Rework oauth2 feature
* improve UI * add authorization * add separate page for oauth applications Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
This commit is contained in:
parent
7fe8d41d88
commit
592e396869
|
@ -0,0 +1,20 @@
|
|||
table {
|
||||
&.table {
|
||||
tr {
|
||||
td, th {
|
||||
padding: 8px 10px;
|
||||
line-height: 20px;
|
||||
vertical-align: middle;
|
||||
}
|
||||
th {
|
||||
font-weight: normal;
|
||||
font-size: 15px;
|
||||
border-bottom: 1px solid #CCC !important;
|
||||
}
|
||||
td {
|
||||
border-color: #F1F1F1 !important;
|
||||
border-bottom: 1px solid;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -17,19 +17,6 @@
|
|||
@include border-radius(0);
|
||||
|
||||
tr {
|
||||
td, th {
|
||||
padding: 8px 10px;
|
||||
line-height: 20px;
|
||||
}
|
||||
th {
|
||||
font-weight: normal;
|
||||
font-size: 15px;
|
||||
border-bottom: 1px solid #CCC !important;
|
||||
}
|
||||
td {
|
||||
border-color: #F1F1F1 !important;
|
||||
border-bottom: 1px solid;
|
||||
}
|
||||
&:hover {
|
||||
td {
|
||||
background: $hover;
|
||||
|
|
|
@ -3,7 +3,7 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
|
|||
layout "profile"
|
||||
|
||||
def index
|
||||
@applications = current_user.oauth_applications
|
||||
head :forbidden and return
|
||||
end
|
||||
|
||||
def create
|
||||
|
@ -28,4 +28,14 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
|
|||
|
||||
redirect_to profile_account_url
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def set_application
|
||||
@application = current_user.oauth_applications.find(params[:id])
|
||||
end
|
||||
|
||||
rescue_from ActiveRecord::RecordNotFound do |exception|
|
||||
render "errors/not_found", layout: "errors", status: 404
|
||||
end
|
||||
end
|
||||
|
|
|
@ -55,4 +55,3 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
|
|||
@strategy ||= server.authorization_request(pre_auth.response_type)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -3,6 +3,6 @@ class Oauth::AuthorizedApplicationsController < Doorkeeper::AuthorizedApplicatio
|
|||
|
||||
def destroy
|
||||
Doorkeeper::AccessToken.revoke_all_for(params[:id], current_resource_owner)
|
||||
redirect_to profile_account_url, notice: I18n.t(:notice, scope: [:doorkeeper, :flash, :authorized_applications, :destroy])
|
||||
redirect_to applications_profile_url, notice: I18n.t(:notice, scope: [:doorkeeper, :flash, :authorized_applications, :destroy])
|
||||
end
|
||||
end
|
||||
|
|
|
@ -3,7 +3,5 @@ class Profiles::AccountsController < ApplicationController
|
|||
|
||||
def show
|
||||
@user = current_user
|
||||
@applications = current_user.oauth_applications
|
||||
@authorized_applications = Doorkeeper::Application.authorized_for(current_user)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -13,6 +13,11 @@ class ProfilesController < ApplicationController
|
|||
def design
|
||||
end
|
||||
|
||||
def applications
|
||||
@applications = current_user.oauth_applications
|
||||
@authorized_tokens = current_user.oauth_authorized_tokens
|
||||
end
|
||||
|
||||
def update
|
||||
user_params.except!(:email) if @user.ldap_user?
|
||||
|
||||
|
|
|
@ -565,4 +565,8 @@ class User < ActiveRecord::Base
|
|||
namespaces += masters_groups
|
||||
end
|
||||
end
|
||||
|
||||
def oauth_authorized_tokens
|
||||
Doorkeeper::AccessToken.where(resource_owner_id: self.id, revoked_at: nil)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -19,7 +19,6 @@
|
|||
Use
|
||||
%code= Doorkeeper.configuration.native_redirect_uri
|
||||
for local tests
|
||||
.form-group
|
||||
.col-sm-offset-2.col-sm-10
|
||||
= f.submit 'Submit', class: "btn btn-primary wide"
|
||||
= link_to "Cancel", profile_account_path, :class => "btn btn-default"
|
||||
.form-actions
|
||||
= f.submit 'Submit', class: "btn btn-primary wide"
|
||||
= link_to "Cancel", applications_profile_path, class: "btn btn-default"
|
||||
|
|
|
@ -1,21 +1,26 @@
|
|||
%h3.page-title
|
||||
Application: #{@application.name}
|
||||
.row
|
||||
.col-md-8
|
||||
%h4 Application Id:
|
||||
%p
|
||||
|
||||
|
||||
%table.table
|
||||
%tr
|
||||
%td
|
||||
Application Id
|
||||
%td
|
||||
%code#application_id= @application.uid
|
||||
%h4 Secret:
|
||||
%p
|
||||
%tr
|
||||
%td
|
||||
Secret:
|
||||
%td
|
||||
%code#secret= @application.secret
|
||||
%h4 Callback urls:
|
||||
%table
|
||||
|
||||
%tr
|
||||
%td
|
||||
Callback url
|
||||
%td
|
||||
- @application.redirect_uri.split.each do |uri|
|
||||
%tr
|
||||
%td
|
||||
%code= uri
|
||||
%td
|
||||
= link_to 'Authorize', oauth_authorization_path(client_id: @application.uid, redirect_uri: uri, response_type: 'code'), class: 'btn btn-success', target: '_blank'
|
||||
.prepend-top-20
|
||||
%p= link_to 'Edit', edit_oauth_application_path(@application), class: 'btn btn-primary wide pull-left'
|
||||
%p= render 'delete_form', application: @application, submit_btn_css: 'btn btn-danger prepend-left-10'
|
||||
%div
|
||||
%span.monospace= uri
|
||||
.form-actions
|
||||
= link_to 'Edit', edit_oauth_application_path(@application), class: 'btn btn-primary wide pull-left'
|
||||
= render 'delete_form', application: @application, submit_btn_css: 'btn btn-danger prepend-left-10'
|
||||
|
|
|
@ -3,10 +3,14 @@
|
|||
= link_to profile_path, title: "Profile" do
|
||||
%i.fa.fa-user
|
||||
Profile
|
||||
= nav_link(controller: [:accounts, :applications]) do
|
||||
= nav_link(controller: [:accounts]) do
|
||||
= link_to profile_account_path do
|
||||
%i.fa.fa-gear
|
||||
Account
|
||||
= nav_link(path: ['profiles#applications', 'applications#edit', 'applications#show', 'applications#new']) do
|
||||
= link_to applications_profile_path do
|
||||
%i.fa.fa-cloud
|
||||
Applications
|
||||
= nav_link(controller: :emails) do
|
||||
= link_to profile_emails_path do
|
||||
%i.fa.fa-envelope-o
|
||||
|
|
|
@ -75,38 +75,4 @@
|
|||
The following groups will be abandoned. You should transfer or remove them:
|
||||
%strong #{current_user.solo_owned_groups.map(&:name).join(', ')}
|
||||
= link_to 'Delete account', user_registration_path, data: { confirm: "REMOVE #{current_user.name}? Are you sure?" }, method: :delete, class: "btn btn-remove"
|
||||
|
||||
%h3.page-title
|
||||
OAuth2
|
||||
%fieldset.oauth-applications
|
||||
%legend Your applications
|
||||
%p= link_to 'New Application', new_oauth_application_path, class: 'btn btn-success'
|
||||
%table.table.table-striped
|
||||
%thead
|
||||
%tr
|
||||
%th Name
|
||||
%th Callback URL
|
||||
%th
|
||||
%th
|
||||
%tbody
|
||||
- @applications.each do |application|
|
||||
%tr{:id => "application_#{application.id}"}
|
||||
%td= link_to application.name, oauth_application_path(application)
|
||||
%td= application.redirect_uri
|
||||
%td= link_to 'Edit', edit_oauth_application_path(application), class: 'btn btn-link btn-small'
|
||||
%td= render 'doorkeeper/applications/delete_form', application: application
|
||||
|
||||
%fieldset.oauth-authorized-applications
|
||||
%legend Your authorized applications
|
||||
%table.table.table-striped
|
||||
%thead
|
||||
%tr
|
||||
%th Name
|
||||
%th Created At
|
||||
%th
|
||||
%tbody
|
||||
- @authorized_applications.each do |application|
|
||||
%tr{:id => "application_#{application.id}"}
|
||||
%td= link_to application.name, oauth_application_path(application)
|
||||
%td= application.created_at.strftime('%Y-%m-%d %H:%M:%S')
|
||||
%td= render 'doorkeeper/authorized_applications/delete_form', application: application
|
||||
|
|
|
@ -0,0 +1,43 @@
|
|||
%h3.page-title
|
||||
OAuth2
|
||||
|
||||
%fieldset.oauth-applications
|
||||
%legend Your applications
|
||||
%p= link_to 'New Application', new_oauth_application_path, class: 'btn btn-success'
|
||||
- if @applications.any?
|
||||
%table.table.table-striped
|
||||
%thead
|
||||
%tr
|
||||
%th Name
|
||||
%th Callback URL
|
||||
%th Clients
|
||||
%th
|
||||
%th
|
||||
%tbody
|
||||
- @applications.each do |application|
|
||||
%tr{:id => "application_#{application.id}"}
|
||||
%td= link_to application.name, oauth_application_path(application)
|
||||
%td
|
||||
- application.redirect_uri.split.each do |uri|
|
||||
%div= uri
|
||||
%td= application.access_tokens.count
|
||||
%td= link_to 'Edit', edit_oauth_application_path(application), class: 'btn btn-link btn-small'
|
||||
%td= render 'doorkeeper/applications/delete_form', application: application
|
||||
|
||||
%fieldset.oauth-authorized-applications.prepend-top-20
|
||||
%legend Authorized applications
|
||||
%table.table.table-striped
|
||||
%thead
|
||||
%tr
|
||||
%th Name
|
||||
%th Authorized At
|
||||
%th Scope
|
||||
%th
|
||||
%tbody
|
||||
- @authorized_tokens.each do |token|
|
||||
- application = token.application
|
||||
%tr{:id => "application_#{application.id}"}
|
||||
%td= application.name
|
||||
%td= token.created_at
|
||||
%td= token.scopes
|
||||
%td= render 'doorkeeper/authorized_applications/delete_form', application: application
|
|
@ -118,6 +118,7 @@ Gitlab::Application.routes.draw do
|
|||
member do
|
||||
get :history
|
||||
get :design
|
||||
get :applications
|
||||
|
||||
put :reset_private_token
|
||||
put :update_username
|
||||
|
|
Loading…
Reference in New Issue