Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.
2023-10-14 21:53:50 +02:00 · 2023-10-14 21:53:50 +02:00 · 320faea827
parent 27bdd6df17
commit 320faea827
1 changed files with 15 additions and 0 deletions
--- a/app/lib/application_extension.rb
+++ b/app/lib/application_extension.rb
@ -4,14 +4,29 @@ module ApplicationExtension
  extend ActiveSupport::Concern

  included do
+    include Redisable
+
    has_many :created_users, class_name: 'User', foreign_key: 'created_by_application_id', inverse_of: :created_by_application

    validates :name, length: { maximum: 60 }
    validates :website, url: true, length: { maximum: 2_000 }, if: :website?
    validates :redirect_uri, length: { maximum: 2_000 }
+
+    # The relationship used between Applications and AccessTokens is using
+    # dependent: delete_all, which means the ActiveRecord callback in
+    # AccessTokenExtension is not run, so instead we manually announce to
+    # streaming that these tokens are being deleted.
+    before_destroy :push_to_streaming_api, prepend: true
  end

  def confirmation_redirect_uri
    redirect_uri.lines.first.strip
  end
+
+  def push_to_streaming_api
+    # TODO: #28793 Combine into a single topic
+    access_tokens.in_batches.each do |token|
+      redis.publish("timeline:access_token:#{token.id}", Oj.dump(event: :kill))
+    end
+  end
 end