Class: Groups::AgnosticTokenRevocationService
- Inherits:
-
BaseService
- Object
- BaseService
- BaseService
- Groups::AgnosticTokenRevocationService
- Defined in:
- app/services/groups/agnostic_token_revocation_service.rb
Overview
rubocop:disable Gitlab/BoundedContexts – This service is strictly related to groups
Constant Summary collapse
- AUDIT_SOURCE =
:group_token_revocation_service
Instance Attribute Summary
Attributes inherited from BaseService
Attributes inherited from BaseService
Instance Method Summary collapse
- #execute ⇒ Object
-
#initialize(group, current_user, plaintext) ⇒ AgnosticTokenRevocationService
constructor
A new instance of AgnosticTokenRevocationService.
Methods included from BaseServiceUtility
#deny_visibility_level, #event_service, #log_error, #log_info, #notification_service, #system_hook_service, #todo_service, #visibility_level
Methods included from Gitlab::Allowable
Constructor Details
#initialize(group, current_user, plaintext) ⇒ AgnosticTokenRevocationService
Returns a new instance of AgnosticTokenRevocationService.
22 23 24 25 26 |
# File 'app/services/groups/agnostic_token_revocation_service.rb', line 22 def initialize(group, current_user, plaintext) @group = group @current_user = current_user @plaintext = plaintext.to_s end |
Instance Method Details
#execute ⇒ Object
28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
# File 'app/services/groups/agnostic_token_revocation_service.rb', line 28 def execute return error("Feature not enabled") unless Feature.enabled?(:group_agnostic_token_revocation, group) return error("Group cannot be a subgroup") if group.subgroup? return error("Unauthorized") unless can?(current_user, :admin_group, group) @token = ::Authn::AgnosticTokenIdentifier.token_for(plaintext, AUDIT_SOURCE) @revocable = token.revocable unless token.blank? # Perform checks based on token type and group scope: case token when ::Authn::Tokens::PersonalAccessToken handle_personal_access_token when ::Authn::Tokens::DeployToken handle_deploy_token when ::Authn::Tokens::FeedToken handle_feed_token else error('Unsupported token type') end end |