web-mojo 2.2.55 → 2.2.57

package/dist/admin.es.js

@@ -10,7 +10,7 @@ import { M as MapView, a as MetricsCountryMapView } from "./chunks/MetricsCountr
 import { M as Model, C as Collection } from "./chunks/Collection-DaiL0uGl.js";
 import { L as LightboxGallery, P as PDFViewer } from "./chunks/PDFViewer-EJ9cOfPF.js";
 import { W } from "./chunks/WebApp-6qvqmOts.js";
-import { B, a, V, b, c, d } from "./chunks/version-ZWtWuDxk.js";
+import { B, a, V, b, c, d } from "./chunks/version-OyPGnx30.js";
 class AdminHeaderView extends View {
   constructor(options = {}) {
     super({
@@ -2249,6 +2249,310 @@ class GeoLocatedIPTablePage extends TablePage {
     }
   }
 }
+class ApiKey extends Model {
+  constructor(data = {}, options = {}) {
+    super(data, {
+      endpoint: "/api/group/apikey",
+      ...options
+    });
+  }
+}
+class ApiKeyList extends Collection {
+  constructor(options = {}) {
+    super({
+      ModelClass: ApiKey,
+      endpoint: "/api/group/apikey",
+      size: 25,
+      ...options
+    });
+  }
+}
+const ApiKeyForms = {
+  create: {
+    title: "Create API Key",
+    fields: [
+      {
+        name: "name",
+        type: "text",
+        label: "Name",
+        placeholder: "Mobile App v2",
+        required: true,
+        columns: 12,
+        help: "A descriptive name to identify this key."
+      },
+      {
+        name: "group",
+        type: "number",
+        label: "Group ID",
+        required: true,
+        columns: 6,
+        help: "The group this key is scoped to."
+      },
+      {
+        name: "permissions",
+        type: "textarea",
+        label: "Permissions (JSON)",
+        placeholder: '{"view_orders": true, "create_orders": true}',
+        columns: 12,
+        help: "JSON dict of permissions to grant. Leave empty for no permissions."
+      }
+    ]
+  },
+  edit: {
+    title: "Edit API Key",
+    fields: [
+      {
+        name: "name",
+        type: "text",
+        label: "Name",
+        required: true,
+        columns: 12
+      },
+      {
+        name: "is_active",
+        type: "switch",
+        label: "Active",
+        columns: 12,
+        help: "Deactivate to revoke access without deleting the key."
+      },
+      {
+        name: "permissions",
+        type: "textarea",
+        label: "Permissions (JSON)",
+        columns: 12,
+        help: "JSON dict of granted permissions."
+      }
+    ]
+  }
+};
+class ApiKeyView extends View {
+  constructor(options = {}) {
+    super({
+      className: "api-key-view",
+      ...options
+    });
+    this.model = options.model || new ApiKey(options.data || {});
+    this.template = `
+            <div class="api-key-view-container">
+                <!-- Header -->
+                <div class="d-flex justify-content-between align-items-start mb-4">
+                    <!-- Left: Icon & Identity -->
+                    <div class="d-flex align-items-center gap-3">
+                        <div class="fs-1 text-primary">
+                            <i class="bi bi-key"></i>
+                        </div>
+                        <div>
+                            <h3 class="mb-1">{{model.name|default('Unnamed Key')}}</h3>
+                            <div class="text-muted small">
+                                ID: {{model.id}}
+                                <span class="mx-2">|</span>
+                                Group: {{model.group.name|default(model.group)}}
+                            </div>
+                            <div class="mt-1">
+                                <span class="badge {{model.is_active|boolean('bg-success','bg-secondary')}}">
+                                    {{model.is_active|boolean('Active','Inactive')}}
+                                </span>
+                            </div>
+                        </div>
+                    </div>
+
+                    <!-- Right: Meta & Actions -->
+                    <div class="d-flex align-items-start gap-4">
+                        <div class="text-end">
+                            <div class="text-muted small">Created</div>
+                            <div>{{model.created|datetime}}</div>
+                        </div>
+                        <div data-container="apikey-context-menu"></div>
+                    </div>
+                </div>
+
+                <!-- Details -->
+                <div class="list-group mb-3">
+                    <div class="list-group-item">
+                        <h6 class="mb-1 text-muted">Token Preview</h6>
+                        <p class="mb-1 font-monospace small text-muted">
+                            The raw token is only shown once at creation time.
+                        </p>
+                    </div>
+                    <div class="list-group-item">
+                        <h6 class="mb-1 text-muted">Permissions</h6>
+                        {{#model.permissions}}
+                            <pre class="mb-0 small">{{model.permissions|json}}</pre>
+                        {{/model.permissions}}
+                        {{^model.permissions}}
+                            <span class="text-muted small">No permissions granted</span>
+                        {{/model.permissions}}
+                    </div>
+                    {{#model.limits}}
+                    <div class="list-group-item">
+                        <h6 class="mb-1 text-muted">Rate Limit Overrides</h6>
+                        <pre class="mb-0 small">{{model.limits|json}}</pre>
+                    </div>
+                    {{/model.limits}}
+                    <div class="list-group-item">
+                        <h6 class="mb-1 text-muted">Usage</h6>
+                        <p class="mb-0 small text-muted">
+                            Include in requests as:
+                            <code>Authorization: apikey &lt;token&gt;</code>
+                        </p>
+                    </div>
+                </div>
+            </div>
+        `;
+  }
+  async onInit() {
+    const isActive = this.model.get("is_active");
+    const apiKeyMenu = new ContextMenu({
+      containerId: "apikey-context-menu",
+      className: "context-menu-view header-menu-absolute",
+      context: this.model,
+      config: {
+        icon: "bi-three-dots-vertical",
+        items: [
+          { label: "Edit", action: "edit-key", icon: "bi-pencil" },
+          isActive ? { label: "Deactivate", action: "deactivate-key", icon: "bi-x-circle" } : { label: "Activate", action: "activate-key", icon: "bi-check-circle" },
+          { type: "divider" },
+          { label: "Delete Key", action: "delete-key", icon: "bi-trash", danger: true }
+        ]
+      }
+    });
+    this.addChild(apiKeyMenu);
+  }
+  async onActionEditKey() {
+    const app = this.getApp();
+    const resp = await app.showModelForm({
+      title: `Edit API Key — ${this.model.get("name")}`,
+      model: this.model,
+      formConfig: ApiKeyForms.edit
+    });
+    if (resp) {
+      this.render();
+    }
+  }
+  async onActionDeactivateKey() {
+    const app = this.getApp();
+    const confirmed = await app.confirm({
+      title: "Deactivate API Key",
+      message: `Deactivate "${this.model.get("name")}"? Requests using this key will be rejected.`,
+      confirmLabel: "Deactivate",
+      confirmClass: "btn-warning"
+    });
+    if (!confirmed) return;
+    app.showLoading();
+    const resp = await this.model.save({ is_active: false });
+    app.hideLoading();
+    if (resp && resp.success !== false) {
+      app.toast.success("API key deactivated");
+      this.render();
+    } else {
+      app.toast.error("Failed to deactivate key");
+    }
+  }
+  async onActionActivateKey() {
+    const app = this.getApp();
+    app.showLoading();
+    const resp = await this.model.save({ is_active: true });
+    app.hideLoading();
+    if (resp && resp.success !== false) {
+      app.toast.success("API key activated");
+      this.render();
+    } else {
+      app.toast.error("Failed to activate key");
+    }
+  }
+  async onActionDeleteKey() {
+    const app = this.getApp();
+    const confirmed = await app.confirm({
+      title: "Delete API Key",
+      message: `Permanently delete "${this.model.get("name")}"? This cannot be undone.`,
+      confirmLabel: "Delete",
+      confirmClass: "btn-danger"
+    });
+    if (!confirmed) return;
+    app.showLoading();
+    const resp = await this.model.delete();
+    app.hideLoading();
+    if (resp && resp.success !== false) {
+      app.toast.success("API key deleted");
+      this.emit("deleted", { model: this.model });
+    } else {
+      app.toast.error("Failed to delete key");
+    }
+  }
+}
+ApiKey.VIEW_CLASS = ApiKeyView;
+ApiKey.ADD_FORM = ApiKeyForms.create;
+ApiKey.EDIT_FORM = ApiKeyForms.edit;
+class ApiKeyTablePage extends TablePage {
+  constructor(options = {}) {
+    super({
+      ...options,
+      name: "admin_api_keys",
+      pageName: "API Keys",
+      router: "admin/api-keys",
+      Collection: ApiKeyList,
+      itemViewClass: ApiKeyView,
+      viewDialogOptions: {
+        header: false,
+        size: "lg"
+      },
+      columns: [
+        { key: "id", label: "ID", width: "70px", sortable: true, class: "text-muted" },
+        { key: "name", label: "Name", sortable: true },
+        { key: "group.name", label: "Group", sortable: true, formatter: "default('—')" },
+        {
+          key: "is_active",
+          label: "Status",
+          formatter: "boolean('Active|bg-success','Inactive|bg-secondary')|badge",
+          width: "100px"
+        },
+        { key: "created", label: "Created", formatter: "datetime", sortable: true }
+      ],
+      selectable: true,
+      searchable: true,
+      sortable: true,
+      filterable: true,
+      paginated: true,
+      showRefresh: true,
+      showAdd: true,
+      showExport: false,
+      addButtonLabel: "New API Key",
+      emptyMessage: "No API keys found.",
+      tableOptions: {
+        striped: true,
+        bordered: false,
+        hover: true,
+        responsive: false
+      }
+    });
+  }
+  // Override to intercept and show the one-time token after model.save()
+  async onActionAdd() {
+    const app = this.getApp();
+    const model = new ApiKey();
+    const result = await app.showForm({
+      model,
+      ...ApiKeyForms.create
+    });
+    if (!result) return;
+    const resp = await model.save(result);
+    if (!resp?.data?.status) {
+      app.showError(resp?.data?.error || "Failed to create API key");
+      return;
+    }
+    const token = resp.data?.data?.token;
+    await app.showAlert({
+      title: "API Key Created — Save Your Token",
+      message: token ? `Copy this token now. It will not be shown again.
+
+${token}` : "API key created successfully.",
+      type: token ? "warning" : "success",
+      size: "lg"
+    });
+    this.collection.add(model);
+    this.tableView?.refresh();
+  }
+}
 class IncidentDashboardHeader extends View {
   constructor(options = {}) {
     super({
@@ -9527,6 +9831,7 @@ function registerSystemPages(app, addToMenu = true) {
   app.registerPage("system/push/devices", PushDeviceTablePage, { permissions: ["manage_users"] });
   app.registerPage("system/phonehub/numbers", PhoneNumberTablePage, { permissions: ["manage_users"] });
   app.registerPage("system/phonehub/sms", SMSTablePage, { permissions: ["manage_users"] });
+  app.registerPage("system/api-keys", ApiKeyTablePage, { permissions: ["manage_groups", "manage_group"] });
   if (addToMenu && app.sidebar && app.sidebar.getMenuConfig) {
     const adminMenuConfig = app.sidebar.getMenuConfig("system");
     if (adminMenuConfig && adminMenuConfig.items) {
@@ -9628,6 +9933,12 @@ function registerSystemPages(app, addToMenu = true) {
               route: "?page=system/metrics/permissions",
               icon: "bi-bar-chart-line",
               permissions: ["manage_metrics"]
+            },
+            {
+              text: "API Keys",
+              route: "?page=system/api-keys",
+              icon: "bi-key",
+              permissions: ["manage_groups", "manage_group"]
             }
           ]
         },
@@ -9729,6 +10040,8 @@ function registerSystemPages(app, addToMenu = true) {
 }
 export {
   AdminDashboardPage,
+  ApiKeyTablePage,
+  ApiKeyView,
   B as BUILD_TIME,
   DeviceView,
   EmailDomainTablePage,