From 3d77186d352663e7b1cf427b03c76727a0ba7b6a Mon Sep 17 00:00:00 2001
From: Ilya Zhitomirskiy <ilya@laptop.(none)>
Date: Mon, 13 Jun 2011 15:40:55 -0700
Subject: [PATCH] added authorizations page where a user can see all of their
 authorized applications

---
 app/controllers/authorizations_controller.rb |  7 ++++++-
 app/models/user.rb                           |  3 +++
 config/locales/diaspora/en.yml               |  1 +
 config/routes.rb                             | 11 +++++++----
 features/oauth.feature                       | 15 ++++++++-------
 features/step_definitions/oauth_steps.rb     |  2 ++
 6 files changed, 27 insertions(+), 12 deletions(-)

diff --git a/app/controllers/authorizations_controller.rb b/app/controllers/authorizations_controller.rb
index 6f0b0eef4..2dbc4aaf5 100644
--- a/app/controllers/authorizations_controller.rb
+++ b/app/controllers/authorizations_controller.rb
@@ -1,7 +1,7 @@
 class AuthorizationsController < ApplicationController
   include OAuth2::Provider::Rack::AuthorizationCodesSupport
   before_filter :authenticate_user!, :except => :token
-  before_filter :block_invalid_authorization_code_requests, :except => :token
+  before_filter :block_invalid_authorization_code_requests, :except => [:token, :index]
 
   skip_before_filter :verify_authenticity_token, :only => :token
 
@@ -33,6 +33,11 @@ class AuthorizationsController < ApplicationController
       render :text => "bad request", :status => 403
     end
   end
+
+  def index
+    @authorizations = current_user.authorizations
+    @applications = current_user.applications
+  end
 end
 
 OAuth2::Provider.client_class.instance_eval do
diff --git a/app/models/user.rb b/app/models/user.rb
index 415ff250f..8a8cd1ca5 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -40,6 +40,9 @@ class User < ActiveRecord::Base
   has_many :services
   has_many :user_preferences
 
+  has_many :authorizations, :class_name => 'OAuth2::Provider::Models::ActiveRecord::Authorization', :foreign_key => :resource_owner_id
+  has_many :applications, :through => :authorizations, :source => :client
+
   before_save do
     person.save if person && person.changed?
   end
diff --git a/config/locales/diaspora/en.yml b/config/locales/diaspora/en.yml
index 24836a8ee..3b1fc6b61 100644
--- a/config/locales/diaspora/en.yml
+++ b/config/locales/diaspora/en.yml
@@ -10,6 +10,7 @@ en:
   profile: "Profile"
   account: "Account"
   _services: "Services"
+  _applications: "Applications"
   _photos: "photos"
   ok: "OK"
   cancel: "Cancel"
diff --git a/config/routes.rb b/config/routes.rb
index ca32853ca..d4d7dfc21 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -68,10 +68,6 @@ Diaspora::Application.routes.draw do
     resources :photos, :controller => "photos", :only => [:create, :show, :destroy]
   end
 
-  get "/oauth/authorize" => "authorizations#new"
-  post "/oauth/authorize" => "authorizations#create"
-
-  post "/oauth/token" => "authorizations#token"
 
   #Temporary token_authenticable route
   resource :token, :only => [:show, :create]
@@ -119,6 +115,13 @@ Diaspora::Application.routes.draw do
 
   # External
 
+
+  get "/oauth/authorize" => "authorizations#new"
+  post "/oauth/authorize" => "authorizations#create"
+
+  post "/oauth/token" => "authorizations#token"
+  resources :authorizations, :only => [:index]
+
   resources :services, :only => [:index, :destroy]
   controller :services do
     match '/auth/:provider/callback' => :create
diff --git a/features/oauth.feature b/features/oauth.feature
index 831394e51..5ac510cbe 100644
--- a/features/oauth.feature
+++ b/features/oauth.feature
@@ -10,8 +10,6 @@ Feature: oauth
 
   Scenario: Authorize Chubbies
     When I try to authorize Chubbies
-    Then I should see "Chubbies"
-    And I should see "The best way to chub."
 
     When I press "Authorize"
     Then I should be on "/account" on Chubbies
@@ -20,22 +18,25 @@ Feature: oauth
 
   Scenario: Not authorize Chubbies
     When I try to authorize Chubbies
-    Then I should see "Chubbies"
-    And I should see "The best way to chub."
 
     When I press "No"
     Then I should be on "/account" on Chubbies
     Then I should see "No access token."
 
-  Scenario: Authorize Chubbies
+  Scenario: Authorize Chubbies when Chubbies is already registeded
     Given Chubbies is registered on my pod
     When I try to authorize Chubbies
-    Then I should see "Chubbies"
-    And I should see "The best way to chub."
     And there is only one Chubbies
 
     When I press "Authorize"
     Then I should be on "/account" on Chubbies
     And I should see my "profile.birthday"
     And I should see my "name"
+  
+  Scenario: Authorize Chubbies should place it on the authorized applications page
+    When I try to authorize Chubbies
 
+    When I press "Authorize"
+    And I am on the authorizations page
+    Then I should see "Chubbies"
+    And I should see "The best way to chub."
diff --git a/features/step_definitions/oauth_steps.rb b/features/step_definitions/oauth_steps.rb
index 2960ff7b9..3cee77c65 100644
--- a/features/step_definitions/oauth_steps.rb
+++ b/features/step_definitions/oauth_steps.rb
@@ -34,6 +34,8 @@ When /^I try to authorize Chubbies$/ do
   And "I fill in \"Password\" with \"#{@me.password}\""
   And 'I press "Sign in"'
   Then 'I should be on the oauth authorize page'
+  Then 'I should see "Chubbies"'
+  And 'I should see "The best way to chub."'
 end
 
 When /^I visit "([^"]+)" on Chubbies$/ do |path|