Fix typo

TODO.md

@@ -14,6 +14,11 @@ Do we need dotenv rails?
 * Check with nick about removing pfsx
 * Update essence after_create :update_catalog_file efore_destroy :update_catalog_file
 
+## API
+We are using Doorkeeper to provide oauth tokens
+These are for API access not to act on behalf of users
+If we give tokens to more than paragest we need to rethink this
+
 ## Need Nick
 * Rotate the recaptcha keys and switch to v3
 

app/controllers/api/v1/application_controller.rb

@@ -11,6 +11,10 @@ def authenticated
         !!doorkeeper_token.id
       end
 
+      def admin_authenticated
+        !!doorkeeper_token.id && doorkeeper_token.scopes.include?('admin')
+      end
+
       def current_user
         @current_user ||= User.find_by(id: doorkeeper_token[:resource_owner_id])
       end

app/controllers/api/v1/graphql_controller.rb

@@ -13,14 +13,15 @@ def execute
         context = {
           # Query context goes here, for example:
           current_user:,
-          authenticated:
+          authenticated:,
+          admin_authenticated:
         }
         result = NabuSchema.execute(query, variables:, context:, operation_name:)
         render json: result
-      rescue StandardError => error
-        raise error unless Rails.env.development?
+      rescue StandardError => e
+        raise e unless Rails.env.development?
 
-        handle_error_in_development(error)
+        handle_error_in_development(e)
       end
 
       private

app/graphql/types/query_type.rb

@@ -31,7 +31,13 @@ def item(full_identifier:)
       argument :full_identifier, ID
     end
     def item_bwf_xml(full_identifier:)
-      raise(GraphQL::ExecutionError, 'Not authorised') unless context[:current_user]&.admin?
+      p 'MOO'
+      p 'MOO'
+      p 'MOO'
+      p 'MOO'
+      p 'MOO'
+      p context
+      raise(GraphQL::ExecutionError, 'Not authorised') unless context[:admin_authenticated]
 
       collection_identifier, item_identifier = full_identifier.split('-')
       collection = Collection.find_by(identifier: collection_identifier)

config/initializers/active_admin.rb

@@ -4,12 +4,12 @@
   # Set the title that is displayed on the main layout
   # for each of the active admin pages.
   #
-  config.site_title = "Nabu"
+  config.site_title = 'Nabu'
 
   # Set the link url for the title. For example, to take
   # users to your main site. Defaults to no link.
   #
-  config.site_title_link = "/"
+  config.site_title_link = '/'
 
   # Set an optional image to be displayed for the header
   # instead of a string (overrides :site_title)
@@ -157,7 +157,7 @@
   # You can exclude possibly sensitive model attributes from being displayed,
   # added to forms, or exported by default by ActiveAdmin
   #
-  config.filter_attributes = [:encrypted_password, :password, :password_confirmation]
+  config.filter_attributes = %i[encrypted_password password password_confirmation]
 
   # == Localize Date/Time Format
   #
@@ -241,7 +241,8 @@
   #
   config.namespace :admin do |admin|
     admin.build_menu :default do |menu|
-       menu.add label: "Jobs", url: "/jobs"
+      menu.add label: 'Jobs', url: '/jobs'
+      menu.add label: 'OAUTH Tokens', url: '/oauth/applications'
     end
   end
 

config/initializers/doorkeeper.rb

@@ -25,7 +25,7 @@
     if current_user
       head :forbidden unless current_user.admin?
     else
-      redirect_to sign_in_url
+      redirect_to new_user_session_url
     end
   end