Revoke access token UI
This commit is contained in:
Zach Copley
parent
dbcbc2fe7f
commit
9e7f47652d
|
|
@ -50,10 +50,12 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction
|
||||||
{
|
{
|
||||||
|
|
||||||
var $page = null;
|
var $page = null;
|
||||||
|
var $id = null;
|
||||||
|
|
||||||
function prepare($args)
|
function prepare($args)
|
||||||
{
|
{
|
||||||
parent::prepare($args);
|
parent::prepare($args);
|
||||||
|
$this->id = (int)$this->arg('id');
|
||||||
$this->page = ($this->arg('page')) ? ($this->arg('page') + 0) : 1;
|
$this->page = ($this->arg('page')) ? ($this->arg('page') + 0) : 1;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
@ -101,16 +103,16 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction
|
||||||
|
|
||||||
$application = $profile->getApplications($offset, $limit);
|
$application = $profile->getApplications($offset, $limit);
|
||||||
|
|
||||||
$cnt == 0;
|
$cnt == 0;
|
||||||
|
|
||||||
if (!empty($application)) {
|
if (!empty($application)) {
|
||||||
$al = new ApplicationList($application, $user, $this, true);
|
$al = new ApplicationList($application, $user, $this, true);
|
||||||
$cnt = $al->show();
|
$cnt = $al->show();
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($cnt == 0) {
|
if ($cnt == 0) {
|
||||||
$this->showEmptyListMessage();
|
$this->showEmptyListMessage();
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->pagination($this->page > 1, $cnt > APPS_PER_PAGE,
|
$this->pagination($this->page > 1, $cnt > APPS_PER_PAGE,
|
||||||
$this->page, 'connectionssettings',
|
$this->page, 'connectionssettings',
|
||||||
|
|
@ -139,6 +141,50 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($this->arg('revoke')) {
|
||||||
|
$this->revokeAccess($this->id);
|
||||||
|
|
||||||
|
// XXX: Show some indicator to the user of what's been done.
|
||||||
|
|
||||||
|
$this->showPage();
|
||||||
|
} else {
|
||||||
|
$this->clientError(_('Unexpected form submission.'), 401);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function revokeAccess($appId)
|
||||||
|
{
|
||||||
|
$cur = common_current_user();
|
||||||
|
|
||||||
|
$app = Oauth_application::staticGet('id', $appId);
|
||||||
|
|
||||||
|
if (empty($app)) {
|
||||||
|
$this->clientError(_('No such application.'), 404);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$appUser = Oauth_application_user::getByKeys($cur, $app);
|
||||||
|
|
||||||
|
if (empty($appUser)) {
|
||||||
|
$this->clientError(_('You are not a user of that application.'), 401);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$orig = clone($appUser);
|
||||||
|
$appUser->access_type = 0; // No access
|
||||||
|
$result = $appUser->update();
|
||||||
|
|
||||||
|
if (!$result) {
|
||||||
|
common_log_db_error($orig, 'UPDATE', __FILE__);
|
||||||
|
$this->clientError(_('Unable to revoke access for app: ' . $app->id));
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$msg = 'User %s (id: %d) revoked access to app %s (id: %d)';
|
||||||
|
common_log(LOG_INFO, sprintf($msg, $cur->nickname,
|
||||||
|
$cur->id, $app->name, $app->id));
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function showEmptyListMessage()
|
function showEmptyListMessage()
|
||||||
|
|
|
||||||
|
|
@ -92,6 +92,7 @@ class ShowApplicationAction extends OwnerDesignAction
|
||||||
|
|
||||||
if ($cur->id != $this->owner->id) {
|
if ($cur->id != $this->owner->id) {
|
||||||
$this->clientError(_('You are not the owner of this application.'), 401);
|
$this->clientError(_('You are not the owner of this application.'), 401);
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
|
|
|
||||||
|
|
@ -34,7 +34,7 @@ class Oauth_application_user extends Memcached_DataObject
|
||||||
$oau = new Oauth_application_user();
|
$oau = new Oauth_application_user();
|
||||||
|
|
||||||
$oau->profile_id = $user->id;
|
$oau->profile_id = $user->id;
|
||||||
$oau->application_id = $app->id;
|
$oau->application_id = $app->id;
|
||||||
$oau->limit(1);
|
$oau->limit(1);
|
||||||
|
|
||||||
$result = $oau->find(true);
|
$result = $oau->find(true);
|
||||||
|
|
|
||||||
|
|
@ -358,7 +358,8 @@ class Profile extends Memcached_DataObject
|
||||||
'SELECT a.* ' .
|
'SELECT a.* ' .
|
||||||
'FROM oauth_application_user u, oauth_application a ' .
|
'FROM oauth_application_user u, oauth_application a ' .
|
||||||
'WHERE u.profile_id = %d ' .
|
'WHERE u.profile_id = %d ' .
|
||||||
'AND a.id = u.application_id ' .
|
'AND a.id = u.application_id ' .
|
||||||
|
'AND u.access_type > 0 ' .
|
||||||
'ORDER BY u.created DESC ';
|
'ORDER BY u.created DESC ';
|
||||||
|
|
||||||
if ($offset > 0) {
|
if ($offset > 0) {
|
||||||
|
|
|
||||||
|
|
@ -142,7 +142,19 @@ class ApplicationList extends Widget
|
||||||
$this->out->raw($txt);
|
$this->out->raw($txt);
|
||||||
$this->out->elementEnd('li');
|
$this->out->elementEnd('li');
|
||||||
|
|
||||||
// XXX: Add revoke access button
|
$this->out->elementStart('li', 'entity_revoke');
|
||||||
|
$this->out->elementStart('form', array('id' => 'form_revoke_app',
|
||||||
|
'class' => 'form_revoke_app',
|
||||||
|
'method' => 'POST',
|
||||||
|
'action' =>
|
||||||
|
common_local_url('oauthconnectionssettings')));
|
||||||
|
$this->out->elementStart('fieldset');
|
||||||
|
$this->out->hidden('id', $this->application->id);
|
||||||
|
$this->out->hidden('token', common_session_token());
|
||||||
|
$this->out->submit('revoke', _('Revoke'));
|
||||||
|
$this->out->elementEnd('fieldset');
|
||||||
|
$this->out->elementEnd('form');
|
||||||
|
$this->out->elementEnd('li');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user