Add a scopes column to the personal_access_tokens table

2016-11-22 14:23:53 +05:30 · 2016-11-22 14:23:53 +05:30 · 1d0ccec6dd
commit 1d0ccec6dd
parent 49a70d1e45
5 changed files with 79 additions and 0 deletions
--- a/app/models/personal_access_token.rb
+++ b/app/models/personal_access_token.rb
@ -2,6 +2,8 @@ class PersonalAccessToken < ActiveRecord::Base
  include TokenAuthenticatable
  add_authentication_token_field :token

+  serialize :scopes, Array
+
  belongs_to :user

  scope :active, -> { where(revoked: false).where("expires_at >= NOW() OR expires_at IS NULL") }
--- a/db/migrate/20160823083941_add_column_scopes_to_personal_access_tokens.rb
+++ b/db/migrate/20160823083941_add_column_scopes_to_personal_access_tokens.rb
@ -0,0 +1,36 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class AddColumnScopesToPersonalAccessTokens < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  # Set this constant to true if this migration requires downtime.
+  DOWNTIME = false
+
+  # When a migration requires downtime you **must** uncomment the following
+  # constant and define a short and easy to understand explanation as to why the
+  # migration requires downtime.
+  # DOWNTIME_REASON = ''
+
+  # When using the methods "add_concurrent_index" or "add_column_with_default"
+  # you must disable the use of transactions as these methods can not run in an
+  # existing transaction. When using "add_concurrent_index" make sure that this
+  # method is the _only_ method called in the migration, any other changes
+  # should go in a separate migration. This ensures that upon failure _only_ the
+  # index creation fails and can be retried or reverted easily.
+  #
+  # To disable transactions uncomment the following line and remove these
+  # comments:
+  disable_ddl_transaction!
+
+  def up
+    # The default needs to be `[]`, but all existing access tokens need to have `scopes` set to `['api']`.
+    # It's easier to achieve this by adding the column with the `['api']` default, and then changing the default to
+    # `[]`.
+    add_column_with_default :personal_access_tokens, :scopes, :string, default: ['api'].to_yaml
+  end
+
+  def down
+    remove_column :personal_access_tokens, :scopes
+  end
+end
--- a/db/migrate/20160824121037_change_personal_access_tokens_default_back_to_empty_array.rb
+++ b/db/migrate/20160824121037_change_personal_access_tokens_default_back_to_empty_array.rb
@ -0,0 +1,39 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class ChangePersonalAccessTokensDefaultBackToEmptyArray < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  # Set this constant to true if this migration requires downtime.
+  DOWNTIME = false
+
+  # When a migration requires downtime you **must** uncomment the following
+  # constant and define a short and easy to understand explanation as to why the
+  # migration requires downtime.
+  # DOWNTIME_REASON = ''
+
+  # When using the methods "add_concurrent_index" or "add_column_with_default"
+  # you must disable the use of transactions as these methods can not run in an
+  # existing transaction. When using "add_concurrent_index" make sure that this
+  # method is the _only_ method called in the migration, any other changes
+  # should go in a separate migration. This ensures that upon failure _only_ the
+  # index creation fails and can be retried or reverted easily.
+  #
+  # To disable transactions uncomment the following line and remove these
+  # comments:
+  # disable_ddl_transaction!
+
+  def up
+    # The default needs to be `[]`, but all existing access tokens need to have `scopes` set to `['api']`.
+    # It's easier to achieve this by adding the column with the `['api']` default, and then changing the default to
+    # `[]`.
+    change_column_default :personal_access_tokens, :scopes, [].to_yaml
+  end
+
+  def down
+    # The default needs to be `[]`, but all existing access tokens need to have `scopes` set to `['api']`.
+    # It's easier to achieve this by adding the column with the `['api']` default, and then changing the default to
+    # `[]`.
+    change_column_default :personal_access_tokens, :scopes, ['api'].to_yaml
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -854,6 +854,7 @@ ActiveRecord::Schema.define(version: 20161212142807) do
    t.datetime "expires_at"
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
+    t.string   "scopes", default: "--- []\n", null: false
  end

  add_index "personal_access_tokens", ["token"], name: "index_personal_access_tokens_on_token", unique: true, using: :btree
--- a/spec/factories/personal_access_tokens.rb
+++ b/spec/factories/personal_access_tokens.rb
@ -5,5 +5,6 @@ FactoryGirl.define do
    name { FFaker::Product.brand }
    revoked false
    expires_at { 5.days.from_now }
+    scopes ['api']
  end
 end