demarches-normaliennes/app/controllers/api_tokens_controller.rb

class APITokensController < ApplicationController
  before_action :authenticate_administrateur!
  before_action :set_api_token, only: [:update, :destroy]

  def create
    @api_token, @packed_token = APIToken.generate(current_administrateur)

    render :index
  end

  def update
    if become_full_access?
      @api_token.become_full_access!
    elsif disallow_procedure_id.present?
      @api_token.untarget_procedure(disallow_procedure_id.to_i)
    else
      @api_token.update!(api_token_params)
    end

    render :index
  end

  def destroy
    @api_token.destroy

    render :index
  end

  private

  def set_api_token
    @api_token = current_administrateur.api_tokens.find(params[:id])
  end

  def become_full_access?
    api_token_params[:become_full_access].present?
  end

  def disallow_procedure_id
    api_token_params[:disallow_procedure_id]
  end

  def api_token_params
    params.require(:api_token).permit(:name, :write_access, :become_full_access, :disallow_procedure_id, allowed_procedure_ids: [])
  end
end
feat(api_token): add api token controller 2022-11-30 10:12:04 +01:00			`class APITokensController < ApplicationController`
			`before_action :authenticate_administrateur!`
api_tokens_controller: use before_action set_api_token 2023-09-12 17:20:00 +02:00			`before_action :set_api_token, only: [:update, :destroy]`
feat(api_token): add api token controller 2022-11-30 10:12:04 +01:00
			`def create`
			`@api_token, @packed_token = APIToken.generate(current_administrateur)`

api_tokens_controller: only use turbo 2023-09-13 12:05:40 +02:00			`render :index`
feat(api_token): add api token controller 2022-11-30 10:12:04 +01:00			`end`

			`def update`
api_tokens_controller: extract become full_access 2023-09-13 10:29:49 +02:00			`if become_full_access?`
			`@api_token.become_full_access!`
			`elsif disallow_procedure_id.present?`
api_tokens_controller: extract disallow_procedure 2023-09-13 10:30:47 +02:00			`@api_token.untarget_procedure(disallow_procedure_id.to_i)`
feat(api_token): enable fin graned access rights on tokens 2023-02-28 16:33:22 +01:00			`else`
			`@api_token.update!(api_token_params)`
			`end`
feat(api_token): add api token controller 2022-11-30 10:12:04 +01:00
api_tokens_controller: only use turbo 2023-09-13 12:05:40 +02:00			`render :index`
feat(api_token): add api token controller 2022-11-30 10:12:04 +01:00			`end`

			`def destroy`
			`@api_token.destroy`

api_tokens_controller: only use turbo 2023-09-13 12:05:40 +02:00			`render :index`
feat(api_token): add api token controller 2022-11-30 10:12:04 +01:00			`end`

			`private`

api_tokens_controller: use before_action set_api_token 2023-09-12 17:20:00 +02:00			`def set_api_token`
			`@api_token = current_administrateur.api_tokens.find(params[:id])`
			`end`

api_tokens_controller: extract become full_access 2023-09-13 10:29:49 +02:00			`def become_full_access?`
			`api_token_params[:become_full_access].present?`
			`end`

api_tokens_controller: extract disallow_procedure 2023-09-13 10:30:47 +02:00			`def disallow_procedure_id`
			`api_token_params[:disallow_procedure_id]`
			`end`

feat(api_token): add api token controller 2022-11-30 10:12:04 +01:00			`def api_token_params`
api_tokens_controller: extract become full_access 2023-09-13 10:29:49 +02:00			`params.require(:api_token).permit(:name, :write_access, :become_full_access, :disallow_procedure_id, allowed_procedure_ids: [])`
feat(api_token): add api token controller 2022-11-30 10:12:04 +01:00			`end`
			`end`