created = Column(DateTime, nullable=False, default=datetime.datetime.now)
updated = Column(DateTime, nullable=False, default=datetime.datetime.now)
+ get_client = relationship(Client)
+
class AccessToken(Base):
"""
Model for representing the access tokens
created = Column(DateTime, nullable=False, default=datetime.datetime.now)
updated = Column(DateTime, nullable=False, default=datetime.datetime.now)
+ get_requesttoken = relationship(RequestToken)
+
class NonceTimestamp(Base):
"""
'mediagoblin.edit.views:verify_email')
add_route('mediagoblin.edit.email', '/edit/email/',
'mediagoblin.edit.views:change_email')
+add_route('mediagoblin.edit.deauthorize_applications', '/edit/deauthorize/',
+ 'mediagoblin.edit.views:deauthorize_applications')
convert_to_tag_list_of_dicts, media_tags_as_string)
from mediagoblin.tools.url import slugify
from mediagoblin.db.util import check_media_slug_used, check_collection_slug_used
-from mediagoblin.db.models import User
+from mediagoblin.db.models import User, Client, AccessToken
import mimetypes
{'user': user,
'form': form})
+@require_active_login
+def deauthorize_applications(request):
+ """ Deauthroize OAuth applications """
+ if request.method == 'POST' and "application" in request.form:
+ token = request.form["application"]
+ access_token = AccessToken.query.filter_by(token=token).first()
+ if access_token is None:
+ messages.add_message(
+ request,
+ messages.ERROR,
+ _("Unknown application, not able to deauthorize")
+ )
+ else:
+ access_token.delete()
+ messages.add_message(
+ request,
+ messages.SUCCESS,
+ _("Application has been deauthorized")
+ )
+
+ access_tokens = AccessToken.query.filter_by(user=request.user.id)
+ applications = [(a.get_requesttoken, a) for a in access_tokens]
+
+ return render_to_response(
+ request,
+ 'mediagoblin/edit/deauthorize_applications.html',
+ {'applications': applications}
+ )
@require_active_login
def delete_account(request):
table.metadata_editor tr td.form_field_input input {
width:350px;
}
+
+.application {
+ min-height: 30px;
+ margin-left: 70px;
+}
+
+.application-icon {
+ position: absolute;
+ left: 12px;
+ width: 50px;
+ height: 50px;
+}
+
+.application-button {
+ float: right;
+}
--- /dev/null
+{#
+# GNU MediaGoblin -- federated, autonomous media hosting
+# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#}
+{%- extends "mediagoblin/base.html" %}
+
+{% block title -%}
+ {% trans -%}
+ Deauthorize applications
+ {%- endtrans %} — {{ super() }}
+{%- endblock %}
+
+{% block mediagoblin_content %}
+ <h2>{% trans -%}Deauthorize Applications{%- endtrans %}</h2>
+ <p>{% trans -%}
+ These applications can access your GNU MediaGoblin account. Deauthorizing the
+ application will prevent the application from accessing your account.
+ {%- endtrans %}
+ </p>
+
+ <form method="POST" action="{{ request.urlgen('mediagoblin.edit.deauthorize_applications') }}">
+ {{ csrf_token }}
+ {% if not applications %}
+ <em>{% trans -%}There are no applications authorized.{%- endtrans %}</em>
+ {% endif %}
+ {% for application, access in applications %}
+ <div class="application">
+ <div class="application-button">
+ <button class="button_action" name="application" value="{{ access.token }}">Deauthorize</button>
+ </div>
+ {% if application.get_client.logo_url %}
+ <img class="application-icon" src="{{ application.get_client.logo_url }}">
+ {% else %}
+ <img class="application-icon" src="{{ request.staticdirect('/images/small-gavroche.png') }}">
+ {% endif %}
+ <div class="application-content">
+ <strong>{{ application.get_client.application_name }}</strong>
+ <p class="application-data">
+ <small>
+ {% trans -%}Type:{%- endtrans %}
+
+ {{ application.get_client.application_type }}</small>
+ <br />
+ <small>
+ {% trans -%}Authorized:{%- endtrans %}
+
+ {%- trans formatted_time=timesince(access.created) -%}
+ {{ formatted_time }} ago
+ {%- endtrans -%}
+ </small>
+ </p>
+ </div>
+ </div>
+ {% endfor %}
+ </form>
+{% endblock %}
\ No newline at end of file
<a href="{{ request.urlgen('mediagoblin.edit.delete_account') }}">
{%- trans %}Delete my account{% endtrans -%}
</a>
- ·
+ <br />
+ <a href="{{ request.urlgen('mediagoblin.edit.deauthorize_applications') }}">
+ {%- trans %}Deauthorize applications{% endtrans -%}
+ </a>
{% template_hook("edit_link") %}
<a href="{{ request.urlgen('mediagoblin.edit.email') }}">
{% trans %}Email{% endtrans %}
projects / mediagoblin.git / commitdiff
