X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Foauthconnectionssettings.php;h=b1467f0d04b5ea35a2e24f211f242d26e0a8773d;hb=900cb8dd91b954d4e720b0c8afb2884419f43cd7;hp=99bb9022b2d443af1b1575285abed7dfd746f217;hpb=e101a6df6ba1cbec4664bb81fc81655e5db18b0f;p=quix0rs-gnu-social.git

diff --git a/actions/oauthconnectionssettings.php b/actions/oauthconnectionssettings.php
index 99bb9022b2..b1467f0d04 100644
--- a/actions/oauthconnectionssettings.php
+++ b/actions/oauthconnectionssettings.php
@@ -33,6 +33,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) {
 
 require_once INSTALLDIR . '/lib/connectsettingsaction.php';
 require_once INSTALLDIR . '/lib/applicationlist.php';
+require_once INSTALLDIR . '/lib/apioauthstore.php';
 
 /**
  * Show connected OAuth applications
@@ -50,10 +51,12 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction
 {
 
     var $page = null;
+    var $id   = null;
 
     function prepare($args)
     {
         parent::prepare($args);
+        $this->id = (int)$this->arg('id');
         $this->page = ($this->arg('page')) ? ($this->arg('page') + 0) : 1;
         return true;
     }
@@ -66,12 +69,7 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction
 
     function title()
     {
-        return _('Connected Applications');
-    }
-
-    function isReadOnly($args)
-    {
-        return true;
+        return _('Connected applications');
     }
 
     /**
@@ -101,16 +99,16 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction
 
         $application = $profile->getApplications($offset, $limit);
 
-	$cnt == 0;
+        $cnt == 0;
 
-	if (!empty($application)) {
-	    $al = new ApplicationList($application, $user, $this, true);
-	    $cnt = $al->show();
-	}
+        if (!empty($application)) {
+            $al = new ApplicationList($application, $user, $this, true);
+            $cnt = $al->show();
+        }
 
-	if ($cnt == 0) {
-	    $this->showEmptyListMessage();
-	}
+        if ($cnt == 0) {
+            $this->showEmptyListMessage();
+        }
 
         $this->pagination($this->page > 1, $cnt > APPS_PER_PAGE,
                           $this->page, 'connectionssettings',
@@ -139,6 +137,60 @@ class OauthconnectionssettingsAction extends ConnectSettingsAction
             return;
         }
 
+        if ($this->arg('revoke')) {
+            $this->revokeAccess($this->id);
+
+            // XXX: Show some indicator to the user of what's been done.
+
+            $this->showPage();
+        } else {
+            $this->clientError(_('Unexpected form submission.'), 401);
+            return false;
+        }
+    }
+
+    /**
+     * Revoke access to an authorized OAuth application
+     *
+     * @param int $appId the ID of the application
+     *
+     */
+
+    function revokeAccess($appId)
+    {
+        $cur = common_current_user();
+
+        $app = Oauth_application::staticGet('id', $appId);
+
+        if (empty($app)) {
+            $this->clientError(_('No such application.'), 404);
+            return false;
+        }
+
+        // XXX: Transaction here?
+
+        $appUser = Oauth_application_user::getByKeys($cur, $app);
+
+        if (empty($appUser)) {
+            $this->clientError(_('You are not a user of that application.'), 401);
+            return false;
+        }
+
+        $datastore = new ApiStatusNetOAuthDataStore();
+        $datastore->revoke_token($appUser->token, 1);
+
+        $result = $appUser->delete();
+
+        if (!$result) {
+            common_log_db_error($orig, 'DELETE', __FILE__);
+            $this->clientError(_('Unable to revoke access for app: ' . $app->id));
+            return false;
+        }
+
+        $msg = 'User %s (id: %d) revoked access to app %s (id: %d)';
+        common_log(LOG_INFO, sprintf($msg, $cur->nickname,
+                                     $cur->id, $app->name, $app->id));
+
     }
 
     function showEmptyListMessage()