Merge remote-tracking branch 'upstream/pull/4408'

[rails.git] / app / controllers / oauth_clients_controller.rb

diff --git a/app/controllers/oauth_clients_controller.rb b/app/controllers/oauth_clients_controller.rb
index 56f19dbda17845feca7af722d45244b72806aeb0..44dacde6d72a4ce3a19eb7732eedea58d7c13f7d 100644 (file)
--- a/app/controllers/oauth_clients_controller.rb
+++ b/app/controllers/oauth_clients_controller.rb
@@ -1,54 +1,70 @@
 class OauthClientsController < ApplicationController
 class OauthClientsController < ApplicationController

-  layout 'site'
+  layout "site"

 
 

-  before_filter :authorize_web
-  before_filter :set_locale
-  before_filter :require_user
+  before_action :authorize_web
+  before_action :set_locale
+
+  authorize_resource :class => ClientApplication

 
   def index
 
   def index

-    @client_applications = @user.client_applications
-    @tokens = @user.oauth_tokens.authorized
+    @client_applications = current_user.client_applications
+    @tokens = current_user.oauth_tokens.authorized
+  end
+
+  def show
+    @client_application = current_user.client_applications.find(params[:id])
+  rescue ActiveRecord::RecordNotFound
+    @type = "client application"
+    render :action => "not_found", :status => :not_found

   end
 
   def new
     @client_application = ClientApplication.new
   end
 
   end
 
   def new
     @client_application = ClientApplication.new
   end
 

+  def edit
+    @client_application = current_user.client_applications.find(params[:id])
+  rescue ActiveRecord::RecordNotFound
+    @type = "client application"
+    render :action => "not_found", :status => :not_found
+  end
+

   def create
   def create

-    @client_application = @user.client_applications.build(params[:client_application])
+    @client_application = current_user.client_applications.build(application_params)

     if @client_application.save
     if @client_application.save

-      flash[:notice] = t'oauth_clients.create.flash'
+      flash[:notice] = t ".flash"

       redirect_to :action => "show", :id => @client_application.id
     else
       render :action => "new"
     end
   end
 
       redirect_to :action => "show", :id => @client_application.id
     else
       render :action => "new"
     end
   end
 

-  def show
-    @client_application = @user.client_applications.find(params[:id])
-  rescue ActiveRecord::RecordNotFound
-    @type = "client application"
-    render :action => "not_found", :status => :not_found
-  end
-
-  def edit
-    @client_application = @user.client_applications.find(params[:id])
-  end
-

   def update
   def update

-    @client_application = @user.client_applications.find(params[:id])
-    if @client_application.update_attributes(params[:client_application])
-      flash[:notice] = t'oauth_clients.update.flash'
+    @client_application = current_user.client_applications.find(params[:id])
+    if @client_application.update(application_params)
+      flash[:notice] = t ".flash"

       redirect_to :action => "show", :id => @client_application.id
     else
       render :action => "edit"
     end
       redirect_to :action => "show", :id => @client_application.id
     else
       render :action => "edit"
     end

+  rescue ActiveRecord::RecordNotFound
+    @type = "client application"
+    render :action => "not_found", :status => :not_found

   end
 
   def destroy
   end
 
   def destroy

-    @client_application = @user.client_applications.find(params[:id])
+    @client_application = current_user.client_applications.find(params[:id])

     @client_application.destroy
     @client_application.destroy

-    flash[:notice] = t'oauth_clients.destroy.flash'
+    flash[:notice] = t ".flash"

     redirect_to :action => "index"
     redirect_to :action => "index"

+  rescue ActiveRecord::RecordNotFound
+    @type = "client application"
+    render :action => "not_found", :status => :not_found
+  end
+
+  private
+
+  def application_params
+    params.require(:client_application).permit(:name, :url, :callback_url, :support_url, ClientApplication.all_permissions)

   end
 end
   end
 end