Rework oauth2 feature

* improve UI
* add authorization
* add separate page for oauth applications

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

14 files changed, 114 insertions, 73 deletions

diff --git a/app/assets/stylesheets/generic/tables.scss b/app/assets/stylesheets/generic/tables.scss
new file mode 100644
index 00000000000..71a7d4abaee
--- /dev/null
+++ b/app/assets/stylesheets/generic/tables.scss
@@ -0,0 +1,20 @@
+table {
+  &.table {
+    tr {
+      td, th {
+        padding: 8px 10px;
+        line-height: 20px;
+        vertical-align: middle;
+      }
+      th {
+        font-weight: normal;
+        font-size: 15px;
+        border-bottom: 1px solid #CCC !important;
+      }
+      td {
+        border-color: #F1F1F1 !important;
+        border-bottom: 1px solid;
+      }
+    }
+  }
+}
diff --git a/app/assets/stylesheets/sections/tree.scss b/app/assets/stylesheets/sections/tree.scss
index 678a6cd716d..bc7451e2d53 100644
--- a/app/assets/stylesheets/sections/tree.scss
+++ b/app/assets/stylesheets/sections/tree.scss
@@ -17,19 +17,6 @@
     @include border-radius(0);
 
     tr {
-      td, th {
-        padding: 8px 10px;
-        line-height: 20px;
-      }
-      th {
-        font-weight: normal;
-        font-size: 15px;
-        border-bottom: 1px solid #CCC !important;
-      }
-      td {
-        border-color: #F1F1F1 !important;
-        border-bottom: 1px solid;
-      }
       &:hover {
         td {
           background: $hover;
diff --git a/app/controllers/oauth/applications_controller.rb b/app/controllers/oauth/applications_controller.rb
index b53e9662af0..93201eff303 100644
--- a/app/controllers/oauth/applications_controller.rb
+++ b/app/controllers/oauth/applications_controller.rb
@@ -3,7 +3,7 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
   layout "profile"
 
   def index
-    @applications = current_user.oauth_applications
+    head :forbidden and return
   end
 
   def create
@@ -28,4 +28,14 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
 
     redirect_to profile_account_url
   end
+
+  private
+
+  def set_application
+    @application = current_user.oauth_applications.find(params[:id])
+  end
+
+  rescue_from ActiveRecord::RecordNotFound do |exception|
+    render "errors/not_found", layout: "errors", status: 404
+  end
 end
diff --git a/app/controllers/oauth/authorizations_controller.rb b/app/controllers/oauth/authorizations_controller.rb
index 72cbbf2e616..a57b4a60c24 100644
--- a/app/controllers/oauth/authorizations_controller.rb
+++ b/app/controllers/oauth/authorizations_controller.rb
@@ -55,4 +55,3 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
     @strategy ||= server.authorization_request(pre_auth.response_type)
   end
 end
-
diff --git a/app/controllers/oauth/authorized_applications_controller.rb b/app/controllers/oauth/authorized_applications_controller.rb
index 202421b4abd..0b27ce7da72 100644
--- a/app/controllers/oauth/authorized_applications_controller.rb
+++ b/app/controllers/oauth/authorized_applications_controller.rb
@@ -3,6 +3,6 @@ class Oauth::AuthorizedApplicationsController < Doorkeeper::AuthorizedApplicatio
 
   def destroy
     Doorkeeper::AccessToken.revoke_all_for(params[:id], current_resource_owner)
-    redirect_to profile_account_url, notice: I18n.t(:notice, scope: [:doorkeeper, :flash, :authorized_applications, :destroy])
+    redirect_to applications_profile_url, notice: I18n.t(:notice, scope: [:doorkeeper, :flash, :authorized_applications, :destroy])
   end
 end
diff --git a/app/controllers/profiles/accounts_controller.rb b/app/controllers/profiles/accounts_controller.rb
index 5f15378c831..fe121691a10 100644
--- a/app/controllers/profiles/accounts_controller.rb
+++ b/app/controllers/profiles/accounts_controller.rb
@@ -3,7 +3,5 @@ class Profiles::AccountsController < ApplicationController
 
   def show
     @user = current_user
-    @applications = current_user.oauth_applications
-    @authorized_applications = Doorkeeper::Application.authorized_for(current_user)
   end
 end
diff --git a/app/controllers/profiles_controller.rb b/app/controllers/profiles_controller.rb
index e877f9b9049..c0b7e2223a2 100644
--- a/app/controllers/profiles_controller.rb
+++ b/app/controllers/profiles_controller.rb
@@ -13,6 +13,11 @@ class ProfilesController < ApplicationController
   def design
   end
 
+  def applications
+    @applications = current_user.oauth_applications
+    @authorized_tokens = current_user.oauth_authorized_tokens
+  end
+
   def update
     user_params.except!(:email) if @user.ldap_user?
 
diff --git a/app/models/user.rb b/app/models/user.rb
index 6518fc50b70..7dae318e780 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -565,4 +565,8 @@ class User < ActiveRecord::Base
         namespaces += masters_groups
       end
   end
+
+  def oauth_authorized_tokens
+    Doorkeeper::AccessToken.where(resource_owner_id: self.id, revoked_at: nil)
+  end
 end
diff --git a/app/views/doorkeeper/applications/_form.html.haml b/app/views/doorkeeper/applications/_form.html.haml
index 45ddf16ad0b..a5fec2fabdb 100644
--- a/app/views/doorkeeper/applications/_form.html.haml
+++ b/app/views/doorkeeper/applications/_form.html.haml
@@ -19,7 +19,6 @@
           Use
           %code= Doorkeeper.configuration.native_redirect_uri
           for local tests
-  .form-group
-    .col-sm-offset-2.col-sm-10
-      = f.submit 'Submit', class: "btn btn-primary wide"
-      = link_to "Cancel", profile_account_path, :class => "btn btn-default"
\ No newline at end of file
+  .form-actions
+    = f.submit 'Submit', class: "btn btn-primary wide"
+    = link_to "Cancel", applications_profile_path, class: "btn btn-default"
diff --git a/app/views/doorkeeper/applications/show.html.haml b/app/views/doorkeeper/applications/show.html.haml
index 5236b865896..82e78b4af13 100644
--- a/app/views/doorkeeper/applications/show.html.haml
+++ b/app/views/doorkeeper/applications/show.html.haml
@@ -1,21 +1,26 @@
 %h3.page-title
   Application: #{@application.name}
-.row
-  .col-md-8
-    %h4 Application Id:
-    %p
+
+
+%table.table
+  %tr
+    %td
+      Application Id
+    %td
       %code#application_id= @application.uid
-    %h4 Secret:
-    %p
+  %tr
+    %td
+      Secret:
+    %td
       %code#secret= @application.secret
-    %h4 Callback urls:
-    %table
+
+  %tr
+    %td
+      Callback url
+    %td
       - @application.redirect_uri.split.each do |uri|
-        %tr
-          %td
-            %code= uri
-          %td
-            = link_to 'Authorize', oauth_authorization_path(client_id: @application.uid, redirect_uri: uri, response_type: 'code'), class: 'btn btn-success', target: '_blank'
-.prepend-top-20
-  %p= link_to 'Edit', edit_oauth_application_path(@application), class: 'btn btn-primary wide pull-left'
-  %p= render 'delete_form', application: @application, submit_btn_css: 'btn btn-danger prepend-left-10'
\ No newline at end of file
+        %div
+          %span.monospace= uri
+.form-actions
+  = link_to 'Edit', edit_oauth_application_path(@application), class: 'btn btn-primary wide pull-left'
+  = render 'delete_form', application: @application, submit_btn_css: 'btn btn-danger prepend-left-10'
diff --git a/app/views/layouts/nav/_profile.html.haml b/app/views/layouts/nav/_profile.html.haml
index f68fe87a75b..8bb45e4a6d0 100644
--- a/app/views/layouts/nav/_profile.html.haml
+++ b/app/views/layouts/nav/_profile.html.haml
@@ -3,10 +3,14 @@
     = link_to profile_path, title: "Profile" do
       %i.fa.fa-user
       Profile
-  = nav_link(controller: [:accounts, :applications]) do
+  = nav_link(controller: [:accounts]) do
     = link_to profile_account_path do
       %i.fa.fa-gear
       Account
+  = nav_link(path: ['profiles#applications', 'applications#edit', 'applications#show', 'applications#new']) do
+    = link_to applications_profile_path do
+      %i.fa.fa-cloud
+      Applications
   = nav_link(controller: :emails) do
     = link_to profile_emails_path do
       %i.fa.fa-envelope-o
diff --git a/app/views/profiles/accounts/show.html.haml b/app/views/profiles/accounts/show.html.haml
index 1d0b6d77189..53a50f6796b 100644
--- a/app/views/profiles/accounts/show.html.haml
+++ b/app/views/profiles/accounts/show.html.haml
@@ -75,38 +75,4 @@
               The following groups will be abandoned. You should transfer or remove them:
               %strong #{current_user.solo_owned_groups.map(&:name).join(', ')}
         = link_to 'Delete account', user_registration_path, data: { confirm: "REMOVE #{current_user.name}? Are you sure?" }, method: :delete, class: "btn btn-remove"
-        
-  %h3.page-title
-    OAuth2
-  %fieldset.oauth-applications
-    %legend Your applications
-    %p= link_to 'New Application', new_oauth_application_path, class: 'btn btn-success'
-    %table.table.table-striped
-      %thead
-        %tr
-          %th Name
-          %th Callback URL
-          %th
-          %th
-      %tbody
-        - @applications.each do |application|
-          %tr{:id => "application_#{application.id}"}
-            %td= link_to application.name, oauth_application_path(application)
-            %td= application.redirect_uri
-            %td= link_to 'Edit', edit_oauth_application_path(application), class: 'btn btn-link btn-small'
-            %td= render 'doorkeeper/applications/delete_form', application: application
 
-  %fieldset.oauth-authorized-applications
-    %legend Your authorized applications
-    %table.table.table-striped
-      %thead
-        %tr
-          %th Name
-          %th Created At
-          %th
-      %tbody
-        - @authorized_applications.each do |application|
-          %tr{:id => "application_#{application.id}"}
-            %td= link_to application.name, oauth_application_path(application)
-            %td= application.created_at.strftime('%Y-%m-%d %H:%M:%S') 
-            %td= render 'doorkeeper/authorized_applications/delete_form', application: application
diff --git a/app/views/profiles/applications.html.haml b/app/views/profiles/applications.html.haml
new file mode 100644
index 00000000000..cdb188dc1af
--- /dev/null
+++ b/app/views/profiles/applications.html.haml
@@ -0,0 +1,43 @@
+%h3.page-title
+  OAuth2
+
+%fieldset.oauth-applications
+  %legend Your applications
+  %p= link_to 'New Application', new_oauth_application_path, class: 'btn btn-success'
+  - if @applications.any?
+    %table.table.table-striped
+      %thead
+        %tr
+          %th Name
+          %th Callback URL
+          %th Clients
+          %th
+          %th
+      %tbody
+        - @applications.each do |application|
+          %tr{:id => "application_#{application.id}"}
+            %td= link_to application.name, oauth_application_path(application)
+            %td
+              - application.redirect_uri.split.each do |uri|
+                %div= uri
+            %td= application.access_tokens.count
+            %td= link_to 'Edit', edit_oauth_application_path(application), class: 'btn btn-link btn-small'
+            %td= render 'doorkeeper/applications/delete_form', application: application
+
+%fieldset.oauth-authorized-applications.prepend-top-20
+  %legend Authorized applications
+  %table.table.table-striped
+    %thead
+      %tr
+        %th Name
+        %th Authorized At
+        %th Scope
+        %th
+    %tbody
+      - @authorized_tokens.each do |token|
+        - application = token.application
+        %tr{:id => "application_#{application.id}"}
+          %td= application.name
+          %td= token.created_at
+          %td= token.scopes
+          %td= render 'doorkeeper/authorized_applications/delete_form', application: application
diff --git a/config/routes.rb b/config/routes.rb
index 4d3039ce11a..1d571e21b88 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -118,6 +118,7 @@ Gitlab::Application.routes.draw do
     member do
       get :history
       get :design
+      get :applications
 
       put :reset_private_token
       put :update_username