Feature: Access tokens for API access (#604)

Co-authored-by: Pranav Raj Sreepuram <pranavrajs@gmail.com>

app/models/access_token.rb

@@ -0,0 +1,21 @@
+# == Schema Information
+#
+# Table name: access_tokens
+#
+#  id         :bigint           not null, primary key
+#  owner_type :string
+#  token      :string
+#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#  owner_id   :bigint
+#
+# Indexes
+#
+#  index_access_tokens_on_owner_type_and_owner_id  (owner_type,owner_id)
+#  index_access_tokens_on_token                    (token) UNIQUE
+#
+
+class AccessToken < ApplicationRecord
+  has_secure_token :token
+  belongs_to :owner, polymorphic: true
+end

app/models/account.rb

@@ -14,6 +14,7 @@ class Account < ApplicationRecord
   validates :name, presence: true
 
   has_many :account_users, dependent: :destroy
+  has_many :agent_bot_inboxes, dependent: :destroy
   has_many :users, through: :account_users
   has_many :inboxes, dependent: :destroy
   has_many :conversations, dependent: :destroy

app/models/agent_bot.rb

@@ -3,7 +3,6 @@
 # Table name: agent_bots
 #
 #  id           :bigint           not null, primary key
-#  auth_token   :string
 #  description  :string
 #  name         :string
 #  outgoing_url :string
@@ -12,8 +11,9 @@
 #
 
 class AgentBot < ApplicationRecord
+  include AccessTokenable
   include Avatarable
+
   has_many :agent_bot_inboxes, dependent: :destroy
   has_many :inboxes, through: :agent_bot_inboxes
-  has_secure_token :auth_token
 end

app/models/agent_bot_inbox.rb

@@ -6,6 +6,7 @@
 #  status       :integer          default("active")
 #  created_at   :datetime         not null
 #  updated_at   :datetime         not null
+#  account_id   :integer
 #  agent_bot_id :integer
 #  inbox_id     :integer
 #
@@ -13,8 +14,16 @@
 class AgentBotInbox < ApplicationRecord
   validates :inbox_id, presence: true
   validates :agent_bot_id, presence: true
+  before_validation :ensure_account_id
 
   belongs_to :inbox
   belongs_to :agent_bot
+  belongs_to :account
   enum status: { active: 0, inactive: 1 }
+
+  private
+
+  def ensure_account_id
+    self.account_id = inbox&.account_id
+  end
 end

app/models/concerns/access_tokenable.rb

@@ -0,0 +1,11 @@
+module AccessTokenable
+  extend ActiveSupport::Concern
+  included do
+    has_one :access_token, as: :owner, dependent: :destroy
+    after_create :create_access_token
+  end
+
+  def create_access_token
+    AccessToken.create!(owner: self)
+  end
+end

app/models/conversation.rb

@@ -67,7 +67,9 @@ class Conversation < ApplicationRecord
   end
 
   def toggle_status
+    # FIXME: implement state machine with aasm
     self.status = open? ? :resolved : :open
+    self.status = :open if bot?
     save
   end
 

app/models/user.rb

@@ -35,12 +35,13 @@
 #
 
 class User < ApplicationRecord
+  include AccessTokenable
+  include AvailabilityStatusable
+  include Avatarable
   # Include default devise modules.
   include DeviseTokenAuth::Concerns::User
   include Events::Types
   include Pubsubable
-  include Avatarable
-  include AvailabilityStatusable
   include Rails.application.routes.url_helpers
 
   devise :database_authenticatable,
@@ -69,7 +70,7 @@ class User < ApplicationRecord
 
   before_validation :set_password_and_uid, on: :create
 
-  after_create :notify_creation
+  after_create :notify_creation, :create_access_token
 
   after_destroy :notify_deletion