1 class ApiClientAuthorization < ArvadosModel
4 include CommonApiTemplate
8 after_initialize :assign_random_api_token
9 serialize :scopes, Array
11 api_accessible :user, extend: :common do |t|
16 t.add :created_by_ip_address
17 t.add :default_owner_uuid
20 t.add :last_used_by_ip_address
24 UNLOGGED_CHANGES = ['last_used_at', 'last_used_by_ip_address', 'updated_at']
26 def assign_random_api_token
27 self.api_token ||= rand(2**256).to_s(36)
34 self.user_id_changed? ? User.where(id: self.user_id_was).first.andand.uuid : self.user.andand.uuid
36 def owner_uuid_changed?
40 def modified_by_client_uuid
43 def modified_by_client_uuid=(x) end
45 def modified_by_user_uuid
48 def modified_by_user_uuid=(x) end
53 def modified_at=(x) end
55 def scopes_allow?(req_s)
56 scopes.each do |scope|
57 return true if (scope == 'all') or (scope == req_s) or
58 ((scope.end_with? '/') and (req_s.start_with? scope))
63 def scopes_allow_request?(request)
64 method = request.request_method
66 (scopes_allow?(['HEAD', request.path].join(' ')) ||
67 scopes_allow?(['GET', request.path].join(' ')))
69 scopes_allow?([method, request.path].join(' '))
74 super.except 'api_token'
77 def self.default_orders
78 ["#{table_name}.id desc"]
83 def permission_to_create
84 current_user.andand.is_admin or (current_user.andand.id == self.user_id)
87 def permission_to_update
88 (permission_to_create and
90 not user_id_changed? and
91 not owner_uuid_changed?)
95 super unless (changed - UNLOGGED_CHANGES).empty?