blob: 55eff1e69aa29bdfaba603c4465559f0d7662984 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
# frozen_string_literal: true
module PersonalAccessTokens
class RotateService
EXPIRATION_PERIOD = 1.week
def initialize(current_user, token)
@current_user = current_user
@token = token
end
def execute(params = {})
return error_response(message: _('token already revoked')) if token.revoked?
response = ServiceResponse.success
PersonalAccessToken.transaction do
unless token.revoke!
response = error_response
raise ActiveRecord::Rollback
end
target_user = token.user
new_token = target_user.personal_access_tokens.create(create_token_params(token, params))
if new_token.persisted?
response = error_response unless update_bot_membership(target_user, new_token.expires_at)
response = success_response(new_token)
else
response = error_response(message: new_token.errors.full_messages.to_sentence)
raise ActiveRecord::Rollback
end
end
response
end
private
attr_reader :current_user, :token
def expires_at(params)
return params[:expires_at] if params[:expires_at]
params[:expires_at] || EXPIRATION_PERIOD.from_now.to_date
end
def success_response(new_token)
ServiceResponse.success(payload: { personal_access_token: new_token })
end
def error_response(message: _('failed to revoke token'))
ServiceResponse.error(message: message)
end
def create_token_params(token, params)
{ name: token.name,
previous_personal_access_token_id: token.id,
impersonation: token.impersonation,
scopes: token.scopes,
expires_at: expires_at(params) }
end
def update_bot_membership(target_user, expires_at)
return unless target_user.project_bot?
target_user.members.first.update(expires_at: expires_at)
end
end
end
PersonalAccessTokens::RotateService.prepend_mod
|