diff options
author | Thomas Steur <tsteur@users.noreply.github.com> | 2020-03-18 06:04:12 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-03-18 06:04:12 +0300 |
commit | f0c246cb3a4db3021da7552f6779d56613799414 (patch) | |
tree | 42ddf7a9c2e086df78ffc40dfc23af74f8dd3a39 /plugins/UsersManager/templates | |
parent | e493fee87c983e02001a7d9438cefe58141a38af (diff) |
App specific token_auths (#15410)
* some initial work
* add security page
* backing up some code
* more functionality
* adjust more UI parts
* adjust more code
* more tweaks
* add todo note
* few tweaks
* make sure date is in right format
* fix not existing column
* few fixes
* available hashes
* use different hash algo so tests run on php 5
* fix name of aglorithm
* trying to fix some tests
* another try to fix some tests
* more fixes
* more fixes
* few fixes
* update template
* fix some tests
* fix test
* fixing some tests
* various test fixes
* more fixes
* few more tests
* more tests
* various tweaks
* add translations
* add some ui tests
* fix selector
* tweaks
* trying to fix some ui tests
* fallback to regular authentication if needed
* fix call authenticate on null
* fix user settings
* fix some tests
* few fixes
* fix more ui tests
* update schema
* Update plugins/CoreHome/angularjs/widget-loader/widgetloader.directive.js
Co-Authored-By: Stefan Giehl <stefan@matomo.org>
* fix maps are not showing data
* trying to fix some tests
* set correct token
* trying to fix tracking failure
* minor tweaks and fixes
* fix more tests
* fix screenshot test
* trigger event so brute force logic is executed
* test no fallback to actual authentication
* allow fallback
* apply review feedback
* fix some tests
* fix tests
* make sure location values from query params are limited properly before attempting a db insert
* make sure plugin uninstall migration reloads plugins, make sure 4.0.0-b1 migration removes unique index that is no longer used, use defaults extra file in SqlDump to get test to run on travis
* Fix UI tests.
* update expected screenshot
Co-authored-by: Stefan Giehl <stefan@matomo.org>
Co-authored-by: diosmosis <diosmosis@users.noreply.github.com>
Diffstat (limited to 'plugins/UsersManager/templates')
-rw-r--r-- | plugins/UsersManager/templates/addNewToken.twig | 37 | ||||
-rw-r--r-- | plugins/UsersManager/templates/addNewTokenSuccess.twig | 17 | ||||
-rw-r--r-- | plugins/UsersManager/templates/userSecurity.twig | 121 | ||||
-rw-r--r-- | plugins/UsersManager/templates/userSettings.twig | 80 |
4 files changed, 195 insertions, 60 deletions
diff --git a/plugins/UsersManager/templates/addNewToken.twig b/plugins/UsersManager/templates/addNewToken.twig new file mode 100644 index 0000000000..fa04b2f26b --- /dev/null +++ b/plugins/UsersManager/templates/addNewToken.twig @@ -0,0 +1,37 @@ +{% extends 'admin.twig' %} + +{% set title %}{{ 'General_Security'|translate }}{% endset %} + +{% block content %} + + <div piwik-content-block content-title="{{ 'UsersManager_AuthTokens'|translate|e('html_attr') }}"> + <p> + {{ 'UsersManager_TokenAuthIntro'|translate }} + </p> + + {% if noDescription %} + <br> + <div class="alert alert-danger"> + {{ 'General_Description'|translate }}: {{ 'General_ValidatorErrorEmptyValue'|translate }} + </div> + {% endif %} + + <form action="{{ linkTo({'module': 'UsersManager', 'action': 'addNewToken'}) }}" method="post" class="addTokenForm"> + <div piwik-field uicontrol="text" name="description" + data-title="{{ 'General_Description'|translate|e('html_attr') }}" + maxlength="100" required + inline-help="{{ 'UsersManager_AuthTokenPurpose'|translate|e('html_attr') }}"> + </div> + + <input type="hidden" value="{{ nonce|e('html_attr') }}" name="nonce"> + + <input type="submit" + value="{{ 'UsersManager_CreateNewToken'|translate|e('html_attr') }}" + class="btn"/> + {% set backlink = linkTo({'module': 'UsersManager', 'action': 'userSecurity'}) %} + {{ 'General_OrCancel'|translate("<a class='entityCancelLink' href='" ~ backlink ~ "'>","</a>")|raw }} + + </form> + </div> + +{% endblock %} diff --git a/plugins/UsersManager/templates/addNewTokenSuccess.twig b/plugins/UsersManager/templates/addNewTokenSuccess.twig new file mode 100644 index 0000000000..ba0ac62b09 --- /dev/null +++ b/plugins/UsersManager/templates/addNewTokenSuccess.twig @@ -0,0 +1,17 @@ +{% extends 'admin.twig' %} + +{% set title %}{{ 'General_Security'|translate }}{% endset %} + +{% block content %} + + <div piwik-content-block content-title="{{ 'UsersManager_TokenSuccessfullyGenerated'|translate|e('html_attr') }}"> + <p> + {{ 'UsersManager_PleaseStoreToken'|translate }} + </p> + <pre piwik-select-on-focus style="font-size: 40px;" class="generatedTokenAuth"><code>{{ generatedToken }}</code></pre> + + <a href="{{ linkTo({'module': 'UsersManager', 'action': 'userSecurity'}) }}" class="btn" + >{{ 'UsersManager_ConfirmTokenCopied'|translate }} {{ 'UsersManager_GoBackSecurityPage'|translate }}</a> + </div> + +{% endblock %} diff --git a/plugins/UsersManager/templates/userSecurity.twig b/plugins/UsersManager/templates/userSecurity.twig new file mode 100644 index 0000000000..58c03b571e --- /dev/null +++ b/plugins/UsersManager/templates/userSecurity.twig @@ -0,0 +1,121 @@ +{% extends 'admin.twig' %} + +{% set title %}{{ 'General_Security'|translate }}{% endset %} + +{% block content %} +{% if isUsersAdminEnabled %} + <div piwik-content-block content-title="{{ 'General_ChangePassword'|translate|e('html_attr') }}" feature="true"> + <form id="userSettingsTable" method="post" action="{{ linkTo({'module': 'UsersManager', 'action': 'recordPasswordChange'}) }}"> + + <input type="hidden" value="{{ changePasswordNonce|e('html_attr') }}" name="nonce"> + + {% if isValidHost is defined and isValidHost %} + + <div piwik-field uicontrol="password" name="password" autocomplete="off" + ng-model="personalSettings.password" + ng-change="personalSettings.requirePasswordConfirmation()" + data-title="{{ 'Login_NewPassword'|translate|e('html_attr') }}" + value="" inline-help="{{ 'UsersManager_IfYouWouldLikeToChangeThePasswordTypeANewOne'|translate|e('html_attr') }}"> + </div> + + <div piwik-field uicontrol="password" name="passwordBis" autocomplete="off" + ng-model="personalSettings.passwordBis" + ng-change="personalSettings.requirePasswordConfirmation()" + data-title="{{ 'Login_NewPasswordRepeat'|translate|e('html_attr') }}" + value="" inline-help="{{ 'UsersManager_TypeYourPasswordAgain'|translate|e('html_attr') }}"> + </div> + + <div piwik-field uicontrol="password" name="passwordConfirmation" autocomplete="off" + ng-model="personalSettings.current_password" + data-title="{{ 'UsersManager_YourCurrentPassword'|translate|e('html_attr') }}" + value="" inline-help="{{ 'UsersManager_TypeYourCurrentPassword'|translate|e('html_attr') }}"> + </div> + + <input type="submit" + value="{{ 'General_Save'|translate|e('html_attr') }}" + class="btn"/> + {% endif %} + + {% if isValidHost is not defined or not isValidHost %} + <div class="alert alert-danger"> + {{ 'UsersManager_InjectedHostCannotChangePwd'|translate(invalidHost) }} + {% if not isSuperUser %}{{ 'UsersManager_EmailYourAdministrator'|translate(invalidHostMailLinkStart,'</a>')|raw }}{% endif %} + </div> + {% endif %} + + </form> + </div> + + {{ postEvent('Template.userSecurity.afterPassword') }} +{% endif %} + + <a name="authtokens" id="authtokens"></a> + <div piwik-content-block content-title="{{ 'UsersManager_AuthTokens'|translate|e('html_attr') }}"> + <p> + {{ 'UsersManager_TokenAuthIntro'|translate }} + {% if hasTokensWithExpireDate %}{{ 'UsersManager_ExpiredTokensDeleteAutomatically'|translate }}{% endif %} + </p> + <table piwik-content-table class="listAuthTokens"> + <thead> + <tr> + <th>{{ 'General_CreationDate'|translate }}</th> + <th>{{ 'General_Description'|translate }}</th> + <th>{{ 'UsersManager_LastUsed'|translate }}</th> + {% if hasTokensWithExpireDate %}<th title="{{ 'UsersManager_TokensWithExpireDateCreationBySystem'|translate|e('html_attr') }}">{{ 'UsersManager_ExpireDate'|translate }}</th>{% endif %} + <th>{{ 'General_Actions'|translate }}</th> + </tr> + </thead> + <tbody> + {% if tokens is empty %} + <tr> + <td colspan="{% if hasTokensWithExpireDate %}5{% else %}4{% endif %}"> + {{ 'UsersManager_NoTokenCreatedYetCreateNow'|translate('<a href="' ~ (linkTo({'module': 'UsersManager', 'action': 'addNewToken'})|e('html_attr'))~ '">', '</a>')|raw }} + </td></tr> + {% else %} + {% for theToken in tokens %} + <tr> + <td><span class="creationDate">{{ theToken.date_created }}</span></td> + <td>{{ theToken.description }}</td> + <td>{% if theToken.last_used %}{{ theToken.last_used }}{% else %}{{ 'General_Never'|translate }}{% endif %}</td> + {% if hasTokensWithExpireDate %} + <td title="{{ 'UsersManager_TokensWithExpireDateCreationBySystem'|translate|e('html_attr') }}"> + {% if theToken.date_expired %}{{ theToken.date_expired }}{% else %}{{ 'General_Never'|translate }}{% endif %} + </td> + {% endif %} + <td> + <form method="post" action="{{ linkTo({'module': 'UsersManager', 'action': 'deleteToken'}) }}" style="display: inline"> + <input name="nonce" type="hidden" value="{{ deleteTokenNonce|e('html_attr') }}"> + <input name="idtokenauth" type="hidden" value="{{ theToken.idusertokenauth|e('html_attr') }}"> + <button type="submit" class="table-action" + title="{{ 'General_Delete'|translate|e('html_attr') }}"> + <span class="icon-delete"></span> + </button> + </form> + </td> + </tr> + {% endfor %} + {% endif %} + </tbody> + </table> + + <div class="tableActionBar"> + <a href="{{ linkTo({'module': 'UsersManager', 'action': 'addNewToken'})|e('html_attr') }}" class="addNewToken"> + <span class="icon-add"></span> + {{ 'UsersManager_CreateNewToken'|translate }} + </a> + + {% if tokens is not empty %} + <form method="post" action="{{ linkTo({'module': 'UsersManager', 'action': 'deleteToken'}) }}" style="display: inline"> + <input name="nonce" type="hidden" value="{{ deleteTokenNonce|e('html_attr') }}"> + <input name="idtokenauth" type="hidden" value="all"> + <button type="submit" class="table-action"> + <span class="icon-delete"></span> {{ 'UsersManager_DeleteAllTokens'|translate }} + </button> + </form> + {% endif %} + </div> + + </div> + + +{% endblock %} diff --git a/plugins/UsersManager/templates/userSettings.twig b/plugins/UsersManager/templates/userSettings.twig index 22c9a58ccb..370c710cc8 100644 --- a/plugins/UsersManager/templates/userSettings.twig +++ b/plugins/UsersManager/templates/userSettings.twig @@ -4,12 +4,6 @@ {% block content %} -<div class="ui-confirm" id="confirmTokenRegenerate"> - <h2>{{ 'UsersManager_TokenRegenerateConfirmSelf'|translate }}</h2> - <input role="yes" type="button" value="{{ 'General_Yes'|translate }}"/> - <input role="no" type="button" value="{{ 'General_No'|translate }}"/> -</div> - <div piwik-content-block content-title="{{ title|e('html_attr') }}" feature="true"> <form id="userSettingsTable" piwik-form ng-controller="PersonalSettingsController as personalSettings"> @@ -74,31 +68,6 @@ value="{{ defaultDate }}" options="{{ availableDefaultDates|json_encode }}"> </div> - {% if isValidHost is defined and isValidHost and isUsersAdminEnabled %} - - <div piwik-field uicontrol="password" name="password" autocomplete="off" - ng-model="personalSettings.password" - ng-change="personalSettings.requirePasswordConfirmation()" - introduction="{{ 'General_ChangePassword'|translate|e('html_attr') }}" - data-title="{{ 'Login_NewPassword'|translate|e('html_attr') }}" - value="" inline-help="{{ 'UsersManager_IfYouWouldLikeToChangeThePasswordTypeANewOne'|translate|e('html_attr') }}"> - </div> - - <div piwik-field uicontrol="password" name="passwordBis" autocomplete="off" - ng-model="personalSettings.passwordBis" - ng-change="personalSettings.requirePasswordConfirmation()" - data-title="{{ 'Login_NewPasswordRepeat'|translate|e('html_attr') }}" - value="" inline-help="{{ 'UsersManager_TypeYourPasswordAgain'|translate|e('html_attr') }}"> - </div> - {% endif %} - - {% if isValidHost is not defined or not isValidHost %} - <div class="alert alert-danger"> - {{ 'UsersManager_InjectedHostCannotChangePwd'|translate(invalidHost) }} - {% if not isSuperUser %}{{ 'UsersManager_EmailYourAdministrator'|translate(invalidHostMailLinkStart,'</a>')|raw }}{% endif %} - </div> - {% endif %} - <div piwik-save-button onconfirm="personalSettings.save()" saving="personalSettings.loading"></div> @@ -122,40 +91,31 @@ </form> </div> +{% endblock %} + {% if showNewsletterSignup %} -<div ng-controller="PersonalSettingsController as personalSettings"> - <div piwik-content-block id="newsletterSignup" - ng-show="personalSettings.showNewsletterSignup" - content-title="{{ 'UsersManager_NewsletterSignupTitle'|translate|e('html_attr') }}"> - - <div piwik-field uicontrol="checkbox" name="newsletterSignupCheckbox" - ng-model="personalSettings.newsletterSignupCheckbox" - full-width="true" - data-title="{{ 'UsersManager_NewsletterSignupMessage'|translate('<a href="https://matomo.org/privacy-policy/" target="_blank">', '</a>')|e('html_attr') }}" - > - </div> + <div ng-controller="PersonalSettingsController as personalSettings"> + <div piwik-content-block id="newsletterSignup" + ng-show="personalSettings.showNewsletterSignup" + content-title="{{ 'UsersManager_NewsletterSignupTitle'|translate|e('html_attr') }}"> + + <div piwik-field uicontrol="checkbox" name="newsletterSignupCheckbox" + ng-model="personalSettings.newsletterSignupCheckbox" + full-width="true" + data-title="{{ 'UsersManager_NewsletterSignupMessage'|translate('<a href="https://matomo.org/privacy-policy/" target="_blank">', '</a>')|e('html_attr') }}" + > + </div> - <div piwik-save-button id="newsletterSignupBtn" - onconfirm="personalSettings.signupForNewsletter()" - data-disabled="!personalSettings.newsletterSignupCheckbox" - value="{{ '{{ personalSettings.newsletterSignupButtonTitle }}'|raw }}" - saving="personalSettings.isProcessingNewsletterSignup"> + <div piwik-save-button id="newsletterSignupBtn" + onconfirm="personalSettings.signupForNewsletter()" + data-disabled="!personalSettings.newsletterSignupCheckbox" + value="{{ '{{ personalSettings.newsletterSignupButtonTitle }}'|raw }}" + saving="personalSettings.isProcessingNewsletterSignup"> + </div> </div> </div> -</div> {% endif %} -<div piwik-content-block - content-title="{{ 'UsersManager_TokenAuth'|translate|e('html_attr') }}"> - <pre piwik-select-on-focus id="token_auth_user" piwik-show-sensitive-data="{{ userTokenAuth }}"></pre> - - <button class="btn btn-link" - ng-controller="PersonalSettingsController as personalSettings" - ng-click="personalSettings.regenerateTokenAuth()">{{ 'UsersManager_TokenRegenerateTitle'|translate }}</button> -</div> - -{{ postEvent('Template.userSettings.afterTokenAuth') }} - <div piwik-plugin-settings mode="user"></div> <div piwik-content-block @@ -174,4 +134,4 @@ </a></span> </div> -{% endblock %} +{% endblock %}
\ No newline at end of file |