diff --git a/app/controllers/api_tokens_controller.rb b/app/controllers/api_tokens_controller.rb index 172e21bd1..6746347eb 100644 --- a/app/controllers/api_tokens_controller.rb +++ b/app/controllers/api_tokens_controller.rb @@ -1,6 +1,6 @@ class APITokensController < ApplicationController before_action :authenticate_administrateur! - before_action :set_api_token, only: [:update, :destroy] + before_action :set_api_token, only: [:destroy] def create @api_token, @packed_token = APIToken.generate(current_administrateur) @@ -8,18 +8,6 @@ class APITokensController < ApplicationController render :index end - def update - if become_full_access? - @api_token.become_full_access! - elsif disallow_procedure_id.present? - @api_token.untarget_procedure(disallow_procedure_id.to_i) - else - @api_token.update!(api_token_params) - end - - render :index - end - def destroy @api_token.destroy diff --git a/app/models/api_token.rb b/app/models/api_token.rb index 101e899ec..68b02985a 100644 --- a/app/models/api_token.rb +++ b/app/models/api_token.rb @@ -38,20 +38,10 @@ class APIToken < ApplicationRecord .order(:libelle) end - def untarget_procedure(procedure_id) - new_target_ids = targeted_procedure_ids - [procedure_id] - - update!(allowed_procedure_ids: new_target_ids) - end - def sanitized_targeted_procedure_ids administrateur.procedures.ids.intersection(targeted_procedure_ids || []) end - def become_full_access! - update_column(:allowed_procedure_ids, nil) - end - # Prefix is made of the first 6 characters of the uuid base64 encoded # it does not leak plain token def prefix diff --git a/config/routes.rb b/config/routes.rb index 9e2be2ff9..cfc2b6515 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -208,7 +208,7 @@ Rails.application.routes.draw do resources :attachments, only: [:show, :destroy] resources :recherche, only: [:index] - resources :api_tokens, only: [:create, :update, :destroy] + resources :api_tokens, only: [:create, :destroy] get "patron" => "root#patron" if Rails.env.development? || Rails.env.test? get "suivi" => "root#suivi"