From 8dad04e0e65d25cba527c7ea737fcdd1c5b6af37 Mon Sep 17 00:00:00 2001
From: Felix <info@strifel.de>
Date: Thu, 11 Nov 2021 13:45:04 +0100
Subject: [PATCH] Add app-passwd list (#4281) (#4311)

* Add list option for app passwords

* Add app-passwd option to OpenAPI documentation
---
 data/web/api/openapi.yaml                 | 33 +++++++++++++++++++++++
 data/web/inc/functions.app_passwd.inc.php | 15 ++++++++---
 2 files changed, 44 insertions(+), 4 deletions(-)

diff --git a/data/web/api/openapi.yaml b/data/web/api/openapi.yaml
index e1ef65bb..8c3eb75e 100644
--- a/data/web/api/openapi.yaml
+++ b/data/web/api/openapi.yaml
@@ -3520,6 +3520,39 @@ paths:
       description: You can list mailbox aliases existing in system.
       operationId: Get aliases
       summary: Get aliases
+  "/api/v1/get/app-passwd/all":
+    get:
+        - description: e.g. api-key-string
+          example: api-key-string
+          in: header
+          name: X-API-Key
+          required: false
+          schema:
+            type: string
+      responses:
+        "401":
+          $ref: "#/components/responses/Unauthorized"
+        "200":
+          content:
+            application/json:
+              examples:
+                response:
+                  value:
+                    - active: "1"
+                      created: "2019-12-21 16:04:55"
+                      domain: mailcow.email
+                      id: 2
+                      mailbox: hello@mailcow.email
+                      modified: null
+                      name: emclient
+          description: OK
+          headers: {}
+      tags:
+        - App Passwords
+      description: >-
+        Using this endpoint you can get all app passwords from all mailboxes.
+      operationId: Get App Passwords
+      summary: Get App Passwords
   "/api/v1/get/app-passwd/all/{mailbox}":
     get:
       parameters:
diff --git a/data/web/inc/functions.app_passwd.inc.php b/data/web/inc/functions.app_passwd.inc.php
index b493fc91..9b19aebe 100644
--- a/data/web/inc/functions.app_passwd.inc.php
+++ b/data/web/inc/functions.app_passwd.inc.php
@@ -216,10 +216,17 @@ function app_passwd($_action, $_data = null) {
     break;
     case 'get':
       $app_passwds = array();
-      $stmt = $pdo->prepare("SELECT `id`, `name` FROM `app_passwd` WHERE `mailbox` = :username");
-      $stmt->execute(array(':username' => $username));
-      $app_passwds = $stmt->fetchAll(PDO::FETCH_ASSOC);
-      return $app_passwds;
+      if ($_data['username'] != null) {
+        $stmt = $pdo->prepare("SELECT `id`, `name` FROM `app_passwd` WHERE `mailbox` = :username");
+        $stmt->execute(array(':username' => $username));
+        $app_passwds = $stmt->fetchAll(PDO::FETCH_ASSOC);
+        return $app_passwds;
+      } else {
+        $stmt = $pdo->prepare("SELECT `id`, `name` FROM `app_passwd`");
+        $stmt->execute();
+        $app_passwds = $stmt->fetchAll(PDO::FETCH_ASSOC);
+        return $app_passwds;
+      }
     break;
     case 'details':
       $app_passwd_data = array();