From 713e91a72096e9107a6aada0cbbde09caa71ecbc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A2u=20Cao?= <raucao@kip.pe>
Date: Sun, 19 Nov 2023 18:49:17 +0100
Subject: [PATCH] Implement RS auth revocation

---
 app/components/dropdown_link_component.rb     |  2 +-
 app/components/rs_auth_component.html.erb     |  3 +-
 .../services/remotestorage_controller.rb      |  3 +-
 .../services/rs_auths_controller.rb           | 34 +++++++++++++++++++
 .../{dashboard.html.erb => show.html.erb}     |  2 +-
 config/routes.rb                              | 12 +++++--
 6 files changed, 49 insertions(+), 7 deletions(-)
 create mode 100644 app/controllers/services/rs_auths_controller.rb
 rename app/views/services/remotestorage/{dashboard.html.erb => show.html.erb} (80%)

diff --git a/app/components/dropdown_link_component.rb b/app/components/dropdown_link_component.rb
index 9f9e618..4eabc8e 100644
--- a/app/components/dropdown_link_component.rb
+++ b/app/components/dropdown_link_component.rb
@@ -9,7 +9,7 @@ class DropdownLinkComponent < ViewComponent::Base
   private
 
   def class_str(separator, add_class)
-    str = "no-underline block px-4 py-2 text-sm text-gray-900 bg-white
+    str = "no-underline block px-5 py-3 text-sm text-gray-900 bg-white
            hover:bg-gray-100 focus:bg-gray-100 whitespace-no-wrap"
     str = "#{str} border-t" if separator
     str = "#{str} #{add_class}" if add_class
diff --git a/app/components/rs_auth_component.html.erb b/app/components/rs_auth_component.html.erb
index 58ef7cd..cf5e97d 100644
--- a/app/components/rs_auth_component.html.erb
+++ b/app/components/rs_auth_component.html.erb
@@ -20,7 +20,8 @@
       Launch app
     <% end %>
     <%= render DropdownLinkComponent.new(
-          href: "#", separator: true, add_class: "text-red-700"
+          href: revoke_services_storage_rs_auth_url(@auth),
+          separator: true, add_class: "text-red-700"
         ) do %>
       Revoke access
     <% end %>
diff --git a/app/controllers/services/remotestorage_controller.rb b/app/controllers/services/remotestorage_controller.rb
index e6a556c..67c7e76 100644
--- a/app/controllers/services/remotestorage_controller.rb
+++ b/app/controllers/services/remotestorage_controller.rb
@@ -3,7 +3,8 @@ class Services::RemotestorageController < Services::BaseController
   before_action :require_feature_enabled
   before_action :require_service_available
 
-  def dashboard
+  # Dashboard
+  def show
     # unless current_user.services_enabled.include?(:remotestorage)
     #   redirect_to service_remotestorage_info_path
     # end
diff --git a/app/controllers/services/rs_auths_controller.rb b/app/controllers/services/rs_auths_controller.rb
new file mode 100644
index 0000000..4d7d5d2
--- /dev/null
+++ b/app/controllers/services/rs_auths_controller.rb
@@ -0,0 +1,34 @@
+class Services::RsAuthsController < Services::BaseController
+  before_action :authenticate_user!
+  before_action :require_feature_enabled
+  before_action :require_service_available
+  # before_action :require_service_enabled
+
+  def destroy
+    if @rs_auth = current_user.remote_storage_authorizations.find(params[:id])
+      @rs_auth.destroy!
+    else
+      http_status :not_found
+    end
+
+    respond_to do |format|
+      format.html do redirect_to services_storage_url, flash: {
+        success: 'App authorization revoked'
+      }
+      end
+      format.json { head :no_content }
+    end
+  end
+
+  private
+
+    def require_feature_enabled
+      unless Flipper.enabled?(:remotestorage, current_user)
+        http_status :forbidden
+      end
+    end
+
+    def require_service_available
+      http_status :not_found unless Setting.remotestorage_enabled?
+    end
+end
diff --git a/app/views/services/remotestorage/dashboard.html.erb b/app/views/services/remotestorage/show.html.erb
similarity index 80%
rename from app/views/services/remotestorage/dashboard.html.erb
rename to app/views/services/remotestorage/show.html.erb
index 5d90bfe..58b7ed7 100644
--- a/app/views/services/remotestorage/dashboard.html.erb
+++ b/app/views/services/remotestorage/show.html.erb
@@ -4,7 +4,7 @@
   <section>
     <h3 class="mb-10">Connected Apps</h3>
     <% if @rs_auths.any? %>
-    <div class="w-full grid grid-cols-1 md:grid-cols-3 gap-10">
+    <div class="w-full grid grid-cols-1 sm:grid-cols-2 lg:grid-cols-3 gap-y-10 gap-x-12">
     <% @rs_auths.each do |auth| %>
       <%= render RsAuthComponent.new(auth: auth) %>
     <% end %>
diff --git a/config/routes.rb b/config/routes.rb
index 6e8968c..ee7259d 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -19,10 +19,10 @@ Rails.application.routes.draw do
   resources :invitations, only: ['index', 'show', 'create', 'destroy']
 
   namespace :services do
-    get 'storage', to: 'remotestorage#dashboard'
-
     resource :chat, only: [:show], controller: 'chat'
 
+    resource :mastodon, only: [:show], controller: 'mastodon'
+
     resources :lightning, only: [:index] do
       collection do
         get 'transactions'
@@ -30,7 +30,13 @@ Rails.application.routes.draw do
       end
     end
 
-    resource :mastodon, only: [:show], controller: 'mastodon'
+    resource :storage, controller: 'remotestorage', only: [:show] do
+      resources :rs_auths, only: [:destroy] do
+        member do
+          get 'revoke', to: 'rs_auths#destroy'
+        end
+      end
+    end
   end
 
   resources :settings, param: 'section', only: ['index', 'show', 'update'] do