Skip to content

Commit

Permalink
[GT-184] Apply styles for the PR GOCDB#464
Browse files Browse the repository at this point in the history
  • Loading branch information
Sae126V committed Sep 19, 2023
1 parent 7bc3b3f commit 214063a
Show file tree
Hide file tree
Showing 11 changed files with 2,037 additions and 962 deletions.
78 changes: 56 additions & 22 deletions htdocs/web_portal/controllers/site/edit_api_auth.php
Original file line number Diff line number Diff line change
@@ -1,10 +1,11 @@
<?php

/*______________________________________________________
*======================================================
* File: edit_api_auth.php
* Author: George Ryall
* Description: Processes a edit API Authentication entity request. If the user
* hasn't POSTed any data we draw the new site
* Description: Processes a edit API Authentication entity request.
* If the user hasn't POSTed any data we draw the new site
* form. If they post data we assume they've posted it from
* the form and validate then insert it into the DB.
*
Expand All @@ -21,24 +22,38 @@
* See the License for the specific language governing permissions and
* limitations under the License.
/*======================================================*/
require_once __DIR__.'/../../../web_portal/components/Get_User_Principle.php';
require_once __DIR__.'/../utils.php';
require_once __DIR__.'/../../../../lib/Gocdb_Services/Factory.php';
require_once __DIR__
. '/../../../web_portal/components/Get_User_Principle.php';
require_once __DIR__ . '/../utils.php';
require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php';

use Exception;

/**
* Controller to edit authentication entity request
* @global array $_POST only set if the browser has POSTed data
*
* @global array $_POST only set if the browser has posted data
*
* @return null
*/
function edit_entity() {
function edit_entity()
{
$dn = Get_User_Principle();
$user = \Factory::getUserService()->getUserByPrinciple($dn);

//Check the portal is not in read only mode, returns exception if it is and user is not an admin
/**
* Check the portal is not in read only mode,
* returns exception if it is and user is not an admin
*/
checkPortalIsNotReadOnlyOrUserIsAdmin($user);

if (!isset($_REQUEST['authentityid']) || !is_numeric($_REQUEST['authentityid']) ){
throw new Exception("A authentication entity id must be specified in the url");
if (
!isset($_REQUEST['authentityid'])
|| !is_numeric($_REQUEST['authentityid'])
) {
throw new Exception(
"A authentication entity id must be specified in the url"
);
}

$serv = \Factory::getSiteService();
Expand All @@ -47,48 +62,67 @@ function edit_entity() {

// Validate the user has permission to edit properties
if (!$serv->userCanEditSite($user, $site)) {
throw new \Exception("Permission denied: a site role is required to edit authentication entities at " . $site->getShortName());
throw new Exception(
"Permission denied: a site role is required to edit "
. "authentication entities at "
. $site->getShortName()
);
}

if($_POST) { // If we receive a POST request it's to edit an authentication entity
// If we receive a POST request it's to edit an authentication entity
if ($_POST) {
submit($user, $authEnt, $site, $serv);
} else { // If there is no post data, draw the edit authentication entity form
} else {
// If there is no post data, draw the edit authentication entity form
draw($user, $authEnt, $site);
}
}

function draw(\User $user = null, \APIAuthentication $authEnt = null, \Site $site = null) {
if(is_null($user)){
throw new Exception("Unregistered users can't edit authentication credentials");
function draw(
\User $user = null,
\APIAuthentication $authEnt = null,
\Site $site = null
) {
if (is_null($user)) {
throw new Exception(
"Unregistered users can't edit authentication credentials"
);
}

$params = array();
$params['site'] = $site;
$params['authEnt'] = $authEnt;
$params['authTypes'] = array();
$params['authTypes'][]='X.509';
$params['authTypes'][]='OIDC Subject';
$params['authTypes'][] = 'X.509';
$params['authTypes'][] = 'OIDC Subject';
$params['user'] = $user;

show_view("site/edit_api_auth.php", $params);

die();
}

function submit(\User $user, \APIAuthentication $authEnt, \Site $site, org\gocdb\services\Site $serv) {
function submit(
\User $user,
\APIAuthentication $authEnt,
\Site $site,
org\gocdb\services\Site $serv
) {
$newValues = getAPIAuthenticationFromWeb();

try {
$authEnt = $serv->editAPIAuthEntity($authEnt, $user, $newValues);
} catch(Exception $e) {
} catch (Exception $e) {
show_view('error.php', $e->getMessage());

die();
}

$params = array();
$params['apiAuthenticationEntity'] = $authEnt;
$params['site'] = $site;
show_view("site/edited_api_auth.php", $params);
die();

show_view("site/edited_api_auth.php", $params);

die();
}
82 changes: 62 additions & 20 deletions htdocs/web_portal/views/site/edit_api_auth.php
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
<div class="rightPageContainer">
<?php

$user = $params['user'];
$entUser = $params['authEnt']->getUser();

Expand All @@ -9,7 +8,6 @@
echo('</h1>');

if (!is_null($entUser)) {

echo('<h4>This credential is linked to GOCDB user ');
echo('<a href="');
xecho(\GocContextPath::getPath());
Expand All @@ -27,46 +25,90 @@
echo("' to '");
xecho($user->getFullname());
echo("'. Click the browser Back button to cancel the edit.</div>");
}

} else {
// This clause should be deleted or replaced with exception after all
// authentication entities are assigned a user.
echo('<div class="input_warning">');
echo("WARNING: editing will link user '");
xecho($user->getFullname());
echo("' to this credential. Click the browser Back button to cancel the edit.</div>");
}
} else {
/**
* This clause should be deleted or replaced with exception after
* all authentication entities are assigned a user.
*/
echo('<div class="input_warning">');
echo("WARNING: editing will link user '");
xecho($user->getFullname());
echo(
"' to this credential. Click the browser Back button "
. "to cancel the edit.</div>"
);
}
?>
<form class="inputForm" method="post" action="index.php?Page_Type=Edit_API_Authentication_Entity&parentid=<?php echo($params['site']->getId())?>&authentityid=<?php xecho($params['authEnt']->getId())?>" name="addAPIAuthenticationEntity">
<form
class="inputForm"
method="post"
action="<?php
echo "index.php?Page_Type=Edit_API_Authentication_Entity",
"&parentid=",
$params['site']->getId(),
"&authentityid=",
xecho($params['authEnt']->getId());
?>"
name="addAPIAuthenticationEntity"
>
<div style="margin-bottom: 0.5em;">
<span class="input_name">Identifier (e.g. Certificate DN or OIDC Subject)*</span>
<input type="text" value="<?php xecho($params['authEnt']->getIdentifier()) ?>" name="IDENTIFIER" class="input_input_text">
<span class="input_name">
Identifier (e.g. Certificate DN or OIDC Subject)*
</span>

<input
type="text"
value="<?php xecho($params['authEnt']->getIdentifier()); ?>"
name="IDENTIFIER"
class="input_input_text"
>
</div>

<div style="margin-bottom: 0.5em;">
<span class="input_name">Credential type*</span>

<select name="TYPE" class="input_input_text">
<?php foreach($params['authTypes'] as $authType) {?>
<option value="<?php xecho($authType) ?>"<?php if ($params['authEnt']->getType() == $authType) {echo " selected=\"selected\"";} ?>>
<?php foreach ($params['authTypes'] as $authType) { ?>
<option
value="<?php xecho($authType); ?>"
<?php
if ($params['authEnt']->getType() == $authType) {
echo " selected=\"selected\"";
}
?>
>
<?php xecho($authType) ?>
</option>
<?php } ?>
</select>
</div>

<div style="margin-bottom: 1em">
<div class="input_warning">
WARNING: it is possible to delete information using the write functionality of the API. Leave Allow API write unchecked if
WARNING: it is possible to delete information using the write
functionality of the API. Leave Allow API write unchecked if
you do not need to write data.
</div>

<div class="input_checkbox">
<input type="checkbox" name="ALLOW_WRITE" id="ALLOW_WRITE" value="checked"
<input
type="checkbox"
name="ALLOW_WRITE"
id="ALLOW_WRITE"
value="checked"
<?php
if ($params['authEnt']->getAllowAPIWrite()) { echo('checked="checked"');}
if ($params['authEnt']->getAllowAPIWrite()) {
echo('checked="checked"');
}
?>
/>
<label class="input_label" for="ALLOW_WRITE">Allow API write</label>
<label class="input_label" for="ALLOW_WRITE">
Allow API write
</label>
</div>
</div>

<input type="submit" value="Edit credential" class="input_button">
</form>
</div>
13 changes: 10 additions & 3 deletions htdocs/web_portal/views/site/edited_api_auth.php
Original file line number Diff line number Diff line change
@@ -1,7 +1,14 @@
<div class="rightPageContainer">
<h1 class="Success">Success</h1><br />
The API authenication credential has now been updated. Type:<?php xecho($params['apiAuthenticationEntity']->getType()) ?>, identifier: <?php xecho($params['apiAuthenticationEntity']->getIdentifier()) ?>.
The API authenication credential has now been updated.
Type: <?php xecho($params['apiAuthenticationEntity']->getType()); ?>,
identifier: <?php
xecho($params['apiAuthenticationEntity']->getIdentifier());
?>.
<br />
<a href="index.php?Page_Type=Site&amp;id=<?php echo $params['site']->getID(); ?>">
View site</a>
<a
href="<?php
echo "index.php?Page_Type=Site&amp;id=", $params['site']->getID();
?>"
>View site</a>
</div>
Loading

0 comments on commit 214063a

Please sign in to comment.