summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZach Copley <zach@status.net>2010-01-13 21:11:08 +0000
committerZach Copley <zach@status.net>2010-01-24 16:36:05 -0800
commit9e7f47652d860d7f1e296dd369c4e68814bf2636 (patch)
treef5a86c814d361dec9915d7940452e440a035a6d7
parentdbcbc2fe7ff0368910a49ed5675b0edc1e2bf18d (diff)
Revoke access token UI
-rw-r--r--actions/oauthconnectionssettings.php62
-rw-r--r--actions/showapplication.php1
-rw-r--r--classes/Oauth_application_user.php2
-rw-r--r--classes/Profile.php3
-rw-r--r--lib/applicationlist.php14
5 files changed, 71 insertions, 11 deletions
diff --git a/actions/oauthconnectionssettings.php b/actions/oauthconnectionssettings.php
index 99bb9022b..b17729b82 100644
--- a/actions/oauthconnectionssettings.php
+++ b/actions/oauthconnectionssettings.php
@@ -50,10 +50,12 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction
{
var $page = null;
+ var $id = null;
function prepare($args)
{
parent::prepare($args);
+ $this->id = (int)$this->arg('id');
$this->page = ($this->arg('page')) ? ($this->arg('page') + 0) : 1;
return true;
}
@@ -101,16 +103,16 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction
$application = $profile->getApplications($offset, $limit);
- $cnt == 0;
+ $cnt == 0;
- if (!empty($application)) {
- $al = new ApplicationList($application, $user, $this, true);
- $cnt = $al->show();
- }
+ if (!empty($application)) {
+ $al = new ApplicationList($application, $user, $this, true);
+ $cnt = $al->show();
+ }
- if ($cnt == 0) {
- $this->showEmptyListMessage();
- }
+ if ($cnt == 0) {
+ $this->showEmptyListMessage();
+ }
$this->pagination($this->page > 1, $cnt > APPS_PER_PAGE,
$this->page, 'connectionssettings',
@@ -139,6 +141,50 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction
return;
}
+ if ($this->arg('revoke')) {
+ $this->revokeAccess($this->id);
+
+ // XXX: Show some indicator to the user of what's been done.
+
+ $this->showPage();
+ } else {
+ $this->clientError(_('Unexpected form submission.'), 401);
+ return false;
+ }
+ }
+
+ function revokeAccess($appId)
+ {
+ $cur = common_current_user();
+
+ $app = Oauth_application::staticGet('id', $appId);
+
+ if (empty($app)) {
+ $this->clientError(_('No such application.'), 404);
+ return false;
+ }
+
+ $appUser = Oauth_application_user::getByKeys($cur, $app);
+
+ if (empty($appUser)) {
+ $this->clientError(_('You are not a user of that application.'), 401);
+ return false;
+ }
+
+ $orig = clone($appUser);
+ $appUser->access_type = 0; // No access
+ $result = $appUser->update();
+
+ if (!$result) {
+ common_log_db_error($orig, 'UPDATE', __FILE__);
+ $this->clientError(_('Unable to revoke access for app: ' . $app->id));
+ return false;
+ }
+
+ $msg = 'User %s (id: %d) revoked access to app %s (id: %d)';
+ common_log(LOG_INFO, sprintf($msg, $cur->nickname,
+ $cur->id, $app->name, $app->id));
+
}
function showEmptyListMessage()
diff --git a/actions/showapplication.php b/actions/showapplication.php
index b21b994aa..049206375 100644
--- a/actions/showapplication.php
+++ b/actions/showapplication.php
@@ -92,6 +92,7 @@ class ShowApplicationAction extends OwnerDesignAction
if ($cur->id != $this->owner->id) {
$this->clientError(_('You are not the owner of this application.'), 401);
+ return false;
}
return true;
diff --git a/classes/Oauth_application_user.php b/classes/Oauth_application_user.php
index a05371f56..618d68133 100644
--- a/classes/Oauth_application_user.php
+++ b/classes/Oauth_application_user.php
@@ -34,7 +34,7 @@ class Oauth_application_user extends Memcached_DataObject
$oau = new Oauth_application_user();
$oau->profile_id = $user->id;
- $oau->application_id = $app->id;
+ $oau->application_id = $app->id;
$oau->limit(1);
$result = $oau->find(true);
diff --git a/classes/Profile.php b/classes/Profile.php
index fef2a2171..1076fb2cb 100644
--- a/classes/Profile.php
+++ b/classes/Profile.php
@@ -358,7 +358,8 @@ class Profile extends Memcached_DataObject
'SELECT a.* ' .
'FROM oauth_application_user u, oauth_application a ' .
'WHERE u.profile_id = %d ' .
- 'AND a.id = u.application_id ' .
+ 'AND a.id = u.application_id ' .
+ 'AND u.access_type > 0 ' .
'ORDER BY u.created DESC ';
if ($offset > 0) {
diff --git a/lib/applicationlist.php b/lib/applicationlist.php
index 6eae26135..3abb1f8aa 100644
--- a/lib/applicationlist.php
+++ b/lib/applicationlist.php
@@ -142,7 +142,19 @@ class ApplicationList extends Widget
$this->out->raw($txt);
$this->out->elementEnd('li');
- // XXX: Add revoke access button
+ $this->out->elementStart('li', 'entity_revoke');
+ $this->out->elementStart('form', array('id' => 'form_revoke_app',
+ 'class' => 'form_revoke_app',
+ 'method' => 'POST',
+ 'action' =>
+ common_local_url('oauthconnectionssettings')));
+ $this->out->elementStart('fieldset');
+ $this->out->hidden('id', $this->application->id);
+ $this->out->hidden('token', common_session_token());
+ $this->out->submit('revoke', _('Revoke'));
+ $this->out->elementEnd('fieldset');
+ $this->out->elementEnd('form');
+ $this->out->elementEnd('li');
}
}