authenticationDefault::create_admin + iface to create a new admin and return its new generated password

This commit is contained in:
xdrm-brackets 2017-10-19 14:57:37 +02:00
parent 7e0f028db4
commit ffa5c1060e
5 changed files with 223 additions and 0 deletions

View File

@ -272,6 +272,70 @@
return [ 'error' => new Error(Err::Success) ]; return [ 'error' => new Error(Err::Success) ];
} }
/* CREATION D'UN NOUVEAL ADMINISTRATEUR
*
* @username<String> Identifiant du nouvel administrateur
*
* @return password<String> Mot de passe généré
*
*/
public function create_admin($params){
extract($params);
/* [1] On génère un mot de passe
=========================================================*/
$password = secure_hash(uniqid(), uniqid());
/* [2] On vérifie l'unicité de l'identifiant
=========================================================*/
/* (1) On vérifie que l'identifiant n'existe pas */
$checkPassword = new Repo('admin/getByUsername', [
$_SESSION['WAREHOUSE']['id'],
$username
]);
$adminFetched = $checkPassword->answer();
// Si un résultat -> erreur
if( $adminFetched !== false )
return [ 'error' => new Error(Err::AlreadyExists, 'username') ];
/* [3] On crée l'administrateur
=========================================================*/
/* (1) Requête */
$create = new Repo('admin/create', [
$_SESSION['WAREHOUSE']['id'],
$username,
$mail,
$password
]);
/* (3) Gestion erreur */
if( !$create->answer() )
return [ 'error' => new Error(Err::RepoError) ];
/* (4) Succès si tout ok */
return [ 'password' => $password ];
}
} }

View File

@ -81,7 +81,20 @@
"confirm": { "description": "Confirmation du nouveau mot de passe", "type": "text" } "confirm": { "description": "Confirmation du nouveau mot de passe", "type": "text" }
}, },
"output": {} "output": {}
},
"POST::create_admin": {
"description": "Création d'un administrateur",
"permissions": [["admin"]],
"parameters": {
"username": { "description": "Identifiant", "type": "varchar(1,30,alphanumeric)" },
"mail": { "description": "Adresse mail", "type": "mail" }
},
"output": {
"password": { "description": "Mot de passe généré", "type": "text" }
}
} }
}, },

View File

@ -0,0 +1,50 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<svg
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
enable-background="new 0 0 32 32"
height="32px"
id="svg2"
version="1.1"
viewBox="0 0 32 32"
width="32px"
xml:space="preserve"
inkscape:version="0.91 r13725"
sodipodi:docname="user.svg"><metadata
id="metadata15"><rdf:RDF><cc:Work
rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title /></cc:Work></rdf:RDF></metadata><defs
id="defs13" /><sodipodi:namedview
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1"
objecttolerance="10"
gridtolerance="10"
guidetolerance="10"
inkscape:pageopacity="0"
inkscape:pageshadow="2"
inkscape:window-width="1920"
inkscape:window-height="1056"
id="namedview11"
showgrid="false"
inkscape:zoom="14.75"
inkscape:cx="8.053455"
inkscape:cy="16.873999"
inkscape:window-x="0"
inkscape:window-y="24"
inkscape:window-maximized="1"
inkscape:current-layer="user_x5F_full" /><g
id="background"><rect
height="32"
width="32"
id="rect4"
fill="none" /></g><g
id="user_x5F_full"><path
inkscape:connector-curvature="0"
id="stylisable"
d="m 20,8 c -0.571,0 -8,0 -8,0 0,0 -2,0 -2,2 l 0,8 c 0,2.285 2,2 2,2 l 0,12 8,0 0,-12 c 0,0 2,0.285 2,-2 0,-2.286 0,-8 0,-8 0,0 0,-2 -2,-2 z M 16,6 c 1.657,0 3,-1.343 3,-3 0,-1.657 -1.343,-3 -3,-3 -1.657,0 -3,1.343 -3,3 0,1.657 1.343,3 3,3 z" /></g></svg>

After

Width:  |  Height:  |  Size: 1.9 KiB

View File

@ -8,6 +8,11 @@ var section = {
password: { password: {
text: '#CONTAINER > section[data-sublink="password"] ', text: '#CONTAINER > section[data-sublink="password"] ',
element: document.querySelector('#CONTAINER > section[data-sublink="password"]') element: document.querySelector('#CONTAINER > section[data-sublink="password"]')
},
admin: {
text: '#CONTAINER > section[data-sublink="admin"] ',
element: document.querySelector('#CONTAINER > section[data-sublink="admin"]')
} }
}; };
@ -91,3 +96,70 @@ if( section.password.element != null ){
} }
/* [3] admin -> Création d'administrateur
=========================================================*/
if( section.admin.element != null ){
// On récupère les champs
section.admin.input = {
username: document.querySelector(section.admin.text + '#admin_username'),
mail: document.querySelector(section.admin.text + '#admin_mail'),
password: document.querySelector(section.admin.text + '#admin_password'),
submit: document.querySelector(section.admin.text + '#admin_submit')
};
// On recupere tous les messages d'erreur
section.admin.errmsg = {
username: document.querySelector(section.admin.text + '.error-msg.admin_username'),
mail: document.querySelector(section.admin.text + '.error-msg.admin_mail')
};
/* (n) Gestion de l'envoi du formulaire */
section.admin.input.submit.addEventListener('click', function(e){
// On annule l'envoi de base (PHP)
e.preventDefault();
// On vide les messages erreurs
section.admin.errmsg.username.innerHTML =
section.admin.errmsg.mail.innerHTML = '';
var request = {
path: 'authenticationDefault/create_admin', // On veut créer un nouvel admin
username: section.admin.input.username.value,
mail: section.admin.input.mail.value
};
api.send(request, function(answer){
if( answer.error == 0 ){ // Tout s'est bien deroule
console.log('Admin créé!');
section.admin.input.submit.anim('active', 1500);
// on vide les champs
section.admin.input.username.value = '';
section.admin.input.mail.value = '';
section.admin.input.password.value = answer.password;
}else{ // Erreur
console.error('ModuleError::'+answer.error);
// if missing or incorrect param
if( answer.error == 16 || answer.error == 17 ){
if( section.admin.errmsg[answer.ErrorArguments[0]] != null )
section.admin.errmsg[answer.ErrorArguments[0]].innerHTML = 'Le champ est manquant ou incorrect !';
}
}
});
}, false);
}

View File

@ -16,6 +16,11 @@
<span>Mot de passe</span> <span>Mot de passe</span>
</span> </span>
<span data-sublink='admin' >
<span class='svg'><?php echo file_get_contents( __PUBLIC__.'/src/static/sub-menu-side/user.svg' ); ?></span>
<span>Administrateurs</span>
</span>
</nav> </nav>
<?php <?php
@ -41,4 +46,23 @@
echo "<button id='update_pwd'>Mettre à jour</button>"; echo "<button id='update_pwd'>Mettre à jour</button>";
echo "</form>"; echo "</form>";
echo '</section>';
/* CREATION ADMINISTRATEUR
*
*/
echo "<section data-sublink='admin'>";
echo "<form class='valid'>";
echo "<input id='admin_username' type='text' placeholder='Identifiant'><br>";
echo "<span class='error-msg admin_username'></span><br>";
echo "<input id='admin_mail' type='text' placeholder='Adresse mail'><br>";
echo "<span class='error-msg admin_mail'></span><br>";
echo "<input id='admin_password' type='text' placeholder='Mot de passe généré...' disabled><br>";
echo "<button id='admin_submit'>Créer l'administrateur</button>";
echo "</form>";
echo '</section>'; echo '</section>';