[PLT-7794] Add user access token enable/disable endpoints (#7630)

* Add column to UserAccessTokens table

* PLT-7794 Add user access token enable/disable endpoints

* replaced eliminated global variable

* updates to user_access_token_store and upgrade.go

* style fix and cleanup

4 files changed, 109 insertions, 4 deletions

diff --git a/store/sqlstore/upgrade.go b/store/sqlstore/upgrade.go
index 5f466cf51..a6c1ecc43 100644
--- a/store/sqlstore/upgrade.go
+++ b/store/sqlstore/upgrade.go
@@ -312,8 +312,12 @@ func UpgradeDatabaseToVersion43(sqlStore SqlStore) {
 }
 
 func UpgradeDatabaseToVersion44(sqlStore SqlStore) {
-	// TODO: Uncomment following when version 4.4.0 is released
-	//if shouldPerformUpgrade(sqlStore, VERSION_4_3_0, VERSION_4_4_0) {
-	//	saveSchemaVersion(sqlStore, VERSION_4_4_0)
-	//}
+	// TODO: Uncomment following condition when version 4.4.0 is released
+	// if shouldPerformUpgrade(sqlStore, VERSION_4_3_0, VERSION_4_4_0) {
+
+	// Add the IsActive column to UserAccessToken.
+	sqlStore.CreateColumnIfNotExists("UserAccessTokens", "IsActive", "boolean", "boolean", "1")
+
+	// saveSchemaVersion(sqlStore, VERSION_4_4_0)
+	// }
 }
diff --git a/store/sqlstore/user_access_token_store.go b/store/sqlstore/user_access_token_store.go
index 2535943c7..530ba8d16 100644
--- a/store/sqlstore/user_access_token_store.go
+++ b/store/sqlstore/user_access_token_store.go
@@ -198,3 +198,65 @@ func (s SqlUserAccessTokenStore) GetByUser(userId string, offset, limit int) sto
 		result.Data = tokens
 	})
 }
+
+func (s SqlUserAccessTokenStore) UpdateTokenEnable(tokenId string) store.StoreChannel {
+	return store.Do(func(result *store.StoreResult) {
+		if _, err := s.GetMaster().Exec("UPDATE UserAccessTokens SET IsActive = TRUE WHERE Id = :Id", map[string]interface{}{"Id": tokenId}); err != nil {
+			result.Err = model.NewAppError("SqlUserAccessTokenStore.UpdateTokenEnable", "store.sql_user_access_token.update_token_enable.app_error", nil, "id="+tokenId+", "+err.Error(), http.StatusInternalServerError)
+		} else {
+			result.Data = tokenId
+		}
+	})
+}
+
+func (s SqlUserAccessTokenStore) UpdateTokenDisable(tokenId string) store.StoreChannel {
+	return store.Do(func(result *store.StoreResult) {
+		transaction, err := s.GetMaster().Begin()
+		if err != nil {
+			result.Err = model.NewAppError("SqlUserAccessTokenStore.UpdateTokenDisable", "store.sql_user_access_token.update_token_disble.app_error", nil, err.Error(), http.StatusInternalServerError)
+		} else {
+			if extrasResult := s.deleteSessionsAndDisableToken(transaction, tokenId); extrasResult.Err != nil {
+				*result = extrasResult
+			}
+
+			if result.Err == nil {
+				if err := transaction.Commit(); err != nil {
+					// don't need to rollback here since the transaction is already closed
+					result.Err = model.NewAppError("SqlUserAccessTokenStore.UpdateTokenDisable", "store.sql_user_access_token.update_token_disable.app_error", nil, err.Error(), http.StatusInternalServerError)
+				}
+			} else {
+				if err := transaction.Rollback(); err != nil {
+					result.Err = model.NewAppError("SqlUserAccessTokenStore.UpdateTokenDisable", "store.sql_user_access_token.update_token_disable.app_error", nil, err.Error(), http.StatusInternalServerError)
+				}
+			}
+		}
+	})
+}
+
+func (s SqlUserAccessTokenStore) deleteSessionsAndDisableToken(transaction *gorp.Transaction, tokenId string) store.StoreResult {
+	result := store.StoreResult{}
+
+	query := ""
+	if s.DriverName() == model.DATABASE_DRIVER_POSTGRES {
+		query = "DELETE FROM Sessions s USING UserAccessTokens o WHERE o.Token = s.Token AND o.Id = :Id"
+	} else if s.DriverName() == model.DATABASE_DRIVER_MYSQL {
+		query = "DELETE s.* FROM Sessions s INNER JOIN UserAccessTokens o ON o.Token = s.Token WHERE o.Id = :Id"
+	}
+
+	if _, err := transaction.Exec(query, map[string]interface{}{"Id": tokenId}); err != nil {
+		result.Err = model.NewAppError("SqlUserAccessTokenStore.deleteSessionsAndDisableToken", "store.sql_user_access_token.update_token_disable.app_error", nil, "id="+tokenId+", err="+err.Error(), http.StatusInternalServerError)
+		return result
+	}
+
+	return s.updateTokenDisable(transaction, tokenId)
+}
+
+func (s SqlUserAccessTokenStore) updateTokenDisable(transaction *gorp.Transaction, tokenId string) store.StoreResult {
+	result := store.StoreResult{}
+
+	if _, err := transaction.Exec("UPDATE UserAccessTokens SET IsActive = FALSE WHERE Id = :Id", map[string]interface{}{"Id": tokenId}); err != nil {
+		result.Err = model.NewAppError("SqlUserAccessTokenStore.updateTokenDisable", "store.sql_user_access_token.update_token_disable.app_error", nil, "", http.StatusInternalServerError)
+	}
+
+	return result
+}
diff --git a/store/store.go b/store/store.go
index 120778e84..7616ee7eb 100644
--- a/store/store.go
+++ b/store/store.go
@@ -436,4 +436,6 @@ type UserAccessTokenStore interface {
 	Get(tokenId string) StoreChannel
 	GetByToken(tokenString string) StoreChannel
 	GetByUser(userId string, page, perPage int) StoreChannel
+	UpdateTokenEnable(tokenId string) StoreChannel
+	UpdateTokenDisable(tokenId string) StoreChannel
 }
diff --git a/store/storetest/user_access_token_store.go b/store/storetest/user_access_token_store.go
index 292929419..661c969da 100644
--- a/store/storetest/user_access_token_store.go
+++ b/store/storetest/user_access_token_store.go
@@ -12,6 +12,7 @@ import (
 
 func TestUserAccessTokenStore(t *testing.T, ss store.Store) {
 	t.Run("UserAccessTokenSaveGetDelete", func(t *testing.T) { testUserAccessTokenSaveGetDelete(t, ss) })
+	t.Run("UserAccessTokenDisableEnable", func(t *testing.T) { testUserAccessTokenDisableEnable(t, ss) })
 }
 
 func testUserAccessTokenSaveGetDelete(t *testing.T, ss store.Store) {
@@ -87,3 +88,39 @@ func testUserAccessTokenSaveGetDelete(t *testing.T, ss store.Store) {
 		t.Fatal("should error - access token should be deleted")
 	}
 }
+
+func testUserAccessTokenDisableEnable(t *testing.T, ss store.Store) {
+	uat := &model.UserAccessToken{
+		Token:       model.NewId(),
+		UserId:      model.NewId(),
+		Description: "testtoken",
+	}
+
+	s1 := model.Session{}
+	s1.UserId = uat.UserId
+	s1.Token = uat.Token
+
+	store.Must(ss.Session().Save(&s1))
+
+	if result := <-ss.UserAccessToken().Save(uat); result.Err != nil {
+		t.Fatal(result.Err)
+	}
+
+	if err := (<-ss.UserAccessToken().UpdateTokenDisable(uat.Id)).Err; err != nil {
+		t.Fatal(err)
+	}
+
+	if err := (<-ss.Session().Get(s1.Token)).Err; err == nil {
+		t.Fatal("should error - session should be deleted")
+	}
+
+	s2 := model.Session{}
+	s2.UserId = uat.UserId
+	s2.Token = uat.Token
+
+	store.Must(ss.Session().Save(&s2))
+
+	if err := (<-ss.UserAccessToken().UpdateTokenEnable(uat.Id)).Err; err != nil {
+		t.Fatal(err)
+	}
+}