From 3e833fd2179d5282db7951bafafb28d2f009c120 Mon Sep 17 00:00:00 2001
From: Sander Roosendaal <roosendaalsander@gmail.com>
Date: Wed, 4 Jan 2017 10:33:56 +0100
Subject: [PATCH] Revoke button

---
 rowers/templates/rower_form.html | 29 +++++++++++++++++++++++++++--
 rowers/urls.py                   | 12 +++++++++++-
 rowers/views.py                  | 26 ++++++++++++++++++++++++++
 3 files changed, 64 insertions(+), 3 deletions(-)

diff --git a/rowers/templates/rower_form.html b/rowers/templates/rower_form.html
index e103f631..90674a5c 100644
--- a/rowers/templates/rower_form.html
+++ b/rowers/templates/rower_form.html
@@ -9,7 +9,7 @@
 </p>
 {% endif %}
 <div class="grid_6 alpha">
-  <h1>Heart Rate Bands</h1>
+  <h2>Heart Rate Bands</h2>
 
   <form enctype="multipart/form-data" action="" method="post">
     <table>
@@ -22,8 +22,8 @@
   </div>
 </div>
 <div class="grid_6 omega">
-  <h1>Functional Threshold Power</h1>
   <p>
+  <h2>Functional Threshold Power</h2>
     <form enctype="multipart/form-data" action="" method="post">
       <table>
 	{{ powerform.as_table }}
@@ -34,6 +34,31 @@
     </form>
     </div>
   </p>
+  {% if grants %}
+  <p>
+    <h2>Applications</h2>
+    <table width="100%">
+      <thead>
+        <tr>
+          <th>Application</th>
+          <th>Scope</th>
+          <th>Revoke</th>
+        </tr>
+      </thead>
+      <tbody>
+        {% for grant in grants %}
+        <tr>
+          <td>{{ grant.application }}</td>
+          <td>{{ grant.scope }}</td>
+          <td>
+            <a class="button red small" href="/rowers/me/revokeapp/{{ grant.application.id }}">Revoke</a>
+          </td>
+        </tr>
+    {% endfor %}
+      </tbody>
+    </table>
+  </p>
+  {% endif %}
 </div>
 
   
diff --git a/rowers/urls.py b/rowers/urls.py
index d21b2692..94febda1 100644
--- a/rowers/urls.py
+++ b/rowers/urls.py
@@ -21,7 +21,16 @@ from rowers.serializers import (
     StrokeDataSerializer,
     FavoriteChartSerializer,
     )
-        
+
+from oauth2_provider.views import (
+    AuthorizedTokensListView,
+    AuthorizedTokenDeleteView,
+    )
+
+from oauth2_provider.views.base import (
+    RevokeTokenView
+    )
+
 class WorkoutViewSet(viewsets.ModelViewSet):
     model = Workout
     #queryset = Workout.objects.all().order_by("-date", "-starttime")
@@ -180,6 +189,7 @@ urlpatterns = [
     url(r'^me/edit/$',views.rower_edit_view),
     url(r'^me/edit/(.+.*)/$',views.rower_edit_view),
     url(r'^me/c2authorize/$',views.rower_c2_authorize),
+    url(r'^me/revokeapp/(\d+)$',views.rower_revokeapp_view),
     url(r'^me/stravaauthorize/$',views.rower_strava_authorize),
     url(r'^me/sporttracksauthorize/$',views.rower_sporttracks_authorize),
     url(r'^me/sporttracksrefresh/$',views.rower_sporttracks_token_refresh),
diff --git a/rowers/views.py b/rowers/views.py
index 167ecb92..d6c8792b 100644
--- a/rowers/views.py
+++ b/rowers/views.py
@@ -75,6 +75,8 @@ import stravalib
 from stravalib.exc import ActivityUploadFailed,TimeoutExceeded
 from weather import get_wind_data
 
+from oauth2_provider.models import Application,Grant,AccessToken
+
 import django_rq
 queue = django_rq.get_queue('default')
 queuelow = django_rq.get_queue('low')
@@ -4780,14 +4782,38 @@ def rower_edit_view(request,message=""):
 	    r = Rower.objects.get(user=request.user)
 	    form = RowerForm(instance=r)
 	    powerform = RowerPowerForm(instance=r)
+            grants = AccessToken.objects.filter(user=request.user)
 	    return render(request, 'rower_form.html',
 			  {
 			      'form':form,
 			      'powerform':powerform,
+                              'grants':grants,
 			      })
 	except Rower.DoesNotExist:
 	    return HttpResponse("This user doesn't exist")
 
+@login_required()
+def rower_revokeapp_view(request,id=0):
+    tokens = AccessToken.objects.filter(user=request.user,application=id)
+    refreshtokens = AccessToken.objects.filter(user=request.user,application=id)
+    for token in tokens:
+        token.revoke()
+    for token in refreshtokens:
+        token.revoke()
+
+    r = Rower.objects.get(user=request.user)
+    form = RowerForm(instance=r)
+    powerform = RowerPowerForm(instance=r)
+    grants = AccessToken.objects.filter(user=request.user)
+    return render(request, 'rower_form.html',
+		  {
+		      'form':form,
+		      'powerform':powerform,
+                      'grants':grants,
+		  })
+
+
+        
 class JSONResponse(HttpResponse):
     def __init__(self, data, **kwargs):
         content = JSONRenderer().render(data)