]> git.openstreetmap.org Git - rails.git/blob - app/controllers/oauth_clients_controller.rb
Enforce rate limit for API calls which make changes
[rails.git] / app / controllers / oauth_clients_controller.rb
1 class OauthClientsController < ApplicationController
2   layout "site"
3
4   before_action :authorize_web
5   before_action :set_locale
6
7   authorize_resource :class => ClientApplication
8
9   def index
10     @client_applications = current_user.client_applications
11     @tokens = current_user.oauth_tokens.authorized
12   end
13
14   def show
15     @client_application = current_user.client_applications.find(params[:id])
16   rescue ActiveRecord::RecordNotFound
17     @type = "client application"
18     render :action => "not_found", :status => :not_found
19   end
20
21   def new
22     @client_application = ClientApplication.new
23   end
24
25   def edit
26     @client_application = current_user.client_applications.find(params[:id])
27   rescue ActiveRecord::RecordNotFound
28     @type = "client application"
29     render :action => "not_found", :status => :not_found
30   end
31
32   def create
33     @client_application = current_user.client_applications.build(application_params)
34     if @client_application.save
35       flash[:notice] = t ".flash"
36       redirect_to :action => "show", :id => @client_application.id
37     else
38       render :action => "new"
39     end
40   end
41
42   def update
43     @client_application = current_user.client_applications.find(params[:id])
44     if @client_application.update(application_params)
45       flash[:notice] = t ".flash"
46       redirect_to :action => "show", :id => @client_application.id
47     else
48       render :action => "edit"
49     end
50   rescue ActiveRecord::RecordNotFound
51     @type = "client application"
52     render :action => "not_found", :status => :not_found
53   end
54
55   def destroy
56     @client_application = current_user.client_applications.find(params[:id])
57     @client_application.destroy
58     flash[:notice] = t ".flash"
59     redirect_to :action => "index"
60   rescue ActiveRecord::RecordNotFound
61     @type = "client application"
62     render :action => "not_found", :status => :not_found
63   end
64
65   private
66
67   def application_params
68     params.require(:client_application).permit(:name, :url, :callback_url, :support_url, ClientApplication.all_permissions)
69   end
70 end