From 2998105ec8fa887f4d0806b001ee43a24e155312 Mon Sep 17 00:00:00 2001
From: Jan Schulz-Hofen <jan@plan.io>
Date: Sat, 14 Jan 2017 15:04:54 +0100
Subject: [PATCH 4/6] Redmine style UI for Doorkeeper OAuth2 provider

Customized views according to https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-views
---
 app/views/doorkeeper/applications/_form.html.erb   |  25 ++++++++++++
 app/views/doorkeeper/applications/edit.html.erb    |   6 +++
 app/views/doorkeeper/applications/index.html.erb   |  33 ++++++++++++++++
 app/views/doorkeeper/applications/new.html.erb     |   6 +++
 app/views/doorkeeper/applications/show.html.erb    |  43 +++++++++++++++++++++
 app/views/doorkeeper/authorizations/error.html.erb |   6 +++
 app/views/doorkeeper/authorizations/new.html.erb   |  38 ++++++++++++++++++
 app/views/doorkeeper/authorizations/show.html.erb  |   8 ++++
 .../authorized_applications/index.html.erb         |  31 +++++++++++++++
 config/application.rb                              |   9 +++++
 config/initializers/doorkeeper.rb                  |  16 ++++----
 public/images/application_key.png                  | Bin 0 -> 670 bytes
 public/stylesheets/application.css                 |   4 ++
 13 files changed, 218 insertions(+), 7 deletions(-)
 create mode 100644 app/views/doorkeeper/applications/_form.html.erb
 create mode 100644 app/views/doorkeeper/applications/edit.html.erb
 create mode 100644 app/views/doorkeeper/applications/index.html.erb
 create mode 100644 app/views/doorkeeper/applications/new.html.erb
 create mode 100644 app/views/doorkeeper/applications/show.html.erb
 create mode 100644 app/views/doorkeeper/authorizations/error.html.erb
 create mode 100644 app/views/doorkeeper/authorizations/new.html.erb
 create mode 100644 app/views/doorkeeper/authorizations/show.html.erb
 create mode 100644 app/views/doorkeeper/authorized_applications/index.html.erb
 create mode 100755 public/images/application_key.png

diff --git a/app/views/doorkeeper/applications/_form.html.erb b/app/views/doorkeeper/applications/_form.html.erb
new file mode 100644
index 0000000..8b111b3
--- /dev/null
+++ b/app/views/doorkeeper/applications/_form.html.erb
@@ -0,0 +1,25 @@
+<%= error_messages_for 'application' %>
+<div class="box tabular">
+  <p><%= f.text_field :name, :required => true %></p>
+
+  <p>
+    <%= f.text_area :redirect_uri, :required => true, :size => 60, :label => :'activerecord.attributes.doorkeeper/application.redirect_uri' %>
+    <em class="info">
+      <%= t('doorkeeper.applications.help.redirect_uri') %>
+      <% if Doorkeeper.configuration.native_redirect_uri %>
+        <br/><%= raw t('doorkeeper.applications.help.native_redirect_uri',
+                native_redirect_uri: "<code>#{ Doorkeeper.configuration.native_redirect_uri }</code>") %>
+      <% end %>
+    </em>
+  </p>
+
+  <p>
+    <%= f.text_field :scopes, :size => 60, :label => :'activerecord.attributes.doorkeeper/application.scopes'  %>
+    <em class="info">
+      <%= t('doorkeeper.applications.help.scopes') %>
+    </em>
+  </p>
+
+
+
+</div>
diff --git a/app/views/doorkeeper/applications/edit.html.erb b/app/views/doorkeeper/applications/edit.html.erb
new file mode 100644
index 0000000..e154cdd
--- /dev/null
+++ b/app/views/doorkeeper/applications/edit.html.erb
@@ -0,0 +1,6 @@
+<%= title [t('doorkeeper.applications.index.title'), oauth_applications_path], @application.name %>
+
+<%= labelled_form_for @application, url: doorkeeper_submit_path(@application) do |f| %>
+  <%= render :partial => 'form', :locals => {:f => f} %>
+  <%= submit_tag l(:button_save) %>
+<% end %>
diff --git a/app/views/doorkeeper/applications/index.html.erb b/app/views/doorkeeper/applications/index.html.erb
new file mode 100644
index 0000000..e945810
--- /dev/null
+++ b/app/views/doorkeeper/applications/index.html.erb
@@ -0,0 +1,33 @@
+<div class="contextual">
+<%= link_to t('.new'), new_oauth_application_path, :class => 'icon icon-add' %>
+</div>
+
+<%= title t('.title') %>
+
+<% if @applications.any? %>
+<div class="autoscroll">
+<table class="list">
+  <thead><tr>
+    <th><%= t('.name') %></th>
+    <th><%= t('.callback_url') %></th>
+    <th><%= t('.scopes') %></th>
+    <th></th>
+  </tr></thead>
+  <tbody>
+  <% @applications.each do |application| %>
+    <tr id="application_<%= application.id %>" class="<%= cycle("odd", "even") %>">
+      <td class="name"><span><%= link_to application.name, oauth_application_path(application) %></span></td>
+      <td class="description"><%= truncate application.redirect_uri.split.join(', '), length: 50 %></td>
+      <td class="description"><%= h application.scopes %></td>
+      <td class="buttons">
+        <%= link_to t('doorkeeper.applications.buttons.edit'), edit_oauth_application_path(application), class: 'icon icon-edit' %>
+        <%= link_to t('doorkeeper.applications.buttons.destroy'), oauth_application_path(application), :data => {:confirm => t('doorkeeper.applications.confirmations.destroy')}, :method => :delete, :class => 'icon icon-del' %>
+      </td>
+    </tr>
+  <% end %>
+  </tbody>
+</table>
+</div>
+<% else %>
+  <p class="nodata"><%= l(:label_no_data) %></p>
+<% end %>
diff --git a/app/views/doorkeeper/applications/new.html.erb b/app/views/doorkeeper/applications/new.html.erb
new file mode 100644
index 0000000..a094b34
--- /dev/null
+++ b/app/views/doorkeeper/applications/new.html.erb
@@ -0,0 +1,6 @@
+<%= title [t('doorkeeper.applications.index.title'), oauth_applications_path], t('.title') %>
+
+<%= labelled_form_for @application, url: doorkeeper_submit_path(@application)  do |f| %>
+<%= render :partial => 'form', :locals => { :f => f } %>
+<%= submit_tag l(:button_create) %>
+<% end %>
diff --git a/app/views/doorkeeper/applications/show.html.erb b/app/views/doorkeeper/applications/show.html.erb
new file mode 100644
index 0000000..4f80d49
--- /dev/null
+++ b/app/views/doorkeeper/applications/show.html.erb
@@ -0,0 +1,43 @@
+<div class="contextual">
+<%= link_to t('doorkeeper.applications.buttons.edit'), edit_oauth_application_path(@application), :accesskey => accesskey(:edit), class: 'icon icon-edit' %>
+<%= link_to t('doorkeeper.applications.buttons.destroy'), oauth_application_path(@application), :data => {:confirm => t('doorkeeper.applications.confirmations.destroy')}, :method => :delete, :class => 'icon icon-del' %>
+</div>
+
+<%= title [t('doorkeeper.applications.index.title'), oauth_applications_path], @application.name %>
+
+<fieldset class="tabular"><legend><%= l(:label_information_plural) %></legend>
+  <p>
+    <label><%= t('.application_id') %>:</label>
+    <code><%= h @application.uid %></code>
+  </p>
+  <p>
+    <label><%= t('.secret') %>:</label>
+    <code><%= h @application.secret %></code>
+  </p>
+  <p>
+    <label><%= t('.scopes') %>:</label>
+    <code><%= h @application.scopes %></code>
+  </p>
+</fieldset>
+<br/>
+
+<h3><%= t('.callback_urls') %></h3>
+
+<div class="autoscroll">
+<table class="list">
+  <thead><tr>
+    <th><%= t('.callback_url') %></th>
+    <th></th>
+  </tr></thead>
+  <tbody>
+  <% @application.redirect_uri.split.each do |uri| %>
+    <tr class="<%= cycle("odd", "even") %>">
+      <td class="name"><span><%= uri %></span></td>
+      <td class="buttons">
+        <%= link_to t('doorkeeper.applications.buttons.authorize'), oauth_authorization_path(client_id: @application.uid, redirect_uri: uri, response_type: 'code', scope: @application.scopes), class: 'icon icon-authorize', target: '_blank' %>
+      </td>
+    </tr>
+  <% end %>
+  </tbody>
+</table>
+</div>
diff --git a/app/views/doorkeeper/authorizations/error.html.erb b/app/views/doorkeeper/authorizations/error.html.erb
new file mode 100644
index 0000000..59cedf8
--- /dev/null
+++ b/app/views/doorkeeper/authorizations/error.html.erb
@@ -0,0 +1,6 @@
+<h2><%= t('doorkeeper.authorizations.error.title') %></h2>
+
+<p id="errorExplanation"><%= @pre_auth.error_response.body[:error_description] %></p>
+<p><a href="javascript:history.back()"><%= l(:button_back) %></a></p>
+
+<% html_title t('doorkeeper.authorizations.error.title') %>
diff --git a/app/views/doorkeeper/authorizations/new.html.erb b/app/views/doorkeeper/authorizations/new.html.erb
new file mode 100644
index 0000000..271836a
--- /dev/null
+++ b/app/views/doorkeeper/authorizations/new.html.erb
@@ -0,0 +1,38 @@
+<%= title t('.title') %>
+
+<div class="warning">
+<p><strong><%=h @pre_auth.client.name %></strong></p>
+
+<p><%= raw t('.prompt', client_name: "<strong class=\"text-info\">#{ @pre_auth.client.name }</strong>") %></p>
+
+<% if @pre_auth.scopes.count > 0 %>
+  <div class="oauth-permissions">
+    <p><%= t('.able_to') %>:
+    <ul>
+      <% @pre_auth.scopes.each do |scope| %>
+        <li><%= t scope, scope: [:doorkeeper, :scopes] %></li>
+      <% end %>
+    </ul>
+    </p>
+  </div>
+<% end %>
+</div>
+
+<p>
+  <%= form_tag oauth_authorization_path, method: :post do %>
+    <%= hidden_field_tag :client_id, @pre_auth.client.uid %>
+    <%= hidden_field_tag :redirect_uri, @pre_auth.redirect_uri %>
+    <%= hidden_field_tag :state, @pre_auth.state %>
+    <%= hidden_field_tag :response_type, @pre_auth.response_type %>
+    <%= hidden_field_tag :scope, @pre_auth.scope %>
+    <%= submit_tag t('doorkeeper.authorizations.buttons.authorize'), class: "btn btn-success btn-lg btn-block" %>
+  <% end %>
+  <%= form_tag oauth_authorization_path, method: :delete do %>
+    <%= hidden_field_tag :client_id, @pre_auth.client.uid %>
+    <%= hidden_field_tag :redirect_uri, @pre_auth.redirect_uri %>
+    <%= hidden_field_tag :state, @pre_auth.state %>
+    <%= hidden_field_tag :response_type, @pre_auth.response_type %>
+    <%= hidden_field_tag :scope, @pre_auth.scope %>
+    <%= submit_tag t('doorkeeper.authorizations.buttons.deny'), class: "btn btn-danger btn-lg btn-block" %>
+  <% end %>
+</p>
diff --git a/app/views/doorkeeper/authorizations/show.html.erb b/app/views/doorkeeper/authorizations/show.html.erb
new file mode 100644
index 0000000..5b57d18
--- /dev/null
+++ b/app/views/doorkeeper/authorizations/show.html.erb
@@ -0,0 +1,8 @@
+<%= title [t('doorkeeper.authorized_applications.index.title'), oauth_authorized_applications_path]  %>
+
+<fieldset class="tabular"><legend><%= l(:label_information_plural) %></legend>
+  <p>
+    <label><%= t('.title') %>:</label>
+    <code><%= params[:code] %></code>
+  </p>
+</fieldset>
diff --git a/app/views/doorkeeper/authorized_applications/index.html.erb b/app/views/doorkeeper/authorized_applications/index.html.erb
new file mode 100644
index 0000000..ff0b9e7
--- /dev/null
+++ b/app/views/doorkeeper/authorized_applications/index.html.erb
@@ -0,0 +1,31 @@
+<%= title [t(:label_my_account), my_account_path], t('doorkeeper.authorized_applications.index.title') %>
+
+<% if @applications.any? %>
+<div class="autoscroll">
+<table class="list">
+  <thead><tr>
+    <th><%= t('doorkeeper.authorized_applications.index.application') %></th>
+    <th><%= t('doorkeeper.authorized_applications.index.created_at') %></th>
+    <th></th>
+  </tr></thead>
+  <tbody>
+  <% @applications.each do |application| %>
+    <tr id="application_<%= application.id %>" class="<%= cycle("odd", "even") %>">
+      <td class="name"><span><%= application.name %></span></td>
+      <td ><%= format_date application.created_at %></td>
+      <td class="buttons">
+        <%= link_to t('doorkeeper.authorized_applications.buttons.revoke'), oauth_authorized_application_path(application), :data => {:confirm => t('doorkeeper.authorized_applications.confirmations.revoke')}, :method => :delete, :class => 'icon icon-del' %>
+      </td>
+    </tr>
+  <% end %>
+  </tbody>
+</table>
+</div>
+<% else %>
+  <p class="nodata"><%= l(:label_no_data) %></p>
+<% end %>
+
+<% content_for :sidebar do %>
+<% @user = User.current %>
+<%= render :partial => 'my/sidebar' %>
+<% end %>
diff --git a/config/application.rb b/config/application.rb
index 965edce..1b19edf 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -76,6 +76,15 @@ module RedmineApp
       :key => '_redmine_session',
       :path => config.relative_url_root || '/'
 
+    # Use Redmine standard layouts and helpers for Doorkeeper OAuth2 screens
+    config.to_prepare do
+      Doorkeeper::ApplicationsController.layout "admin"
+      Doorkeeper::ApplicationsController.main_menu = false
+      Doorkeeper::AuthorizationsController.layout "base"
+      Doorkeeper::AuthorizedApplicationsController.layout "base"
+      Doorkeeper::AuthorizedApplicationsController.main_menu = false
+    end
+
     if File.exists?(File.join(File.dirname(__FILE__), 'additional_environment.rb'))
       instance_eval File.read(File.join(File.dirname(__FILE__), 'additional_environment.rb'))
     end
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
index b300cd5..83b2aac 100644
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -2,20 +2,22 @@ Doorkeeper.configure do
   use_refresh_token
   reuse_access_token
   realm           Redmine::Info.app_name
+  base_controller 'ApplicationController'
   default_scopes  :public
 
   resource_owner_authenticator do
-    if Setting.rest_api_enabled?
-      User.active.find_by_id(session[:user_id]) || redirect_to(signin_path(:back_url => request.original_url))
-    else
-      render(:text => 'Forbidden', :status => 403)
+    if require_login
+      if Setting.rest_api_enabled?
+        User.current
+      else
+        deny_access
+      end
     end
   end
 
   admin_authenticator do
-    if !Setting.rest_api_enabled? || !User.active.where(admin: true).find_by_id(session[:user_id])
-      render(:text => 'Forbidden', :status => 403)
+    if !Setting.rest_api_enabled? || !User.current.admin?
+      deny_access
     end
   end
-
 end
diff --git a/public/images/application_key.png b/public/images/application_key.png
new file mode 100755
index 0000000000000000000000000000000000000000..998d65c6942453d764e0d5427e6a361cbdaca856
GIT binary patch
literal 670
zcmV;P0%84$P)<h;3K|Lk000e1NJLTq000mG000mO1^@s6AM^iV00004XF*Lt006JZ
zHwB960000PbVXQnQ*UN;cVTj606}DLVr3vnZDD6+Qe|Oed2z{QJOBU!FiAu~R5;6}
zlFdt0VHAg-^WN(;G^kKPMIstPi&`YiqOwIHK@=_82vHG51kxhf)E^K<Z3+aDf?5UI
z5bjEl!fioBNahz}Ru<x*H99lSz4M;aVn%CW3+cdbcg}Nu=R?el{|PyL{n^#SN7DBe
z3YIbhR54Y&dQ1&9#k@z&Fz@lI)FtBl=;-Xt{`(!>VY)5dRg+A)?a2)_PUQ=}3+N6D
zvAM#+@`kM!V{-tZdE@rkmJI_g-<_cXFa;ngdkio&yn<q=8eSD&wu(%NywSX)7O%bn
zpn3&yf|y}WFfl|0=L8Xlh)0|!`tXRbI7M!;9W8GLz^#%TAR>qp0w=gY5C?&SnjoM&
zmLZk=!p^n}tjxWn(MBqDrqw?XSpzw#bPoa{5GYRc6RZqTzb8$8W`H2Mi*wCy7`V3k
zOsG`{R2=|dh679l4TW;{JzHB(;tL}rw>7ZhztMPfA5xs}3CnT3=0E^5LqxE@KtZa3
zc=0nX$RaLJqAm+71(tu5g3x^B3ISA#L|9#Hl>J0*_#u*r(Q*-|Kf%>vam2^IDaOYa
zu7s-kXN0N{VQKOOxzXorX+4NVgNR>ZY%rpxR3Z@J>HG=0dT;fHv(qz~&IfUadXIX=
zdylHp+0@7W_G3iZ9>TDm;nyX4#||);*ozrNiA|a6zHD86?LYpuG<V1H<EQLh*P*4y
z7hBG+mlyu)RliSXU*&!cH5C@}#fgde8<(C;X4cF54Fs4$U%y68ivR!s07*qoM6N<$
Eg7}UmEdT%j

literal 0
HcmV?d00001

diff --git a/public/stylesheets/application.css b/public/stylesheets/application.css
index aacc0c8..164311b 100644
--- a/public/stylesheets/application.css
+++ b/public/stylesheets/application.css
@@ -862,6 +862,9 @@ div.flash.warning, .conflict {
   color: #A6750C;
 }
 
+.warning .oauth-permissions { display:inline-block;text-align:left; }
+.warning .oauth-permissions p { margin-top:0;-webkit-margin-before:0;}
+
 #errorExplanation ul { font-size: 0.9em;}
 #errorExplanation h2, #errorExplanation p { display: none; }
 
@@ -1265,6 +1268,7 @@ div.wiki img {vertical-align:middle; max-width:100%;}
 .icon-custom-fields { background-image: url(../images/textfield.png); }
 .icon-plugins { background-image: url(../images/plugin.png); }
 .icon-applications { background-image: url(../images/application_view_tile.png); }
+.icon-authorize { background-image: url(../images/application_key.png); }
 .icon-news { background-image: url(../images/news.png); }
 .icon-issue-closed { background-image: url(../images/ticket_checked.png); }
 .icon-issue-note { background-image: url(../images/ticket_note.png); }
-- 
2.7.2