From a6e299a2fc83d7b4d0e82082f7622279f5d78aba Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 17 Jul 2015 00:20:46 +0200 Subject: [PATCH] OAuth stuff adapted for FormAction TODO: Break OAuth out into a plugin. --- actions/newapplication.php | 7 ++-- actions/oauthappssettings.php | 51 ++++------------------------ actions/oauthconnectionssettings.php | 40 +++++++--------------- classes/Profile.php | 5 +++ lib/applicationlist.php | 12 ++----- lib/connectedappslist.php | 10 ++---- 6 files changed, 34 insertions(+), 91 deletions(-) diff --git a/actions/newapplication.php b/actions/newapplication.php index 37bede0d72..5032bb7495 100644 --- a/actions/newapplication.php +++ b/actions/newapplication.php @@ -41,7 +41,7 @@ if (!defined('GNUSOCIAL')) { exit(1); } * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ -class NewApplicationAction extends FormAction +class NewApplicationAction extends SettingsAction { function title() { @@ -54,6 +54,7 @@ class NewApplicationAction extends FormAction if ($this->arg('cancel')) { common_redirect(common_local_url('oauthappssettings'), 303); } elseif ($this->arg('save')) { + //trySave will never return, just throw exception or redirect $this->trySave(); } @@ -72,7 +73,7 @@ class NewApplicationAction extends FormAction return _('Use this form to register a new application.'); } - private function trySave() + protected function trySave() { $name = $this->trimmed('name'); $description = $this->trimmed('description'); @@ -137,7 +138,7 @@ class NewApplicationAction extends FormAction $app->query('BEGIN'); $app->name = $name; - $app->owner = $this->scoped->id; + $app->owner = $this->scoped->getID(); $app->description = $description; $app->source_url = $source_url; $app->organization = $organization; diff --git a/actions/oauthappssettings.php b/actions/oauthappssettings.php index e9b6280feb..43e9b33663 100644 --- a/actions/oauthappssettings.php +++ b/actions/oauthappssettings.php @@ -43,19 +43,11 @@ if (!defined('GNUSOCIAL')) { exit(1); } class OauthappssettingsAction extends SettingsAction { - var $page = 0; + protected $page = null; - function prepare($args) + protected function doPreparation() { - parent::prepare($args); - $this->page = ($this->arg('page')) ? ($this->arg('page') + 0) : 1; - - if (!common_logged_in()) { - // TRANS: Message displayed to an anonymous user trying to view OAuth application list. - $this->clientError(_('You must be logged in to list your applications.')); - } - - return true; + $this->page = $this->int('page') ?: 1; } /** @@ -82,21 +74,13 @@ class OauthappssettingsAction extends SettingsAction return _('Applications you have registered'); } - /** - * Content area of the page - * - * @return void - */ - function showContent() { - $user = common_current_user(); - $offset = ($this->page - 1) * APPS_PER_PAGE; $limit = APPS_PER_PAGE + 1; $application = new Oauth_application(); - $application->owner = $user->id; + $application->owner = $this->scoped->getID(); $application->whereAdd("name != 'anonymous'"); $application->limit($offset, $limit); $application->orderBy('created DESC'); @@ -105,7 +89,7 @@ class OauthappssettingsAction extends SettingsAction $cnt = 0; if ($application) { - $al = new ApplicationList($application, $user, $this); + $al = new ApplicationList($application, $this->scoped, $this); $cnt = $al->show(); if (0 == $cnt) { $this->showEmptyListMessage(); @@ -131,34 +115,11 @@ class OauthappssettingsAction extends SettingsAction function showEmptyListMessage() { - // TRANS: Empty list message on page with OAuth applications. + // TRANS: Empty list message on page with OAuth applications. Markup allowed $message = sprintf(_('You have not registered any applications yet.')); $this->elementStart('div', 'guide'); $this->raw(common_markup_to_html($message)); $this->elementEnd('div'); } - - /** - * Handle posts to this form - * - * Based on the button that was pressed, muxes out to other functions - * to do the actual task requested. - * - * All sub-functions reload the form with a message -- success or failure. - * - * @return void - */ - - function handlePost() - { - // CSRF protection - - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->showForm(_('There was a problem with your session token. '. - 'Try again, please.')); - return; - } - } } diff --git a/actions/oauthconnectionssettings.php b/actions/oauthconnectionssettings.php index a3ba7eda39..0c5a143443 100644 --- a/actions/oauthconnectionssettings.php +++ b/actions/oauthconnectionssettings.php @@ -42,15 +42,14 @@ if (!defined('GNUSOCIAL')) { exit(1); } */ class OauthconnectionssettingsAction extends SettingsAction { - var $page = null; - var $oauth_token = null; + var $page = null; - function prepare($args) + protected $oauth_token = null; + + protected function doPreparation() { - parent::prepare($args); $this->oauth_token = $this->arg('oauth_token'); - $this->page = ($this->arg('page')) ? ($this->arg('page') + 0) : 1; - return true; + $this->page = $this->int('page') ?: 1; } /** @@ -83,18 +82,15 @@ class OauthconnectionssettingsAction extends SettingsAction function showContent() { - $user = common_current_user(); - $profile = $user->getProfile(); - $offset = ($this->page - 1) * APPS_PER_PAGE; $limit = APPS_PER_PAGE + 1; - $connection = $user->getConnectedApps($offset, $limit); + $connection = $this->scoped->getConnectedApps($offset, $limit); $cnt = 0; if (!empty($connection)) { - $cal = new ConnectedAppsList($connection, $user, $this); + $cal = new ConnectedAppsList($connection, $this->scoped, $this); $cnt = $cal->show(); } @@ -107,7 +103,7 @@ class OauthconnectionssettingsAction extends SettingsAction $cnt > APPS_PER_PAGE, $this->page, 'connectionssettings', - array('nickname' => $user->nickname) + array('nickname' => $this->scoped->getNickname()) ); } @@ -121,24 +117,14 @@ class OauthconnectionssettingsAction extends SettingsAction * * @return void */ - function handlePost() + protected function doPost() { - // CSRF protection - - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - // TRANS: Client error displayed when the session token does not match or is not given. - $this->showForm(_('There was a problem with your session token. '. - 'Try again, please.')); - return; - } - if ($this->arg('revoke')) { - $this->revokeAccess($this->oauth_token); - } else { - // TRANS: Client error when submitting a form with unexpected information. - $this->clientError(_('Unexpected form submission.'), 401); + return $this->revokeAccess($this->oauth_token); } + + // TRANS: Client error when submitting a form with unexpected information. + throw new ClientException(_('Unexpected form submission.'), 401); } /** diff --git a/classes/Profile.php b/classes/Profile.php index f628965a74..384eaa0726 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -1623,4 +1623,9 @@ class Profile extends Managed_DataObject public function setPref($namespace, $topic, $data) { return Profile_prefs::setData($this, $namespace, $topic, $data); } + + public function getConnectedApps($offset=0, $limit=null) + { + return $this->getUser()->getConnectedApps($offset, $limit); + } } diff --git a/lib/applicationlist.php b/lib/applicationlist.php index b2cc572e3e..ab51a73096 100644 --- a/lib/applicationlist.php +++ b/lib/applicationlist.php @@ -46,16 +46,12 @@ class ApplicationList extends Widget /** Owner of this list */ var $owner = null; - /** Action object using us. */ - var $action = null; - - function __construct($application, $owner=null, $action=null) + function __construct($application, Profile $owner, Action $out=null) { - parent::__construct($action); + parent::__construct($out); $this->application = $application; $this->owner = $owner; - $this->action = $action; } function show() @@ -69,7 +65,7 @@ class ApplicationList extends Widget if($cnt > APPS_PER_PAGE) { break; } - $this->showapplication(); + $this->showApplication(); } $this->out->elementEnd('ul'); @@ -79,8 +75,6 @@ class ApplicationList extends Widget function showApplication() { - $user = common_current_user(); - $this->out->elementStart('li', array('class' => 'application h-entry', 'id' => 'oauthclient-' . $this->application->id)); diff --git a/lib/connectedappslist.php b/lib/connectedappslist.php index 7e5eb7482c..c2a27e75a8 100644 --- a/lib/connectedappslist.php +++ b/lib/connectedappslist.php @@ -46,18 +46,14 @@ class ConnectedAppsList extends Widget /** Owner of this list */ var $owner = null; - /** Action object using us. */ - var $action = null; - - function __construct($connection, $owner=null, $action=null) + function __construct($connection, Profile $owner, Action $out=null) { - parent::__construct($action); + parent::__construct($out); common_debug("ConnectedAppsList constructor"); $this->connection = $connection; - $this->owner = $owner; - $this->action = $action; + $this->owner = $owner; } /* Override this in subclasses. */ -- 2.39.5