X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Foauthconnectionssettings.php;h=8a206d7101372f3dd69dd9c6af9e92ec203b2051;hb=dd7b95c2cffe7e33f32d841ed8950e09b44b853d;hp=6ec9f70273e48121421fde2c1fdb6aaf4a1ee227;hpb=f8025428854546b0528fd714f6af93a220de0bcc;p=quix0rs-gnu-social.git diff --git a/actions/oauthconnectionssettings.php b/actions/oauthconnectionssettings.php index 6ec9f70273..8a206d7101 100644 --- a/actions/oauthconnectionssettings.php +++ b/actions/oauthconnectionssettings.php @@ -33,6 +33,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { require_once INSTALLDIR . '/lib/connectsettingsaction.php'; require_once INSTALLDIR . '/lib/applicationlist.php'; +require_once INSTALLDIR . '/lib/apioauthstore.php'; /** * Show connected OAuth applications @@ -48,6 +49,18 @@ require_once INSTALLDIR . '/lib/applicationlist.php'; class OauthconnectionssettingsAction extends ConnectSettingsAction { + + var $page = null; + var $id = null; + + function prepare($args) + { + parent::prepare($args); + $this->id = (int)$this->arg('id'); + $this->page = ($this->arg('page')) ? ($this->arg('page') + 0) : 1; + return true; + } + /** * Title of the page * @@ -56,7 +69,7 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction function title() { - return _('Connected Applications'); + return _('Connected applications'); } /** @@ -86,17 +99,20 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction $application = $profile->getApplications($offset, $limit); - if ($application) { - $al = new ApplicationList($application, $this->user, $this); + $cnt = 0; + + if (!empty($application)) { + $al = new ApplicationList($application, $user, $this, true); $cnt = $al->show(); - if (0 == $cnt) { - $this->showEmptyListMessage(); - } + } + + if ($cnt == 0) { + $this->showEmptyListMessage(); } $this->pagination($this->page > 1, $cnt > APPS_PER_PAGE, $this->page, 'connectionssettings', - array('nickname' => $this->user->nickname)); + array('nickname' => $user->nickname)); } /** @@ -121,15 +137,82 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction return; } + if ($this->arg('revoke')) { + $this->revokeAccess($this->id); + + // XXX: Show some indicator to the user of what's been done. + + $this->showPage(); + } else { + $this->clientError(_('Unexpected form submission.'), 401); + return false; + } + } + + /** + * Revoke access to an authorized OAuth application + * + * @param int $appId the ID of the application + * + */ + + function revokeAccess($appId) + { + $cur = common_current_user(); + + $app = Oauth_application::staticGet('id', $appId); + + if (empty($app)) { + $this->clientError(_('No such application.'), 404); + return false; + } + + // XXX: Transaction here? + + $appUser = Oauth_application_user::getByKeys($cur, $app); + + if (empty($appUser)) { + $this->clientError(_('You are not a user of that application.'), 401); + return false; + } + + $datastore = new ApiStatusNetOAuthDataStore(); + $datastore->revoke_token($appUser->token, 1); + + $result = $appUser->delete(); + + if (!$result) { + common_log_db_error($orig, 'DELETE', __FILE__); + $this->clientError(sprintf(_('Unable to revoke access for app: %s.'), $app->id)); + return false; + } + + $msg = 'User %s (id: %d) revoked access to app %s (id: %d)'; + common_log(LOG_INFO, sprintf($msg, $cur->nickname, + $cur->id, $app->name, $app->id)); + } function showEmptyListMessage() { - $message = sprintf(_('You have not authorized any applications to use your account.')); + $message = _('You have not authorized any applications to use your account.'); $this->elementStart('div', 'guide'); $this->raw(common_markup_to_html($message)); $this->elementEnd('div'); } + function showSections() + { + $cur = common_current_user(); + + $this->element('h2', null, 'Developers'); + $this->elementStart('p'); + $this->raw(_('Developers can edit the registration settings for their applications ')); + $this->element('a', + array('href' => common_local_url('oauthappssettings')), + 'here.'); + $this->elementEnd('p'); + } + }