Commit b9da104b authored by augier's avatar augier Committed by theworldbright

Revoke button on applications page

parent dd337d41
......@@ -38,3 +38,7 @@
.info { color: $text; }
}
}
.applications-page {
.application-img { margin: 9px 0; }
}
\ No newline at end of file
......@@ -17,6 +17,16 @@ module Api
process_authorization_consent(params[:approve])
end
def destroy
# TODO: Specs
begin
Api::OpenidConnect::Authorization.find_by(id: params[:id]).destroy
rescue
# TODO: Log something here?
end
redirect_to user_applications_url
end
private
def request_authorization_consent_form # TODO: Add support for prompt params
......
......@@ -21,6 +21,7 @@ class UserApplicationsPresenter
def app_as_json(application)
{
id: find_id(application),
name: application.client_name,
image: application.image_uri,
autorizations: find_scopes(application)
......@@ -31,4 +32,9 @@ class UserApplicationsPresenter
Api::OpenidConnect::Authorization.find_by_client_id_and_user(
application.client_id, @current_user).scopes
end
def find_id(application)
Api::OpenidConnect::Authorization.find_by_client_id_and_user(
application.client_id, @current_user).id
end
end
......@@ -6,3 +6,4 @@
%li= link_to_unless_current t('account'), edit_user_path
%li= link_to_unless_current t('privacy'), privacy_settings_path
%li= link_to_unless_current t('_services'), services_path
%li= link_to_unless_current t('_applications'), user_applications_path
......@@ -3,7 +3,7 @@
- @user_apps.user_applications.each do |app|
%li.list-group-item
.row
.col-xs-2
.col-xs-2.application-img
= image_tag app[:image], class: "img-responsive"
.col-xs-10
- if app[:autorizations].count > 0
......@@ -14,8 +14,13 @@
- else
.well
=t("user_applications.show.no_requirement")
.small-horizontal-spacer
.row
= form_for "application", url: "#{api_openid_connect_authorizations_path}/#{app[:id]}",
html: { method: :delete, class: "form-horizontal col-xs-12"} do |f|
.clearfix= f.submit t("user_applications.revoke_autorization"), class: "btn btn-primary pull-right"
- else
.well
%h4
= t("user_applications.show.no_applications")
= t("user_applications.no_applications")
- content_for :page_title do
= t(".edit_applications")
.container-fluid
.container-fluid.applications-page
= render "shared/settings_nav"
.container-fluid
.row
......
.settings_container.applications-page
- content_for :page_title do
= t('.edit_applications')
= render 'shared/settings_nav'
.container-fluid
.row
.col-md-12
= t('.applications_explanation')
.small-horizontal-spacer
.col-md-12
= render 'add_remove_applications'
......@@ -1481,7 +1481,8 @@ en:
show:
edit_applications: "Applications"
title: "Your installed applications"
no_applications: "You have no authorized application for now"
access: "is authorized to access to:"
no_requirement: "This application requires no autorizations"
applications_explanation: "Here are listed the applications to which you autorized the access to your profile informations"
no_applications: "You have no authorized application for now"
revoke_autorization: "Revoke autorization"
......@@ -244,7 +244,7 @@ Diaspora::Application.routes.draw do
# Authorization Servers MUST support the use of the HTTP GET and POST methods at the Authorization Endpoint
# See http://openid.net/specs/openid-connect-core-1_0.html#AuthResponseValidation
resources :authorizations, only: %i(new create)
resources :authorizations, only: %i(new create destroy)
post "authorizations/new", to: "authorizations#new"
get ".well-known/webfinger", to: "discovery#webfinger"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment