Module: API::Helpers::PersonalAccessTokensHelpers

Defined in:

lib/api/helpers/personal_access_tokens_helpers.rb

Instance Method Summary

• #find_token(id) ⇒ Object
• #finder_params(current_user) ⇒ Object
• #restrict_non_admins! ⇒ Object
• #revoke_token(token) ⇒ Object
• #user(user_id) ⇒ Object

Instance Method Details

#find_token(id) ⇒ Object

# File 'lib/api/helpers/personal_access_tokens_helpers.rb', line 27

def find_token(id)
  PersonalAccessToken.find(id) || not_found!
end

#finder_params(current_user) ⇒ Object

# File 'lib/api/helpers/personal_access_tokens_helpers.rb', line 6

def finder_params(current_user)
  user_param =
    if current_user.can_admin_all_resources?
      { user: user(params[:user_id]) }
    else
      { user: current_user, impersonation: false }
    end

  declared(params, include_missing: false).merge(user_param)
end

#restrict_non_admins! ⇒ Object

# File 'lib/api/helpers/personal_access_tokens_helpers.rb', line 21

def restrict_non_admins!
  return if params[:user_id].blank?

  unauthorized! unless Ability.allowed?(current_user, :read_user_personal_access_tokens, user(params[:user_id]))
end

#revoke_token(token) ⇒ Object

# File 'lib/api/helpers/personal_access_tokens_helpers.rb', line 31

def revoke_token(token)
  service = ::PersonalAccessTokens::RevokeService.new(current_user, token: token).execute

  service.success? ? no_content! : bad_request!(nil)
end

#user(user_id) ⇒ Object

# File 'lib/api/helpers/personal_access_tokens_helpers.rb', line 17

def user(user_id)
  UserFinder.new(user_id).find_by_id
end