Class: Token

Inherits:
ActiveRecord::Base
  • Object
show all
Defined in:
app/models/token.rb

Overview

Redmine - project management software Copyright (C) 2006-2017 Jean-Philippe Lang

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Since:

  • 0.4.0

Class Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Class Attribute Details

.actionsObject (readonly)

Returns the value of attribute actions

Since:

  • 3.4.0



28
29
30
# File 'app/models/token.rb', line 28

def actions
  @actions
end

Class Method Details

.add_action(name, options) ⇒ Object

Since:

  • 3.4.0



30
31
32
33
34
# File 'app/models/token.rb', line 30

def add_action(name, options)
  options.assert_valid_keys(:max_instances, :validity_time)
  @actions ||= {}
  @actions[name.to_s] = options
end

.destroy_expiredObject

Delete all expired tokens



72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
# File 'app/models/token.rb', line 72

def self.destroy_expired
  t = Token.arel_table

  # Unknown actions have default validity_time
  condition = t[:action].not_in(self.actions.keys).and(t[:created_on].lt(invalid_when_created_before))

  self.actions.each do |action, options|
    validity_time = invalid_when_created_before(action)

    # Do not delete tokens, which don't become invalid
    next if validity_time.nil?

    condition = condition.or(
      t[:action].eq(action).and(t[:created_on].lt(validity_time))
    )
  end

  Token.where(condition).delete_all
end

.find_active_user(action, key, validity_days = nil) ⇒ Object

Returns the active user who owns the key for the given action

Since:

  • 2.3.0



93
94
95
96
97
98
# File 'app/models/token.rb', line 93

def self.find_active_user(action, key, validity_days=nil)
  user = find_user(action, key, validity_days)
  if user && user.active?
    user
  end
end

.find_token(action, key, validity_days = nil) ⇒ Object

Returns the token for action and key with an optional validity duration (in number of days)

Since:

  • 2.3.0



110
111
112
113
114
115
116
117
118
119
120
121
# File 'app/models/token.rb', line 110

def self.find_token(action, key, validity_days=nil)
  action = action.to_s
  key = key.to_s
  return nil unless action.present? && key =~ /\A[a-z0-9]+\z/i

  token = Token.find_by(:action => action, :value => key)
  if token && (token.action == action) && (token.value == key) && token.user
    if validity_days.nil? || (token.created_on > validity_days.days.ago)
      token
    end
  end
end

.find_user(action, key, validity_days = nil) ⇒ Object

Returns the user who owns the key for the given action

Since:

  • 2.3.0



101
102
103
104
105
106
# File 'app/models/token.rb', line 101

def self.find_user(action, key, validity_days=nil)
  token = find_token(action, key, validity_days)
  if token
    token.user
  end
end

.generate_token_valueObject



123
124
125
# File 'app/models/token.rb', line 123

def self.generate_token_value
  Redmine::Utils.random_hex(20)
end

.invalid_when_created_before(action = nil) ⇒ Object

Since:

  • 3.4.0



58
59
60
61
62
63
64
65
66
67
68
69
# File 'app/models/token.rb', line 58

def self.invalid_when_created_before(action = nil)
  if Token.actions.has_key?(action)
    validity_time = Token.actions[action][:validity_time]
    validity_time = validity_time.call(action) if validity_time.respond_to? :call
  else
    validity_time = self.validity_time
  end

  if validity_time
    Time.now - validity_time
  end
end

Instance Method Details

#expired?Boolean

Return true if token has expired

Returns:

  • (Boolean)


49
50
51
52
# File 'app/models/token.rb', line 49

def expired?
  validity_time = self.class.invalid_when_created_before(action)
  validity_time.present? && created_on < validity_time
end

#generate_new_tokenObject

Since:

  • 1.3.0



44
45
46
# File 'app/models/token.rb', line 44

def generate_new_token
  self.value = Token.generate_token_value
end

#max_instancesObject

Since:

  • 3.4.0



54
55
56
# File 'app/models/token.rb', line 54

def max_instances
  Token.actions.has_key?(action) ? Token.actions[action][:max_instances] : 1
end