]> git.openstreetmap.org Git - rails.git/blob - app/models/oauth2_application.rb
Merge remote-tracking branch 'upstream/pull/4155'
[rails.git] / app / models / oauth2_application.rb
1 class Oauth2Application < Doorkeeper::Application
2   belongs_to :owner, :polymorphic => true
3
4   validate :allowed_scopes
5
6   def authorized_scopes_for(user)
7     authorized_tokens.where(:resource_owner_id => user).sum(Doorkeeper::OAuth::Scopes.new, &:scopes)
8   end
9
10   private
11
12   def allowed_scopes
13     return if owner.administrator?
14
15     errors.add(:scopes) if scopes.any? { |scope| Oauth::PRIVILEGED_SCOPES.include?(scope) }
16   end
17 end