diff options
author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2015-06-19 18:41:10 +0000 |
---|---|---|
committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2015-06-19 18:41:10 +0000 |
commit | d6f389658b9e83d7a5d74c57fc46a203a5a88591 (patch) | |
tree | 534fd5f3520833e1c1c2bb2105971ce86008b991 /app/views/my | |
parent | 3811ff5d95bd848f457c9d29a162ce83f12fe3ac (diff) | |
download | redmine-d6f389658b9e83d7a5d74c57fc46a203a5a88591.tar.gz redmine-d6f389658b9e83d7a5d74c57fc46a203a5a88591.zip |
Require password re-entry for sensitive actions (#19851).
Patch by Jens Krämer.
git-svn-id: http://svn.redmine.org/redmine/trunk@14333 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/views/my')
-rw-r--r-- | app/views/my/_sidebar.html.erb | 4 | ||||
-rw-r--r-- | app/views/my/show_api_key.html.erb | 10 | ||||
-rw-r--r-- | app/views/my/show_api_key.js.erb | 1 |
3 files changed, 13 insertions, 2 deletions
diff --git a/app/views/my/_sidebar.html.erb b/app/views/my/_sidebar.html.erb index a35bcaf77..7f0aefa16 100644 --- a/app/views/my/_sidebar.html.erb +++ b/app/views/my/_sidebar.html.erb @@ -21,8 +21,8 @@ <% if Setting.rest_api_enabled? %> <h4><%= l(:label_api_access_key) %></h4> <div> - <%= link_to_function(l(:button_show), "$('#api-access-key').toggle();")%> - <pre id='api-access-key' class='autoscroll'><%= @user.api_key %></pre> + <%= link_to l(:button_show), {:action => 'show_api_key'}, :remote => true %> + <pre id='api-access-key' class='autoscroll'></pre> </div> <%= javascript_tag("$('#api-access-key').hide();") %> <p> diff --git a/app/views/my/show_api_key.html.erb b/app/views/my/show_api_key.html.erb new file mode 100644 index 000000000..97665faff --- /dev/null +++ b/app/views/my/show_api_key.html.erb @@ -0,0 +1,10 @@ +<h2><%= l :label_api_access_key %></h2> + +<div class="box"> + <pre><%= @user.api_key %></pre> +</div> + +<p><%= link_to l(:button_back), action: 'account' %></p> + + + diff --git a/app/views/my/show_api_key.js.erb b/app/views/my/show_api_key.js.erb new file mode 100644 index 000000000..73b0ee029 --- /dev/null +++ b/app/views/my/show_api_key.js.erb @@ -0,0 +1 @@ +$('#api-access-key').html('<%= escape_javascript @user.api_key %>').toggle(); |