Fixes #4461 - RSS feed tokens expired.

app/controllers/knowledge_base/feed_tokens_controller.rb

@@ -4,13 +4,13 @@ class KnowledgeBase::FeedTokensController < ApplicationController
   prepend_before_action :authentication_check
 
   def show
-    token = Token.ensure_token! 'KnowledgeBaseFeed'
+    token = Token.ensure_token! 'KnowledgeBaseFeed', persistent: true
 
     render json: { token: token }
   end
 
   def update
-    new_token = Token.renew_token! 'KnowledgeBaseFeed'
+    new_token = Token.renew_token! 'KnowledgeBaseFeed', persistent: true
 
     render json: { token: new_token }
   end

app/models/token.rb

@@ -150,12 +150,12 @@ cleanup old token
   # @param [Integer, User] user
   #
   # @return [String]
-  def self.ensure_token!(action_name, user_id = UserInfo.current_user_id)
+  def self.ensure_token!(action_name, user_id = UserInfo.current_user_id, persistent: false)
     instance = fetch(action_name, user_id)
 
     return instance.name if instance.present?
 
-    create!(action: action_name, user_id: user_id).name
+    create!(action: action_name, user_id: user_id, persistent: persistent).name
   end
 
   # regenerates an existing token
@@ -164,10 +164,10 @@ cleanup old token
   # @param [Integer, User] user
   #
   # @return [String]
-  def self.renew_token!(action_name, user_id = UserInfo.current_user_id)
+  def self.renew_token!(action_name, user_id = UserInfo.current_user_id, persistent: false)
     instance = fetch(action_name, user_id)
 
-    return create(action: action_name, user_id: user_id).name if !instance
+    return create(action: action_name, user_id: user_id, persistent: persistent).name if !instance
 
     instance.renew_token!
   end

db/migrate/20230117074938_issue_4461_kb_feed_token_persistent.rb

@@ -0,0 +1,11 @@
+# Copyright (C) 2012-2023 Zammad Foundation, https://zammad-foundation.org/
+
+class Issue4461KbFeedTokenPersistent < ActiveRecord::Migration[6.1]
+  def up
+    return if !Setting.exists?(name: 'system_init_done')
+
+    Token
+      .where(action: 'KnowledgeBaseFeed', persistent: false)
+      .update(persistent: true)
+  end
+end

spec/db/migrate/issue_4461_kb_feed_token_persistent_spec.rb

@@ -0,0 +1,28 @@
+# Copyright (C) 2012-2023 Zammad Foundation, https://zammad-foundation.org/
+
+require 'rails_helper'
+
+RSpec.describe Issue4461KbFeedTokenPersistent, current_user_id: 1, type: :db_migration do
+  context 'when a KB feed token exists' do
+    before do
+      Token.ensure_token! 'KnowledgeBaseFeed'
+    end
+
+    it 'makes token persistent' do
+      expect { migrate }
+        .to change { Token.find_by(action: 'KnowledgeBaseFeed').persistent }
+        .to(true)
+    end
+  end
+
+  context 'when a different token exists' do
+    before do
+      Token.ensure_token! 'OtherToken'
+    end
+
+    it 'does not touch the token' do
+      expect { migrate }
+        .not_to change { Token.find_by(action: 'OtherToken').persistent }
+    end
+  end
+end

spec/models/token_spec.rb

@@ -272,7 +272,7 @@ RSpec.describe Token, type: :model do
     end
   end
 
-  describe '#ensure_token!' do
+  describe '.ensure_token!' do
     it 'returns token when not present' do
       expect(described_class.ensure_token!('token', user.id)).to be_present
     end
@@ -282,15 +282,27 @@ RSpec.describe Token, type: :model do
 
       expect(described_class.ensure_token!(token.action, token.user.id)).to eq(token.name)
     end
+
+    describe 'with persistent argument' do
+      it 'creates not-persistent token if argument omitted' do
+        described_class.ensure_token!('token', user.id)
+        expect(described_class.find_by(action: 'token')).not_to be_persistent
+      end
+
+      it 'creates persistent token when flag given' do
+        described_class.ensure_token!('token', user.id, persistent: true)
+        expect(described_class.find_by(action: 'token')).to be_persistent
+      end
+    end
   end
 
-  describe '.renew_token!' do
+  describe '#renew_token!' do
     it 'changes token' do
       expect { token.renew_token! }.to change { token.reload.name }
     end
   end
 
-  describe '#renew_token!' do
+  describe '.renew_token!' do
     it 'creates token when not present' do
       expect(described_class.renew_token!('token', user.id)).to be_present
     end
@@ -300,6 +312,20 @@ RSpec.describe Token, type: :model do
 
       expect { described_class.renew_token!(token.action, token.user.id) }.to change { token.reload.name }
     end
+
+    describe 'with persistent argument' do
+      it 'creates not-persistent token if argument omitted' do
+        described_class.renew_token!('token', user.id)
+
+        expect(described_class.find_by(action: 'token')).not_to be_persistent
+      end
+
+      it 'creates persistent token when flag given' do
+        described_class.renew_token!('token', user.id, persistent: true)
+
+        expect(described_class.find_by(action: 'token')).to be_persistent
+      end
+    end
   end
 
   describe 'Attributes:' do

spec/requests/knowledge_base/feed_tokens_spec.rb

@@ -21,6 +21,12 @@ RSpec.describe 'KnowledgeBase::FeedTokens', authenticated_as: :user, type: :requ
 
       expect(json_response['token']).to be_present
     end
+
+    it 'creates a persistent token' do
+      get endpoint
+
+      expect(Token.find_by(action: 'KnowledgeBaseFeed')).to be_persistent
+    end
   end
 
   describe '#update' do
@@ -35,5 +41,11 @@ RSpec.describe 'KnowledgeBase::FeedTokens', authenticated_as: :user, type: :requ
 
       expect(json_response['token']).to be_present
     end
+
+    it 'creates a persistent token' do
+      get endpoint
+
+      expect(Token.find_by(action: 'KnowledgeBaseFeed')).to be_persistent
+    end
   end
 end