Class: PersonalAccessTokens::RevokeTokenFamilyService

Inherits:
Object
  • Object
show all
Defined in:
app/services/personal_access_tokens/revoke_token_family_service.rb

Instance Method Summary collapse

Constructor Details

#initialize(token) ⇒ RevokeTokenFamilyService

Returns a new instance of RevokeTokenFamilyService.



5
6
7
 
# File 'app/services/personal_access_tokens/revoke_token_family_service.rb', line 5

def initialize(token)
  @token = token
end

Instance Method Details

#executeObject 



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 
# File 'app/services/personal_access_tokens/revoke_token_family_service.rb', line 9

def execute
  # A token family is a chain of rotated tokens. Once rotated, the previous
  # token is revoked. As a result, a single token id should be returned by
  # this query.
  # rubocop: disable CodeReuse/ActiveRecord
  token_ids = pat_family.active.pluck_primary_key

  # We create another query based on the previous if any id exists. An
  # alternative is to use a single query, like
  # `pat_family.active.update_all(...)`). However, #update_all ignores
  # the CTE, and tries to revoke *all* active tokens.
  PersonalAccessToken.where(id: token_ids).update_all(revoked: true) if token_ids.any?
  # rubocop: enable CodeReuse/ActiveRecord

  ServiceResponse.success
end