1# frozen_string_literal: true
2
3class PersonalAccessTokensFinder
4  attr_accessor :params
5
6  delegate :build, :find, :find_by_id, :find_by_token, to: :execute
7
8  def initialize(params = {}, current_user = nil)
9    @params = params
10    @current_user = current_user
11  end
12
13  def execute
14    tokens = PersonalAccessToken.all
15    tokens = by_current_user(tokens)
16    tokens = by_user(tokens)
17    tokens = by_users(tokens)
18    tokens = by_impersonation(tokens)
19    tokens = by_state(tokens)
20
21    sort(tokens)
22  end
23
24  private
25
26  attr_reader :current_user
27
28  def by_current_user(tokens)
29    return tokens if current_user.nil? || current_user.admin?
30    return PersonalAccessToken.none unless Ability.allowed?(current_user, :read_user_personal_access_tokens, params[:user])
31
32    tokens
33  end
34
35  def by_user(tokens)
36    return tokens unless @params[:user]
37
38    tokens.for_user(@params[:user])
39  end
40
41  def by_users(tokens)
42    return tokens unless @params[:users]
43
44    tokens.for_users(@params[:users])
45  end
46
47  def sort(tokens)
48    available_sort_orders = PersonalAccessToken.simple_sorts.keys
49
50    return tokens unless available_sort_orders.include?(params[:sort])
51
52    tokens.order_by(params[:sort])
53  end
54
55  def by_impersonation(tokens)
56    case @params[:impersonation]
57    when true
58      tokens.with_impersonation
59    when false
60      tokens.without_impersonation
61    else
62      tokens
63    end
64  end
65
66  def by_state(tokens)
67    case @params[:state]
68    when 'active'
69      tokens.active
70    when 'inactive'
71      tokens.inactive
72    when 'active_or_expired'
73      tokens.not_revoked.expired.or(tokens.active)
74    else
75      tokens
76    end
77  end
78end
79