diff --git a/htdocs/user/api_token/list.php b/htdocs/user/api_token/list.php index 87fe5a33a1c..eb39b09cebd 100644 --- a/htdocs/user/api_token/list.php +++ b/htdocs/user/api_token/list.php @@ -45,16 +45,56 @@ $langs->loadLangs(array('admin', 'users')); // Security check $id = GETPOSTINT('id'); -$action = GETPOST('action', 'aZ09'); -$massaction = GETPOST('massaction', 'alpha'); if (!isset($id) || empty($id)) { accessforbidden(); } // Retrieve needed GETPOSTS for this file +// Action / Massaction +$action = GETPOST('action', 'aZ09'); +$massaction = GETPOST('massaction', 'alpha'); $toselect = GETPOST('toselect', 'array'); +// List filters +$search_token = GETPOST('search_token', 'alpha'); +$search_entity = GETPOST('search_entity', 'alpha'); +$search_datec_startday = GETPOSTINT('search_datec_startday'); +$search_datec_startmonth = GETPOSTINT('search_datec_startmonth'); +$search_datec_startyear = GETPOSTINT('search_datec_startyear'); +$search_datec_endday = GETPOSTINT('search_datec_endday'); +$search_datec_endmonth = GETPOSTINT('search_datec_endmonth'); +$search_datec_endyear = GETPOSTINT('search_datec_endyear'); +$search_datec_start = dol_mktime(0, 0, 0, $search_datec_startmonth, $search_datec_startday, $search_datec_startyear); +$search_datec_end = dol_mktime(23, 59, 59, $search_datec_endmonth, $search_datec_endday, $search_datec_endyear); +$search_tms_startday = GETPOSTINT('search_tms_startday'); +$search_tms_startmonth = GETPOSTINT('search_tms_startmonth'); +$search_tms_startyear = GETPOSTINT('search_tms_startyear'); +$search_tms_endday = GETPOSTINT('search_tms_endday'); +$search_tms_endmonth = GETPOSTINT('search_tms_endmonth'); +$search_tms_endyear = GETPOSTINT('search_tms_endyear'); +$search_tms_start = dol_mktime(0, 0, 0, $search_tms_startmonth, $search_tms_startday, $search_tms_startyear); +$search_tms_end = dol_mktime(23, 59, 59, $search_tms_endmonth, $search_tms_endday, $search_tms_endyear); + +// Pagination +$limit = GETPOSTINT('limit') ? GETPOSTINT('limit') : $conf->liste_limit; +$sortfield = GETPOST('sortfield', 'aZ09comma'); +$sortorder = GETPOST('sortorder', 'aZ09comma'); +$page = GETPOSTISSET('pageplusone') ? (GETPOSTINT('pageplusone') - 1) : GETPOSTINT("page"); +if (empty($page) || $page < 0 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha')) { + $page = 0; +} +$offset = $limit * $page; +$pageprev = $page - 1; +$pagenext = $page + 1; + +if (!$sortfield) { + $sortfield = 'ot.token'; +} +if (!$sortorder) { + $sortorder = 'DESC'; +} + // $user is current user, $id is id of edited user $canreaduser = ($user->admin || $user->hasRight("user", "user", "read")); $caneditfield = ((($user->id == $id) && $user->hasRight("user", "self", "write")) @@ -72,6 +112,13 @@ if ($user->id != $id && !$canreaduser) { accessforbidden(); } +$arrayfields = array( + 'ot.token' => array('label' => "ApiToken", 'checked' => '1'), + 'ot.entity' => array('label' => "Entity", 'checked' => '1'), + 'ot.datec' => array('label' => "DateCreation", 'checked' => '1'), + 'ot.tms' => array('label' => "DateModification", 'checked' => '1'), +); + $object = new User($db); $object->fetch($id, '', '', 1); $object->loadRights(); @@ -90,6 +137,17 @@ if ($reshook < 0) { } if (empty($reshook)) { + if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x', 'alpha') || GETPOST('button_removefilter', 'alpha')) { // All tests are required to be compatible with all browsers + $search_token = ''; + $search_entity = ''; + $search_datec_start = ''; + $search_datec_end = ''; + $search_tms_start = ''; + $search_tms_end = ''; + + $toselect = array(); + } + if ($action == 'update' && ($caneditfield || !empty($user->admin))) { header('Location: '.$_SERVER["PHP_SELF"].'?id='.$id); exit; @@ -105,8 +163,100 @@ $person_name = !empty($object->firstname) ? $object->lastname.", ".$object->firs $title = $person_name." - ".$langs->trans('Card'); $help_url = ''; +$nbtotalofrecords = ''; +if (!getDolGlobalInt('MAIN_DISABLE_FULL_SCANLIST')) { + /* The fast and low memory method to get and count full list converts the sql into a sql count */ + $sqlforcount = 'SELECT COUNT(*) as nbtotalofrecords'; + $sqlforcount .= " FROM ".MAIN_DB_PREFIX."oauth_token as ot"; + $sqlforcount .= " WHERE entity IN (".$conf->entity.") AND fk_user = ".$id; + $resql = $db->query($sqlforcount); + if ($resql) { + $objforcount = $db->fetch_object($resql); + $nbtotalofrecords = $objforcount->nbtotalofrecords; + } else { + dol_print_error($db); + } + + if (($page * $limit) > $nbtotalofrecords) { // if total resultset is smaller then paging size (filtering), goto and load page 0 + $page = 0; + $offset = 0; + } + $db->free($resql); +} + +$sql = "SELECT ot.rowid as token_id, ot.token, ot.entity, ot.state as rights, ot.datec as date_creation, ot.tms as date_modification"; +$sql .= " FROM ".MAIN_DB_PREFIX."oauth_token as ot"; +$sql .= " WHERE ot.fk_user = ".((int) $object->id)." AND entity IN (".$conf->entity.")"; +if ($search_token) { + $sql .= natural_search('ot.token', $search_token); +} +if ($search_entity) { + $sql .= natural_search('ot.entity', $search_entity); +} +if ($search_datec_start) { + $sql .= " AND ot.datec >= '".$db->idate($search_datec_start)."'"; +} +if ($search_datec_end) { + $sql .= " AND ot.datec <= '".$db->idate($search_datec_end)."'"; +} +if ($search_tms_start) { + $sql .= " AND ot.tms >= '".$db->idate($search_tms_start)."'"; +} +if ($search_tms_end) { + $sql .= " AND ot.tms <= '".$db->idate($search_tms_end)."'"; +} +$sql .= $db->order($sortfield, $sortorder); +if ($limit) { + $sql .= $db->plimit($limit + 1, $offset); +} + +$resql = $db->query($sql); + +$num = $db->num_rows($resql); + llxHeader('', $title, $help_url, '', 0, 0, '', '', '', 'mod-user page-card_param_ihm'); +$param = '&id='.$id; // We always need the id of the user +if ($limit > 0 && $limit != $conf->liste_limit) { + $param .= '&limit='.((int) $limit); +} +if ($search_datec_startday) { + $param .= '&search_date_startday='.urlencode((string) ($search_datec_startday)); +} +if ($search_datec_startmonth) { + $param .= '&search_date_startmonth='.urlencode((string) ($search_datec_startmonth)); +} +if ($search_datec_startyear) { + $param .= '&search_date_startyear='.urlencode((string) ($search_datec_startyear)); +} +if ($search_datec_endday) { + $param .= '&search_date_endday='.urlencode((string) ($search_datec_endday)); +} +if ($search_datec_endmonth) { + $param .= '&search_date_endmonth='.urlencode((string) ($search_datec_endmonth)); +} +if ($search_datec_endyear) { + $param .= '&search_date_endyear='.urlencode((string) ($search_datec_endyear)); +} +if ($search_tms_startday) { + $param .= '&search_date_startday='.urlencode((string) ($search_tms_startday)); +} +if ($search_tms_startmonth) { + $param .= '&search_date_startmonth='.urlencode((string) ($search_tms_startmonth)); +} +if ($search_tms_startyear) { + $param .= '&search_date_startyear='.urlencode((string) ($search_tms_startyear)); +} +if ($search_tms_endday) { + $param .= '&search_date_endday='.urlencode((string) ($search_tms_endday)); +} +if ($search_tms_endmonth) { + $param .= '&search_date_endmonth='.urlencode((string) ($search_tms_endmonth)); +} +if ($search_tms_endyear) { + $param .= '&search_date_endyear='.urlencode((string) ($search_tms_endyear)); +} + $arrayofselected = is_array($toselect) ? $toselect : array(); $head = user_prepare_head($object); @@ -167,10 +317,14 @@ $tmpurlforbutton = DOL_URL_ROOT.'/user/api_token/card.php?id='.$id.'&action=crea $morehtmlright .= dolGetButtonTitle($langs->trans('New'), '', 'fa fa-plus-circle', $tmpurlforbutton); //} -print '
'."\n"; +print ''."\n"; print ''; -print load_fiche_titre($langs->trans("ListOfTokensForUser"), $morehtmlright, '', 0, '', '', $massactionbutton); -print '
'; +print ''; +print ''; +print ''; +print ''; + +print_barre_liste($langs->trans("ListOfTokensForUser"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, '', 0, '', '', $limit, 0, 0, 1); // TODO : Build the hook management // Other form for add user to group @@ -183,29 +337,102 @@ if (empty($reshook)) { print ''; print ''; + print ''; + + // Action buttons + if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) { + print ''; + } + + // Token string + if (!empty($arrayfields['ot.token']['checked'])) { + print ''; + } + + // Entity + if (!empty($arrayfields['ot.entity']['checked'])) { + print ''; + } + + // Number of perms + // We don't search out number of perms because it is a string field, + // and we don't want to count into it with sql query + print ''; + + // Date creation + if (!empty($arrayfields['ot.datec']['checked'])) { + print ''; + } + + // Date modification + if (!empty($arrayfields['ot.tms']['checked'])) { + print ''; + } + + // Action buttons + if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) { + print ''; + } + + print ""; + print ''; if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) { print ''; } - print ''; - print ''; - print ''; - print ''; - print ''; + if (!empty($arrayfields['ot.token']['checked'])) { + print_liste_field_titre($arrayfields['ot.token']['label'], $_SERVER["PHP_SELF"], 'ot.token', '', $param, '', $sortfield, $sortorder); + } + if (!empty($arrayfields['ot.entity']['checked'])) { + print_liste_field_titre($arrayfields['ot.entity']['label'], $_SERVER["PHP_SELF"], 'ot.entity', '', $param, '', $sortfield, $sortorder); + } + print ''; + if (!empty($arrayfields['ot.datec']['checked'])) { + print_liste_field_titre($arrayfields['ot.datec']['label'], $_SERVER["PHP_SELF"], 'ot.datec', '', $param, '', $sortfield, $sortorder, 'center '); + } + if (!empty($arrayfields['ot.tms']['checked'])) { + print_liste_field_titre($arrayfields['ot.tms']['label'], $_SERVER["PHP_SELF"], 'ot.tms', '', $param, '', $sortfield, $sortorder, 'center '); + } + if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) { + print ''; + } print ''; - $sql = "SELECT ot.rowid as token_id, ot.token, ot.entity, ot.state as rights, ot.datec as date_creation, ot.tms as date_modification"; - $sql .= " FROM ".MAIN_DB_PREFIX."oauth_token as ot"; - $sql .= " WHERE ot.fk_user = ".((int) $object->id); - - $resql = $db->query($sql); - - // List of groups of user - if ($db->num_rows($resql) > 0) { - while ($obj = $db->fetch_object($resql)) { + // List of tokens of user + $i = 0; + $imaxinloop = ($limit ? min($num, $limit) : $num); + if ($num > 0) { + while ($i < $imaxinloop) { // Compute number of perms + $obj = $db->fetch_object($resql); $numperms = 0; if (!empty($obj->rights)) { $numperms = count(explode(",", $obj->rights)); @@ -231,23 +458,35 @@ if (empty($reshook)) { print ''; - print ''; - print ''; - print ''; + if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) { + print ''; + } print ''; + $i ++; } } else { print ''; } print "
'; + $searchpicto = $form->showFilterButtons('left'); + print $searchpicto; + print ''; + print ''; + print ''; + print ' 0 ? " disabled" : "").'>'; + print ''; + print '
'; + print $form->selectDate($search_datec_start ? $search_datec_start : -1, 'search_datec_start', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From')); + print '
'; + print '
'; + print $form->selectDate($search_datec_end ? $search_datec_end : -1, 'search_datec_end', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('to')); + print '
'; + print '		'; + print '
'; + print $form->selectDate($search_tms_start ? $search_tms_start : -1, 'search_tms_start', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From')); + print '
'; + print '
'; + print $form->selectDate($search_tms_end ? $search_tms_end : -1, 'search_tms_end', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('to')); + print '
'; + print '		'; + $searchpicto = $form->showFilterButtons('left'); + print $searchpicto; + print '
'; print $form->showCheckAddButtons('checkforselect', 1); print ''.$langs->trans("ApiToken").''.$langs->trans("Entity").''.$langs->trans("NumberOfPermissions").''.$langs->trans("DateCreation").''.$langs->trans("DateModification").''.$langs->trans("NumberOfPermissions").''; + print $form->showCheckAddButtons('checkforselect', 1); + print '
'; print $obj->entity; print ''; + print ''; print $numperms; print ''; + print ''; print $obj->date_creation; print ''; + print ''; print $obj->date_modification; print ''; + if ($massactionbutton || $massaction) { + $selected = 0; + if (in_array($obj->token_id, $arrayofselected)) { + $selected = 1; + } + print ''; + } + print '
'.$langs->trans("None").'
"; - print "
"; + print ''; } // End of page