diff options
author | Paul Slaughter <pslaughter@gitlab.com> | 2018-10-09 14:48:55 -0500 |
---|---|---|
committer | Paul Slaughter <pslaughter@gitlab.com> | 2018-10-09 14:48:55 -0500 |
commit | 3708f02dec9721b24907b716f486a7d850e25df6 (patch) | |
tree | cb0ba1b808b26b60d4c17c81c62c1f4df1e126c6 | |
parent | 37ea81bae9d8a9b7745cc86f6e146904dce80e52 (diff) | |
download | gitlab-ce-47865-access-token-for-projects-fe.tar.gz |
Update personal_access_token form and table47865-access-token-for-projects-fe
- Add "(Required)" to required labels
- Add "Projects" field which uses project_multi_select component
5 files changed, 50 insertions, 14 deletions
diff --git a/app/assets/javascripts/pages/profiles/personal_access_tokens/index.js b/app/assets/javascripts/pages/profiles/personal_access_tokens/index.js index 78a5c4c27be..bde9d9484ec 100644 --- a/app/assets/javascripts/pages/profiles/personal_access_tokens/index.js +++ b/app/assets/javascripts/pages/profiles/personal_access_tokens/index.js @@ -1,3 +1,7 @@ import DueDateSelectors from '~/due_date_select'; +import projectMultiSelect from '~/project_multi_select'; -document.addEventListener('DOMContentLoaded', () => new DueDateSelectors()); +document.addEventListener('DOMContentLoaded', () => { + new DueDateSelectors(); // eslint-disable-line no-new + projectMultiSelect(); +}); diff --git a/app/assets/stylesheets/pages/settings.scss b/app/assets/stylesheets/pages/settings.scss index dbf8692d69b..7ac10440386 100644 --- a/app/assets/stylesheets/pages/settings.scss +++ b/app/assets/stylesheets/pages/settings.scss @@ -315,3 +315,9 @@ padding-right: 0; } } + +.table.active-tokens { + td { + vertical-align: top; + } +} diff --git a/app/views/shared/_personal_access_tokens_form.html.haml b/app/views/shared/_personal_access_tokens_form.html.haml index f4df7bdcd83..05feceb67e0 100644 --- a/app/views/shared/_personal_access_tokens_form.html.haml +++ b/app/views/shared/_personal_access_tokens_form.html.haml @@ -5,25 +5,31 @@ %p.profile-settings-content Pick a name for the application, and we'll give you a unique #{type} token. -= form_for token, url: path, method: :post, html: { class: 'js-requires-input' } do |f| += form_for token, url: path, method: :post do |f| = form_errors(token) - .row - .form-group.col-md-6 - = f.label :name, class: 'label-bold' - = f.text_field :name, class: "form-control", required: true + .form-group.input-lg + = f.label :name, 'Name (Required)', class: 'label-bold' + = f.text_field :name, class: 'form-control' - .row - .form-group.col-md-6 - = f.label :expires_at, class: 'label-bold' - .input-icon-wrapper - = f.text_field :expires_at, class: "datepicker form-control", placeholder: 'YYYY-MM-DD' - = icon('calendar', { class: 'input-icon-right' }) + .form-group.input-lg + = f.label :expires_at, class: 'label-bold' + .input-icon-wrapper + = f.text_field :expires_at, class: 'datepicker form-control', placeholder: 'YYYY-MM-DD' + = sprite_icon('calendar', { css_class: 'input-icon-right s12' }) .form-group - = f.label :scopes, class: 'label-bold' + = f.label :scopes, 'Scopes (Required)', class: 'label-bold' = render 'shared/tokens/scopes_form', prefix: 'personal_access_token', token: token, scopes: scopes + .form-group + = f.label 'personal_access_token[project_ids]', 'Projects', class: 'label-bold' + %p + Limit this token's access to specific projects. + .input-icon-wrapper + = hidden_field_tag 'personal_access_token[project_ids]', '', { class: 'js-project-multi-select project-multi-select', data: { order_by: 'last_activity_at' } } + = sprite_icon('angle-down', css_class: 'input-icon-right caret-down') + .prepend-top-default = f.submit "Create #{type} token", class: "btn btn-success" diff --git a/app/views/shared/_personal_access_tokens_table.html.haml b/app/views/shared/_personal_access_tokens_table.html.haml index cadac1cc99d..a8c9bcf4483 100644 --- a/app/views/shared/_personal_access_tokens_table.html.haml +++ b/app/views/shared/_personal_access_tokens_table.html.haml @@ -15,6 +15,7 @@ %th Created %th Expires %th Scopes + %th Projects - if impersonation %th Token %th @@ -22,7 +23,7 @@ - active_tokens.each do |token| %tr %td= token.name - %td= token.created_at.to_date.to_s(:medium) + %td.text-nowrap= token.created_at.to_date.to_s(:medium) %td - if token.expires? %span{ class: ('text-warning' if token.expires_soon?) } @@ -30,6 +31,7 @@ - else %span.token-never-expires-label Never %td= token.scopes.present? ? token.scopes.join(", ") : "<no scopes selected>" + %td= token.projects.present? ? token.projects.map{|x| x.name}.join(', ') : '<All>' - if impersonation %td.token-token-container = text_field_tag 'impersonation-token-token', token.token, readonly: true, class: "form-control" diff --git a/spec/features/profiles/personal_access_tokens_spec.rb b/spec/features/profiles/personal_access_tokens_spec.rb index 8461cd0027c..f0bcc97d49e 100644 --- a/spec/features/profiles/personal_access_tokens_spec.rb +++ b/spec/features/profiles/personal_access_tokens_spec.rb @@ -1,6 +1,8 @@ require 'spec_helper' describe 'Profile > Personal Access Tokens', :js do + include Select2Helper + let(:user) { create(:user) } def active_personal_access_tokens @@ -28,6 +30,15 @@ describe 'Profile > Personal Access Tokens', :js do describe "token creation" do it "allows creation of a personal access token" do + other_projects = [ + create(:project, :public, creator_id: user.id, namespace: user.namespace), + create(:project, :public, creator_id: user.id, namespace: user.namespace) + ] + restricted_projects = [ + create(:project, :public, creator_id: user.id, namespace: user.namespace), + create(:project, :public, creator_id: user.id, namespace: user.namespace) + ] + name = 'My PAT' visit profile_personal_access_tokens_path @@ -42,11 +53,18 @@ describe 'Profile > Personal Access Tokens', :js do check "api" check "read_user" + # Projects + restricted_project_ids = restricted_projects.map { |x| x.id } + select2(restricted_project_ids, { from: '#personal_access_token_project_ids', multiple: true }) + + wait_for_requests click_on "Create personal access token" expect(active_personal_access_tokens).to have_text(name) expect(active_personal_access_tokens).to have_text('In') expect(active_personal_access_tokens).to have_text('api') expect(active_personal_access_tokens).to have_text('read_user') + restricted_projects.each { |x| expect(active_personal_access_tokens).to have_text(x.name) } + other_projects.each { |x| expect(active_personal_access_tokens).not_to have_text(x.name) } end context "when creation fails" do |