Correctly show anonymous authorized applications under Profile > Applications.anonymous-applications-7-12

5 files changed, 27 insertions, 4 deletions

diff --git a/CHANGELOG b/CHANGELOG
index 99cddd57028..3405a1d8d18 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -10,6 +10,9 @@ v 7.13.0 (unreleased)
   - Update ssl_ciphers in Nginx example to remove DHE settings. This will deny forward secrecy for Android 2.3.7, Java 6 and OpenSSL 0.9.8
   - Convert CRLF newlines to LF when committing using the web editor.
 
+v 7.12.2 (unreleased)
+  - Correctly show anonymous authorized applications under Profile > Applications.
+
 v 7.12.1
   - Fix error when deleting a user who has projects (Stan Hu)
   - Fix post-receive errors on a push when an external issue tracker is configured (Stan Hu)
diff --git a/app/controllers/oauth/authorized_applications_controller.rb b/app/controllers/oauth/authorized_applications_controller.rb
index 3ab6def511c..4193ac11399 100644
--- a/app/controllers/oauth/authorized_applications_controller.rb
+++ b/app/controllers/oauth/authorized_applications_controller.rb
@@ -4,7 +4,12 @@ class Oauth::AuthorizedApplicationsController < Doorkeeper::AuthorizedApplicatio
   layout 'profile'
 
   def destroy
-    Doorkeeper::AccessToken.revoke_all_for(params[:id], current_resource_owner)
+    if params[:token_id].present?
+      current_resource_owner.oauth_authorized_tokens.find(params[:token_id]).revoke
+    else
+      Doorkeeper::AccessToken.revoke_all_for(params[:id], current_resource_owner)
+    end
+
     redirect_to applications_profile_url, notice: I18n.t(:notice, scope: [:doorkeeper, :flash, :authorized_applications, :destroy])
   end
 end
diff --git a/app/controllers/profiles_controller.rb b/app/controllers/profiles_controller.rb
index b4af9e490ed..5382a6cf6ac 100644
--- a/app/controllers/profiles_controller.rb
+++ b/app/controllers/profiles_controller.rb
@@ -11,7 +11,8 @@ class ProfilesController < Profiles::ApplicationController
   def applications
     @applications = current_user.oauth_applications
     @authorized_tokens = current_user.oauth_authorized_tokens
-    @authorized_apps = @authorized_tokens.map(&:application).uniq
+    @authorized_anonymous_tokens = @authorized_tokens.reject(&:application)
+    @authorized_apps = @authorized_tokens.map(&:application).uniq - [nil]
   end
 
   def update
diff --git a/app/views/doorkeeper/authorized_applications/_delete_form.html.haml b/app/views/doorkeeper/authorized_applications/_delete_form.html.haml
index 4bba72167e3..bfa95ce79a7 100644
--- a/app/views/doorkeeper/authorized_applications/_delete_form.html.haml
+++ b/app/views/doorkeeper/authorized_applications/_delete_form.html.haml
@@ -1,4 +1,9 @@
 - submit_btn_css ||= 'btn btn-link btn-remove'
-= form_tag oauth_authorized_application_path(application) do
+- if defined?(token)
+  - path = oauth_authorized_application_path(0, token_id: token)
+- else
+  - path = oauth_authorized_application_path(application)
+  
+= form_tag path do
   %input{:name => "_method", :type => "hidden", :value => "delete"}/
-  = submit_tag 'Revoke', onclick: "return confirm('Are you sure?')", class: 'btn btn-link btn-remove btn-sm'
\ No newline at end of file
+  = submit_tag 'Revoke', onclick: "return confirm('Are you sure?')", class: 'btn btn-link btn-remove btn-sm'
diff --git a/app/views/profiles/applications.html.haml b/app/views/profiles/applications.html.haml
index 2c4f0804f0b..d2fad31eca2 100644
--- a/app/views/profiles/applications.html.haml
+++ b/app/views/profiles/applications.html.haml
@@ -56,5 +56,14 @@
             %td= token.created_at
             %td= token.scopes
             %td= render 'doorkeeper/authorized_applications/delete_form', application: app
+        - @authorized_anonymous_tokens.each do |token|
+          %tr
+            %td
+              Anonymous
+              %div.help-block
+                %em Authorization was granted by entering your username and password in the application.
+            %td= token.created_at
+            %td= token.scopes
+            %td= render 'doorkeeper/authorized_applications/delete_form', token: token
   - else
     %p.light You dont have any authorized applications