* Add code for creating/managing apps to settings section * Add specs for app changes * Fix controller spec * Fix view file I pasted over by mistake * Add locale strings. Add 'my apps' to nav * Add Client ID/Secret to App page. Add some visual separation * Fix rubocop warnings * Fix embarrassing typo I lost an `end` statement while fixing a merge conflict. * Add code for creating/managing apps to settings section - Add specs for app changes - Add locale strings. Add 'my apps' to nav - Add Client ID/Secret to App page. Add some visual separation - Fix some bugs/warnings * Update to match code standards * Trigger notification * Add warning about not sharing API secrets * Tweak spec a bit * Cleanup fixture creation by using let! * Remove unused key * Add foreign key for application<->userclosed-social-v3
@ -0,0 +1,65 @@ | |||
# frozen_string_literal: true | |||
class Settings::ApplicationsController < ApplicationController | |||
layout 'admin' | |||
before_action :authenticate_user! | |||
def index | |||
@applications = current_user.applications.page(params[:page]) | |||
end | |||
def new | |||
@application = Doorkeeper::Application.new( | |||
redirect_uri: Doorkeeper.configuration.native_redirect_uri, | |||
scopes: 'read write follow' | |||
) | |||
end | |||
def show | |||
@application = current_user.applications.find(params[:id]) | |||
end | |||
def create | |||
@application = current_user.applications.build(application_params) | |||
if @application.save | |||
redirect_to settings_applications_path, notice: I18n.t('application.created') | |||
else | |||
render :new | |||
end | |||
end | |||
def update | |||
@application = current_user.applications.find(params[:id]) | |||
if @application.update_attributes(application_params) | |||
redirect_to settings_applications_path, notice: I18n.t('generic.changes_saved_msg') | |||
else | |||
render :show | |||
end | |||
end | |||
def destroy | |||
@application = current_user.applications.find(params[:id]) | |||
@application.destroy | |||
redirect_to settings_applications_path, notice: t('application.destroyed') | |||
end | |||
def regenerate | |||
@application = current_user.applications.find(params[:application_id]) | |||
@access_token = current_user.token_for_app(@application) | |||
@access_token.destroy | |||
redirect_to settings_application_path(@application), notice: t('access_token.regenerated') | |||
end | |||
private | |||
def application_params | |||
params.require(:doorkeeper_application).permit( | |||
:name, | |||
:redirect_uri, | |||
:scopes, | |||
:website | |||
) | |||
end | |||
end |
@ -0,0 +1,4 @@ | |||
= f.input :name, hint: t('activerecord.attributes.doorkeeper/application.name') | |||
= f.input :website, hint: t('activerecord.attributes.doorkeeper/application.website') | |||
= f.input :redirect_uri, hint: t('activerecord.attributes.doorkeeper/application.redirect_uri') | |||
= f.input :scopes, hint: t('activerecord.attributes.doorkeeper/application.scopes') |
@ -0,0 +1,20 @@ | |||
- content_for :page_title do | |||
= t('doorkeeper.applications.index.title') | |||
%table.table | |||
%thead | |||
%tr | |||
%th= t('doorkeeper.applications.index.application') | |||
%th= t('doorkeeper.applications.index.scopes') | |||
%th= t('doorkeeper.applications.index.created_at') | |||
%th | |||
%tbody | |||
- @applications.each do |application| | |||
%tr | |||
%td= link_to application.name, settings_application_path(application) | |||
%th= application.scopes.map { |scope| t(scope, scope: [:doorkeeper, :scopes]) }.join('<br />').html_safe | |||
%td= l application.created_at | |||
%td= table_link_to 'show', t('doorkeeper.applications.index.show'), settings_application_path(application) | |||
%td= table_link_to 'times', t('doorkeeper.applications.index.delete'), settings_application_path(application), method: :delete, data: { confirm: t('doorkeeper.applications.confirmations.destroy') } | |||
= paginate @applications | |||
= link_to t('add_new'), new_settings_application_path, class: 'button' |
@ -0,0 +1,9 @@ | |||
- content_for :page_title do | |||
= t('doorkeeper.applications.new.title') | |||
.form-container | |||
= simple_form_for @application, url: settings_applications_path do |f| | |||
= render 'fields', f:f | |||
.actions | |||
= f.button :button, t('.create'), type: :submit |
@ -0,0 +1,28 @@ | |||
- content_for :page_title do | |||
= t('doorkeeper.applications.show.title', name: @application.name) | |||
%p.hint= t('application.warning') | |||
%div | |||
%h3= t('application.uid') | |||
%code= @application.uid | |||
%div | |||
%h3= t('application.secret') | |||
%code= @application.secret | |||
%div | |||
%h3= t('access_token.your_token') | |||
%code= current_user.token_for_app(@application).token | |||
= link_to t('access_token.regenerate'), settings_application_regenerate_path(@application), method: :put, class: 'button' | |||
%hr | |||
= simple_form_for @application, url: settings_application_path(@application), method: :put do |f| | |||
= render 'fields', f:f | |||
.actions | |||
= f.button :button, t('generic.save_changes'), type: :submit | |||
@ -0,0 +1,8 @@ | |||
class ReAddOwnerToApplication < ActiveRecord::Migration[5.0] | |||
def change | |||
add_column :oauth_applications, :owner_id, :integer, null: true | |||
add_column :oauth_applications, :owner_type, :string, null: true | |||
add_index :oauth_applications, [:owner_id, :owner_type] | |||
add_foreign_key :oauth_applications, :users, column: :owner_id, on_delete: :cascade | |||
end | |||
end |
@ -0,0 +1,166 @@ | |||
require 'rails_helper' | |||
describe Settings::ApplicationsController do | |||
render_views | |||
let!(:user) { Fabricate(:user) } | |||
let!(:app) { Fabricate(:application, owner: user) } | |||
before do | |||
sign_in user, scope: :user | |||
end | |||
describe 'GET #index' do | |||
let!(:other_app) { Fabricate(:application) } | |||
it 'shows apps' do | |||
get :index | |||
expect(response).to have_http_status(:success) | |||
expect(assigns(:applications)).to include(app) | |||
expect(assigns(:applications)).to_not include(other_app) | |||
end | |||
end | |||
describe 'GET #show' do | |||
it 'returns http success' do | |||
get :show, params: { id: app.id } | |||
expect(response).to have_http_status(:success) | |||
expect(assigns[:application]).to eql(app) | |||
end | |||
it 'returns 404 if you dont own app' do | |||
app.update!(owner: nil) | |||
get :show, params: { id: app.id } | |||
expect(response.status).to eq 404 | |||
end | |||
end | |||
describe 'GET #new' do | |||
it 'works' do | |||
get :new | |||
expect(response).to have_http_status(:success) | |||
end | |||
end | |||
describe 'POST #create' do | |||
context 'success' do | |||
def call_create | |||
post :create, params: { | |||
doorkeeper_application: { | |||
name: 'My New App', | |||
redirect_uri: 'urn:ietf:wg:oauth:2.0:oob', | |||
website: 'http://google.com', | |||
scopes: 'read write follow' | |||
} | |||
} | |||
response | |||
end | |||
it 'creates an entry in the database' do | |||
expect { call_create }.to change(Doorkeeper::Application, :count) | |||
end | |||
it 'redirects back to applications page' do | |||
expect(call_create).to redirect_to(settings_applications_path) | |||
end | |||
end | |||
context 'failure' do | |||
before do | |||
post :create, params: { | |||
doorkeeper_application: { | |||
name: '', | |||
redirect_uri: '', | |||
website: '', | |||
scopes: '' | |||
} | |||
} | |||
end | |||
it 'returns http success' do | |||
expect(response).to have_http_status(:success) | |||
end | |||
it 'renders form again' do | |||
expect(response).to render_template(:new) | |||
end | |||
end | |||
end | |||
describe 'PATCH #update' do | |||
context 'success' do | |||
let(:opts) { | |||
{ | |||
website: 'https://foo.bar/' | |||
} | |||
} | |||
def call_update | |||
patch :update, params: { | |||
id: app.id, | |||
doorkeeper_application: opts | |||
} | |||
response | |||
end | |||
it 'updates existing application' do | |||
call_update | |||
expect(app.reload.website).to eql(opts[:website]) | |||
end | |||
it 'redirects back to applications page' do | |||
expect(call_update).to redirect_to(settings_applications_path) | |||
end | |||
end | |||
context 'failure' do | |||
before do | |||
patch :update, params: { | |||
id: app.id, | |||
doorkeeper_application: { | |||
name: '', | |||
redirect_uri: '', | |||
website: '', | |||
scopes: '' | |||
} | |||
} | |||
end | |||
it 'returns http success' do | |||
expect(response).to have_http_status(:success) | |||
end | |||
it 'renders form again' do | |||
expect(response).to render_template(:show) | |||
end | |||
end | |||
end | |||
describe 'destroy' do | |||
before do | |||
post :destroy, params: { id: app.id } | |||
end | |||
it 'redirects back to applications page' do | |||
expect(response).to redirect_to(settings_applications_path) | |||
end | |||
it 'removes the app' do | |||
expect(Doorkeeper::Application.find_by(id: app.id)).to be_nil | |||
end | |||
end | |||
describe 'regenerate' do | |||
let(:token) { user.token_for_app(app) } | |||
before do | |||
expect(token).to_not be_nil | |||
put :regenerate, params: { application_id: app.id } | |||
end | |||
it 'should create new token' do | |||
expect(user.token_for_app(app)).to_not eql(token) | |||
end | |||
end | |||
end |