about summary refs log tree commit diff
path: root/app
diff options
context:
space:
mode:
authorColin Mitchell <colin@muffinlabs.com>2017-08-22 12:33:57 -0400
committerEugen Rochko <eugen@zeonfederated.com>2017-08-22 18:33:57 +0200
commit871c0d251a6d27c4591785ae446738a8d6c553ab (patch)
tree3a41124ddd0a5a9c6c65972a209a8b0ea70e0b34 /app
parent11a7507318ff9bffbed9e4423ef86ada8c43a992 (diff)
Application prefs section (#2758)
* Add code for creating/managing apps to settings section

* Add specs for app changes

* Fix controller spec

* Fix view file I pasted over by mistake

* Add locale strings. Add 'my apps' to nav

* Add Client ID/Secret to App page. Add some visual separation

* Fix rubocop warnings

* Fix embarrassing typo

I lost an `end` statement while fixing a merge conflict.

* Add code for creating/managing apps to settings section

- Add specs for app changes
- Add locale strings. Add 'my apps' to nav
- Add Client ID/Secret to App page. Add some visual separation
- Fix some bugs/warnings

* Update to match code standards

* Trigger notification

* Add warning about not sharing API secrets

* Tweak spec a bit

* Cleanup fixture creation by using let!

* Remove unused key

* Add foreign key for application<->user
Diffstat (limited to 'app')
-rw-r--r--app/controllers/settings/applications_controller.rb65
-rw-r--r--app/models/user.rb13
-rw-r--r--app/views/settings/applications/_fields.html.haml4
-rw-r--r--app/views/settings/applications/index.html.haml20
-rw-r--r--app/views/settings/applications/new.html.haml9
-rw-r--r--app/views/settings/applications/show.html.haml28
6 files changed, 139 insertions, 0 deletions
diff --git a/app/controllers/settings/applications_controller.rb b/app/controllers/settings/applications_controller.rb
new file mode 100644
index 000000000..b8f114455
--- /dev/null
+++ b/app/controllers/settings/applications_controller.rb
@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+class Settings::ApplicationsController < ApplicationController
+  layout 'admin'
+
+  before_action :authenticate_user!
+
+  def index
+    @applications = current_user.applications.page(params[:page])
+  end
+
+  def new
+    @application = Doorkeeper::Application.new(
+      redirect_uri: Doorkeeper.configuration.native_redirect_uri,
+      scopes: 'read write follow'
+    )
+  end
+
+  def show
+    @application = current_user.applications.find(params[:id])
+  end
+
+  def create
+    @application = current_user.applications.build(application_params)
+    if @application.save
+      redirect_to settings_applications_path, notice: I18n.t('application.created')
+    else
+      render :new
+    end
+  end
+
+  def update
+    @application = current_user.applications.find(params[:id])
+    if @application.update_attributes(application_params)
+      redirect_to settings_applications_path, notice: I18n.t('generic.changes_saved_msg')
+    else
+      render :show
+    end
+  end
+
+  def destroy
+    @application = current_user.applications.find(params[:id])
+    @application.destroy
+    redirect_to settings_applications_path, notice: t('application.destroyed')
+  end
+
+  def regenerate
+    @application = current_user.applications.find(params[:application_id])
+    @access_token = current_user.token_for_app(@application)
+    @access_token.destroy
+
+    redirect_to settings_application_path(@application), notice: t('access_token.regenerated')
+  end
+
+  private
+
+  def application_params
+    params.require(:doorkeeper_application).permit(
+      :name,
+      :redirect_uri,
+      :scopes,
+      :website
+    )
+  end
+end
diff --git a/app/models/user.rb b/app/models/user.rb
index 96a2d09b7..02b1b26ee 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -46,6 +46,8 @@ class User < ApplicationRecord
   belongs_to :account, inverse_of: :user, required: true
   accepts_nested_attributes_for :account
 
+  has_many :applications, class_name: 'Doorkeeper::Application', as: :owner
+
   validates :locale, inclusion: I18n.available_locales.map(&:to_s), if: :locale?
   validates_with BlacklistedEmailValidator, if: :email_changed?
 
@@ -108,6 +110,17 @@ class User < ApplicationRecord
     settings.noindex
   end
 
+  def token_for_app(a)
+    return nil if a.nil? || a.owner != self
+    Doorkeeper::AccessToken
+      .find_or_create_by(application_id: a.id, resource_owner_id: id) do |t|
+
+      t.scopes = a.scopes
+      t.expires_in = Doorkeeper.configuration.access_token_expires_in
+      t.use_refresh_token = Doorkeeper.configuration.refresh_token_enabled?
+    end
+  end
+
   def activate_session(request)
     session_activations.activate(session_id: SecureRandom.hex,
                                  user_agent: request.user_agent,
diff --git a/app/views/settings/applications/_fields.html.haml b/app/views/settings/applications/_fields.html.haml
new file mode 100644
index 000000000..9dbe23466
--- /dev/null
+++ b/app/views/settings/applications/_fields.html.haml
@@ -0,0 +1,4 @@
+= f.input :name, hint: t('activerecord.attributes.doorkeeper/application.name')
+= f.input :website, hint: t('activerecord.attributes.doorkeeper/application.website')
+= f.input :redirect_uri, hint: t('activerecord.attributes.doorkeeper/application.redirect_uri')
+= f.input :scopes, hint: t('activerecord.attributes.doorkeeper/application.scopes')
diff --git a/app/views/settings/applications/index.html.haml b/app/views/settings/applications/index.html.haml
new file mode 100644
index 000000000..17035f96c
--- /dev/null
+++ b/app/views/settings/applications/index.html.haml
@@ -0,0 +1,20 @@
+- content_for :page_title do
+  = t('doorkeeper.applications.index.title')
+
+%table.table
+  %thead
+    %tr
+      %th= t('doorkeeper.applications.index.application')
+      %th= t('doorkeeper.applications.index.scopes')
+      %th= t('doorkeeper.applications.index.created_at')
+      %th
+  %tbody
+    - @applications.each do |application|
+      %tr
+        %td= link_to application.name, settings_application_path(application)
+        %th= application.scopes.map { |scope| t(scope, scope: [:doorkeeper, :scopes]) }.join('<br />').html_safe
+        %td= l application.created_at
+        %td= table_link_to 'show', t('doorkeeper.applications.index.show'), settings_application_path(application)
+        %td= table_link_to 'times', t('doorkeeper.applications.index.delete'), settings_application_path(application), method: :delete, data: { confirm: t('doorkeeper.applications.confirmations.destroy') }
+= paginate @applications
+= link_to t('add_new'), new_settings_application_path, class: 'button'
diff --git a/app/views/settings/applications/new.html.haml b/app/views/settings/applications/new.html.haml
new file mode 100644
index 000000000..61406a31f
--- /dev/null
+++ b/app/views/settings/applications/new.html.haml
@@ -0,0 +1,9 @@
+- content_for :page_title do
+  = t('doorkeeper.applications.new.title')
+  
+.form-container
+  = simple_form_for @application, url: settings_applications_path do |f|
+    = render 'fields', f:f
+    
+    .actions
+      = f.button :button, t('.create'), type: :submit
diff --git a/app/views/settings/applications/show.html.haml b/app/views/settings/applications/show.html.haml
new file mode 100644
index 000000000..9f1a11986
--- /dev/null
+++ b/app/views/settings/applications/show.html.haml
@@ -0,0 +1,28 @@
+- content_for :page_title do
+  = t('doorkeeper.applications.show.title', name: @application.name)
+
+
+%p.hint= t('application.warning')
+  
+%div
+  %h3= t('application.uid')
+  %code= @application.uid
+
+%div 
+  %h3= t('application.secret')
+  %code= @application.secret
+
+%div
+  %h3= t('access_token.your_token')
+  %code= current_user.token_for_app(@application).token
+
+= link_to t('access_token.regenerate'), settings_application_regenerate_path(@application), method: :put,  class: 'button'
+
+%hr
+
+= simple_form_for @application, url: settings_application_path(@application), method: :put do |f|
+  = render 'fields', f:f
+    
+  .actions
+    = f.button :button, t('generic.save_changes'), type: :submit
+