authenticationDefault::update_warehouse + iface to update warehouse access code (password)

This commit is contained in:
xdrm-brackets 2017-10-19 14:21:20 +02:00
parent a87911e76f
commit 7e0f028db4
5 changed files with 206 additions and 29 deletions

View File

@ -196,6 +196,82 @@
return [ 'error' => new Error(Err::Success) ];
}
/* MODIFICATION CODE D'ACCES ENTREPOT
*
* @old<String> Ancien code d'accès (actuel)
* @new<String> Nouveau code d'accès
* @confirm<String> Confirmation code d'accès
*
* @return status<Boolean> TRUE si les crédits sont bons, sinon FALSE
*
*/
public function update_warehouse($params){
extract($params);
/* [1] On vérifie la confirmation de code d'accès
=========================================================*/
if( $new !== $confirm )
return [ 'error' => new Error(Err::WrongParam, 'confirm') ];
/* [2] On vérifie le code d'accès actuel
=========================================================*/
/* (1) On hash le code d'accès actuel */
$hash_old = secure_hash($old, $_SESSION['WAREHOUSE']['name']);
/* (2) On vérifie que le code d'accès est correct */
$checkPassword = new Repo('warehouse/getById', [
$_SESSION['WAREHOUSE']['id']
]);
$warehouseFetched = $checkPassword->answer();
// Si aucun résultat -> erreur
if( $warehouseFetched === false )
return [ 'error' => new Error(Err::NoMatchFound) ];
/* [3] On vérifie le code d'accès actuel
=========================================================*/
// Si code d'accès faux, on retourne une erreur
if( $warehouseFetched['password'] != $hash_old )
return [ 'error' => new Error(Err::WrongParam, 'old') ];
/* [3] On met à jour le code d'accès
=========================================================*/
/* (1) On hash le nouveau code d'accès */
$hash_new = secure_hash($new, $warehouseFetched['name']);
/* (w) Requête */
$update = new Repo('warehouse/edit', [
$warehouseFetched['id_warehouse'],
$warehouseFetched['name'],
$hash_new
]);
/* (3) Gestion erreur */
if( !$update->answer() )
return [ 'error' => new Error(Err::RepoError) ];
/* (4) Succès si tout ok */
return [ 'error' => new Error(Err::Success) ];
}
}

View File

@ -144,7 +144,7 @@
->whereId($id_warehouse)
->edit([
'name' => $name,
'password' => sessionManager::secure_hash( $password )
'password' => $password
]);

View File

@ -70,6 +70,17 @@
"confirm": { "description": "Confirmation du nouveau mot de passe", "type": "text" }
},
"output": {}
},
"POST::update_warehouse": {
"description": "Changement de code d'accés de l'entrepôt",
"permissions": [["admin"]],
"parameters": {
"old": { "description": "Mot de passe actuel", "type": "text" },
"new": { "description": "Nouveau mot de passe", "type": "text" },
"confirm": { "description": "Confirmation du nouveau mot de passe", "type": "text" }
},
"output": {}
}
},

View File

@ -0,0 +1,93 @@
// On referencie toutes les sections
var section = {
info: {
text: '#CONTAINER > section[data-sublink="info"] ',
element: document.querySelector('#CONTAINER > section[data-sublink="info"]')
},
password: {
text: '#CONTAINER > section[data-sublink="password"] ',
element: document.querySelector('#CONTAINER > section[data-sublink="password"]')
}
};
/* [1] info -> Visualisation des informations de l'entrepôt
=========================================================*/
if( section.info.element != null ){
// TODO: Info warehouse
}
/* [2] password -> Changement de mot de passe
=========================================================*/
if( section.password.element != null ){
// On récupère les champs
section.password.input = {
old: document.querySelector(section.password.text + '#old_pwd'),
new: document.querySelector(section.password.text + '#new_pwd'),
confirm: document.querySelector(section.password.text + '#confirm_pwd'),
submit: document.querySelector(section.password.text + '#update_pwd')
};
// On recupere tous les messages d'erreur
section.password.errmsg = {
old: document.querySelector(section.password.text + '.error-msg.old_pwd'),
new: document.querySelector(section.password.text + '.error-msg.new_pwd'),
confirm: document.querySelector(section.password.text + '.error-msg.confirm_pwd')
};
/* (n) Gestion de l'envoi du formulaire */
section.password.input.submit.addEventListener('click', function(e){
// On annule l'envoi de base (PHP)
e.preventDefault();
// On vide les messages erreurs
section.password.errmsg.old.innerHTML =
section.password.errmsg.new.innerHTML =
section.password.errmsg.confirm.innerHTML = '';
var request = {
path: 'authenticationDefault/update_warehouse', // On veut modifier le mot de passe admin
old: section.password.input.old.value,
new: section.password.input.new.value,
confirm: section.password.input.confirm.value
};
api.send(request, function(answer){
if( answer.error == 0 ){ // Tout s'est bien deroule
console.log('Mot de passe mis à jour!');
section.password.input.submit.anim('active', 1500);
// on vide les champs
section.password.input.old.value = '';
section.password.input.new.value = '';
section.password.input.confirm.value = '';
}else{ // Erreur
console.error('ModuleError::'+answer.error);
// if missing or incorrect param
if( answer.error == 16 || answer.error == 17 ){
if( section.password.errmsg[answer.ErrorArguments[0]] != null )
section.password.errmsg[answer.ErrorArguments[0]].innerHTML = 'Le champ est manquant ou incorrect !';
}
}
});
}, false);
}

View File

@ -6,42 +6,39 @@
<!-- [1] Gestion du sous-menu de gauche -->
<nav class='sub-menu-side'>
<span data-sublink='displayall'>
<span data-sublink='info'>
<span class='svg'><?php echo file_get_contents( __PUBLIC__.'/src/static/sub-menu-side/view.svg' ); ?></span>
<span>Tout afficher</span>
<span>Informations</span>
</span>
<span data-sublink='create' >
<span class='svg'><?php echo file_get_contents( __PUBLIC__.'/src/static/sub-menu-side/create.svg' ); ?></span>
<span>Creation</span>
</span>
<span data-sublink='remove' >
<span class='svg'><?php echo file_get_contents( __PUBLIC__.'/src/static/sub-menu-side/remove.svg' ); ?></span>
<span>Suppression</span>
</span>
<span data-sublink='edit' >
<span class='svg'><?php echo file_get_contents( __PUBLIC__.'/src/static/sub-menu-side/edit.svg' ); ?></span>
<span>Modification</span>
</span>
<span data-sublink='filter' >
<span class='svg'><?php echo file_get_contents( __PUBLIC__.'/src/static/sub-menu-side/filter.svg' ); ?></span>
<span>Filtrer</span>
</span>
<span data-sublink='search' >
<span class='svg'><?php echo file_get_contents( __PUBLIC__.'/src/static/sub-menu-side/search.svg' ); ?></span>
<span>Recherche</span>
<span data-sublink='password' >
<span class='svg'><?php echo file_get_contents( __PUBLIC__.'/src/static/sub-menu-side/password.svg' ); ?></span>
<span>Mot de passe</span>
</span>
</nav>
<?php
echo "<section data-sublink='info'></section>";
/* CHANGEMENT MOT DE PASSE
*
*/
echo "<section data-sublink='password'>";
<section>
Bienvenue sur la page des PARAMETRES
</section>
echo "<form class='search'>";
echo "<input id='old_pwd' type='password' placeholder=\"Code d'accès actuel\"><br>";
echo "<span class='error-msg old_pwd'></span><br>";
echo "<input id='new_pwd' type='password' placeholder=\"Nouveau code d'accès\"><br>";
echo "<span class='error-msg new_pwd'></span><br>";
echo "<input id='confirm_pwd' type='password' placeholder='Confirmation'><br>";
echo "<span class='error-msg confirm_pwd'></span><br>";
echo "<button id='update_pwd'>Mettre à jour</button>";
echo "</form>";
echo '</section>';