]> git.openstreetmap.org Git - rails.git/blobdiff - app/controllers/oauth_clients_controller.rb
Add tests to ensure tokens are revoked
[rails.git] / app / controllers / oauth_clients_controller.rb
index eb427e090848408f0a3d743de5f1c7698dc647fe..44dacde6d72a4ce3a19eb7732eedea58d7c13f7d 100644 (file)
@@ -3,27 +3,14 @@ class OauthClientsController < ApplicationController
 
   before_action :authorize_web
   before_action :set_locale
 
   before_action :authorize_web
   before_action :set_locale
-  before_action :require_user
+
+  authorize_resource :class => ClientApplication
 
   def index
     @client_applications = current_user.client_applications
     @tokens = current_user.oauth_tokens.authorized
   end
 
 
   def index
     @client_applications = current_user.client_applications
     @tokens = current_user.oauth_tokens.authorized
   end
 
-  def new
-    @client_application = ClientApplication.new
-  end
-
-  def create
-    @client_application = current_user.client_applications.build(application_params)
-    if @client_application.save
-      flash[:notice] = t "oauth_clients.create.flash"
-      redirect_to :action => "show", :id => @client_application.id
-    else
-      render :action => "new"
-    end
-  end
-
   def show
     @client_application = current_user.client_applications.find(params[:id])
   rescue ActiveRecord::RecordNotFound
   def show
     @client_application = current_user.client_applications.find(params[:id])
   rescue ActiveRecord::RecordNotFound
@@ -31,6 +18,10 @@ class OauthClientsController < ApplicationController
     render :action => "not_found", :status => :not_found
   end
 
     render :action => "not_found", :status => :not_found
   end
 
+  def new
+    @client_application = ClientApplication.new
+  end
+
   def edit
     @client_application = current_user.client_applications.find(params[:id])
   rescue ActiveRecord::RecordNotFound
   def edit
     @client_application = current_user.client_applications.find(params[:id])
   rescue ActiveRecord::RecordNotFound
@@ -38,10 +29,20 @@ class OauthClientsController < ApplicationController
     render :action => "not_found", :status => :not_found
   end
 
     render :action => "not_found", :status => :not_found
   end
 
+  def create
+    @client_application = current_user.client_applications.build(application_params)
+    if @client_application.save
+      flash[:notice] = t ".flash"
+      redirect_to :action => "show", :id => @client_application.id
+    else
+      render :action => "new"
+    end
+  end
+
   def update
     @client_application = current_user.client_applications.find(params[:id])
     if @client_application.update(application_params)
   def update
     @client_application = current_user.client_applications.find(params[:id])
     if @client_application.update(application_params)
-      flash[:notice] = t "oauth_clients.update.flash"
+      flash[:notice] = t ".flash"
       redirect_to :action => "show", :id => @client_application.id
     else
       render :action => "edit"
       redirect_to :action => "show", :id => @client_application.id
     else
       render :action => "edit"
@@ -54,7 +55,7 @@ class OauthClientsController < ApplicationController
   def destroy
     @client_application = current_user.client_applications.find(params[:id])
     @client_application.destroy
   def destroy
     @client_application = current_user.client_applications.find(params[:id])
     @client_application.destroy
-    flash[:notice] = t "oauth_clients.destroy.flash"
+    flash[:notice] = t ".flash"
     redirect_to :action => "index"
   rescue ActiveRecord::RecordNotFound
     @type = "client application"
     redirect_to :action => "index"
   rescue ActiveRecord::RecordNotFound
     @type = "client application"