summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSean McGivern <sean@mcgivern.me.uk>2017-10-04 09:19:35 +0000
committerSean McGivern <sean@mcgivern.me.uk>2017-10-04 09:19:35 +0000
commitec40f74e0e9ade3e9cf15119092a586ee3ef8d27 (patch)
tree722da8f4fd3412a1359d7a3d642ea48cb4738c27
parent70b64c8dd56da566499b5434c5b405967cfda1b6 (diff)
parent55fe0d7d0aeb9e10730610a646080f8717f37fd0 (diff)
downloadgitlab-ce-ec40f74e0e9ade3e9cf15119092a586ee3ef8d27.tar.gz
Merge branch 'dm-pat-revoke' into 'master'
Set default scope on PATs that don't have one set to allow them to be revoked Closes #38650 See merge request gitlab-org/gitlab-ce!14660
-rw-r--r--app/controllers/profiles/personal_access_tokens_controller.rb2
-rw-r--r--app/models/personal_access_token.rb6
-rw-r--r--app/views/shared/_personal_access_tokens_form.html.haml4
-rw-r--r--changelogs/unreleased/dm-pat-revoke.yml5
4 files changed, 14 insertions, 3 deletions
diff --git a/app/controllers/profiles/personal_access_tokens_controller.rb b/app/controllers/profiles/personal_access_tokens_controller.rb
index c1cc509a748..4146deefa89 100644
--- a/app/controllers/profiles/personal_access_tokens_controller.rb
+++ b/app/controllers/profiles/personal_access_tokens_controller.rb
@@ -1,6 +1,7 @@
class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
def index
set_index_vars
+ @personal_access_token = finder.build
end
def create
@@ -40,7 +41,6 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
def set_index_vars
@scopes = Gitlab::Auth.available_scopes
- @personal_access_token = finder.build
@inactive_personal_access_tokens = finder(state: 'inactive').execute
@active_personal_access_tokens = finder(state: 'active').execute.order(:expires_at)
end
diff --git a/app/models/personal_access_token.rb b/app/models/personal_access_token.rb
index 1f9d712ef84..cfcb03138b7 100644
--- a/app/models/personal_access_token.rb
+++ b/app/models/personal_access_token.rb
@@ -17,6 +17,8 @@ class PersonalAccessToken < ActiveRecord::Base
validates :scopes, presence: true
validate :validate_scopes
+ after_initialize :set_default_scopes, if: :persisted?
+
def revoke!
update!(revoked: true)
end
@@ -32,4 +34,8 @@ class PersonalAccessToken < ActiveRecord::Base
errors.add :scopes, "can only contain available scopes"
end
end
+
+ def set_default_scopes
+ self.scopes = Gitlab::Auth::DEFAULT_SCOPES if self.scopes.empty?
+ end
end
diff --git a/app/views/shared/_personal_access_tokens_form.html.haml b/app/views/shared/_personal_access_tokens_form.html.haml
index e415ec64c38..b8b1f4ca42f 100644
--- a/app/views/shared/_personal_access_tokens_form.html.haml
+++ b/app/views/shared/_personal_access_tokens_form.html.haml
@@ -1,9 +1,9 @@
- type = impersonation ? "impersonation" : "personal access"
%h5.prepend-top-0
- Add a #{type} Token
+ Add a #{type} token
%p.profile-settings-content
- Pick a name for the application, and we'll give you a unique #{type} Token.
+ Pick a name for the application, and we'll give you a unique #{type} token.
= form_for token, url: path, method: :post, html: { class: 'js-requires-input' } do |f|
diff --git a/changelogs/unreleased/dm-pat-revoke.yml b/changelogs/unreleased/dm-pat-revoke.yml
new file mode 100644
index 00000000000..32ac66056d5
--- /dev/null
+++ b/changelogs/unreleased/dm-pat-revoke.yml
@@ -0,0 +1,5 @@
+---
+title: Set default scope on PATs that don't have one set to allow them to be revoked
+merge_request:
+author:
+type: fixed