X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/20a861392e1ee7970da5d95b546aa8551faaf27b..6b0d4dcab2c72397dbbabd768e47323c0e2e42b2:/app/controllers/oauth_clients_controller.rb diff --git a/app/controllers/oauth_clients_controller.rb b/app/controllers/oauth_clients_controller.rb index f90302894..320dab1b5 100644 --- a/app/controllers/oauth_clients_controller.rb +++ b/app/controllers/oauth_clients_controller.rb @@ -7,7 +7,7 @@ class OauthClientsController < ApplicationController def index @client_applications = @user.client_applications - @tokens = @user.oauth_tokens.find :all, :conditions => 'oauth_tokens.invalidated_at is null and oauth_tokens.authorized_at is not null' + @tokens = @user.oauth_tokens.authorized end def new @@ -15,7 +15,7 @@ class OauthClientsController < ApplicationController end def create - @client_application = @user.client_applications.build(params[:client_application]) + @client_application = @user.client_applications.build(application_params) if @client_application.save flash[:notice] = t'oauth_clients.create.flash' redirect_to :action => "show", :id => @client_application.id @@ -33,16 +33,22 @@ class OauthClientsController < ApplicationController def edit @client_application = @user.client_applications.find(params[:id]) + rescue ActiveRecord::RecordNotFound + @type = "client application" + render :action => "not_found", :status => :not_found end def update @client_application = @user.client_applications.find(params[:id]) - if @client_application.update_attributes(params[:client_application]) + if @client_application.update_attributes(application_params) flash[:notice] = t'oauth_clients.update.flash' redirect_to :action => "show", :id => @client_application.id else render :action => "edit" end + rescue ActiveRecord::RecordNotFound + @type = "client application" + render :action => "not_found", :status => :not_found end def destroy @@ -50,5 +56,12 @@ class OauthClientsController < ApplicationController @client_application.destroy flash[:notice] = t'oauth_clients.destroy.flash' redirect_to :action => "index" + rescue ActiveRecord::RecordNotFound + @type = "client application" + render :action => "not_found", :status => :not_found + end +private + def application_params + params.require(:client_application).permit(:name, :url, :callback_url, :support_url, ClientApplication.all_permissions) end end