1 class ApiClientAuthorization < ArvadosModel
3 include CommonApiTemplate
7 after_initialize :assign_random_api_token
8 serialize :scopes, Array
10 api_accessible :user, extend: :common do |t|
15 t.add :created_by_ip_address
16 t.add :default_owner_uuid
19 t.add :last_used_by_ip_address
23 UNLOGGED_CHANGES = ['last_used_at', 'last_used_by_ip_address', 'updated_at']
25 def assign_random_api_token
26 self.api_token ||= rand(2**256).to_s(36)
33 self.user_id_changed? ? User.where(id: self.user_id_was).first.andand.uuid : self.user.andand.uuid
35 def owner_uuid_changed?
47 self.api_token_changed?
50 def modified_by_client_uuid
53 def modified_by_client_uuid=(x) end
55 def modified_by_user_uuid
58 def modified_by_user_uuid=(x) end
63 def modified_at=(x) end
65 def scopes_allow?(req_s)
66 scopes.each do |scope|
67 return true if (scope == 'all') or (scope == req_s) or
68 ((scope.end_with? '/') and (req_s.start_with? scope))
73 def scopes_allow_request?(request)
74 scopes_allow? [request.request_method, request.path].join(' ')
78 attrs = attributes.dup
79 attrs.delete('api_token')
85 def permission_to_create
86 current_user.andand.is_admin or (current_user.andand.id == self.user_id)
89 def permission_to_update
90 (permission_to_create and
91 not self.user_id_changed? and
92 not self.owner_uuid_changed?)
96 super unless (changed - UNLOGGED_CHANGES).empty?