added expiration time for access tokens

kortirso · Jul 2, 2024 · f00a104 · f00a104
1 parent cbffcbb
commit f00a104
Show file tree

Hide file tree

Showing 8 changed files with 57 additions and 5 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,10 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
 ## Unreleased
+### Added
+- co-owners for accounts
+- expiration time for access tokens
+
 ### Modified
 - skip reseting invites email after accepting invite
 

diff --git a/app/controllers/access_tokens_controller.rb b/app/controllers/access_tokens_controller.rb
@@ -13,7 +13,7 @@ def new
 
   def create
     authorize! @tokenable, to: :update?
-    # commento: access_tokens.value
+    # commento: access_tokens.value, access_tokens.expired_at
     case create_form.call(tokenable: @tokenable, params: access_token_params)
     in { errors: errors } then redirect_to fail_redirect_path, alert: errors
     else redirect_to success_redirect_path
@@ -50,6 +50,9 @@ def fail_redirect_path
   end
 
   def access_token_params
-    params.require(:access_token).permit(:value)
+    hashable_params = params.require(:access_token).permit(:value)
+    expired_at = params[:access_token][:expired_at]
+    hashable_params[:expired_at] = DateTime.parse(expired_at) if expired_at
+    hashable_params
   end
 end
diff --git a/app/models/access_token.rb b/app/models/access_token.rb
@@ -11,4 +11,8 @@ class AccessToken < ApplicationRecord
   encrypts :value
 
   belongs_to :tokenable, polymorphic: true
+
+  def expired?
+    expired_at && expired_at < DateTime.now
+  end
 end
diff --git a/app/views/controllers/access_tokens/new.html.erb b/app/views/controllers/access_tokens/new.html.erb
@@ -6,8 +6,13 @@
         <%= form_with model: @access_token, url: @tokenable.is_a?(Company) ? company_access_tokens_path(@tokenable.uuid) : repository_access_tokens_path(@tokenable.uuid), method: :post, class: 'form-block inline-block w-full' do |form| %>
           <div class="form-field w-full">
             <%= form.label :value, 'Value', class: 'form-label' %>
-            <%= form.text_field :value, required: true, placeholder: "github_pat_****_******", class: 'form-value w-full' %>
+            <%= form.text_field :value, required: true, placeholder: 'github_pat_****_******', class: 'form-value w-full' %>
           </div>
+          <div class="form-field w-full">
+            <%= form.label :expired_at, 'Expiration time', class: 'form-label' %>
+            <%= form.text_field :expired_at, placeholder: '2024-01-31 13:45', class: 'form-value w-full' %>
+          </div>
+          <p class="-mt-4 text-sm">Expiration time can be set only for receiving notifications from PullKeeper</p>
           <%= form.submit 'Save access token', class: 'btn-primary mt-4' %>
         <% end %>
       </section>

diff --git a/db/migrate/20240702074229_add_expired_at_to_access_tokens.rb b/db/migrate/20240702074229_add_expired_at_to_access_tokens.rb
@@ -0,0 +1,5 @@
+class AddExpiredAtToAccessTokens < ActiveRecord::Migration[7.1]
+  def change
+    add_column :access_tokens, :expired_at, :datetime
+  end
+end
diff --git a/db/structure.sql b/db/structure.sql
@@ -273,7 +273,8 @@ CREATE TABLE public.access_tokens (
     tokenable_type character varying NOT NULL,
     value text NOT NULL,
     created_at timestamp(6) without time zone NOT NULL,
-    updated_at timestamp(6) without time zone NOT NULL
+    updated_at timestamp(6) without time zone NOT NULL,
+    expired_at timestamp(6) without time zone
 );
 
 
@@ -2437,6 +2438,7 @@ ALTER TABLE ONLY public.kudos_achievements
 SET search_path TO "$user", public;
 
 INSERT INTO "schema_migrations" (version) VALUES
+('20240702074229'),
 ('20240701132738'),
 ('20240624073726'),
 ('20240619082632'),

diff --git a/spec/controllers/access_tokens_controller_spec.rb b/spec/controllers/access_tokens_controller_spec.rb
@@ -87,14 +87,19 @@ def do_request
           context 'for valid params' do
             let(:request) {
               post :create, params: {
-                company_id: company.uuid, access_token: { value: 'github_pat_*****_******' }
+                company_id: company.uuid,
+                access_token: {
+                  value: 'github_pat_*****_******',
+                  expired_at: '2024-01-31 13:45'
+                }
               }
             }
 
             it 'creates access token and redirects', :aggregate_failures do
               request
 
               expect(AccessToken.where(tokenable: company).size).to eq 1
+              expect(AccessToken.last.expired_at).to eq DateTime.new(2024, 1, 31, 13, 45)
               expect(response).to redirect_to companies_path
             end
           end

diff --git a/spec/models/access_token_spec.rb b/spec/models/access_token_spec.rb
@@ -10,4 +10,28 @@
   describe 'associations' do
     it { is_expected.to belong_to(:tokenable) }
   end
+
+  describe '#expired?' do
+    let!(:access_token) { create :access_token, expired_at: nil }
+
+    it 'returns false' do
+      expect(access_token.expired?).to be_falsy
+    end
+
+    context 'with not expired value' do
+      before { access_token.update!(expired_at: 1.day.after) }
+
+      it 'returns false' do
+        expect(access_token.expired?).to be_falsy
+      end
+    end
+
+    context 'with expired value' do
+      before { access_token.update!(expired_at: 1.day.ago) }
+
+      it 'returns true' do
+        expect(access_token.expired?).to be_truthy
+      end
+    end
+  end
 end