gitlab-org--gitlab-foss/app/models/concerns/token_authenticatable.rb

# frozen_string_literal: true

module TokenAuthenticatable
  extend ActiveSupport::Concern

  private

  class_methods do
    private # rubocop:disable Lint/UselessAccessModifier

    def add_authentication_token_field(token_field, options = {})
      @token_fields = [] unless @token_fields
      unique = options.fetch(:unique, true)

      if @token_fields.include?(token_field)
        raise ArgumentError.new("#{token_field} already configured via add_authentication_token_field")
      end

      @token_fields << token_field

      attr_accessor :cleartext_tokens

      strategy = if options[:digest]
                   TokenAuthenticatableStrategies::Digest.new(self, token_field, options)
                 else
                   TokenAuthenticatableStrategies::Insecure.new(self, token_field, options)
                 end

      if unique
        define_singleton_method("find_by_#{token_field}") do |token|
          strategy.find_token_authenticatable(token)
        end
      end

      define_method(token_field) do
        strategy.get_token(self)
      end

      define_method("set_#{token_field}") do |token|
        strategy.set_token(self, token)
      end

      define_method("ensure_#{token_field}") do
        strategy.ensure_token(self)
      end

      # Returns a token, but only saves when the database is in read & write mode
      define_method("ensure_#{token_field}!") do
        strategy.ensure_token!(self)
      end

      # Resets the token, but only saves when the database is in read & write mode
      define_method("reset_#{token_field}!") do
        strategy.reset_token!(self)
      end
    end
  end
end
Enable more frozen string in app/models/*/.rb Partially addresses #47424. 2018-08-03 13:22:24 -04:00			`# frozen_string_literal: true`

Try to keep token authenticable compatibility 2014-07-09 08:42:25 -04:00			`module TokenAuthenticatable`
			`extend ActiveSupport::Concern`

Fix some useless access modifiers in the code 2016-06-30 08:41:19 -04:00			`private`

Refactor `TokenAuthenticatable` to improve reusability This adds a ability to use multiple different authentication token fields in other models. From now on it is necessary to add authentication token field manually in each class that implements this mixin. 2015-12-10 04:48:37 -05:00			`class_methods do`
Enable Rubocop cops for invalid access modifiers This enables following cops: Check for useless access modifiers Lint/UselessAccessModifier Checks for attempts to use `private` or `protected` to set the visibility of a class method, which does not work. Lint/IneffectiveAccessModifier This also disables two false possitives in concerns. 2016-07-19 09:07:52 -04:00			`private # rubocop:disable Lint/UselessAccessModifier`
Refactor `TokenAuthenticatable` to improve reusability This adds a ability to use multiple different authentication token fields in other models. From now on it is necessary to add authentication token field manually in each class that implements this mixin. 2015-12-10 04:48:37 -05:00
[master] Persist only SHA digest of PersonalAccessToken#token 2018-10-29 12:06:45 -04:00			`def add_authentication_token_field(token_field, options = {})`
Refactor `TokenAuthenticatable` to improve reusability This adds a ability to use multiple different authentication token fields in other models. From now on it is necessary to add authentication token field manually in each class that implements this mixin. 2015-12-10 04:48:37 -05:00			`@token_fields = [] unless @token_fields`
TokenAuthenticatable allows non-unique tokens Avoids needing an index to repeatedly check that the token doesn't already exist when saving. 2018-10-31 13:28:42 -04:00			`unique = options.fetch(:unique, true)`
[master] Persist only SHA digest of PersonalAccessToken#token 2018-10-29 12:06:45 -04:00
			`if @token_fields.include?(token_field)`
			`raise ArgumentError.new("#{token_field} already configured via add_authentication_token_field")`
			`end`

Refactor `TokenAuthenticatable` to improve reusability This adds a ability to use multiple different authentication token fields in other models. From now on it is necessary to add authentication token field manually in each class that implements this mixin. 2015-12-10 04:48:37 -05:00			`@token_fields << token_field`
Try to keep token authenticable compatibility 2014-07-09 08:42:25 -04:00
[master] Persist only SHA digest of PersonalAccessToken#token 2018-10-29 12:06:45 -04:00			`attr_accessor :cleartext_tokens`

			`strategy = if options[:digest]`
			`TokenAuthenticatableStrategies::Digest.new(self, token_field, options)`
			`else`
			`TokenAuthenticatableStrategies::Insecure.new(self, token_field, options)`
			`end`

TokenAuthenticatable allows non-unique tokens Avoids needing an index to repeatedly check that the token doesn't already exist when saving. 2018-10-31 13:28:42 -04:00			`if unique`
			`define_singleton_method("find_by_#{token_field}") do \|token\|`
			`strategy.find_token_authenticatable(token)`
			`end`
Refactor `TokenAuthenticatable` to improve reusability This adds a ability to use multiple different authentication token fields in other models. From now on it is necessary to add authentication token field manually in each class that implements this mixin. 2015-12-10 04:48:37 -05:00			`end`

[master] Persist only SHA digest of PersonalAccessToken#token 2018-10-29 12:06:45 -04:00			`define_method(token_field) do`
			`strategy.get_token(self)`
Add method that persist ensured token in `TokenAuthenticatable` 2015-12-23 04:47:18 -05:00			`end`

Allow users to seed the initial runner registration token using an environment variable This is useful for when runner is bundled with gitlab, like in a kubernetes stack, and we want the runner to be able to register with gitlab as soon as they both come up. 2016-10-02 18:30:44 -04:00			`define_method("set_#{token_field}") do \|token\|`
[master] Persist only SHA digest of PersonalAccessToken#token 2018-10-29 12:06:45 -04:00			`strategy.set_token(self, token)`
			`end`

			`define_method("ensure_#{token_field}") do`
			`strategy.ensure_token(self)`
Allow users to seed the initial runner registration token using an environment variable This is useful for when runner is bundled with gitlab, like in a kubernetes stack, and we want the runner to be able to register with gitlab as soon as they both come up. 2016-10-02 18:30:44 -04:00			`end`

Create idea of read-only database In GitLab EE, a GitLab instance can be read-only (e.g. when it's a Geo secondary node). But in GitLab CE it also might be useful to have the "read-only" idea around. So port it back to GitLab CE. Also having the principle of read-only in GitLab CE would hopefully lead to less errors introduced, doing write operations when there aren't allowed for read-only calls. Closes gitlab-org/gitlab-ce#37534. 2017-09-19 03:44:58 -04:00			`# Returns a token, but only saves when the database is in read & write mode`
Add method that persist ensured token in `TokenAuthenticatable` 2015-12-23 04:47:18 -05:00			`define_method("ensure_#{token_field}!") do`
[master] Persist only SHA digest of PersonalAccessToken#token 2018-10-29 12:06:45 -04:00			`strategy.ensure_token!(self)`
Refactor `TokenAuthenticatable` to improve reusability This adds a ability to use multiple different authentication token fields in other models. From now on it is necessary to add authentication token field manually in each class that implements this mixin. 2015-12-10 04:48:37 -05:00			`end`

Create idea of read-only database In GitLab EE, a GitLab instance can be read-only (e.g. when it's a Geo secondary node). But in GitLab CE it also might be useful to have the "read-only" idea around. So port it back to GitLab CE. Also having the principle of read-only in GitLab CE would hopefully lead to less errors introduced, doing write operations when there aren't allowed for read-only calls. Closes gitlab-org/gitlab-ce#37534. 2017-09-19 03:44:58 -04:00			`# Resets the token, but only saves when the database is in read & write mode`
Refactor `TokenAuthenticatable` to improve reusability This adds a ability to use multiple different authentication token fields in other models. From now on it is necessary to add authentication token field manually in each class that implements this mixin. 2015-12-10 04:48:37 -05:00			`define_method("reset_#{token_field}!") do`
[master] Persist only SHA digest of PersonalAccessToken#token 2018-10-29 12:06:45 -04:00			`strategy.reset_token!(self)`
Refactor `TokenAuthenticatable` to improve reusability This adds a ability to use multiple different authentication token fields in other models. From now on it is necessary to add authentication token field manually in each class that implements this mixin. 2015-12-10 04:48:37 -05:00			`end`
			`end`
Try to keep token authenticable compatibility 2014-07-09 08:42:25 -04:00			`end`
			`end`