]> git.openstreetmap.org Git - rails.git/blob - app/models/oauth2_application.rb
Merge remote-tracking branch 'upstream/pull/4877'
[rails.git] / app / models / oauth2_application.rb
1 # == Schema Information
2 #
3 # Table name: oauth_applications
4 #
5 #  id           :bigint(8)        not null, primary key
6 #  owner_type   :string           not null
7 #  owner_id     :bigint(8)        not null
8 #  name         :string           not null
9 #  uid          :string           not null
10 #  secret       :string           not null
11 #  redirect_uri :text             not null
12 #  scopes       :string           default(""), not null
13 #  confidential :boolean          default(TRUE), not null
14 #  created_at   :datetime         not null
15 #  updated_at   :datetime         not null
16 #
17 # Indexes
18 #
19 #  index_oauth_applications_on_owner_type_and_owner_id  (owner_type,owner_id)
20 #  index_oauth_applications_on_uid                      (uid) UNIQUE
21 #
22 # Foreign Keys
23 #
24 #  fk_rails_...  (owner_id => users.id)
25 #
26 class Oauth2Application < Doorkeeper::Application
27   belongs_to :owner, :polymorphic => true
28
29   validate :allowed_scopes
30
31   def authorized_scopes_for(user)
32     authorized_tokens.where(:resource_owner_id => user).sum(Doorkeeper::OAuth::Scopes.new, &:scopes)
33   end
34
35   private
36
37   def allowed_scopes
38     return if owner.administrator?
39
40     errors.add(:scopes) if scopes.any? { |scope| Oauth::PRIVILEGED_SCOPES.include?(scope) }
41   end
42 end