[Bug 20568] New: Add API key management interface for patrons

classic Classic list List threaded Threaded
64 messages Options
123
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] New: Add API key management interface for patrons

bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

            Bug ID: 20568
           Summary: Add API key management interface for patrons
 Change sponsored?: ---
           Product: Koha
           Version: master
          Hardware: All
                OS: All
            Status: NEW
          Severity: new feature
          Priority: P5 - low
         Component: Authentication
          Assignee: [hidden email]
          Reporter: [hidden email]
        QA Contact: [hidden email]
                CC: [hidden email]

Bug 20402 implements an Oauth2 server for the client credentials grant. It
should be awesome if the patron management interface in Koha provided a way for
staff members (and maybe for patron users later) to create and revoke API keys.

The work is actually done already, by Julian in the first commit for bug 13920.
So we need to recover that patch, adapt it to our coding guidelines and make it
work on top of bug 20402!

--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Tomás Cohen Arazi <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Depends on|                            |20402
           See Also|                            |https://bugs.koha-community
                   |                            |.org/bugzilla3/show_bug.cgi
                   |                            |?id=13920


Referenced Bugs:

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402
[Bug 20402] Implement OAuth2 authentication for REST API
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Tomás Cohen Arazi <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Assignee|[hidden email]-commun |[hidden email]
                   |ity.org                     |

--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

David Cook <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[hidden email]

--- Comment #1 from David Cook <[hidden email]> ---
Looking forward to this. I've wanted this for a while.

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

--- Comment #2 from Tomás Cohen Arazi <[hidden email]> ---
Created attachment 74179
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74179&action=edit
Bug 20568: API keys management in interface

This introduces the concept of API keys for use in the new REST API.
A key is a string of 32 alphanumerical characters (32 is purely
arbitrary, it can be changed easily).
A user can have multiple keys (unlimited at the moment)
Keys can be generated automatically, and then we have the possibility to
delete or revoke each one individually.

Test plan:
1/ Go to staff interface
2/ Go to a borrower page
3/ In toolbar, click on More -> Manage API keys
4/ Click on "Generate new key" multiple times, check that they are
   correctly displayed under the button, and they are active by default
5/ Revoke some keys, check that they are not active anymore
6/ Delete some keys, check that they disappear from table
7/ Go to opac interface, log in
8/ In your user account pages, you now have a new tab to the left "your
   API keys". Click on it.
9/ Repeat steps 4-6

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

--- Comment #3 from Tomás Cohen Arazi <[hidden email]> ---
Created attachment 74180
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74180&action=edit
Bug 20568: Add mandatory description field for api keys

This patch changes the table structure adding fields usually found on
this kind of api management pages.

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Tomás Cohen Arazi <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED

--- Comment #4 from Tomás Cohen Arazi <[hidden email]> ---
I've attached my WIP stuff just in case anyone wants to comment on that.
I basically resurrected one patch from Julian from bug 13920 (API keys
management in interface) and worked on adapting it to current practices.

The staff interface api management page is fully functional. OPAC is next.
Unit tests almost ready, not submitted.

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Julian Maurice <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[hidden email]

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Tomás Cohen Arazi <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #74179|0                           |1
        is obsolete|                            |

--- Comment #5 from Tomás Cohen Arazi <[hidden email]> ---
Created attachment 74229
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74229&action=edit
Bug 20568: API keys management in interface

This introduces the concept of API keys for use in the new REST API.
A key is a string of 32 alphanumerical characters (32 is purely
arbitrary, it can be changed easily).
A user can have multiple keys (unlimited at the moment)
Keys can be generated automatically, and then we have the possibility to
delete or revoke each one individually.

Test plan:
1/ Go to staff interface
2/ Go to a borrower page
3/ In toolbar, click on More -> Manage API keys
4/ Click on "Generate new key" multiple times, check that they are
   correctly displayed under the button, and they are active by default
5/ Revoke some keys, check that they are not active anymore
6/ Delete some keys, check that they disappear from table
7/ Go to opac interface, log in
8/ In your user account pages, you now have a new tab to the left "your
   API keys". Click on it.
9/ Repeat steps 4-6

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Tomás Cohen Arazi <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #74180|0                           |1
        is obsolete|                            |

--- Comment #6 from Tomás Cohen Arazi <[hidden email]> ---
Created attachment 74230
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74230&action=edit
Bug 20568: Add mandatory description field for api keys

This patch changes the table structure adding fields usually found on
this kind of api management pages.

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

--- Comment #7 from Tomás Cohen Arazi <[hidden email]> ---
Created attachment 74231
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74231&action=edit
Bug 20568: Unit tests

This patch adds unit tests for the introduced classes: Koha::ApiKey(s).

To test:
- Apply this patch
- Run
  $ kshell
 k$ prove t/db_dependent/Koha/ApiKeys.t
=> FAIL: Tests fail because the feature is not implemented.

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

--- Comment #8 from Tomás Cohen Arazi <[hidden email]> ---
Created attachment 74232
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74232&action=edit
Bug 20568: API key management for OPAC users

This patch makes the OPAC interface for API keys management work
with the new lib. Verify all actions work for a logged user.

Users without login should be redirected to an error page.

The AllowPatronsManageAPIKeysInOPAC syspref is added to control if the
OPAC feature is enabled or not.

To test:
- Verify the syspref works
- Verify users can manage their API keys

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Tomás Cohen Arazi <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[hidden email]
             Status|ASSIGNED                    |Needs Signoff

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Tomás Cohen Arazi <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Depends on|20402                       |


Referenced Bugs:

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402
[Bug 20402] Implement OAuth2 authentication for REST API
--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Tomás Cohen Arazi <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #74229|0                           |1
        is obsolete|                            |

--- Comment #9 from Tomás Cohen Arazi <[hidden email]> ---
Created attachment 74233
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74233&action=edit
Bug 20568: API keys management in interface

This introduces the concept of API keys for use in the new REST API.
A key is a string of 32 alphanumerical characters (32 is purely
arbitrary, it can be changed easily).
A user can have multiple keys (unlimited at the moment)
Keys can be generated automatically, and then we have the possibility to
delete or revoke each one individually.

Test plan:
1/ Go to staff interface
2/ Go to a borrower page
3/ In toolbar, click on More -> Manage API keys
4/ Click on "Generate new key" multiple times, check that they are
   correctly displayed under the button, and they are active by default
5/ Revoke some keys, check that they are not active anymore
6/ Delete some keys, check that they disappear from table
7/ Go to opac interface, log in
8/ In your user account pages, you now have a new tab to the left "your
   API keys". Click on it.
9/ Repeat steps 4-6

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Tomás Cohen Arazi <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #74230|0                           |1
        is obsolete|                            |

--- Comment #10 from Tomás Cohen Arazi <[hidden email]> ---
Created attachment 74234
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74234&action=edit
Bug 20568: Add mandatory description field for api keys

This patch changes the table structure adding fields usually found on
this kind of api management pages.

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Tomás Cohen Arazi <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #74231|0                           |1
        is obsolete|                            |

--- Comment #11 from Tomás Cohen Arazi <[hidden email]> ---
Created attachment 74235
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74235&action=edit
Bug 20568: Unit tests

This patch adds unit tests for the introduced classes: Koha::ApiKey(s).

To test:
- Apply this patch
- Run
  $ kshell
 k$ prove t/db_dependent/Koha/ApiKeys.t
=> FAIL: Tests fail because the feature is not implemented.

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Tomás Cohen Arazi <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #74232|0                           |1
        is obsolete|                            |

--- Comment #12 from Tomás Cohen Arazi <[hidden email]> ---
Created attachment 74236
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74236&action=edit
Bug 20568: API key management for OPAC users

This patch makes the OPAC interface for API keys management work
with the new lib. Verify all actions work for a logged user.

Users without login should be redirected to an error page.

The AllowPatronsManageAPIKeysInOPAC syspref is added to control if the
OPAC feature is enabled or not.

To test:
- Verify the syspref works
- Verify users can manage their API keys

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

--- Comment #13 from Owen Leonard <[hidden email]> ---
Created attachment 74248
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74248&action=edit
Bug 20568 (follow-up) Interface and markup changes

This patch makes some interface changes to bring things better in line
with existing interface patterns. This patch also re-indents the
modified templates with 4 spaces instead of 2 and makes <input>s
self-closing.

Also changed: Corrected system preference check in opac-apikeys.pl.

To test, apply the patch and:

In the staff client:

 - Open a patron record and choose More -> Manage API keys.
   - There should be a standard message dialog containing a link to
     "Generate a new key."
     - Clicking the link should show the form for adding a new key.
     - Test that clicking the "Cancel" link hides the form.
     - Test that creating the new key works correctly.
   - You should now see a table showing existing keys and a "Generate a
     new key" button above it.
     - Test that the "Delete" button asks for confirmation, and that
       confirming and denying both work correctly.
     - Test that "Revoke" and "Activate" actions still work correctly.

In the OPAC:

 - Set the AllowPatronsManageAPIKeysInOPAC system preference to "Allow."
 - Log in to the OPAC and click the "your API keys" link in the sidebar.
   - Clicking the "Generate new key" button should display the form for
     adding a new key.
     - Clicking the "cancel" link should hide the form.
     - Submitting the form should add a new key.
   - You should now see a table showing existing keys.
     - Test that the "Delete" link asks for confirmation, and that
       confirming and denying both work correctly.
     - Test that "Revoke" and "Activate" actions still work correctly.
 - Set the AllowPatronsManageAPIKeysInOPAC system preference to "Don't
   allow."
   - Log in to the OPAC and confirm that the "your API keys" link in the
     sidebar is no longer visible.
     - Confirm that navigating directly to /cgi-bin/koha/opac-apikeys.pl
       results in a 404 error.

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Tomás Cohen Arazi <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #74233|0                           |1
        is obsolete|                            |

--- Comment #14 from Tomás Cohen Arazi <[hidden email]> ---
Created attachment 74254
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74254&action=edit
Bug 20568: API keys management in interface

This introduces the concept of API keys for use in the new REST API.
A key is a string of 32 alphanumerical characters (32 is purely
arbitrary, it can be changed easily).
A user can have multiple keys (unlimited at the moment)
Keys can be generated automatically, and then we have the possibility to
delete or revoke each one individually.

Test plan:
1/ Go to staff interface
2/ Go to a borrower page
3/ In toolbar, click on More -> Manage API keys
4/ Click on "Generate new key" multiple times, check that they are
   correctly displayed under the button, and they are active by default
5/ Revoke some keys, check that they are not active anymore
6/ Delete some keys, check that they disappear from table
7/ Go to opac interface, log in
8/ In your user account pages, you now have a new tab to the left "your
   API keys". Click on it.
9/ Repeat steps 4-6

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Tomás Cohen Arazi <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #74234|0                           |1
        is obsolete|                            |

--- Comment #15 from Tomás Cohen Arazi <[hidden email]> ---
Created attachment 74255
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74255&action=edit
Bug 20568: Add mandatory description field for api keys

This patch changes the table structure adding fields usually found on
this kind of api management pages.

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Tomás Cohen Arazi <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #74235|0                           |1
        is obsolete|                            |

--- Comment #16 from Tomás Cohen Arazi <[hidden email]> ---
Created attachment 74256
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74256&action=edit
Bug 20568: Unit tests

This patch adds unit tests for the introduced classes: Koha::ApiKey(s).

To test:
- Apply this patch
- Run
  $ kshell
 k$ prove t/db_dependent/Koha/ApiKeys.t
=> FAIL: Tests fail because the feature is not implemented.

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Tomás Cohen Arazi <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #74236|0                           |1
        is obsolete|                            |

--- Comment #17 from Tomás Cohen Arazi <[hidden email]> ---
Created attachment 74257
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74257&action=edit
Bug 20568: API key management for OPAC users

This patch makes the OPAC interface for API keys management work
with the new lib. Verify all actions work for a logged user.

Users without login should be redirected to an error page.

The AllowPatronsManageAPIKeysInOPAC syspref is added to control if the
OPAC feature is enabled or not.

To test:
- Verify the syspref works
- Verify users can manage their API keys

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Tomás Cohen Arazi <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #74248|0                           |1
        is obsolete|                            |

--- Comment #18 from Tomás Cohen Arazi <[hidden email]> ---
Created attachment 74258
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74258&action=edit
Bug 20568 (follow-up) Interface and markup changes

This patch makes some interface changes to bring things better in line
with existing interface patterns. This patch also re-indents the
modified templates with 4 spaces instead of 2 and makes <input>s
self-closing.

Also changed: Corrected system preference check in opac-apikeys.pl.

To test, apply the patch and:

In the staff client:

 - Open a patron record and choose More -> Manage API keys.
   - There should be a standard message dialog containing a link to
     "Generate a new key."
     - Clicking the link should show the form for adding a new key.
     - Test that clicking the "Cancel" link hides the form.
     - Test that creating the new key works correctly.
   - You should now see a table showing existing keys and a "Generate a
     new key" button above it.
     - Test that the "Delete" button asks for confirmation, and that
       confirming and denying both work correctly.
     - Test that "Revoke" and "Activate" actions still work correctly.

In the OPAC:

 - Set the AllowPatronsManageAPIKeysInOPAC system preference to "Allow."
 - Log in to the OPAC and click the "your API keys" link in the sidebar.
   - Clicking the "Generate new key" button should display the form for
     adding a new key.
     - Clicking the "cancel" link should hide the form.
     - Submitting the form should add a new key.
   - You should now see a table showing existing keys.
     - Test that the "Delete" link asks for confirmation, and that
       confirming and denying both work correctly.
     - Test that "Revoke" and "Activate" actions still work correctly.
 - Set the AllowPatronsManageAPIKeysInOPAC system preference to "Don't
   allow."
   - Log in to the OPAC and confirm that the "your API keys" link in the
     sidebar is no longer visible.
     - Confirm that navigating directly to /cgi-bin/koha/opac-apikeys.pl
       results in a 404 error.

Signed-off-by: Tomas Cohen Arazi <[hidden email]>

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

--- Comment #19 from Tomás Cohen Arazi <[hidden email]> ---
Created attachment 74259
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74259&action=edit
Bug 20568: Move value => client_id + secret

This patch addresses the request from Julian that api keys are expected
to be client id/secret pairs.

It does so by
- Adding 'client_id' and 'secret' columns
- Removing 'value'

Tests got adjusted and so controller scripts and templates.
Both libs and tests changes have been squashed. This ones remain in
order to keep Owen's attribution on the template changes and avoid
rebase conflicts.

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Kyle M Hall <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|Needs Signoff               |Signed Off

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

Kyle M Hall <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #74254|0                           |1
        is obsolete|                            |
  Attachment #74255|0                           |1
        is obsolete|                            |
  Attachment #74256|0                           |1
        is obsolete|                            |
  Attachment #74257|0                           |1
        is obsolete|                            |
  Attachment #74258|0                           |1
        is obsolete|                            |
  Attachment #74259|0                           |1
        is obsolete|                            |

--- Comment #20 from Kyle M Hall <[hidden email]> ---
Created attachment 74343
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74343&action=edit
Bug 20568: API keys management in interface

This introduces the concept of API keys for use in the new REST API.
A key is a string of 32 alphanumerical characters (32 is purely
arbitrary, it can be changed easily).
A user can have multiple keys (unlimited at the moment)
Keys can be generated automatically, and then we have the possibility to
delete or revoke each one individually.

Test plan:
1/ Go to staff interface
2/ Go to a borrower page
3/ In toolbar, click on More -> Manage API keys
4/ Click on "Generate new key" multiple times, check that they are
   correctly displayed under the button, and they are active by default
5/ Revoke some keys, check that they are not active anymore
6/ Delete some keys, check that they disappear from table
7/ Go to opac interface, log in
8/ In your user account pages, you now have a new tab to the left "your
   API keys". Click on it.
9/ Repeat steps 4-6

Signed-off-by: Kyle M Hall <[hidden email]>

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

--- Comment #21 from Kyle M Hall <[hidden email]> ---
Created attachment 74344
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74344&action=edit
Bug 20568: Add mandatory description field for api keys

This patch changes the table structure adding fields usually found on
this kind of api management pages.

Signed-off-by: Kyle M Hall <[hidden email]>

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

--- Comment #22 from Kyle M Hall <[hidden email]> ---
Created attachment 74345
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74345&action=edit
Bug 20568: Unit tests

This patch adds unit tests for the introduced classes: Koha::ApiKey(s).

To test:
- Apply this patch
- Run
  $ kshell
 k$ prove t/db_dependent/Koha/ApiKeys.t
=> FAIL: Tests fail because the feature is not implemented.

Signed-off-by: Kyle M Hall <[hidden email]>

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
Reply | Threaded
Open this post in threaded view
|

[Bug 20568] Add API key management interface for patrons

bugzilla-daemon
In reply to this post by bugzilla-daemon
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568

--- Comment #23 from Kyle M Hall <[hidden email]> ---
Created attachment 74346
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74346&action=edit
Bug 20568: API key management for OPAC users

This patch makes the OPAC interface for API keys management work
with the new lib. Verify all actions work for a logged user.

Users without login should be redirected to an error page.

The AllowPatronsManageAPIKeysInOPAC syspref is added to control if the
OPAC feature is enabled or not.

To test:
- Verify the syspref works
- Verify users can manage their API keys

Signed-off-by: Kyle M Hall <[hidden email]>

--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[hidden email]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
123