diff options
author | Douwe Maan <douwe@gitlab.com> | 2017-11-07 08:33:58 +0000 |
---|---|---|
committer | Lin Jen-Shin <godfat@godfat.org> | 2017-11-10 16:26:53 +0800 |
commit | ab1f3b47a84b3d2944891216403b89042a8ab3a3 (patch) | |
tree | 11f0240c66d670916d0e793e6c653fe43b941a34 /config | |
parent | 304ceb144cca36dbcefcfb508b0dac220f76c9e1 (diff) | |
download | gitlab-ce-ab1f3b47a84b3d2944891216403b89042a8ab3a3.tar.gz |
Merge branch '32059-fix-oauth-phishing' into 'security-10-1'
Prevent OAuth phishing attack by presenting detailed wording about app to user during authorization
See merge request gitlab/gitlabhq!2205
Diffstat (limited to 'config')
-rw-r--r-- | config/locales/doorkeeper.en.yml | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/config/locales/doorkeeper.en.yml b/config/locales/doorkeeper.en.yml index 0da6b14c29e..b1c71095d4f 100644 --- a/config/locales/doorkeeper.en.yml +++ b/config/locales/doorkeeper.en.yml @@ -62,7 +62,15 @@ en: read_user: Read the authenticated user's personal information openid: Authenticate using OpenID Connect sudo: Perform API actions as any user in the system (if the authenticated user is an admin) - + scope_desc: + api: + Full access to GitLab as the user, including read/write on all their groups and projects + read_user: + Read-only access to the user's profile information, like username, public email and full name + openid: + The ability to authenticate using GitLab, and read-only access to the user's profile information + sudo: + Access to the Sudo feature, to perform API actions as any user in the system (only available for admins) flash: applications: create: |