src/applications/oauthserver/panel/PhabricatorOAuthServerAuthorizationsSettingsPanel.php

   1 <?php
   2
   3 final class PhabricatorOAuthServerAuthorizationsSettingsPanel
   4   extends PhabricatorSettingsPanel {
   5
   6   public function getPanelKey() {
   7     return 'oauthorizations';
   8   }
   9
  10   public function getPanelName() {
  11     return pht('OAuth Authorizations');
  12   }
  13
  14   public function getPanelMenuIcon() {
  15     return 'fa-exchange';
  16   }
  17
  18   public function getPanelGroupKey() {
  19     return PhabricatorSettingsLogsPanelGroup::PANELGROUPKEY;
  20   }
  21
  22   public function isEnabled() {
  23     return PhabricatorApplication::isClassInstalled(
  24       'PhabricatorOAuthServerApplication');
  25   }
  26
  27   public function processRequest(AphrontRequest $request) {
  28     $viewer = $request->getUser();
  29
  30     // TODO: It would be nice to simply disable this panel, but we can't do
  31     // viewer-based checks for enabled panels right now.
  32
  33     $app_class = 'PhabricatorOAuthServerApplication';
  34     $installed = PhabricatorApplication::isClassInstalledForViewer(
  35       $app_class,
  36       $viewer);
  37     if (!$installed) {
  38       $dialog = id(new AphrontDialogView())
  39         ->setUser($viewer)
  40         ->setTitle(pht('OAuth Not Available'))
  41         ->appendParagraph(
  42           pht('You do not have access to OAuth authorizations.'))
  43         ->addCancelButton('/settings/');
  44       return id(new AphrontDialogResponse())->setDialog($dialog);
  45     }
  46
  47     $authorizations = id(new PhabricatorOAuthClientAuthorizationQuery())
  48       ->setViewer($viewer)
  49       ->withUserPHIDs(array($viewer->getPHID()))
  50       ->execute();
  51     $authorizations = mpull($authorizations, null, 'getID');
  52
  53     $panel_uri = $this->getPanelURI();
  54
  55     $revoke = $request->getInt('revoke');
  56     if ($revoke) {
  57       if (empty($authorizations[$revoke])) {
  58         return new Aphront404Response();
  59       }
  60
  61       if ($request->isFormPost()) {
  62         $authorizations[$revoke]->delete();
  63         return id(new AphrontRedirectResponse())->setURI($panel_uri);
  64       }
  65
  66       $dialog = id(new AphrontDialogView())
  67         ->setUser($viewer)
  68         ->setTitle(pht('Revoke Authorization?'))
  69         ->appendParagraph(
  70           pht(
  71             'This application will no longer be able to access this server '.
  72             'on your behalf.'))
  73         ->addSubmitButton(pht('Revoke Authorization'))
  74         ->addCancelButton($panel_uri);
  75
  76       return id(new AphrontDialogResponse())->setDialog($dialog);
  77     }
  78
  79     $highlight = $request->getInt('id');
  80
  81     $rows = array();
  82     $rowc = array();
  83     foreach ($authorizations as $authorization) {
  84       if ($highlight == $authorization->getID()) {
  85         $rowc[] = 'highlighted';
  86       } else {
  87         $rowc[] = null;
  88       }
  89
  90       $button = javelin_tag(
  91         'a',
  92         array(
  93           'href' => $this->getPanelURI('?revoke='.$authorization->getID()),
  94           'class' => 'small button button-grey',
  95           'sigil' => 'workflow',
  96         ),
  97         pht('Revoke'));
  98
  99       $rows[] = array(
 100         phutil_tag(
 101           'a',
 102           array(
 103             'href' => $authorization->getClient()->getViewURI(),
 104           ),
 105           $authorization->getClient()->getName()),
 106         $authorization->getScopeString(),
 107         phabricator_datetime($authorization->getDateCreated(), $viewer),
 108         phabricator_datetime($authorization->getDateModified(), $viewer),
 109         $button,
 110       );
 111     }
 112
 113     $table = new AphrontTableView($rows);
 114     $table->setNoDataString(
 115       pht("You haven't authorized any OAuth applications."));
 116
 117     $table->setRowClasses($rowc);
 118     $table->setHeaders(
 119       array(
 120         pht('Application'),
 121         pht('Scope'),
 122         pht('Created'),
 123         pht('Updated'),
 124         null,
 125       ));
 126
 127     $table->setColumnClasses(
 128       array(
 129         'pri',
 130         'wide',
 131         'right',
 132         'right',
 133         'action',
 134       ));
 135
 136     $header = id(new PHUIHeaderView())
 137       ->setHeader(pht('OAuth Application Authorizations'));
 138
 139     $panel = id(new PHUIObjectBoxView())
 140       ->setHeader($header)
 141       ->setBackground(PHUIObjectBoxView::WHITE_CONFIG)
 142       ->appendChild($table);
 143
 144     return $panel;
 145   }
 146
 147 }