Commit 55fe0d7d authored by Douwe Maan's avatar Douwe Maan

Set default scope on PATs that don't have one set to allow them to be revoked

parent b8e47d72
class Profiles::PersonalAccessTokensController < Profiles::ApplicationController class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
def index def index
set_index_vars set_index_vars
@personal_access_token = finder.build
end end
def create def create
...@@ -40,7 +41,6 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController ...@@ -40,7 +41,6 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
def set_index_vars def set_index_vars
@scopes = Gitlab::Auth.available_scopes @scopes = Gitlab::Auth.available_scopes
@personal_access_token = finder.build
@inactive_personal_access_tokens = finder(state: 'inactive').execute @inactive_personal_access_tokens = finder(state: 'inactive').execute
@active_personal_access_tokens = finder(state: 'active').execute.order(:expires_at) @active_personal_access_tokens = finder(state: 'active').execute.order(:expires_at)
end end
......
...@@ -17,6 +17,8 @@ class PersonalAccessToken < ActiveRecord::Base ...@@ -17,6 +17,8 @@ class PersonalAccessToken < ActiveRecord::Base
validates :scopes, presence: true validates :scopes, presence: true
validate :validate_scopes validate :validate_scopes
after_initialize :set_default_scopes, if: :persisted?
def revoke! def revoke!
update!(revoked: true) update!(revoked: true)
end end
...@@ -32,4 +34,8 @@ class PersonalAccessToken < ActiveRecord::Base ...@@ -32,4 +34,8 @@ class PersonalAccessToken < ActiveRecord::Base
errors.add :scopes, "can only contain available scopes" errors.add :scopes, "can only contain available scopes"
end end
end end
def set_default_scopes
self.scopes = Gitlab::Auth::DEFAULT_SCOPES if self.scopes.empty?
end
end end
- type = impersonation ? "impersonation" : "personal access" - type = impersonation ? "impersonation" : "personal access"
%h5.prepend-top-0 %h5.prepend-top-0
Add a #{type} Token Add a #{type} token
%p.profile-settings-content %p.profile-settings-content
Pick a name for the application, and we'll give you a unique #{type} Token. Pick a name for the application, and we'll give you a unique #{type} token.
= form_for token, url: path, method: :post, html: { class: 'js-requires-input' } do |f| = form_for token, url: path, method: :post, html: { class: 'js-requires-input' } do |f|
......
---
title: Set default scope on PATs that don't have one set to allow them to be revoked
merge_request:
author:
type: fixed
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment