3 * StatusNet, the distributed open-source microblogging tool
5 * Show an OAuth application
9 * LICENCE: This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
22 * @category Application
24 * @author Zach Copley <zach@status.net>
25 * @copyright 2008-2011 StatusNet, Inc.
26 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
27 * @link http://status.net/
30 if (!defined('STATUSNET') && !defined('LACONICA')) {
35 * Show an OAuth application
37 * @category Application
39 * @author Zach Copley <zach@status.net>
40 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
41 * @link http://status.net/
43 class ShowApplicationAction extends Action
48 var $application = null;
51 * User who owns the app
60 * Load attributes based on database arguments
62 * Loads all the DB stuff
64 * @param array $args $_REQUEST array
66 * @return success flag
68 function prepare(array $args = array())
70 parent::prepare($args);
72 $id = (int)$this->arg('id');
74 $this->application = Oauth_application::getKV($id);
75 $this->owner = User::getKV($this->application->owner);
77 if (!common_logged_in()) {
78 // TRANS: Client error displayed trying to display an OAuth application while not logged in.
79 $this->clientError(_('You must be logged in to view an application.'));
82 if (empty($this->application)) {
83 // TRANS: Client error displayed trying to display a non-existing OAuth application.
84 $this->clientError(_('No such application.'), 404);
87 $cur = common_current_user();
89 if ($cur->id != $this->owner->id) {
90 // TRANS: Client error displayed trying to display an OAuth application for which the logged in user is not the owner.
91 $this->clientError(_('You are not the owner of this application.'), 401);
100 * Shows info about the app
108 if ($_SERVER['REQUEST_METHOD'] == 'POST') {
111 $token = $this->trimmed('token');
112 if (!$token || $token != common_session_token()) {
113 // TRANS: Client error displayed when the session token does not match or is not given.
114 $this->clientError(_('There was a problem with your session token.'));
117 if ($this->arg('reset')) {
128 * @return string title of the page
132 if (!empty($this->application->name)) {
133 return 'Application: ' . $this->application->name;
137 function showPageNotice()
139 if (!empty($this->msg)) {
140 $this->element('div', ($this->success) ? 'success' : 'error', $this->msg);
144 function showContent()
146 $cur = common_current_user();
148 $consumer = $this->application->getConsumer();
150 $this->elementStart('div', 'entity_profile h-card');
151 // TRANS: Header on the OAuth application page.
152 $this->element('h2', null, _('Application profile'));
153 if (!empty($this->application->icon)) {
154 $this->element('img', array('src' => $this->application->icon,
155 'class' => 'u-photo logo entity_depiction'));
158 $this->element('a', array('href' => $this->application->source_url,
159 'class' => 'u-url p-name entity_fn'),
160 $this->application->name);
162 $this->element('a', array('href' => $this->application->homepage,
163 'class' => 'u-url entity_org'),
164 $this->application->organization);
166 $this->element('div',
168 $this->application->description);
170 $this->elementStart('div', 'entity_statistics');
171 $defaultAccess = ($this->application->access_type & Oauth_application::$writeAccess)
172 ? 'read-write' : 'read-only';
173 $profile = Profile::getKV($this->application->owner);
175 $appUsers = new Oauth_application_user();
176 $appUsers->application_id = $this->application->id;
177 $userCnt = $appUsers->count();
180 // TRANS: Information output on an OAuth application page.
181 // TRANS: %1$s is the application creator, %2$s is "read-only" or "read-write",
182 // TRANS: %3$d is the number of users using the OAuth application.
183 _m('Created by %1$s - %2$s access by default - %3$d user',
184 'Created by %1$s - %2$s access by default - %3$d users',
186 $profile->getBestName(),
190 $this->elementEnd('div');
192 $this->elementEnd('div');
194 $this->elementStart('div', 'entity_actions');
195 // TRANS: Header on the OAuth application page.
196 $this->element('h2', null, _('Application actions'));
197 $this->elementStart('ul');
198 $this->elementStart('li', 'entity_edit');
200 array('href' => common_local_url('editapplication',
201 array('id' => $this->application->id))),
202 // TRANS: Link text to edit application on the OAuth application page.
203 _m('EDITAPP','Edit'));
204 $this->elementEnd('li');
206 $this->elementStart('li', 'entity_reset_keysecret');
207 $this->elementStart('form', array(
208 'id' => 'form_reset_key',
209 'class' => 'form_reset_key',
211 'action' => common_local_url('showapplication',
212 array('id' => $this->application->id))));
213 $this->elementStart('fieldset');
214 $this->hidden('token', common_session_token());
216 $this->element('input', array('type' => 'submit',
220 // TRANS: Button text on the OAuth application page.
221 // TRANS: Resets the OAuth consumer key and secret.
222 'value' => _('Reset key & secret'),
223 'onClick' => 'return confirmReset()'));
224 $this->elementEnd('fieldset');
225 $this->elementEnd('form');
226 $this->elementEnd('li');
228 $this->elementStart('li', 'entity_delete');
229 $this->elementStart('form', array(
230 'id' => 'form_delete_application',
231 'class' => 'form_delete_application',
233 'action' => common_local_url('deleteapplication',
234 array('id' => $this->application->id))));
236 $this->elementStart('fieldset');
237 $this->hidden('token', common_session_token());
238 // TRANS: Submit button text the OAuth application page to delete an application.
239 $this->submit('delete', _m('BUTTON','Delete'));
240 $this->elementEnd('fieldset');
241 $this->elementEnd('form');
242 $this->elementEnd('li');
244 $this->elementEnd('ul');
245 $this->elementEnd('div');
247 $this->elementStart('div', 'entity_data');
248 // TRANS: Header on the OAuth application page.
249 $this->element('h2', null, _('Application info'));
251 $this->elementStart('dl');
252 // TRANS: Field label on application page.
253 $this->element('dt', null, _('Consumer key'));
254 $this->element('dd', null, $consumer->consumer_key);
255 // TRANS: Field label on application page.
256 $this->element('dt', null, _('Consumer secret'));
257 $this->element('dd', null, $consumer->consumer_secret);
258 // TRANS: Field label on application page.
259 $this->element('dt', null, _('Request token URL'));
260 $this->element('dd', null, common_local_url('ApiOAuthRequestToken'));
261 // TRANS: Field label on application page.
262 $this->element('dt', null, _('Access token URL'));
263 $this->element('dd', null, common_local_url('ApiOAuthAccessToken'));
264 // TRANS: Field label on application page.
265 $this->element('dt', null, _('Authorize URL'));
266 $this->element('dd', null, common_local_url('ApiOAuthAuthorize'));
267 $this->elementEnd('dl');
269 $this->element('p', 'note',
270 // TRANS: Note on the OAuth application page about signature support.
271 _('Note: HMAC-SHA1 signatures are supported. The plaintext signature method is not supported.'));
272 $this->elementEnd('div');
274 $this->elementStart('p', array('id' => 'application_action'));
276 array('href' => common_local_url('oauthappssettings'),
278 'View your applications');
279 $this->elementEnd('p');
283 * Add a confirm script for Consumer key/secret reset
287 function showScripts()
289 parent::showScripts();
291 // TRANS: Text in confirmation dialog to reset consumer key and secret for an OAuth application.
292 $msg = _('Are you sure you want to reset your consumer key and secret?');
294 $js = 'function confirmReset() { ';
295 $js .= ' var agree = confirm("' . $msg . '"); ';
296 $js .= ' return agree;';
299 $this->inlineScript($js);
303 * Reset an application's Consumer key and secret
305 * XXX: Should this be moved to its own page with a confirm?
310 $this->application->query('BEGIN');
312 $oauser = new Oauth_application_user();
313 $oauser->application_id = $this->application->id;
314 $result = $oauser->delete();
316 if ($result === false) {
317 common_log_db_error($oauser, 'DELETE', __FILE__);
318 $this->success = false;
319 $this->msg = ('Unable to reset consumer key and secret.');
324 $consumer = $this->application->getConsumer();
325 $result = $consumer->delete();
327 if ($result === false) {
328 common_log_db_error($consumer, 'DELETE', __FILE__);
329 $this->success = false;
330 $this->msg = ('Unable to reset consumer key and secret.');
335 $consumer = Consumer::generateNew();
337 $result = $consumer->insert();
339 if (empty($result)) {
340 common_log_db_error($consumer, 'INSERT', __FILE__);
341 $this->application->query('ROLLBACK');
342 $this->success = false;
343 $this->msg = ('Unable to reset consumer key and secret.');
348 $orig = clone($this->application);
349 $this->application->consumer_key = $consumer->consumer_key;
350 $result = $this->application->update($orig);
352 if ($result === false) {
353 common_log_db_error($application, 'UPDATE', __FILE__);
354 $this->application->query('ROLLBACK');
355 $this->success = false;
356 $this->msg = ('Unable to reset consumer key and secret.');
361 $this->application->query('COMMIT');
363 $this->success = true;
364 $this->msg = ('Consumer key and secret reset.');