Revoke access token UI

2010-01-13 21:11:08 +00:00 · 2010-01-13 21:11:08 +00:00 · 9e7f47652d
commit 9e7f47652d
parent dbcbc2fe7f
5 changed files with 71 additions and 11 deletions
--- a/actions/oauthconnectionssettings.php
+++ b/actions/oauthconnectionssettings.php
@ -50,10 +50,12 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction
 {

    var $page = null;
+    var $id   = null;

    function prepare($args)
    {
        parent::prepare($args);
+        $this->id = (int)$this->arg('id');
        $this->page = ($this->arg('page')) ? ($this->arg('page') + 0) : 1;
        return true;
    }
@ -139,6 +141,50 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction
            return;
        }

+        if ($this->arg('revoke')) {
+            $this->revokeAccess($this->id);
+
+            // XXX: Show some indicator to the user of what's been done.
+
+            $this->showPage();
+        } else {
+            $this->clientError(_('Unexpected form submission.'), 401);
+            return false;
+        }
+    }
+
+    function revokeAccess($appId)
+    {
+        $cur = common_current_user();
+
+        $app = Oauth_application::staticGet('id', $appId);
+
+        if (empty($app)) {
+            $this->clientError(_('No such application.'), 404);
+            return false;
+        }
+
+        $appUser = Oauth_application_user::getByKeys($cur, $app);
+
+        if (empty($appUser)) {
+            $this->clientError(_('You are not a user of that application.'), 401);
+            return false;
+        }
+
+        $orig = clone($appUser);
+        $appUser->access_type = 0;  // No access
+        $result = $appUser->update();
+
+        if (!$result) {
+            common_log_db_error($orig, 'UPDATE', __FILE__);
+            $this->clientError(_('Unable to revoke access for app: ' . $app->id));
+            return false;
+        }
+
+        $msg = 'User %s (id: %d) revoked access to app %s (id: %d)';
+        common_log(LOG_INFO, sprintf($msg, $cur->nickname,
+                                     $cur->id, $app->name, $app->id));
+
    }

    function showEmptyListMessage()
--- a/actions/showapplication.php
+++ b/actions/showapplication.php
@ -92,6 +92,7 @@ class ShowApplicationAction extends OwnerDesignAction

        if ($cur->id != $this->owner->id) {
            $this->clientError(_('You are not the owner of this application.'), 401);
+            return false;
        }

        return true;
--- a/classes/Profile.php
+++ b/classes/Profile.php
@ -359,6 +359,7 @@ class Profile extends Memcached_DataObject
          'FROM oauth_application_user u, oauth_application a ' .
          'WHERE u.profile_id = %d ' .
          'AND a.id = u.application_id ' .
+          'AND u.access_type > 0 ' .
          'ORDER BY u.created DESC ';

        if ($offset > 0) {
--- a/lib/applicationlist.php
+++ b/lib/applicationlist.php
@ -142,7 +142,19 @@ class ApplicationList extends Widget
            $this->out->raw($txt);
            $this->out->elementEnd('li');

-            // XXX: Add revoke access button
+            $this->out->elementStart('li', 'entity_revoke');
+            $this->out->elementStart('form', array('id' => 'form_revoke_app',
+                                                   'class' => 'form_revoke_app',
+                                                   'method' => 'POST',
+                                                   'action' =>
+                                                   common_local_url('oauthconnectionssettings')));
+            $this->out->elementStart('fieldset');
+            $this->out->hidden('id', $this->application->id);
+            $this->out->hidden('token', common_session_token());
+            $this->out->submit('revoke', _('Revoke'));
+            $this->out->elementEnd('fieldset');
+            $this->out->elementEnd('form');
+            $this->out->elementEnd('li');
        }
    }