Merge branch '2979-personal-access-tokens' into 'master'

Allow creating Personal Access Tokens through the website

Related to #2979 

- Allow a user to create personal access tokens, and use them to authenticate
- Refactor `API::Helpers` into `API::Helpers::Core` and `API::Helpers::Authentication`

# Tasks

- [ ]  #2979 (!3749)  - Personal Access Tokens
    - [x]  Basic Implementation
        - [x]  Add UI to add "Personal Access Tokens"
        - [x]  Reload `lib/api` on every request
        - [x]  Respect these tokens for API requests
        - [x]  Just a param or a header too?
        - [x]  Allow revoking tokens
        - [x]  Expire tokens
        - [x]  Left bar should have a "PAT" icon
        - [x]  Scopes?
        - [x]  Copy to Clipboard
        - [x]  Show active/inactive tokens separately
            - [x]  No need to check for expired/revoked in the appropriate places
        - [x]  Why does regular ApplicationController check for private token?
        - [x]  Support non-API requests
        - [x]  Revert (or work on) `lib/api` eager loading
    - [x]  Create MR
    - [x]  Refactoring
    - [x]  Fix tests
    - [x]  Write more tests
    - [x]  Add screenshots to MR
    - [x]  Add description of query performance to MR
    - [x]  Limit the number of queries in the `personal_access_tokens` page
    - [x]  Wait for CI to pass
    - [x]  Fix merge issues in schema.rb
    - [x]  Assign MR to endboss
    - [x]  Wait for feedback
    - [x]  Fix feedback
        - [x]  Wait for CI to pass
    - [x]  Assign to @rspeicher
    - [x]  Fix @rspeicher's comments
    - [x]  Wait for CI to pass
    - [x]  Assign back to @rspeicher
    - [x]  Write documentation and ping @axil
    - [x]  Wait for Axil to respond
    - [x]  Assign to endboss
    - [x]  Address Douwe's feedback
        - [x]  Use the `private_token` or `authentication_token` param instead of `personal_access_token`
        - [x]  Ditto for the header
    - [x]  Assign to endboss
    - [x]  Make sure CI is green
    - [x]  Address Douwe's feedback
        - [x]  Don't go through the `authenticate_user_from_private_token!` method, if a private token is supplied (or combine them)
        - [x]  In `authenticate_user_from_personal_access_token!` don't hit DB if `token_string` is `nil`
        - [x]  Use `current_user.personal_access_tokens.build` in the controller
        - [x]  Remove the "We aren't using `personal_access_token` as the root param" comment
        - [x]  `No need for = "...", we can just have the Inactive ... #{...} on the next line` in the view
        - [x]  Render dates in a (more) human format
        - [x]  CSS issue with table
        - [x]  Don't show the tokens in the UI indefinitely
        - [x]  How to implement scopes? Add-on to current impl? Doorkeeper?
    - [x]  Wait for @DouweM's comments about scopes
    - [x]  Address @DouweM's second review 
        - [x]  Try not using `native['innerHTML']`
        - [x]  use contexts for all "when ..."
        - [x]  Ensure consistency (styling) with other pages for "You don't have any tokens" message
        - [x]  "Actions" table column doesn't need a label
        - [x]  %td can be moved outside of the if/else statement
        - [x]  The header title should be "Profile Settings"
        - [x]  Can this be a `before_create`, so we don't need to use `generate`?
        - [x]  If it couldn't be revoked, will we show an error?
        - [x]  If it couldn't be saved, will we show an error?
    - [x]  Merge master
    - [x]  Update CHANGELOG entry
    - [x]  Add tests for form errors?
    - [x]  Post screenshots
    - [x]  Tag @jschatz1 for review
    - [x]  Wait for [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/0dff6fd/builds) to pass
    - [x]  Respond to @jschatz1's comments
        - [x]  Hardcoded colors should be variables
        - [x]  Should not be allowed to chose a date in the past
        - [x]  Use the same table as in the Applications tab
        - [x]  button should say "Create Personal Access Token"
        - [x]  Float the revoke to the right on the `a`
        - [x]  Change revocation message. "Are you sure you want to revoke this certificate? This action cannot be undone."
        - [x]  Date stays selected and looks selected even though date is set as "never".
        - [x]  ~~hover on the calendar button shifts~~ (not caused by this MR - happens on `milestones#new` as well)
        - [x]  Don't use the panel for the created token
            - [x]  Use a normal flash for "Your new personal access token has been created"
            - [x]  Show the input (with the token) below it full width.
            - [x]  Put the "Make sure you save it - you won't be able to access it again." message near the input
        - [x]  Have the input highlight all on single click
    - [x]  Update screenshots
    - [x]  Merge master in + conflicts
    - [x]  Assign to @jschatz1 again
    - [x]  Respond to @jschatz1's comments
        - [x]  No button for clipboard, only link
        - [x]  text-danger
        - [x]  highlight fade on that area where the token was created
    - [x]  Make sure [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/d754d99179f1ffe846fcc1d8e858163b39efc5dc/builds) is green
    - [x]  Assign to @jschatz1
    - [x]  Wait for [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/faa0e3f7580bc38d4d12916b4589c64d6c2678a7/builds) to pass
    - [x]  Respond to @DouweM's feedback
        - [x]  move the redirect_to out of the if/else
        - [x]  certificate -> token
        - [x]  datepicker back to text field
        - [x]  combine the get_user_from_private_token and get_user_from_personal_access_token methods in ApplicationController
        - [x]  combine the get_user_from_private_token and get_user_from_personal_access_token methods in `lib/api/helpers`
        - [x]  don't need the new constants
    - [x]  Wait for [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/9d7cda3ddce52baad9618466a5d00319b333be57/builds) to pass
    - [ ]  Wait for merge

# Screenshots
![Screen_Shot_2016-06-16_at_8.30.33_AM](/uploads/30a168964b7c5e0eb322705747829fb6/Screen_Shot_2016-06-16_at_8.30.33_AM.png)
![Screen_Shot_2016-06-16_at_8.30.44_AM](/uploads/7a8202885df6120071bbe81b215aaead/Screen_Shot_2016-06-16_at_8.30.44_AM.png)
![Screen_Shot_2016-06-16_at_8.31.02_AM](/uploads/6905c0848864e390138b771389c7a1b2/Screen_Shot_2016-06-16_at_8.31.02_AM.png)
![Screen_Shot_2016-06-16_at_8.31.29_AM](/uploads/0bc92369fb2f9bc335773f6abec421c3/Screen_Shot_2016-06-16_at_8.31.29_AM.png)

See merge request !3749

8 files changed, 206 insertions, 12 deletions

diff --git a/app/assets/stylesheets/framework/variables.scss b/app/assets/stylesheets/framework/variables.scss
index 148b00ac853..c37574ca7a1 100644
--- a/app/assets/stylesheets/framework/variables.scss
+++ b/app/assets/stylesheets/framework/variables.scss
@@ -268,5 +268,10 @@ $calendar-hover-bg: #ecf3fe;
 $calendar-border-color: rgba(#000, .1);
 $calendar-unselectable-bg: #faf9f9;
 
+/*
+ * Personal Access Tokens
+ */
+$personal-access-tokens-disabled-label-color: #bbb;
+
 $ci-output-bg: #1d1f21;
 $ci-text-color: #c5c8c6;
diff --git a/app/assets/stylesheets/pages/profile.scss b/app/assets/stylesheets/pages/profile.scss
index 167ab40d881..46371ec6871 100644
--- a/app/assets/stylesheets/pages/profile.scss
+++ b/app/assets/stylesheets/pages/profile.scss
@@ -192,6 +192,25 @@
   }
 }
 
+.personal-access-tokens-never-expires-label {
+  color: $personal-access-tokens-disabled-label-color;
+}
+
+.datepicker.personal-access-tokens-expires-at .ui-state-disabled span {
+  text-align: center;
+}
+
+.created-personal-access-token-container {
+  #created-personal-access-token {
+    width: 90%;
+    display: inline;
+  }
+
+  .btn-clipboard {
+    margin-left: 5px;
+  }
+}
+
 .user-profile {
   @media (max-width: $screen-xs-max) {
     .cover-block {
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index cd6ae507cf1..72d1b97bf56 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -8,7 +8,7 @@ class ApplicationController < ActionController::Base
   include PageLayoutHelper
   include WorkhorseHelper
 
-  before_action :authenticate_user_from_token!
+  before_action :authenticate_user_from_private_token!
   before_action :authenticate_user!
   before_action :validate_user_service_ticket!
   before_action :reject_blocked!
@@ -64,17 +64,10 @@ class ApplicationController < ActionController::Base
     end
   end
 
-  # From https://github.com/plataformatec/devise/wiki/How-To:-Simple-Token-Authentication-Example
-  # https://gist.github.com/josevalim/fb706b1e933ef01e4fb6
-  def authenticate_user_from_token!
-    user_token = if params[:authenticity_token].presence
-                   params[:authenticity_token].presence
-                 elsif params[:private_token].presence
-                   params[:private_token].presence
-                 elsif request.headers['PRIVATE-TOKEN'].present?
-                   request.headers['PRIVATE-TOKEN']
-                 end
-    user = user_token && User.find_by_authentication_token(user_token.to_s)
+  # This filter handles both private tokens and personal access tokens
+  def authenticate_user_from_private_token!
+    token_string = params[:private_token].presence || request.headers['PRIVATE-TOKEN'].presence
+    user = User.find_by_authentication_token(token_string) || User.find_by_personal_access_token(token_string)
 
     if user
       # Notice we are passing store false, so the user is not
diff --git a/app/controllers/profiles/personal_access_tokens_controller.rb b/app/controllers/profiles/personal_access_tokens_controller.rb
new file mode 100644
index 00000000000..508b82a9a6c
--- /dev/null
+++ b/app/controllers/profiles/personal_access_tokens_controller.rb
@@ -0,0 +1,42 @@
+class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
+  before_action :load_personal_access_tokens, only: :index
+
+  def index
+    @personal_access_token = current_user.personal_access_tokens.build
+  end
+
+  def create
+    @personal_access_token = current_user.personal_access_tokens.generate(personal_access_token_params)
+
+    if @personal_access_token.save
+      flash[:personal_access_token] = @personal_access_token.token
+      redirect_to profile_personal_access_tokens_path, notice: "Your new personal access token has been created."
+    else
+      load_personal_access_tokens
+      render :index
+    end
+  end
+
+  def revoke
+    @personal_access_token = current_user.personal_access_tokens.find(params[:id])
+
+    if @personal_access_token.revoke!
+      flash[:notice] = "Revoked personal access token #{@personal_access_token.name}!"
+    else
+      flash[:alert] = "Could not revoke personal access token #{@personal_access_token.name}."
+    end
+
+    redirect_to profile_personal_access_tokens_path
+  end
+
+  private
+
+  def personal_access_token_params
+    params.require(:personal_access_token).permit(:name, :expires_at)
+  end
+
+  def load_personal_access_tokens
+    @active_personal_access_tokens = current_user.personal_access_tokens.active.order(:expires_at)
+    @inactive_personal_access_tokens = current_user.personal_access_tokens.inactive
+  end
+end
diff --git a/app/models/personal_access_token.rb b/app/models/personal_access_token.rb
new file mode 100644
index 00000000000..c4b095e0c04
--- /dev/null
+++ b/app/models/personal_access_token.rb
@@ -0,0 +1,20 @@
+class PersonalAccessToken < ActiveRecord::Base
+  include TokenAuthenticatable
+  add_authentication_token_field :token
+
+  belongs_to :user
+
+  scope :active, -> { where(revoked: false).where("expires_at >= NOW() OR expires_at IS NULL") }
+  scope :inactive, -> { where("revoked = true OR expires_at < NOW()") }
+
+  def self.generate(params)
+    personal_access_token = self.new(params)
+    personal_access_token.ensure_token
+    personal_access_token
+  end
+
+  def revoke!
+    self.revoked = true
+    self.save
+  end
+end
diff --git a/app/models/user.rb b/app/models/user.rb
index 8d0427da5ab..051745fe252 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -51,6 +51,7 @@ class User < ActiveRecord::Base
   # Profile
   has_many :keys, dependent: :destroy
   has_many :emails, dependent: :destroy
+  has_many :personal_access_tokens, dependent: :destroy
   has_many :identities, dependent: :destroy, autosave: true
   has_many :u2f_registrations, dependent: :destroy
 
@@ -267,6 +268,11 @@ class User < ActiveRecord::Base
       find_by!('lower(username) = ?', username.downcase)
     end
 
+    def find_by_personal_access_token(token_string)
+      personal_access_token = PersonalAccessToken.active.find_by_token(token_string) if token_string
+      personal_access_token.user if personal_access_token
+    end
+
     def by_username_or_id(name_or_id)
       find_by('users.username = ? OR users.id = ?', name_or_id.to_s, name_or_id.to_i)
     end
diff --git a/app/views/layouts/nav/_profile.html.haml b/app/views/layouts/nav/_profile.html.haml
index d4b1f477f3f..bb6f14a6225 100644
--- a/app/views/layouts/nav/_profile.html.haml
+++ b/app/views/layouts/nav/_profile.html.haml
@@ -13,6 +13,10 @@
       = link_to applications_profile_path, title: 'Applications' do
         %span
           Applications
+  = nav_link(controller: :personal_access_tokens) do
+    = link_to profile_personal_access_tokens_path, title: 'Personal Access Tokens' do
+      %span
+        Personal Access Tokens
   = nav_link(controller: :emails) do
     = link_to profile_emails_path, title: 'Emails' do
       %span
diff --git a/app/views/profiles/personal_access_tokens/index.html.haml b/app/views/profiles/personal_access_tokens/index.html.haml
new file mode 100644
index 00000000000..1b45548bd02
--- /dev/null
+++ b/app/views/profiles/personal_access_tokens/index.html.haml
@@ -0,0 +1,105 @@
+- page_title "Personal Access Tokens"
+
+.row.prepend-top-default
+  .col-lg-3.profile-settings-sidebar
+    %h4.prepend-top-0
+      = page_title
+    %p
+      You can generate a personal access token for each application you use that needs access to the GitLab API.
+  .col-lg-9
+
+    - if flash[:personal_access_token]
+      .created-personal-access-token-container
+        %h5.prepend-top-0
+          Your New Personal Access Token
+        .form-group
+          = text_field_tag 'created-personal-access-token', flash[:personal_access_token], readonly: true, class: "form-control", 'aria-describedby' => "created-personal-access-token-help-block"
+          = clipboard_button(clipboard_text: flash[:personal_access_token])
+          %span#created-personal-access-token-help-block.help-block.text-danger Make sure you save it - you won't be able to access it again.
+
+      %hr
+
+    %h5.prepend-top-0
+      Add a Personal Access Token
+    %p.profile-settings-content
+      Pick a name for the application, and we'll give you a unique token.
+    = form_for [:profile, @personal_access_token],
+                method: :post, html: { class: 'js-requires-input' } do |f|
+
+      = form_errors(@personal_access_token)
+
+      .form-group
+        = f.label :name, class: 'label-light'
+        = f.text_field :name, class: "form-control", required: true
+
+      .form-group
+        = f.label :expires_at, class: 'label-light'
+        = f.text_field :expires_at, class: "datepicker form-control", required: false
+
+      .prepend-top-default
+        = f.submit 'Create Personal Access Token', class: "btn btn-create"
+
+    %hr
+
+    %h5 Active Personal Access Tokens (#{@active_personal_access_tokens.length})
+
+    - if @active_personal_access_tokens.present?
+      .table-responsive
+        %table.table.active-personal-access-tokens
+          %thead
+            %tr
+              %th Name
+              %th Created
+              %th Expires
+              %th
+          %tbody
+            - @active_personal_access_tokens.each do |token|
+              %tr
+                %td= token.name
+                %td= token.created_at.to_date.to_s(:medium)
+                %td
+                  - if token.expires_at.present?
+                    = token.expires_at.to_date.to_s(:medium)
+                  - else
+                    %span.personal-access-tokens-never-expires-label Never
+                %td= link_to "Revoke", revoke_profile_personal_access_token_path(token), method: :put, class: "btn btn-danger pull-right", data: { confirm: "Are you sure you want to revoke this token? This action cannot be undone." }
+
+    - else
+      .settings-message.text-center
+        You don't have any active tokens yet.
+
+    %hr
+
+    %h5 Inactive Personal Access Tokens (#{@inactive_personal_access_tokens.length})
+
+    - if @inactive_personal_access_tokens.present?
+      .table-responsive
+        %table.table.inactive-personal-access-tokens
+          %thead
+            %tr
+              %th Name
+              %th Created
+          %tbody
+            - @inactive_personal_access_tokens.each do |token|
+              %tr
+                %td= token.name
+                %td= token.created_at.to_date.to_s(:medium)
+
+    - else
+      .settings-message.text-center
+        There are no inactive tokens.
+
+
+:javascript
+  var date = $('#personal_access_token_expires_at').val();
+
+  var datepicker = $(".datepicker").datepicker({
+    dateFormat: "yy-mm-dd",
+    minDate: 0
+  });
+
+  $("#created-personal-access-token").click(function() {
+    this.select();
+  });
+
+  $("#created-personal-access-token").effect('highlight', { color: '#ffff99' }, 2000);