Class: PersonalAccessTokens::RevokeTokenFamilyService
- Inherits:
-
Object
- Object
- PersonalAccessTokens::RevokeTokenFamilyService
- Defined in:
- app/services/personal_access_tokens/revoke_token_family_service.rb
Instance Method Summary collapse
- #execute ⇒ Object
-
#initialize(token) ⇒ RevokeTokenFamilyService
constructor
A new instance of RevokeTokenFamilyService.
Constructor Details
#initialize(token) ⇒ RevokeTokenFamilyService
Returns a new instance of RevokeTokenFamilyService.
5 6 7 |
# File 'app/services/personal_access_tokens/revoke_token_family_service.rb', line 5 def initialize(token) @token = token end |
Instance Method Details
#execute ⇒ Object
9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
# File 'app/services/personal_access_tokens/revoke_token_family_service.rb', line 9 def execute # A token family is a chain of rotated tokens. Once rotated, the previous # token is revoked. As a result, a single token id should be returned by # this query. # rubocop: disable CodeReuse/ActiveRecord token_ids = pat_family.active.pluck_primary_key # We create another query based on the previous if any id exists. An # alternative is to use a single query, like # `pat_family.active.update_all(...)`). However, #update_all ignores # the CTE, and tries to revoke *all* active tokens. PersonalAccessToken.where(id: token_ids).update_all(revoked: true) if token_ids.any? # rubocop: enable CodeReuse/ActiveRecord ServiceResponse.success end |