1<?php
2# MantisBT - A PHP based bugtracking system
3
4# MantisBT is free software: you can redistribute it and/or modify
5# it under the terms of the GNU General Public License as published by
6# the Free Software Foundation, either version 2 of the License, or
7# (at your option) any later version.
8#
9# MantisBT is distributed in the hope that it will be useful,
10# but WITHOUT ANY WARRANTY; without even the implied warranty of
11# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12# GNU General Public License for more details.
13#
14# You should have received a copy of the GNU General Public License
15# along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
16
17/**
18 * @package MantisBT
19 * @copyright Copyright 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
20 * @copyright Copyright 2002  MantisBT Team - mantisbt-dev@lists.sourceforge.net
21 * @link http://www.mantisbt.org
22 *
23 * @uses core.php
24 * @uses api_token_api.php
25 * @uses authentication_api.php
26 * @uses current_user_api.php
27 * @uses database_api.php
28 * @uses html_api.php
29 */
30
31require_once( 'core.php' );
32require_api( 'api_token_api.php' );
33require_api( 'authentication_api.php' );
34require_api( 'current_user_api.php' );
35require_api( 'database_api.php' );
36require_api( 'html_api.php' );
37
38auth_ensure_user_authenticated();
39auth_reauthenticate();
40
41current_user_ensure_unprotected();
42
43if( !api_token_can_create() ) {
44	access_denied();
45}
46
47layout_page_header( lang_get( 'api_tokens_link' ) );
48layout_page_begin();
49print_account_menu( 'api_tokens_page.php' );
50?>
51
52<div class="col-md-12 col-xs-12">
53	<div class="space-10"></div>
54
55<div id="api-token-create-div" class="form-container">
56	<form id="account-create-api-token-form" method="post" action="api_token_create.php">
57
58<div class="widget-box widget-color-blue2">
59	<div class="widget-header widget-header-small">
60		<h4 class="widget-title lighter">
61			<?php print_icon( 'fa-plus', 'ace-icon' ); ?>
62			<?php echo lang_get( 'api_token_create_form_title' ) ?>
63		</h4>
64	</div>
65	<div class="widget-body">
66		<div class="widget-main no-padding">
67			<div class="table-responsive">
68				<table class="table table-bordered table-condensed table-striped">
69		<fieldset>
70<?php echo form_security_field( 'create_api_token_form' ); ?>
71
72<tr>
73	<td class="category">
74		<span class="required">*</span>
75		<label for="token_name" class="required">
76			<?php echo lang_get( 'api_token_name' ) ?>
77		</label>
78	</td>
79	<td>
80		<input id="token_name" name="token_name"
81			   type="text" required class="input-sm" size="64"
82			   maxlength="<?php echo DB_FIELD_SIZE_API_TOKEN_NAME; ?>"
83		/>
84	</td>
85</tr>
86
87
88</fieldset>
89</table>
90		</div>
91	</div>
92		<div class="widget-toolbox padding-8 clearfix">
93			<button class="btn btn-primary btn-white btn-round">
94				<?php echo lang_get( 'api_token_create_button' ) ?>
95			</button>
96		</div>
97	</div>
98</div>
99
100	</form>
101</div>
102<?php
103$t_user_id = auth_get_current_user_id();
104$t_tokens = api_token_get_all( $t_user_id );
105$t_date_format = config_get( 'normal_date_format' );
106
107if ( count( $t_tokens ) > 0 ) {
108?>
109	<div class="space-10"></div>
110
111	<div id="api-token-list-div" class="form-container">
112	<div class="widget-box widget-color-blue2">
113	<div class="widget-header widget-header-small">
114		<h4 class="widget-title lighter">
115			<?php print_icon( 'fa-ticket', 'ace-icon' ); ?>
116			<?php echo lang_get( 'api_tokens_title' ) ?>
117		</h4>
118	</div>
119	<div class="widget-body">
120	<div class="widget-main no-padding">
121	<div class="table-responsive">
122	<table class="table table-bordered table-condensed table-striped">
123		<thead>
124			<tr class="row-category">
125				<th><?php echo lang_get( 'api_token_name' ); ?></th>
126				<th><?php echo lang_get( 'date_created' ); ?></th>
127				<th><?php echo lang_get( 'last_used' ); ?></th>
128				<th><?php echo lang_get( 'actions' ); ?></th>
129			</tr>
130		</thead>
131		<tbody>
132	<?php foreach( $t_tokens as $t_token ) {
133			extract( $t_token, EXTR_PREFIX_ALL, 'u' );
134
135			$u_date_created  = date( $t_date_format, $u_date_created );
136
137			if( api_token_is_used( $t_token ) ) {
138				$u_date_used = date( $t_date_format, $u_date_used );
139			} else {
140				$u_date_used = lang_get( 'api_token_never_used' );
141			}
142		?>
143			<tr>
144				<td><?php echo string_display_line( $u_name ) ?></td>
145				<td><?php echo string_display_line( $u_date_created ) ?></td>
146				<td><?php echo string_display_line( $u_date_used ) ?></td>
147				<td>
148					<form id="revoke-api-token-form" method="post" action="api_token_revoke.php">
149						<?php echo form_security_field( 'revoke_api_token_form' ); ?>
150						<fieldset>
151							<input id="token_id" type="hidden" name="token_id" value="<?php echo $u_id ; ?>" />
152							<input id="token_name" type="hidden" name="token_name" value="<?php echo string_attribute( $u_name ); ?>" />
153							<input type="submit" class="btn btn-sm btn-primary btn-white btn-round" value="<?php echo lang_get( 'api_token_revoke_button' ) ?>" />
154						</fieldset>
155					</form>
156				</td>
157			</tr>
158		<?php } ?>
159		</tbody>
160	</table>
161</div>
162</div>
163</div>
164<?php
165}
166
167echo '</div>';
168layout_page_end();