+ if ($this->arg('revoke')) {
+ $this->revokeAccess($this->id);
+
+ // XXX: Show some indicator to the user of what's been done.
+
+ $this->showPage();
+ } else {
+ $this->clientError(_('Unexpected form submission.'), 401);
+ return false;
+ }
+ }
+
+ function revokeAccess($appId)
+ {
+ $cur = common_current_user();
+
+ $app = Oauth_application::staticGet('id', $appId);
+
+ if (empty($app)) {
+ $this->clientError(_('No such application.'), 404);
+ return false;
+ }
+
+ $appUser = Oauth_application_user::getByKeys($cur, $app);
+
+ if (empty($appUser)) {
+ $this->clientError(_('You are not a user of that application.'), 401);
+ return false;
+ }
+
+ $orig = clone($appUser);
+ $appUser->access_type = 0; // No access
+ $result = $appUser->update();
+
+ if (!$result) {
+ common_log_db_error($orig, 'UPDATE', __FILE__);
+ $this->clientError(_('Unable to revoke access for app: ' . $app->id));
+ return false;
+ }
+
+ $msg = 'User %s (id: %d) revoked access to app %s (id: %d)';
+ common_log(LOG_INFO, sprintf($msg, $cur->nickname,
+ $cur->id, $app->name, $app->id));
+