com>2020-03-18 06:04:12 +0300
commitf0c246cb3a4db3021da7552f6779d56613799414 (patch)
tree42ddf7a9c2e086df78ffc40dfc23af74f8dd3a39 /plugins/UsersManager/templates
parente493fee87c983e02001a7d9438cefe58141a38af (diff)
App specific token_auths (#15410)
* some initial work * add security page * backing up some code * more functionality * adjust more UI parts * adjust more code * more tweaks * add todo note * few tweaks * make sure date is in right format * fix not existing column * few fixes * available hashes * use different hash algo so tests run on php 5 * fix name of aglorithm * trying to fix some tests * another try to fix some tests * more fixes * more fixes * few fixes * update template * fix some tests * fix test * fixing some tests * various test fixes * more fixes * few more tests * more tests * various tweaks * add translations * add some ui tests * fix selector * tweaks * trying to fix some ui tests * fallback to regular authentication if needed * fix call authenticate on null * fix user settings * fix some tests * few fixes * fix more ui tests * update schema * Update plugins/CoreHome/angularjs/widget-loader/widgetloader.directive.js Co-Authored-By: Stefan Giehl <stefan@matomo.org> * fix maps are not showing data * trying to fix some tests * set correct token * trying to fix tracking failure * minor tweaks and fixes * fix more tests * fix screenshot test * trigger event so brute force logic is executed * test no fallback to actual authentication * allow fallback * apply review feedback * fix some tests * fix tests * make sure location values from query params are limited properly before attempting a db insert * make sure plugin uninstall migration reloads plugins, make sure 4.0.0-b1 migration removes unique index that is no longer used, use defaults extra file in SqlDump to get test to run on travis * Fix UI tests. * update expected screenshot Co-authored-by: Stefan Giehl <stefan@matomo.org> Co-authored-by: diosmosis <diosmosis@users.noreply.github.com>
Diffstat (limited to 'plugins/UsersManager/templates')
-rw-r--r--plugins/UsersManager/templates/addNewToken.twig37
-rw-r--r--plugins/UsersManager/templates/addNewTokenSuccess.twig17
-rw-r--r--plugins/UsersManager/templates/userSecurity.twig121
-rw-r--r--plugins/UsersManager/templates/userSettings.twig80
4 files changed, 195 insertions, 60 deletions
diff --git a/plugins/UsersManager/templates/addNewToken.twig b/plugins/UsersManager/templates/addNewToken.twig
new file mode 100644
index 0000000000..fa04b2f26b
--- /dev/null
+++ b/plugins/UsersManager/templates/addNewToken.twig
@@ -0,0 +1,37 @@
+{% extends 'admin.twig' %}
+
+{% set title %}{{ 'General_Security'|translate }}{% endset %}
+
+{% block content %}
+
+ <div piwik-content-block content-title="{{ 'UsersManager_AuthTokens'|translate|e('html_attr') }}">
+ <p>
+ {{ 'UsersManager_TokenAuthIntro'|translate }}
+ </p>
+
+ {% if noDescription %}
+ <br>
+ <div class="alert alert-danger">
+ {{ 'General_Description'|translate }}: {{ 'General_ValidatorErrorEmptyValue'|translate }}
+ </div>
+ {% endif %}
+
+ <form action="{{ linkTo({'module': 'UsersManager', 'action': 'addNewToken'}) }}" method="post" class="addTokenForm">
+ <div piwik-field uicontrol="text" name="description"
+ data-title="{{ 'General_Description'|translate|e('html_attr') }}"
+ maxlength="100" required
+ inline-help="{{ 'UsersManager_AuthTokenPurpose'|translate|e('html_attr') }}">
+ </div>
+
+ <input type="hidden" value="{{ nonce|e('html_attr') }}" name="nonce">
+
+ <input type="submit"
+ value="{{ 'UsersManager_CreateNewToken'|translate|e('html_attr') }}"
+ class="btn"/>
+ {% set backlink = linkTo({'module': 'UsersManager', 'action': 'userSecurity'}) %}
+ {{ 'General_OrCancel'|translate("<a class='entityCancelLink' href='" ~ backlink ~ "'>","</a>")|raw }}
+
+ </form>
+ </div>
+
+{% endblock %}
diff --git a/plugins/UsersManager/templates/addNewTokenSuccess.twig b/plugins/UsersManager/templates/addNewTokenSuccess.twig
new file mode 100644
index 0000000000..ba0ac62b09
--- /dev/null
+++ b/plugins/UsersManager/templates/addNewTokenSuccess.twig
@@ -0,0 +1,17 @@
+{% extends 'admin.twig' %}
+
+{% set title %}{{ 'General_Security'|translate }}{% endset %}
+
+{% block content %}
+
+ <div piwik-content-block content-title="{{ 'UsersManager_TokenSuccessfullyGenerated'|translate|e('html_attr') }}">
+ <p>
+ {{ 'UsersManager_PleaseStoreToken'|translate }}
+ </p>
+ <pre piwik-select-on-focus style="font-size: 40px;" class="generatedTokenAuth"><code>{{ generatedToken }}</code></pre>
+
+ <a href="{{ linkTo({'module': 'UsersManager', 'action': 'userSecurity'}) }}" class="btn"
+ >{{ 'UsersManager_ConfirmTokenCopied'|translate }} {{ 'UsersManager_GoBackSecurityPage'|translate }}</a>
+ </div>
+
+{% endblock %}
diff --git a/plugins/UsersManager/templates/userSecurity.twig b/plugins/UsersManager/templates/userSecurity.twig
new file mode 100644
index 0000000000..58c03b571e
--- /dev/null
+++ b/plugins/UsersManager/templates/userSecurity.twig
@@ -0,0 +1,121 @@
+{% extends 'admin.twig' %}
+
+{% set title %}{{ 'General_Security'|translate }}{% endset %}
+
+{% block content %}
+{% if isUsersAdminEnabled %}
+ <div piwik-content-block content-title="{{ 'General_ChangePassword'|translate|e('html_attr') }}" feature="true">
+ <form id="userSettingsTable" method="post" action="{{ linkTo({'module': 'UsersManager', 'action': 'recordPasswordChange'}) }}">
+
+ <input type="hidden" value="{{ changePasswordNonce|e('html_attr') }}" name="nonce">
+
+ {% if isValidHost is defined and isValidHost %}
+
+ <div piwik-field uicontrol="password" name="password" autocomplete="off"
+ ng-model="personalSettings.password"
+ ng-change="personalSettings.requirePasswordConfirmation()"
+ data-title="{{ 'Login_NewPassword'|translate|e('html_attr') }}"
+ value="" inline-help="{{ 'UsersManager_IfYouWouldLikeToChangeThePasswordTypeANewOne'|translate|e('html_attr') }}">
+ </div>
+
+ <div piwik-field uicontrol="password" name="passwordBis" autocomplete="off"
+ ng-model="personalSettings.passwordBis"
+ ng-change="personalSettings.requirePasswordConfirmation()"
+ data-title="{{ 'Login_NewPasswordRepeat'|translate|e('html_attr') }}"
+ value="" inline-help="{{ 'UsersManager_TypeYourPasswordAgain'|translate|e('html_attr') }}">
+ </div>
+
+ <div piwik-field uicontrol="password" name="passwordConfirmation" autocomplete="off"
+ ng-model="personalSettings.current_password"
+ data-title="{{ 'UsersManager_YourCurrentPassword'|translate|e('html_attr') }}"
+ value="" inline-help="{{ 'UsersManager_TypeYourCurrentPassword'|translate|e('html_attr') }}">
+ </div>
+
+ <input type="submit"
+ value="{{ 'General_Save'|translate|e('html_attr') }}"
+ class="btn"/>
+ {% endif %}
+
+ {% if isValidHost is not defined or not isValidHost %}
+ <div class="alert alert-danger">
+ {{ 'UsersManager_InjectedHostCannotChangePwd'|translate(invalidHost) }}
+ {% if not isSuperUser %}{{ 'UsersManager_EmailYourAdministrator'|translate(invalidHostMailLinkStart,'</a>')|raw }}{% endif %}
+ </div>
+ {% endif %}
+
+ </form>
+ </div>
+
+ {{ postEvent('Template.userSecurity.afterPassword') }}
+{% endif %}
+
+ <a name="authtokens" id="authtokens"></a>
+ <div piwik-content-block content-title="{{ 'UsersManager_AuthTokens'|translate|e('html_attr') }}">
+ <p>
+ {{ 'UsersManager_TokenAuthIntro'|translate }}
+ {% if hasTokensWithExpireDate %}{{ 'UsersManager_ExpiredTokensDeleteAutomatically'|translate }}{% endif %}
+ </p>
+ <table piwik-content-table class="listAuthTokens">
+ <thead>
+ <tr>
+ <th>{{ 'General_CreationDate'|translate }}</th>
+ <th>{{ 'General_Description'|translate }}</th>
+ <th>{{ 'UsersManager_LastUsed'|translate }}</th>
+ {% if hasTokensWithExpireDate %}<th title="{{ 'UsersManager_TokensWithExpireDateCreationBySystem'|translate|e('html_attr') }}">{{ 'UsersManager_ExpireDate'|translate }}</th>{% endif %}
+ <th>{{ 'General_Actions'|translate }}</th>
+ </tr>
+ </thead>
+ <tbody>
+ {% if tokens is empty %}
+ <tr>
+ <td colspan="{% if hasTokensWithExpireDate %}5{% else %}4{% endif %}">
+ {{ 'UsersManager_NoTokenCreatedYetCreateNow'|translate('<a href="' ~ (linkTo({'module': 'UsersManager', 'action': 'addNewToken'})|e('html_attr'))~ '">', '</a>')|raw }}
+ </td></tr>
+ {% else %}
+ {% for theToken in tokens %}
+ <tr>
+ <td><span class="creationDate">{{ theToken.date_created }}</span></td>
+ <td>{{ theToken.description }}</td>
+ <td>{% if theToken.last_used %}{{ theToken.last_used }}{% else %}{{ 'General_Never'|translate }}{% endif %}</td>
+ {% if hasTokensWithExpireDate %}
+ <td title="{{ 'UsersManager_TokensWithExpireDateCreationBySystem'|translate|e('html_attr') }}">
+ {% if theToken.date_expired %}{{ theToken.date_expired }}{% else %}{{ 'General_Never'|translate }}{% endif %}
+ </td>
+ {% endif %}
+ <td>
+ <form method="post" action="{{ linkTo({'module': 'UsersManager', 'action': 'deleteToken'}) }}" style="display: inline">
+ <input name="nonce" type="hidden" value="{{ deleteTokenNonce|e('html_attr') }}">
+ <input name="idtokenauth" type="hidden" value="{{ theToken.idusertokenauth|e('html_attr') }}">
+ <button type="submit" class="table-action"
+ title="{{ 'General_Delete'|translate|e('html_attr') }}">
+ <span class="icon-delete"></span>
+ </button>
+ </form>
+ </td>
+ </tr>
+ {% endfor %}
+ {% endif %}
+ </tbody>
+ </table>
+
+ <div class="tableActionBar">
+ <a href="{{ linkTo({'module': 'UsersManager', 'action': 'addNewToken'})|e('html_attr') }}" class="addNewToken">
+ <span class="icon-add"></span>
+ {{ 'UsersManager_CreateNewToken'|translate }}
+ </a>
+
+ {% if tokens is not empty %}
+ <form method="post" action="{{ linkTo({'module': 'UsersManager', 'action': 'deleteToken'}) }}" style="display: inline">
+ <input name="nonce" type="hidden" value="{{ deleteTokenNonce|e('html_attr') }}">
+ <input name="idtokenauth" type="hidden" value="all">
+ <button type="submit" class="table-action">
+ <span class="icon-delete"></span> {{ 'UsersManager_DeleteAllTokens'|translate }}
+ </button>
+ </form>
+ {% endif %}
+ </div>
+
+ </div>
+
+
+{% endblock %}
diff --git a/plugins/UsersManager/templates/userSettings.twig b/plugins/UsersManager/templates/userSettings.twig
index 22c9a58ccb..370c710cc8 100644
--- a/plugins/UsersManager/templates/userSettings.twig
+++ b/plugins/UsersManager/templates/userSettings.twig
@@ -4,12 +4,6 @@
{% block content %}
-<div class="ui-confirm" id="confirmTokenRegenerate">
- <h2>{{ 'UsersManager_TokenRegenerateConfirmSelf'|translate }}</h2>
- <input role="yes" type="button" value="{{ 'General_Yes'|translate }}"/>
- <input role="no" type="button" value="{{ 'General_No'|translate }}"/>
-</div>
-
<div piwik-content-block content-title="{{ title|e('html_attr') }}" feature="true">
<form id="userSettingsTable" piwik-form ng-controller="PersonalSettingsController as personalSettings">
@@ -74,31 +68,6 @@
value="{{ defaultDate }}" options="{{ availableDefaultDates|json_encode }}">
</div>
- {% if isValidHost is defined and isValidHost and isUsersAdminEnabled %}
-
- <div piwik-field uicontrol="password" name="password" autocomplete="off"
- ng-model="personalSettings.password"
- ng-change="personalSettings.requirePasswordConfirmation()"
- introduction="{{ 'General_ChangePassword'|translate|e('html_attr') }}"
- data-title="{{ 'Login_NewPassword'|translate|e('html_attr') }}"
- value="" inline-help="{{ 'UsersManager_IfYouWouldLikeToChangeThePasswordTypeANewOne'|translate|e('html_attr') }}">
- </div>
-
- <div piwik-field uicontrol="password" name="passwordBis" autocomplete="off"
- ng-model="personalSettings.passwordBis"
- ng-change="personalSettings.requirePasswordConfirmation()"
- data-title="{{ 'Login_NewPasswordRepeat'|translate|e('html_attr') }}"
- value="" inline-help="{{ 'UsersManager_TypeYourPasswordAgain'|translate|e('html_attr') }}">
- </div>
- {% endif %}
-
- {% if isValidHost is not defined or not isValidHost %}
- <div class="alert alert-danger">
- {{ 'UsersManager_InjectedHostCannotChangePwd'|translate(invalidHost) }}
- {% if not isSuperUser %}{{ 'UsersManager_EmailYourAdministrator'|translate(invalidHostMailLinkStart,'</a>')|raw }}{% endif %}
- </div>
- {% endif %}
-
<div piwik-save-button onconfirm="personalSettings.save()"
saving="personalSettings.loading"></div>
@@ -122,40 +91,31 @@
</form>
</div>
+{% endblock %}
+
{% if showNewsletterSignup %}
-<div ng-controller="PersonalSettingsController as personalSettings">
- <div piwik-content-block id="newsletterSignup"
- ng-show="personalSettings.showNewsletterSignup"
- content-title="{{ 'UsersManager_NewsletterSignupTitle'|translate|e('html_attr') }}">
-
- <div piwik-field uicontrol="checkbox" name="newsletterSignupCheckbox"
- ng-model="personalSettings.newsletterSignupCheckbox"
- full-width="true"
- data-title="{{ 'UsersManager_NewsletterSignupMessage'|translate('<a href="https://matomo.org/privacy-policy/" target="_blank">', '</a>')|e('html_attr') }}"
- >
- </div>
+ <div ng-controller="PersonalSettingsController as personalSettings">
+ <div piwik-content-block id="newsletterSignup"
+ ng-show="personalSettings.showNewsletterSignup"
+ content-title="{{ 'UsersManager_NewsletterSignupTitle'|translate|e('html_attr') }}">
+
+ <div piwik-field uicontrol="checkbox" name="newsletterSignupCheckbox"
+ ng-model="personalSettings.newsletterSignupCheckbox"
+ full-width="true"
+ data-title="{{ 'UsersManager_NewsletterSignupMessage'|translate('<a href="https://matomo.org/privacy-policy/" target="_blank">', '</a>')|e('html_attr') }}"
+ >
+ </div>
- <div piwik-save-button id="newsletterSignupBtn"
- onconfirm="personalSettings.signupForNewsletter()"
- data-disabled="!personalSettings.newsletterSignupCheckbox"
- value="{{ '{{ personalSettings.newsletterSignupButtonTitle }}'|raw }}"
- saving="personalSettings.isProcessingNewsletterSignup">
+ <div piwik-save-button id="newsletterSignupBtn"
+ onconfirm="personalSettings.signupForNewsletter()"
+ data-disabled="!personalSettings.newsletterSignupCheckbox"
+ value="{{ '{{ personalSettings.newsletterSignupButtonTitle }}'|raw }}"
+ saving="personalSettings.isProcessingNewsletterSignup">
+ </div>
</div>
</div>
-</div>
{% endif %}
-<div piwik-content-block
- content-title="{{ 'UsersManager_TokenAuth'|translate|e('html_attr') }}">
- <pre piwik-select-on-focus id="token_auth_user" piwik-show-sensitive-data="{{ userTokenAuth }}"></pre>
-
- <button class="btn btn-link"
- ng-controller="PersonalSettingsController as personalSettings"
- ng-click="personalSettings.regenerateTokenAuth()">{{ 'UsersManager_TokenRegenerateTitle'|translate }}</button>
-</div>
-
-{{ postEvent('Template.userSettings.afterTokenAuth') }}
-
<div piwik-plugin-settings mode="user"></div>
<div piwik-content-block
@@ -174,4 +134,4 @@
</a></span>
</div>
-{% endblock %}
+{% endblock %} \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-28 06:56:08 +0300