From 6f725c62a51b4ea7a6b25a48fea11fad03e540a4 Mon Sep 17 00:00:00 2001 From: Mike Patrick Date: Wed, 16 Aug 2023 17:49:56 +0100 Subject: [PATCH] Revoke access tokens for currently suspended users We've updated our user suspension logic to revoke all of a user's access tokens. This migration backfills that fix for existing, currently suspended users. This is important because tokens can have long TTLs --- ...0816164936_revoke_access_tokens_for_suspended_users.rb | 8 ++++++++ db/schema.rb | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 db/migrate/20230816164936_revoke_access_tokens_for_suspended_users.rb diff --git a/db/migrate/20230816164936_revoke_access_tokens_for_suspended_users.rb b/db/migrate/20230816164936_revoke_access_tokens_for_suspended_users.rb new file mode 100644 index 0000000000..251e71a98c --- /dev/null +++ b/db/migrate/20230816164936_revoke_access_tokens_for_suspended_users.rb @@ -0,0 +1,8 @@ +class RevokeAccessTokensForSuspendedUsers < ActiveRecord::Migration[7.0] + def up + User.with_status(User::USER_STATUS_SUSPENDED) + .find_each(&:revoke_all_authorisations) + end + + def down; end +end diff --git a/db/schema.rb b/db/schema.rb index 23ce304607..5e4167c165 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[7.0].define(version: 2023_08_04_094159) do +ActiveRecord::Schema[7.0].define(version: 2023_08_16_164936) do create_table "batch_invitation_application_permissions", id: :integer, charset: "utf8mb3", force: :cascade do |t| t.integer "batch_invitation_id", null: false t.integer "supported_permission_id", null: false