X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Foauthconnectionssettings.php;h=0c5a14344370e609df043fb67262683df6501a96;hb=e98d5d0c0cee37acae440c15b3ea62ba036d4c82;hp=1fa70662fc88690c294abc3ad59fe319c769241b;hpb=d342899677d208d7e300b29ad3a8d053e4c6f704;p=quix0rs-gnu-social.git diff --git a/actions/oauthconnectionssettings.php b/actions/oauthconnectionssettings.php index 1fa70662fc..0c5a143443 100644 --- a/actions/oauthconnectionssettings.php +++ b/actions/oauthconnectionssettings.php @@ -22,18 +22,12 @@ * @category Settings * @package StatusNet * @author Zach Copley - * @copyright 2008-2009 StatusNet, Inc. + * @copyright 2008-2010 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} - -require_once INSTALLDIR . '/lib/connectsettingsaction.php'; -require_once INSTALLDIR . '/lib/applicationlist.php'; -require_once INSTALLDIR . '/lib/apioauthstore.php'; +if (!defined('GNUSOCIAL')) { exit(1); } /** * Show connected OAuth applications @@ -46,19 +40,16 @@ require_once INSTALLDIR . '/lib/apioauthstore.php'; * * @see SettingsAction */ - -class OauthconnectionssettingsAction extends ConnectSettingsAction +class OauthconnectionssettingsAction extends SettingsAction { - var $page = null; - var $id = null; - function prepare($args) + protected $oauth_token = null; + + protected function doPreparation() { - parent::prepare($args); - $this->id = (int)$this->arg('id'); - $this->page = ($this->arg('page')) ? ($this->arg('page') + 0) : 1; - return true; + $this->oauth_token = $this->arg('oauth_token'); + $this->page = $this->int('page') ?: 1; } /** @@ -66,9 +57,9 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction * * @return string Title of the page */ - function title() { + // TRANS: Title for OAuth connection settings. return _('Connected applications'); } @@ -77,10 +68,10 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction * * @return instructions for use */ - function getInstructions() { - return _('You have allowed the following applications to access your account.'); + // TRANS: Instructions for OAuth connection settings. + return _('The following connections exist for your account.'); } /** @@ -91,28 +82,29 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction function showContent() { - $user = common_current_user(); - $profile = $user->getProfile(); - $offset = ($this->page - 1) * APPS_PER_PAGE; $limit = APPS_PER_PAGE + 1; - $application = $profile->getApplications($offset, $limit); + $connection = $this->scoped->getConnectedApps($offset, $limit); $cnt = 0; - if (!empty($application)) { - $al = new ApplicationList($application, $user, $this, true); - $cnt = $al->show(); + if (!empty($connection)) { + $cal = new ConnectedAppsList($connection, $this->scoped, $this); + $cnt = $cal->show(); } if ($cnt == 0) { $this->showEmptyListMessage(); } - $this->pagination($this->page > 1, $cnt > APPS_PER_PAGE, - $this->page, 'connectionssettings', - array('nickname' => $user->nickname)); + $this->pagination( + $this->page > 1, + $cnt > APPS_PER_PAGE, + $this->page, + 'connectionssettings', + array('nickname' => $this->scoped->getNickname()) + ); } /** @@ -125,76 +117,75 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction * * @return void */ - - function handlePost() + protected function doPost() { - // CSRF protection - - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->showForm(_('There was a problem with your session token. '. - 'Try again, please.')); - return; - } - if ($this->arg('revoke')) { - $this->revokeAccess($this->id); - - // XXX: Show some indicator to the user of what's been done. - - $this->showPage(); - } else { - $this->clientError(_('Unexpected form submission.'), 401); - return false; + return $this->revokeAccess($this->oauth_token); } + + // TRANS: Client error when submitting a form with unexpected information. + throw new ClientException(_('Unexpected form submission.'), 401); } /** - * Revoke access to an authorized OAuth application + * Revoke an access token + * + * XXX: Confirm revoke before doing it * * @param int $appId the ID of the application * */ - - function revokeAccess($appId) + function revokeAccess($token) { $cur = common_current_user(); - $app = Oauth_application::staticGet('id', $appId); - - if (empty($app)) { - $this->clientError(_('No such application.'), 404); - return false; - } - - // XXX: Transaction here? - - $appUser = Oauth_application_user::getByKeys($cur, $app); + $appUser = Oauth_application_user::getByUserAndToken($cur, $token); if (empty($appUser)) { + // TRANS: Client error when trying to revoke access for an application while not being a user of it. $this->clientError(_('You are not a user of that application.'), 401); - return false; } - $datastore = new ApiStatusNetOAuthDataStore(); + $app = Oauth_application::getKV('id', $appUser->application_id); + + $datastore = new ApiGNUsocialOAuthDataStore(); $datastore->revoke_token($appUser->token, 1); $result = $appUser->delete(); if (!$result) { common_log_db_error($orig, 'DELETE', __FILE__); - $this->clientError(sprintf(_('Unable to revoke access for app: %s.'), $app->id)); - return false; + // TRANS: Client error when revoking access has failed for some reason. + // TRANS: %s is the application ID revoking access failed for. + $this->clientError(sprintf(_('Unable to revoke access for application: %s.'), $app->id)); } - $msg = 'User %s (id: %d) revoked access to app %s (id: %d)'; - common_log(LOG_INFO, sprintf($msg, $cur->nickname, - $cur->id, $app->name, $app->id)); - + $msg = 'API OAuth - user %s (id: %d) revoked access token %s for app id %d'; + common_log( + LOG_INFO, + sprintf( + $msg, + $cur->nickname, + $cur->id, + $appUser->token, + $appUser->application_id + ) + ); + + $msg = sprintf( + // TRANS: Success message after revoking access for an application. + // TRANS: %1$s is the application name, %2$s is the first part of the user token. + _('You have successfully revoked access for %1$s and the access token starting with %2$s.'), + $app->name, + substr($appUser->token, 0, 7) + ); + + $this->showForm($msg, true); } function showEmptyListMessage() { + // TRANS: Empty list message when no applications have been authorised yet. $message = _('You have not authorized any applications to use your account.'); $this->elementStart('div', 'guide'); @@ -204,15 +195,26 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction function showSections() { - $cur = common_current_user(); - - $this->element('h2', null, 'Developers'); - $this->elementStart('p'); - $this->raw(_('Developers can edit the registration settings for their applications ')); - $this->element('a', - array('href' => common_local_url('oauthappssettings')), - 'here.'); - $this->elementEnd('p'); - } + $cur = common_current_user(); + + $this->elementStart('div', array('id' => 'developer-help', 'class' => 'section')); + + $this->element('h2', null, 'Developers'); + $this->elementStart('p'); + + $devMsg = sprintf( + // TRANS: Note for developers in the OAuth connection settings form. + // TRANS: This message contains a Markdown link. Do not separate "](". + // TRANS: %s is the URL to the OAuth settings. + _('Are you a developer? [Register an OAuth client application](%s) to use with this instance of StatusNet.'), + common_local_url('oauthappssettings') + ); + $output = common_markup_to_html($devMsg); + + $this->raw($output); + $this->elementEnd('p'); + + $this->elementEnd('section'); + } }