diff options
Diffstat (limited to 'app/finders/personal_access_tokens_finder.rb')
-rw-r--r-- | app/finders/personal_access_tokens_finder.rb | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/app/finders/personal_access_tokens_finder.rb b/app/finders/personal_access_tokens_finder.rb index e3d5f2ae8de..93f8c520b63 100644 --- a/app/finders/personal_access_tokens_finder.rb +++ b/app/finders/personal_access_tokens_finder.rb @@ -5,12 +5,14 @@ class PersonalAccessTokensFinder delegate :build, :find, :find_by_id, :find_by_token, to: :execute - def initialize(params = {}) + def initialize(params = {}, current_user = nil) @params = params + @current_user = current_user end def execute tokens = PersonalAccessToken.all + tokens = by_current_user(tokens) tokens = by_user(tokens) tokens = by_impersonation(tokens) tokens = by_state(tokens) @@ -20,6 +22,15 @@ class PersonalAccessTokensFinder private + attr_reader :current_user + + def by_current_user(tokens) + return tokens if current_user.nil? || current_user.admin? + return PersonalAccessToken.none unless Ability.allowed?(current_user, :read_user_personal_access_tokens, params[:user]) + + tokens + end + def by_user(tokens) return tokens unless @params[:user] |