Add expired/revoked scopes for doorkeeper models via extension modules (#29936)
parent
1622f7aeb9
commit
665f6f09a0
|
@ -0,0 +1,10 @@
|
||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
module AccessGrantExtension
|
||||||
|
extend ActiveSupport::Concern
|
||||||
|
|
||||||
|
included do
|
||||||
|
scope :expired, -> { where.not(expires_in: nil).where('created_at + MAKE_INTERVAL(secs => expires_in) < NOW()') }
|
||||||
|
scope :revoked, -> { where.not(revoked_at: nil).where(revoked_at: ...Time.now.utc) }
|
||||||
|
end
|
||||||
|
end
|
|
@ -9,6 +9,10 @@ module AccessTokenExtension
|
||||||
has_many :web_push_subscriptions, class_name: 'Web::PushSubscription', inverse_of: :access_token
|
has_many :web_push_subscriptions, class_name: 'Web::PushSubscription', inverse_of: :access_token
|
||||||
|
|
||||||
after_commit :push_to_streaming_api
|
after_commit :push_to_streaming_api
|
||||||
|
|
||||||
|
scope :expired, -> { where.not(expires_in: nil).where('created_at + MAKE_INTERVAL(secs => expires_in) < NOW()') }
|
||||||
|
scope :not_revoked, -> { where(revoked_at: nil) }
|
||||||
|
scope :revoked, -> { where.not(revoked_at: nil).where(revoked_at: ...Time.now.utc) }
|
||||||
end
|
end
|
||||||
|
|
||||||
def revoke(clock = Time)
|
def revoke(clock = Time)
|
||||||
|
|
|
@ -9,12 +9,12 @@ class Vacuum::AccessTokensVacuum
|
||||||
private
|
private
|
||||||
|
|
||||||
def vacuum_revoked_access_tokens!
|
def vacuum_revoked_access_tokens!
|
||||||
Doorkeeper::AccessToken.where.not(expires_in: nil).where('created_at + make_interval(secs => expires_in) < NOW()').in_batches.delete_all
|
Doorkeeper::AccessToken.expired.in_batches.delete_all
|
||||||
Doorkeeper::AccessToken.where.not(revoked_at: nil).where('revoked_at < NOW()').in_batches.delete_all
|
Doorkeeper::AccessToken.revoked.in_batches.delete_all
|
||||||
end
|
end
|
||||||
|
|
||||||
def vacuum_revoked_access_grants!
|
def vacuum_revoked_access_grants!
|
||||||
Doorkeeper::AccessGrant.where.not(expires_in: nil).where('created_at + make_interval(secs => expires_in) < NOW()').in_batches.delete_all
|
Doorkeeper::AccessGrant.expired.in_batches.delete_all
|
||||||
Doorkeeper::AccessGrant.where.not(revoked_at: nil).where('revoked_at < NOW()').in_batches.delete_all
|
Doorkeeper::AccessGrant.revoked.in_batches.delete_all
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -75,7 +75,7 @@ class Web::PushSubscription < ApplicationRecord
|
||||||
|
|
||||||
class << self
|
class << self
|
||||||
def unsubscribe_for(application_id, resource_owner)
|
def unsubscribe_for(application_id, resource_owner)
|
||||||
access_token_ids = Doorkeeper::AccessToken.where(application_id: application_id, resource_owner_id: resource_owner.id, revoked_at: nil).pluck(:id)
|
access_token_ids = Doorkeeper::AccessToken.where(application_id: application_id, resource_owner_id: resource_owner.id).not_revoked.pluck(:id)
|
||||||
where(access_token_id: access_token_ids).delete_all
|
where(access_token_id: access_token_ids).delete_all
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -115,6 +115,7 @@ module Mastodon
|
||||||
Doorkeeper::AuthorizationsController.layout 'modal'
|
Doorkeeper::AuthorizationsController.layout 'modal'
|
||||||
Doorkeeper::AuthorizedApplicationsController.layout 'admin'
|
Doorkeeper::AuthorizedApplicationsController.layout 'admin'
|
||||||
Doorkeeper::Application.include ApplicationExtension
|
Doorkeeper::Application.include ApplicationExtension
|
||||||
|
Doorkeeper::AccessGrant.include AccessGrantExtension
|
||||||
Doorkeeper::AccessToken.include AccessTokenExtension
|
Doorkeeper::AccessToken.include AccessTokenExtension
|
||||||
Devise::FailureApp.include AbstractController::Callbacks
|
Devise::FailureApp.include AbstractController::Callbacks
|
||||||
Devise::FailureApp.include Localized
|
Devise::FailureApp.include Localized
|
||||||
|
|
Loading…
Reference in New Issue