This has no functional impact yet, but it is the first step in adding more granular scopes to UserApiKeys
Small suggestion. I think we shouldn’t interact with the scopes directly to avoid leaking implementation details.
We should annotate this model.
Is that going to create an N+1?
Yes it will create 1 SQL query for creating the key, and N queries for creating each scope. However, the number of scopes is limited to the number of scopes we actually have (currently 7), and since this only happens during key creation I think it is ok?
I have confirmed that scopes are being preloaded correctly when reading from the database, so there is no N+1 on GET requests.
Yes good idea. I have moved this logic into
user_api_key.rb, and will refactor is some more later once I add parameter filtering.