aboutsummaryrefslogtreecommitdiff
path: root/gn3
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2023-07-03 10:46:12 +0300
committerFrederick Muriuki Muriithi2023-07-03 10:46:12 +0300
commit424a515120478998592663725d2d1186d36304f4 (patch)
tree0ab83cd5fee89c9db87620471b36f5f39b1f92c0 /gn3
parent53d3a59c6f07f586a07438957869d834f36c4d11 (diff)
downloadgenenetwork3-424a515120478998592663725d2d1186d36304f4.tar.gz
Enable deletion of OAuth2 clients.
Diffstat (limited to 'gn3')
-rw-r--r--gn3/auth/authentication/oauth2/models/oauth2client.py10
-rw-r--r--gn3/auth/authorisation/users/admin/views.py26
-rw-r--r--gn3/templates/admin/list-oauth2-clients.html9
3 files changed, 41 insertions, 4 deletions
diff --git a/gn3/auth/authentication/oauth2/models/oauth2client.py b/gn3/auth/authentication/oauth2/models/oauth2client.py
index 564ed32..2a307e3 100644
--- a/gn3/auth/authentication/oauth2/models/oauth2client.py
+++ b/gn3/auth/authentication/oauth2/models/oauth2client.py
@@ -222,3 +222,13 @@ def oauth2_clients(conn: db.DbConnection) -> tuple[OAuth2Client, ...]:
json.loads(result["client_metadata"]),
the_users[UUID(result["user_id"])])
for result in clients_rs)
+
+def delete_client(conn: db.DbConnection, the_client: OAuth2Client) -> OAuth2Client:
+ """Delete the given client from the database"""
+ with db.cursor(conn) as cursor:
+ params = (str(the_client.client_id),)
+ cursor.execute("DELETE FROM authorisation_code WHERE client_id=?",
+ params)
+ cursor.execute("DELETE FROM oauth2_tokens WHERE client_id=?", params)
+ cursor.execute("DELETE FROM oauth2_clients WHERE client_id=?", params)
+ return the_client
diff --git a/gn3/auth/authorisation/users/admin/views.py b/gn3/auth/authorisation/users/admin/views.py
index c199b9f..ca4be5f 100644
--- a/gn3/auth/authorisation/users/admin/views.py
+++ b/gn3/auth/authorisation/users/admin/views.py
@@ -25,7 +25,8 @@ from gn3.auth.authentication.oauth2.models.oauth2client import (
save_client,
OAuth2Client,
oauth2_clients,
- client as oauth2_client)
+ client as oauth2_client,
+ delete_client as _delete_client)
from gn3.auth.authentication.users import (
User,
user_by_id,
@@ -156,11 +157,11 @@ def register_client():
client=client,
client_secret = raw_client_secret)
-def __parse_client__(sqlite3Row) -> dict:
+def __parse_client__(sqlite3_row) -> dict:
"""Parse the client details into python datatypes."""
return {
- **dict(sqlite3Row),
- "client_metadata": json.loads(sqlite3Row["client_metadata"])
+ **dict(sqlite3_row),
+ "client_metadata": json.loads(sqlite3_row["client_metadata"])
}
@admin.route("/list-client", methods=["GET"])
@@ -210,3 +211,20 @@ def edit_client():
flash("Client updated.", "alert-success")
return redirect(url_for("oauth2.admin.view_client",
client_id=the_client.client_id))
+
+@admin.route("/delete-client", methods=["POST"])
+@is_admin
+def delete_client():
+ """Delete the details of the client."""
+ form = request.form
+ the_client = with_db_connection(partial(
+ oauth2_client, client_id=uuid.UUID(form["client_id"])))
+ if the_client.is_nothing():
+ flash("No such client.", "alert-error")
+ return redirect(url_for("oauth2.admin.list_clients"))
+ the_client = the_client.value
+ with_db_connection(partial(_delete_client, client=the_client))
+ flash((f"Client '{the_client.client_metadata.client_name}' was deleted "
+ "successfully."),
+ "alert-success")
+ return redirect(url_for("oauth2.admin.list_clients"))
diff --git a/gn3/templates/admin/list-oauth2-clients.html b/gn3/templates/admin/list-oauth2-clients.html
index 02f73d4..030c2e9 100644
--- a/gn3/templates/admin/list-oauth2-clients.html
+++ b/gn3/templates/admin/list-oauth2-clients.html
@@ -32,6 +32,15 @@
View/Edit
</a>
</td>
+ <td>
+ <form id="frm:delete:{{client.client_id}}"
+ action="{{url_for('oauth2.admin.delete_client')}}"
+ method="POST">
+ <input type="hidden" name="client_id" value="{{client.client_id}}" />
+ <input type="submit" value="Delete"
+ title"Delete client {{client.client_metadata.client_name}}" />
+ </form>
+ </td>
</tr>
{%else%}
<tr>