ami/tl-vikunja
1
0
Fork 0
Code

fix(api tokens): show error message when the user tries to create an api token without at least one permission selected

Browse Source
This commit is contained in:
kolaente 2024-07-17 14:42:19 +02:00
parent 891db0216b
commit 7c54d1accf
No known key found for this signature in database
GPG Key ID: F40E70337AB24C9B
2 changed files with 24 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
frontend/src/i18n/lang/en.json
View File

@ -163,6 +163,7 @@
"90d": "90 Days", "90d": "90 Days",
"permissionExplanation": "Permissions allow you to scope what an api token is allowed to do.", "permissionExplanation": "Permissions allow you to scope what an api token is allowed to do.",
"titleRequired": "The title is required", "titleRequired": "The title is required",
"permissionRequired": "Please select at least one permission from the list.",
"expired": "This token has expired {ago}.", "expired": "This token has expired {ago}.",
"tokenCreatedSuccess": "Here is your new api token: {token}", "tokenCreatedSuccess": "Here is your new api token: {token}",
"tokenCreatedNotSeeAgain": "Store it in a secure location, you won't see it again!", "tokenCreatedNotSeeAgain": "Store it in a secure location, you won't see it again!",

29
frontend/src/views/user/settings/ApiTokens.vue
View File

@ -25,6 +25,7 @@ const newTokenExpiryCustom = ref(new Date())
const newTokenPermissions = ref({}) const newTokenPermissions = ref({})
const newTokenPermissionsGroup = ref({}) const newTokenPermissionsGroup = ref({})
const newTokenTitleValid = ref(true) const newTokenTitleValid = ref(true)
const newTokenPermissionValid = ref(true)
const apiTokenTitle = ref() const apiTokenTitle = ref()
const tokenCreatedSuccessMessage = ref('') const tokenCreatedSuccessMessage = ref('')
@ -89,13 +90,7 @@ async function createToken() {
return return
} }
const expiry = Number(newTokenExpiry.value) let hasPermissions = false
if (!isNaN(expiry)) {
// if it's a number, we assume it's the number of days in the future
newToken.value.expiresAt = new Date((+new Date()) + expiry * MILLISECONDS_A_DAY)
} else {
newToken.value.expiresAt = new Date(newTokenExpiryCustom.value)
}
newToken.value.permissions = {} newToken.value.permissions = {}
Object.entries(newTokenPermissions.value).forEach(([key, ps]) => { Object.entries(newTokenPermissions.value).forEach(([key, ps]) => {
@ -105,9 +100,23 @@ async function createToken() {
.map(p => p[0]) .map(p => p[0])
if (all.length > 0) { if (all.length > 0) {
newToken.value.permissions[key] = all newToken.value.permissions[key] = all
hasPermissions = true
} }
}) })
if(!hasPermissions) {
newTokenPermissionValid.value = false
return
}
const expiry = Number(newTokenExpiry.value)
if (!isNaN(expiry)) {
// if it's a number, we assume it's the number of days in the future
newToken.value.expiresAt = new Date((+new Date()) + expiry * MILLISECONDS_A_DAY)
} else {
newToken.value.expiresAt = new Date(newTokenExpiryCustom.value)
}
const token = await service.create(newToken.value) const token = await service.create(newToken.value)
tokenCreatedSuccessMessage.value = t('user.settings.apiTokens.tokenCreatedSuccess', {token: token.token}) tokenCreatedSuccessMessage.value = t('user.settings.apiTokens.tokenCreatedSuccess', {token: token.token})
newToken.value = new ApiTokenModel() newToken.value = new ApiTokenModel()
@ -324,6 +333,12 @@ function toggleGroupPermissionsFromChild(group: string, checked: boolean) {
</div> </div>
</div> </div>
<p
v-if="!newTokenPermissionValid"
class="help is-danger"
>
{{ $t('user.settings.apiTokens.permissionRequired') }}
</p>
<XButton <XButton
:loading="service.loading" :loading="service.loading"
@click="createToken" @click="createToken"