From b9da104b28aa16a0269193ffe60ba12f38d2d6fe Mon Sep 17 00:00:00 2001
From: augier <christophe@c-henry.fr>
Date: Sat, 1 Aug 2015 18:29:53 +0200
Subject: [PATCH] Revoke button on applications page
---
app/assets/stylesheets/mobile/settings.scss | 4 ++++
.../openid_connect/authorizations_controller.rb | 10 ++++++++++
app/presenters/user_applications_presenter.rb | 6 ++++++
app/views/shared/_settings_nav.mobile.haml | 1 +
.../_add_remove_applications.haml | 9 +++++++--
app/views/user_applications/show.html.haml | 2 +-
app/views/user_applications/show.mobile.haml | 14 ++++++++++++++
config/locales/diaspora/en.yml | 3 ++-
config/routes.rb | 2 +-
9 files changed, 46 insertions(+), 5 deletions(-)
create mode 100644 app/views/user_applications/show.mobile.haml
diff --git a/app/assets/stylesheets/mobile/settings.scss b/app/assets/stylesheets/mobile/settings.scss
index 846d5159f4..04662edcdc 100644
--- a/app/assets/stylesheets/mobile/settings.scss
+++ b/app/assets/stylesheets/mobile/settings.scss
@@ -38,3 +38,7 @@
.info { color: $text; }
}
}
+
+.applications-page {
+ .application-img { margin: 9px 0; }
+}
\ No newline at end of file
diff --git a/app/controllers/api/openid_connect/authorizations_controller.rb b/app/controllers/api/openid_connect/authorizations_controller.rb
index 16509f555d..a8ca51c095 100644
--- a/app/controllers/api/openid_connect/authorizations_controller.rb
+++ b/app/controllers/api/openid_connect/authorizations_controller.rb
@@ -17,6 +17,16 @@ module Api
process_authorization_consent(params[:approve])
end
+ def destroy
+ # TODO: Specs
+ begin
+ Api::OpenidConnect::Authorization.find_by(id: params[:id]).destroy
+ rescue
+ # TODO: Log something here?
+ end
+ redirect_to user_applications_url
+ end
+
private
def request_authorization_consent_form # TODO: Add support for prompt params
diff --git a/app/presenters/user_applications_presenter.rb b/app/presenters/user_applications_presenter.rb
index 59a407c467..07f33e4700 100644
--- a/app/presenters/user_applications_presenter.rb
+++ b/app/presenters/user_applications_presenter.rb
@@ -21,6 +21,7 @@ class UserApplicationsPresenter
def app_as_json(application)
{
+ id: find_id(application),
name: application.client_name,
image: application.image_uri,
autorizations: find_scopes(application)
@@ -31,4 +32,9 @@ class UserApplicationsPresenter
Api::OpenidConnect::Authorization.find_by_client_id_and_user(
application.client_id, @current_user).scopes
end
+
+ def find_id(application)
+ Api::OpenidConnect::Authorization.find_by_client_id_and_user(
+ application.client_id, @current_user).id
+ end
end
diff --git a/app/views/shared/_settings_nav.mobile.haml b/app/views/shared/_settings_nav.mobile.haml
index e286c6b040..eff5ef101c 100644
--- a/app/views/shared/_settings_nav.mobile.haml
+++ b/app/views/shared/_settings_nav.mobile.haml
@@ -6,3 +6,4 @@
%li= link_to_unless_current t('account'), edit_user_path
%li= link_to_unless_current t('privacy'), privacy_settings_path
%li= link_to_unless_current t('_services'), services_path
+ %li= link_to_unless_current t('_applications'), user_applications_path
diff --git a/app/views/user_applications/_add_remove_applications.haml b/app/views/user_applications/_add_remove_applications.haml
index 72efc3fbe1..0a8fc7888b 100644
--- a/app/views/user_applications/_add_remove_applications.haml
+++ b/app/views/user_applications/_add_remove_applications.haml
@@ -3,7 +3,7 @@
- @user_apps.user_applications.each do |app|
%li.list-group-item
.row
- .col-xs-2
+ .col-xs-2.application-img
= image_tag app[:image], class: "img-responsive"
.col-xs-10
- if app[:autorizations].count > 0
@@ -14,8 +14,13 @@
- else
.well
=t("user_applications.show.no_requirement")
+ .small-horizontal-spacer
+ .row
+ = form_for "application", url: "#{api_openid_connect_authorizations_path}/#{app[:id]}",
+ html: { method: :delete, class: "form-horizontal col-xs-12"} do |f|
+ .clearfix= f.submit t("user_applications.revoke_autorization"), class: "btn btn-primary pull-right"
- else
.well
%h4
- = t("user_applications.show.no_applications")
+ = t("user_applications.no_applications")
diff --git a/app/views/user_applications/show.html.haml b/app/views/user_applications/show.html.haml
index aa0a06527a..07ebf6a240 100644
--- a/app/views/user_applications/show.html.haml
+++ b/app/views/user_applications/show.html.haml
@@ -1,7 +1,7 @@
- content_for :page_title do
= t(".edit_applications")
-.container-fluid
+.container-fluid.applications-page
= render "shared/settings_nav"
.container-fluid
.row
diff --git a/app/views/user_applications/show.mobile.haml b/app/views/user_applications/show.mobile.haml
new file mode 100644
index 0000000000..696ce47d85
--- /dev/null
+++ b/app/views/user_applications/show.mobile.haml
@@ -0,0 +1,14 @@
+.settings_container.applications-page
+ - content_for :page_title do
+ = t('.edit_applications')
+
+ = render 'shared/settings_nav'
+
+ .container-fluid
+ .row
+ .col-md-12
+ = t('.applications_explanation')
+ .small-horizontal-spacer
+ .col-md-12
+ = render 'add_remove_applications'
+
diff --git a/config/locales/diaspora/en.yml b/config/locales/diaspora/en.yml
index 0f327c204a..92528ba8e8 100644
--- a/config/locales/diaspora/en.yml
+++ b/config/locales/diaspora/en.yml
@@ -1481,7 +1481,8 @@ en:
show:
edit_applications: "Applications"
title: "Your installed applications"
- no_applications: "You have no authorized application for now"
access: "is authorized to access to:"
no_requirement: "This application requires no autorizations"
applications_explanation: "Here are listed the applications to which you autorized the access to your profile informations"
+ no_applications: "You have no authorized application for now"
+ revoke_autorization: "Revoke autorization"
diff --git a/config/routes.rb b/config/routes.rb
index eb6054f702..9a8f841bca 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -244,7 +244,7 @@ Diaspora::Application.routes.draw do
# Authorization Servers MUST support the use of the HTTP GET and POST methods at the Authorization Endpoint
# See http://openid.net/specs/openid-connect-core-1_0.html#AuthResponseValidation
- resources :authorizations, only: %i(new create)
+ resources :authorizations, only: %i(new create destroy)
post "authorizations/new", to: "authorizations#new"
get ".well-known/webfinger", to: "discovery#webfinger"
--
GitLab