diff options
Diffstat (limited to 'app/lib')
-rw-r--r-- | app/lib/access_token_extension.rb | 4 | ||||
-rw-r--r-- | app/lib/application_extension.rb | 4 | ||||
-rw-r--r-- | app/lib/scope_parser.rb | 10 | ||||
-rw-r--r-- | app/lib/scope_transformer.rb | 40 |
4 files changed, 58 insertions, 0 deletions
diff --git a/app/lib/access_token_extension.rb b/app/lib/access_token_extension.rb index 3e184e775..2cafaaa20 100644 --- a/app/lib/access_token_extension.rb +++ b/app/lib/access_token_extension.rb @@ -11,6 +11,10 @@ module AccessTokenExtension update(revoked_at: clock.now.utc) end + def update_last_used(request, clock = Time) + update(last_used_at: clock.now.utc, last_used_ip: request.remote_ip) + end + def push_to_streaming_api Redis.current.publish("timeline:access_token:#{id}", Oj.dump(event: :kill)) if revoked? || destroyed? end diff --git a/app/lib/application_extension.rb b/app/lib/application_extension.rb index e61cd0721..a1fea6430 100644 --- a/app/lib/application_extension.rb +++ b/app/lib/application_extension.rb @@ -8,4 +8,8 @@ module ApplicationExtension validates :website, url: true, length: { maximum: 2_000 }, if: :website? validates :redirect_uri, length: { maximum: 2_000 } end + + def most_recently_used_access_token + @most_recently_used_access_token ||= access_tokens.where.not(last_used_at: nil).order(last_used_at: :desc).first + end end diff --git a/app/lib/scope_parser.rb b/app/lib/scope_parser.rb new file mode 100644 index 000000000..d268688c8 --- /dev/null +++ b/app/lib/scope_parser.rb @@ -0,0 +1,10 @@ +# frozen_string_literal: true + +class ScopeParser < Parslet::Parser + rule(:term) { match('[a-z]').repeat(1).as(:term) } + rule(:colon) { str(':') } + rule(:access) { (str('write') | str('read')).as(:access) } + rule(:namespace) { str('admin').as(:namespace) } + rule(:scope) { ((namespace >> colon).maybe >> ((access >> colon >> term) | access | term)).as(:scope) } + root(:scope) +end diff --git a/app/lib/scope_transformer.rb b/app/lib/scope_transformer.rb new file mode 100644 index 000000000..fdfc6cf13 --- /dev/null +++ b/app/lib/scope_transformer.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: true + +class ScopeTransformer < Parslet::Transform + class Scope + DEFAULT_TERM = 'all' + DEFAULT_ACCESS = %w(read write).freeze + + attr_reader :namespace, :term + + def initialize(scope) + @namespace = scope[:namespace]&.to_s + @access = scope[:access] ? [scope[:access].to_s] : DEFAULT_ACCESS.dup + @term = scope[:term]&.to_s || DEFAULT_TERM + end + + def key + @key ||= [@namespace, @term].compact.join('/') + end + + def access + @access.join('/') + end + + def merge(other_scope) + clone.merge!(other_scope) + end + + def merge!(other_scope) + raise ArgumentError unless other_scope.namespace == namespace && other_scope.term == term + + @access.concat(other_scope.instance_variable_get('@access')) + @access.uniq! + @access.sort! + + self + end + end + + rule(scope: subtree(:scope)) { Scope.new(scope) } +end |