Revoke button on applications page

2015-08-01 18:29:53 +02:00 · 2015-08-01 18:29:53 +02:00 · b9da104b28
commit b9da104b28
parent dd337d4163
9 changed files with 46 additions and 5 deletions
--- a/app/assets/stylesheets/mobile/settings.scss
+++ b/app/assets/stylesheets/mobile/settings.scss
@ -38,3 +38,7 @@
    .info { color: $text; }
  }
 }
+
+.applications-page {
+  .application-img { margin: 9px 0; }
+}
--- a/app/controllers/api/openid_connect/authorizations_controller.rb
+++ b/app/controllers/api/openid_connect/authorizations_controller.rb
@ -17,6 +17,16 @@ module Api
        process_authorization_consent(params[:approve])
      end

+      def destroy
+        # TODO: Specs
+        begin
+          Api::OpenidConnect::Authorization.find_by(id: params[:id]).destroy
+        rescue
+          # TODO: Log something here?
+        end
+        redirect_to user_applications_url
+      end
+
      private

      def request_authorization_consent_form # TODO: Add support for prompt params
--- a/app/presenters/user_applications_presenter.rb
+++ b/app/presenters/user_applications_presenter.rb
@ -21,6 +21,7 @@ class UserApplicationsPresenter

  def app_as_json(application)
    {
+      id:            find_id(application),
      name:          application.client_name,
      image:         application.image_uri,
      autorizations: find_scopes(application)
@ -31,4 +32,9 @@ class UserApplicationsPresenter
    Api::OpenidConnect::Authorization.find_by_client_id_and_user(
      application.client_id, @current_user).scopes
  end
+
+  def find_id(application)
+    Api::OpenidConnect::Authorization.find_by_client_id_and_user(
+      application.client_id, @current_user).id
+  end
 end
--- a/app/views/shared/_settings_nav.mobile.haml
+++ b/app/views/shared/_settings_nav.mobile.haml
@ -6,3 +6,4 @@
      %li= link_to_unless_current t('account'), edit_user_path
      %li= link_to_unless_current t('privacy'), privacy_settings_path
      %li= link_to_unless_current t('_services'), services_path
+      %li= link_to_unless_current t('_applications'), user_applications_path
--- a/app/views/user_applications/_add_remove_applications.haml
+++ b/app/views/user_applications/_add_remove_applications.haml
@ -3,7 +3,7 @@
    - @user_apps.user_applications.each do |app|
      %li.list-group-item
        .row
-          .col-xs-2
+          .col-xs-2.application-img
            = image_tag app[:image], class: "img-responsive"
          .col-xs-10
            - if app[:autorizations].count > 0
@ -14,8 +14,13 @@
            - else
              .well
                =t("user_applications.show.no_requirement")
+        .small-horizontal-spacer
+        .row
+          = form_for "application", url: "#{api_openid_connect_authorizations_path}/#{app[:id]}",
+              html: { method: :delete, class: "form-horizontal col-xs-12"} do |f|
+            .clearfix= f.submit t("user_applications.revoke_autorization"), class: "btn btn-primary pull-right"

 - else
  .well
    %h4
-      = t("user_applications.show.no_applications")
+      = t("user_applications.no_applications")
--- a/app/views/user_applications/show.html.haml
+++ b/app/views/user_applications/show.html.haml
@ -1,7 +1,7 @@
 - content_for :page_title do
  = t(".edit_applications")

-.container-fluid
+.container-fluid.applications-page
  = render "shared/settings_nav"
  .container-fluid
    .row
--- a/app/views/user_applications/show.mobile.haml
+++ b/app/views/user_applications/show.mobile.haml
@ -0,0 +1,14 @@
+.settings_container.applications-page
+  - content_for :page_title do
+    = t('.edit_applications')
+
+  = render 'shared/settings_nav'
+
+  .container-fluid
+    .row
+      .col-md-12
+        = t('.applications_explanation')
+      .small-horizontal-spacer
+      .col-md-12
+        = render 'add_remove_applications'
+
--- a/config/locales/diaspora/en.yml
+++ b/config/locales/diaspora/en.yml
@ -1481,7 +1481,8 @@ en:
    show:
      edit_applications: "Applications"
      title: "Your installed applications"
-      no_applications: "You have no authorized application for now"
      access: "is authorized to access to:"
      no_requirement: "This application requires no autorizations"
      applications_explanation: "Here are listed the applications to which you autorized the access to your profile informations"
+    no_applications: "You have no authorized application for now"
+    revoke_autorization: "Revoke autorization"
--- a/config/routes.rb
+++ b/config/routes.rb
@ -244,7 +244,7 @@ Diaspora::Application.routes.draw do

      # Authorization Servers MUST support the use of the HTTP GET and POST methods at the Authorization Endpoint
      # See http://openid.net/specs/openid-connect-core-1_0.html#AuthResponseValidation
-      resources :authorizations, only: %i(new create)
+      resources :authorizations, only: %i(new create destroy)
      post "authorizations/new", to: "authorizations#new"

      get ".well-known/webfinger", to: "discovery#webfinger"