gitlab-org--gitlab-foss/app/models/deploy_token.rb

class DeployToken < ActiveRecord::Base
  include Expirable
  include TokenAuthenticatable
  add_authentication_token_field :token

  AVAILABLE_SCOPES = %i(read_repository read_registry).freeze

  has_many :project_deploy_tokens, inverse_of: :deploy_token
  has_many :projects, through: :project_deploy_tokens

  validate :ensure_at_least_one_scope
  before_save :ensure_token

  accepts_nested_attributes_for :project_deploy_tokens

  scope :active, -> { where("revoked = false AND (expires_at >= NOW() OR expires_at IS NULL)") }
  scope :read_repository, -> { where(read_repository: true) }
  scope :read_registry, -> { where(read_registry: true) }

  def revoke!
    update!(revoked: true)
  end

  def active?
    !revoked
  end

  def scopes
    AVAILABLE_SCOPES.select { |token_scope| send("#{token_scope}") }  # rubocop:disable GitlabSecurity/PublicSend
  end

  def username
    "gitlab+deploy-token-#{id}"
  end

  def has_access_to?(requested_project)
    project == requested_project
  end

  def project
    projects.first
  end

  private

  def ensure_at_least_one_scope
    errors.add(:base, "Scopes can't be blank") unless read_repository || read_registry
  end
end
Create barebones for Deploytoken Includes: - Model, factories, create service and controller actions - As usual, includes specs for everything - Builds UI (copy from PAT) - Add revoke action Closes #31591 2018-03-19 16:11:12 +00:00			`class DeployToken < ActiveRecord::Base`
			`include Expirable`
			`include TokenAuthenticatable`
			`add_authentication_token_field :token`

Include ProjectDeployTokens Also: - Changes scopes from serializer to use boolean columns - Fixes broken specs 2018-04-05 17:22:34 +00:00			`AVAILABLE_SCOPES = %i(read_repository read_registry).freeze`
Create barebones for Deploytoken Includes: - Model, factories, create service and controller actions - As usual, includes specs for everything - Builds UI (copy from PAT) - Add revoke action Closes #31591 2018-03-19 16:11:12 +00:00
Include ProjectDeployTokens Also: - Changes scopes from serializer to use boolean columns - Fixes broken specs 2018-04-05 17:22:34 +00:00			`has_many :project_deploy_tokens, inverse_of: :deploy_token`
			`has_many :projects, through: :project_deploy_tokens`
Create barebones for Deploytoken Includes: - Model, factories, create service and controller actions - As usual, includes specs for everything - Builds UI (copy from PAT) - Add revoke action Closes #31591 2018-03-19 16:11:12 +00:00
Include ProjectDeployTokens Also: - Changes scopes from serializer to use boolean columns - Fixes broken specs 2018-04-05 17:22:34 +00:00			`validate :ensure_at_least_one_scope`
Create barebones for Deploytoken Includes: - Model, factories, create service and controller actions - As usual, includes specs for everything - Builds UI (copy from PAT) - Add revoke action Closes #31591 2018-03-19 16:11:12 +00:00			`before_save :ensure_token`

Include ProjectDeployTokens Also: - Changes scopes from serializer to use boolean columns - Fixes broken specs 2018-04-05 17:22:34 +00:00			`accepts_nested_attributes_for :project_deploy_tokens`

Create barebones for Deploytoken Includes: - Model, factories, create service and controller actions - As usual, includes specs for everything - Builds UI (copy from PAT) - Add revoke action Closes #31591 2018-03-19 16:11:12 +00:00			`scope :active, -> { where("revoked = false AND (expires_at >= NOW() OR expires_at IS NULL)") }`
Include ProjectDeployTokens Also: - Changes scopes from serializer to use boolean columns - Fixes broken specs 2018-04-05 17:22:34 +00:00			`scope :read_repository, -> { where(read_repository: true) }`
			`scope :read_registry, -> { where(read_registry: true) }`
Create barebones for Deploytoken Includes: - Model, factories, create service and controller actions - As usual, includes specs for everything - Builds UI (copy from PAT) - Add revoke action Closes #31591 2018-03-19 16:11:12 +00:00
Include ProjectDeployTokens Also: - Changes scopes from serializer to use boolean columns - Fixes broken specs 2018-04-05 17:22:34 +00:00			`def revoke!`
			`update!(revoked: true)`
Create barebones for Deploytoken Includes: - Model, factories, create service and controller actions - As usual, includes specs for everything - Builds UI (copy from PAT) - Add revoke action Closes #31591 2018-03-19 16:11:12 +00:00			`end`
Implement 'read_repo' for DeployTokens This will allow to download a repo using the token from the DeployToken 2018-03-29 22:56:35 +00:00
			`def active?`
			`!revoked`
			`end`

Include ProjectDeployTokens Also: - Changes scopes from serializer to use boolean columns - Fixes broken specs 2018-04-05 17:22:34 +00:00			`def scopes`
			`AVAILABLE_SCOPES.select { \|token_scope\| send("#{token_scope}") } # rubocop:disable GitlabSecurity/PublicSend`
			`end`

Implement 'read_repo' for DeployTokens This will allow to download a repo using the token from the DeployToken 2018-03-29 22:56:35 +00:00			`def username`
Support Deploy Tokens properly without hacking abilities 2018-04-05 13:49:18 +00:00			`"gitlab+deploy-token-#{id}"`
			`end`

Include ProjectDeployTokens Also: - Changes scopes from serializer to use boolean columns - Fixes broken specs 2018-04-05 17:22:34 +00:00			`def has_access_to?(requested_project)`
Increase test suite around deploy tokens behavior Also, fixes broken specs 2018-04-06 03:02:13 +00:00			`project == requested_project`
Include ProjectDeployTokens Also: - Changes scopes from serializer to use boolean columns - Fixes broken specs 2018-04-05 17:22:34 +00:00			`end`

			`def project`
			`projects.first`
			`end`

			`private`

			`def ensure_at_least_one_scope`
			`errors.add(:base, "Scopes can't be blank") unless read_repository \|\| read_registry`
Implement 'read_repo' for DeployTokens This will allow to download a repo using the token from the DeployToken 2018-03-29 22:56:35 +00:00			`end`
Create barebones for Deploytoken Includes: - Model, factories, create service and controller actions - As usual, includes specs for everything - Builds UI (copy from PAT) - Add revoke action Closes #31591 2018-03-19 16:11:12 +00:00			`end`