Add latest changes from gitlab-org/gitlab@14-8-stable-eev14.8.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-02-18 09:45:46 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-02-18 09:45:46 +0000
commit: a7b3560714b4d9cc4ab32dffcd1f74a284b93580 (patch)
tree: 7452bd5c3545c2fa67a28aa013835fb4fa071baf /app/models/concerns/token_authenticatable_strategies
parent: ee9173579ae56a3dbfe5afe9f9410c65bb327ca7 (diff)
download: gitlab-ce-a7b3560714b4d9cc4ab32dffcd1f74a284b93580.tar.gz
1 files changed, 35 insertions, 1 deletions
diff --git a/app/models/concerns/token_authenticatable_strategies/base.rb b/app/models/concerns/token_authenticatable_strategies/base.rb
index f72a41f06b1..2cec4ab460e 100644
--- a/app/models/concerns/token_authenticatable_strategies/base.rb
+++ b/app/models/concerns/token_authenticatable_strategies/base.rb
@@ -7,6 +7,7 @@ module TokenAuthenticatableStrategies
     def initialize(klass, token_field, options)
       @klass = klass
       @token_field = token_field
+      @expires_at_field = "#{token_field}_expires_at"
       @options = options
     end
 
@@ -44,6 +45,25 @@ module TokenAuthenticatableStrategies
       instance.save! if Gitlab::Database.read_write?
     end
 
+    def expires_at(instance)
+      instance.read_attribute(@expires_at_field)
+    end
+
+    def expired?(instance)
+      return false unless expirable? && token_expiration_enforced?
+
+      exp = expires_at(instance)
+      !!exp && Time.current > exp
+    end
+
+    def expirable?
+      !!@options[:expires_at]
+    end
+
+    def token_with_expiration(instance)
+      API::Support::TokenWithExpiration.new(self, instance)
+    end
+
     def self.fabricate(model, field, options)
       if options[:digest] && options[:encrypted]
         raise ArgumentError, _('Incompatible options set!')
@@ -64,6 +84,10 @@ module TokenAuthenticatableStrategies
       new_token = generate_available_token
       formatted_token = format_token(instance, new_token)
       set_token(instance, formatted_token)
+
+      if expirable?
+        instance[@expires_at_field] = @options[:expires_at].to_proc.call(instance)
+      end
     end
 
     def unique
@@ -82,11 +106,21 @@ module TokenAuthenticatableStrategies
     end
 
     def relation(unscoped)
-      unscoped ? @klass.unscoped : @klass
+      unscoped ? @klass.unscoped : @klass.where(not_expired)
     end
 
     def token_set?(instance)
       raise NotImplementedError
     end
+
+    def token_expiration_enforced?
+      return true unless @options[:expiration_enforced?]
+
+      @options[:expiration_enforced?].to_proc.call(@klass)
+    end
+
+    def not_expired
+      Arel.sql("#{@expires_at_field} IS NULL OR #{@expires_at_field} >= NOW()") if expirable? && token_expiration_enforced?
+    end
   end
 end
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-02-18 09:45:46 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-02-18 09:45:46 +0000
commit	a7b3560714b4d9cc4ab32dffcd1f74a284b93580 (patch)
tree	7452bd5c3545c2fa67a28aa013835fb4fa071baf /app/models/concerns/token_authenticatable_strategies
parent	ee9173579ae56a3dbfe5afe9f9410c65bb327ca7 (diff)
download	gitlab-ce-a7b3560714b4d9cc4ab32dffcd1f74a284b93580.tar.gz