diff --git a/pagure/ui/repo.py b/pagure/ui/repo.py index 2900ca1..3cfab94 100644 --- a/pagure/ui/repo.py +++ b/pagure/ui/repo.py @@ -8,11 +8,12 @@ """ -import flask +import datetime import shutil import os from math import ceil +import flask import pygit2 import kitchen.text.converters as ktc @@ -1006,9 +1007,7 @@ def add_token(repo, username=None): acls = pagure.lib.get_acls(SESSION) form = pagure.forms.NewTokenForm(acls=acls) - print flask.request.form if form.validate_on_submit(): - print form.acls.data try: msg = pagure.lib.add_token_to_user( SESSION, @@ -1034,3 +1033,46 @@ def add_token(repo, username=None): username=username, repo=repo, ) + + +@APP.route('//token/revoke/', methods=['POST']) +@APP.route('/fork///token/revoke/', + methods=['POST']) +@cla_required +def revoke_api_token(repo, token_id, username=None): + """ Revokie a token to a specified project. + """ + if admin_session_timedout(): + return flask.redirect( + flask.url_for('auth_login', next=flask.request.url)) + + repo = pagure.lib.get_project(SESSION, repo, user=username) + + if not repo: + flask.abort(404, 'Project not found') + + token = pagure.lib.get_api_token(SESSION, token_id) + + if not token \ + or token.project.fullname != repo.fullname \ + or token.user.username != flask.g.fas_user.username: + flask.abort(404, 'Token not found') + + form = pagure.forms.ConfirmationForm() + + if form.validate_on_submit(): + try: + token.expiration = datetime.datetime.utcnow() + SESSION.commit() + flask.flash('Token revoked') + except SQLAlchemyError as err: # pragma: no cover + SESSION.rollback() + APP.logger.exception(err) + flask.flash( + 'Token could not be revoked, please contact an admin', + 'error') + + return flask.redirect( + flask.url_for( + '.view_settings', repo=repo.name, username=username) + )