From 0bf17c03c2de8423045bf59b83d1e6d12ed7ca42 Mon Sep 17 00:00:00 2001
From: marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Wed, 24 Sep 2008 15:09:49 +0000
Subject: Introducing API key administration panel

git-svn-id: https://code.elgg.org/elgg/trunk@2114 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 mod/apiadmin/actions/generate.php                  | 34 ++++++++++
 mod/apiadmin/actions/revokekey.php                 | 22 ++++++
 mod/apiadmin/index.php                             | 36 ++++++++++
 mod/apiadmin/languages/en.php                      | 38 +++++++++++
 mod/apiadmin/manifest.xml                          |  8 +++
 mod/apiadmin/start.php                             | 79 ++++++++++++++++++++++
 .../views/default/apiadmin/forms/add_key.php       | 13 ++++
 mod/apiadmin/views/default/object/api_key.php      | 31 +++++++++
 8 files changed, 261 insertions(+)
 create mode 100644 mod/apiadmin/actions/generate.php
 create mode 100644 mod/apiadmin/actions/revokekey.php
 create mode 100644 mod/apiadmin/index.php
 create mode 100644 mod/apiadmin/languages/en.php
 create mode 100644 mod/apiadmin/manifest.xml
 create mode 100644 mod/apiadmin/start.php
 create mode 100644 mod/apiadmin/views/default/apiadmin/forms/add_key.php
 create mode 100644 mod/apiadmin/views/default/object/api_key.php

diff --git a/mod/apiadmin/actions/generate.php b/mod/apiadmin/actions/generate.php
new file mode 100644
index 000000000..ca47deb3d
--- /dev/null
+++ b/mod/apiadmin/actions/generate.php
@@ -0,0 +1,34 @@
+<?php
+	global $CONFIG;
+	
+	admin_gatekeeper();
+	
+	$ref = get_input('ref');
+	
+	if ($ref)
+	{
+		$keypair = create_api_user($CONFIG->site_id);
+		
+		if ($keypair)
+		{
+			
+			$newkey = new ElggObject();
+			$newkey->subtype = 'api_key';
+			$newkey->access_id = 2;
+			$newkey->title = $ref;
+			$newkey->public = $keypair->api_key;
+			
+			if (!$newkey->save())
+				register_error(elgg_echo('apiadmin:generationfail'));
+			else
+				system_message(elgg_echo('apiadmin:generated'));
+		}
+		else
+			register_error(elgg_echo('apiadmin:generationfail'));
+	}
+	else
+		register_error(elgg_echo('apiadmin:noreference'));
+
+
+	forward($_SERVER['HTTP_REFERER']);
+?>
\ No newline at end of file
diff --git a/mod/apiadmin/actions/revokekey.php b/mod/apiadmin/actions/revokekey.php
new file mode 100644
index 000000000..eeb5dd791
--- /dev/null
+++ b/mod/apiadmin/actions/revokekey.php
@@ -0,0 +1,22 @@
+<?php
+
+	global $CONFIG;
+	
+	admin_gatekeeper();
+	
+	$key = (int)get_input('keyid');
+	
+	$obj = get_entity($key);
+	
+	if (($obj) && ($obj instanceof ElggObject) && ($obj->subtype == get_subtype_id('object', 'api_key')))
+	{
+		if ($obj->delete())
+			system_message(elgg_echo('apiadmin:keyrevoked'));
+		else
+			register_error(elgg_echo('apiadmin:keynotrevoked'));
+	}
+	else
+		register_error(elgg_echo('apiadmin:keynotrevoked'));
+		
+	forward($_SERVER['HTTP_REFERER']);
+?>
\ No newline at end of file
diff --git a/mod/apiadmin/index.php b/mod/apiadmin/index.php
new file mode 100644
index 000000000..2908f212f
--- /dev/null
+++ b/mod/apiadmin/index.php
@@ -0,0 +1,36 @@
+<?php
+	/**
+	 * Elgg API Admin
+	 * 
+	 * @package ElggAPIAdmin
+	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
+	 * @author Curverider Ltd
+	 * @copyright Curverider Ltd 2008
+	 * @link http://elgg.com/
+	 */
+
+	require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php");
+
+	admin_gatekeeper();
+	set_context('admin');
+	
+	$limit = get_input('limit', 10);
+	$offset = get_input('offset', 0);
+	
+	// Set admin user for user block
+	set_page_owner($_SESSION['guid']);
+	
+	
+	$title = elgg_view_title(elgg_echo('apiadmin'));
+	
+	// Display add form
+	$body .= elgg_view('apiadmin/forms/add_key');
+	
+	// List entities
+	set_context('search');
+	$body .= list_entities('object', 'api_key');
+	set_context('admin');
+		
+	// Display main admin menu
+	page_draw(elgg_echo('apitest'),elgg_view_layout("two_column_left_sidebar", '', $title . $body));
+?>
\ No newline at end of file
diff --git a/mod/apiadmin/languages/en.php b/mod/apiadmin/languages/en.php
new file mode 100644
index 000000000..581b68552
--- /dev/null
+++ b/mod/apiadmin/languages/en.php
@@ -0,0 +1,38 @@
+<?php
+	/**
+	 * API Admin language pack.
+	 * 
+	 * @package ElggAPIAdmin
+	 * @author Curverider Ltd
+	 * @copyright Curverider Ltd 2008
+	 * @link http://elgg.com/
+	 */
+
+
+	$english = array(
+	
+		/**
+		 * Menu items and titles
+		 */
+	
+			'apiadmin' => 'API Administration',
+	
+	
+			'apiadmin:keyrevoked' => 'API Key revoked',
+			'apiadmin:keynotrevoked' => 'API Key could not be revoked',
+			'apiadmin:generated' => 'API Key successfully generated',
+	
+			'apiadmin:yourref' => 'Your reference',
+			'apiadmin:generate' => 'Generate a new keypair',
+	
+			'apiadmin:noreference' => 'You must provide a reference for your new key.',
+			'apiadmin:generationfail' => 'There was a problem generating the new keypair',
+			'apiadmin:generated' => 'New API keypair generated successfully',
+	
+			'apiadmin:revoke' => 'Revoke key',
+			'apiadmin:public' => 'Public',
+			'apiadmin:private' => 'Private',	
+	);
+					
+	add_translation("en",$english);
+?>
\ No newline at end of file
diff --git a/mod/apiadmin/manifest.xml b/mod/apiadmin/manifest.xml
new file mode 100644
index 000000000..6dd935c7e
--- /dev/null
+++ b/mod/apiadmin/manifest.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<plugin_manifest>
+	<field key="author" value="Marcus Povey" />
+	<field key="version" value="1.0" />
+	<field key="description" value="API Admin" />
+	<field key="website" value="http://www.elgg.org/" />
+	<field key="copyright" value="(C) Curverider 2008" />
+</plugin_manifest>
\ No newline at end of file
diff --git a/mod/apiadmin/start.php b/mod/apiadmin/start.php
new file mode 100644
index 000000000..496d8e461
--- /dev/null
+++ b/mod/apiadmin/start.php
@@ -0,0 +1,79 @@
+<?php
+	/**
+	 * Elgg API Admin
+	 * 
+	 * @package ElggAPIAdmin
+	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
+	 * @author Curverider Ltd
+	 * @copyright Curverider Ltd 2008
+	 * @link http://elgg.com/
+	 */
+
+	/**
+	 * Initialise the API Admin tool
+	 *
+	 * @param unknown_type $event
+	 * @param unknown_type $object_type
+	 * @param unknown_type $object
+	 */
+	function apiadmin_init($event, $object_type, $object = null) {
+		
+		global $CONFIG;
+		
+		// Register a page handler, so we can have nice URLs
+		register_page_handler('apiadmin','apiadmin_page_handler');
+		
+		// Register some actions
+		register_action("apiadmin/revokekey",false, $CONFIG->pluginspath . "apiadmin/actions/revokekey.php", true);
+		register_action("apiadmin/generate",false, $CONFIG->pluginspath . "apiadmin/actions/generate.php", true);
+	}
+	
+	/**
+	 * Page setup. Adds admin controls to the admin panel.
+	 *
+	 */
+	function apiadmin_pagesetup()
+	{
+		if (get_context() == 'admin' && isadminloggedin()) {
+			global $CONFIG;
+			add_submenu_item(elgg_echo('apiadmin'), $CONFIG->wwwroot . 'pg/apiadmin/');
+		}
+	}
+	
+	
+	function apiadmin_page_handler($page) 
+	{
+		global $CONFIG;
+		
+		if ($page[0])
+		{
+			switch ($page[0])
+			{
+				default : include($CONFIG->pluginspath . "apiadmin/index.php"); 
+			}
+		}
+		else
+			include($CONFIG->pluginspath . "apiadmin/index.php"); 
+	}
+	
+	function apiadmin_delete_key($event, $object_type, $object = null)
+	{
+		global $CONFIG;
+		
+		if (($object) && ($object->subtype == get_subtype_id('object', 'api_key')))
+		{
+			// Delete 
+			return remove_api_user($CONFIG->site_id, $object->public);
+		}
+		
+		return true;
+	}
+	
+	
+	// Make sure test_init is called on initialisation
+	register_elgg_event_handler('init','system','apiadmin_init');
+	register_elgg_event_handler('pagesetup','system','apiadmin_pagesetup');
+	
+	// Hook into delete to revoke secret keys
+	register_elgg_event_handler('delete','object','apiadmin_delete_key');
+?>
\ No newline at end of file
diff --git a/mod/apiadmin/views/default/apiadmin/forms/add_key.php b/mod/apiadmin/views/default/apiadmin/forms/add_key.php
new file mode 100644
index 000000000..d45ab64c1
--- /dev/null
+++ b/mod/apiadmin/views/default/apiadmin/forms/add_key.php
@@ -0,0 +1,13 @@
+<?php
+	$ref_label = elgg_echo('apiadmin:yourref');
+	$ref_control = elgg_view('input/text', array('internalname' => 'ref'));
+	$gen_control = elgg_view('input/submit', array('value' => elgg_echo('apiadmin:generate')));
+	
+	$form_body = <<< END
+	<div>
+		<p>$ref_label: $ref_control $gen_control</p>
+	</div>
+END;
+
+	echo elgg_view('input/form', array('action' => "{$vars['url']}actions/apiadmin/generate", "body" => $form_body));
+?>
\ No newline at end of file
diff --git a/mod/apiadmin/views/default/object/api_key.php b/mod/apiadmin/views/default/object/api_key.php
new file mode 100644
index 000000000..fdfe9af54
--- /dev/null
+++ b/mod/apiadmin/views/default/object/api_key.php
@@ -0,0 +1,31 @@
+<?php
+	global $CONFIG;
+	
+	$entity = $vars['entity'];
+	
+	$icon = elgg_view(
+			'graphics/icon', array(
+			'entity' => $entity,
+			'size' => 'small',
+		  )
+		);
+
+		
+	$public_label = elgg_echo('apiadmin:public');
+	$private_label = elgg_echo('apiadmin:private');
+	$revoke_label = elgg_echo('apiadmin:revoke');
+		
+		
+	$info = "<div><p><b>{$entity->title}</b> <a href=\"{$CONFIG->url}actions/apiadmin/revokekey?keyid={$entity->guid}\">$revoke_label</a></p></div>";
+	$info .= "<div><p><b>$public_label:</b> {$entity->public}<br />"; 
+	if (isadminloggedin()) {
+		// Only show secret portion to admins
+		
+		// Fetch key
+		$keypair = get_api_user($CONFIG->site_id, $entity->public);
+	
+		$info .= "<b>$private_label:</b> {$keypair->secret}</p></div>"; 
+	}
+	
+	echo elgg_view_listing($icon, $info);
+?>
\ No newline at end of file
-- 
cgit v1.2.3