diff options
| author | Timothy Andrew <mail@timothyandrew.net> | 2016-12-05 22:55:53 +0530 |
|---|---|---|
| committer | Timothy Andrew <mail@timothyandrew.net> | 2016-12-16 16:29:32 +0530 |
| commit | b303948ff549ce57d3b6985c2c366dfcdc5a2ca3 (patch) | |
| tree | 3d286b8704e63cf8c26b10a1f0c538d77f24ab6b /app/services/access_token_validation_service.rb | |
| parent | f706a973c26f9de9a1f1599d532b33e9e66a80bb (diff) | |
| download | gitlab-ce-b303948ff549ce57d3b6985c2c366dfcdc5a2ca3.tar.gz | |
Convert AccessTokenValidationService into a class.
- Previously, AccessTokenValidationService was a module, and all its public
methods accepted a token. It makes sense to convert it to a class which accepts
a token during initialization.
- Also rename the `sufficient_scope?` method to `include_any_scope?`
- Based on feedback from @rymai
Diffstat (limited to 'app/services/access_token_validation_service.rb')
| -rw-r--r-- | app/services/access_token_validation_service.rb | 38 |
1 files changed, 18 insertions, 20 deletions
diff --git a/app/services/access_token_validation_service.rb b/app/services/access_token_validation_service.rb index 69449f3a445..ddaaed90e5b 100644 --- a/app/services/access_token_validation_service.rb +++ b/app/services/access_token_validation_service.rb @@ -1,34 +1,32 @@ -module AccessTokenValidationService +AccessTokenValidationService = Struct.new(:token) do # Results: VALID = :valid EXPIRED = :expired REVOKED = :revoked INSUFFICIENT_SCOPE = :insufficient_scope - class << self - def validate(token, scopes: []) - if token.expired? - return EXPIRED + def validate(scopes: []) + if token.expired? + return EXPIRED - elsif token.revoked? - return REVOKED + elsif token.revoked? + return REVOKED - elsif !self.sufficient_scope?(token, scopes) - return INSUFFICIENT_SCOPE + elsif !self.include_any_scope?(scopes) + return INSUFFICIENT_SCOPE - else - return VALID - end + else + return VALID end + end - # True if the token's scope contains any of the required scopes. - def sufficient_scope?(token, required_scopes) - if required_scopes.blank? - true - else - # Check whether the token is allowed access to any of the required scopes. - Set.new(required_scopes).intersection(Set.new(token.scopes)).present? - end + # True if the token's scope contains any of the passed scopes. + def include_any_scope?(scopes) + if scopes.blank? + true + else + # Check whether the token is allowed access to any of the required scopes. + Set.new(scopes).intersection(Set.new(token.scopes)).present? end end end |