app/models/oauth2_application.rb

   1 class Oauth2Application < Doorkeeper::Application
   2   belongs_to :owner, :polymorphic => true
   3
   4   validate :allowed_scopes
   5
   6   def authorized_scopes_for(user)
   7     authorized_tokens.where(:resource_owner_id => user).sum(Doorkeeper::OAuth::Scopes.new, &:scopes)
   8   end
   9
  10   private
  11
  12   def allowed_scopes
  13     return if owner.administrator?
  14
  15     errors.add(:scopes) if scopes.any? { |scope| Oauth::PRIVILEGED_SCOPES.include?(scope) }
  16   end
  17 end