Add a button to the user profile page to let you reset your REST API

key.  This is useful if you think it's been compromised in some way.
Fixes ticket #1226.

2 files changed, 10 insertions, 7 deletions

diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php
index 73d09c64..333daf95 100644
--- a/modules/rest/helpers/rest.php
+++ b/modules/rest/helpers/rest.php
@@ -87,6 +87,16 @@ class rest_Core {
     identity::set_active_user($user);
   }
 
+  static function reset_access_key() {
+    $key = ORM::factory("user_access_key")
+      ->where("user_id", "=", identity::active_user()->id)
+      ->find();
+    if ($key->loaded()) {
+      $key->delete();
+    }
+    return rest::access_key();
+  }
+
   static function access_key() {
     $key = ORM::factory("user_access_key")
       ->where("user_id", "=", identity::active_user()->id)
diff --git a/modules/rest/helpers/rest_event.php b/modules/rest/helpers/rest_event.php
index f23b9a58..6a42e893 100644
--- a/modules/rest/helpers/rest_event.php
+++ b/modules/rest/helpers/rest_event.php
@@ -55,13 +55,6 @@ class rest_event {
   }
 
   /**
-   * Called when user is editing their own form
-   */
-  static function user_edit_form($user, $form) {
-    self::_get_access_key_form($user, $form);
-  }
-
-  /**
    * Get the form fields for user edit
    */
   static function _get_access_key_form($user, $form) {