Commit a475411f authored by Mayra Cabrera's avatar Mayra Cabrera

Fixes broken schema and minor changes

parent 2c6c6181
...@@ -10,8 +10,8 @@ module Projects ...@@ -10,8 +10,8 @@ module Projects
def create_deploy_token def create_deploy_token
@new_deploy_token = DeployTokens::CreateService.new(@project, current_user, deploy_token_params).execute @new_deploy_token = DeployTokens::CreateService.new(@project, current_user, deploy_token_params).execute
if @new_deploy_token.valid? if @new_deploy_token.persisted?
flash[:notice] = 'Your new project deploy token has been created.' flash.now[:notice] = 'Your new project deploy token has been created.'
end end
render_show render_show
......
...@@ -4,12 +4,11 @@ ...@@ -4,12 +4,11 @@
.form-group .form-group
= text_field_tag 'deploy-token-user', deploy_token.username, readonly: true, class: 'deploy-token-field form-control js-select-on-focus' = text_field_tag 'deploy-token-user', deploy_token.username, readonly: true, class: 'deploy-token-field form-control js-select-on-focus'
= clipboard_button(text: deploy_token.username, title: s_('DeployTokens|Copy deploy token username to clipboard'), placement: 'left') = clipboard_button(text: deploy_token.username, title: s_('DeployTokens|Copy username to clipboard'), placement: 'left')
%span.help-block.prepend-top-5.text-success= s_("DeployTokens|Use this username as a login.") %span.deploy-token-help-block.prepend-top-5.text-success= s_("DeployTokens|Use this username as a login.")
.form-group .form-group
= text_field_tag 'deploy-token', deploy_token.token, readonly: true, class: 'deploy-token-field form-control js-select-on-focus' = text_field_tag 'deploy-token', deploy_token.token, readonly: true, class: 'deploy-token-field form-control js-select-on-focus'
= clipboard_button(text: deploy_token.token, title: s_('DeployTokens|Copy deploy token to clipboard'), placement: 'left') = clipboard_button(text: deploy_token.token, title: s_('DeployTokens|Copy deploy token to clipboard'), placement: 'left')
%span.help-block.prepend-top-5.text-danger= s_("DeployTokens|Use this token as a password. Make sure you save it - you won't be able to access it again.") %span.deploy-token-help-block.prepend-top-5.text-danger= s_("DeployTokens|Use this token as a password. Make sure you save it - you won't be able to access it again.")
%hr %hr
...@@ -1639,7 +1639,6 @@ ActiveRecord::Schema.define(version: 20180405142733) do ...@@ -1639,7 +1639,6 @@ ActiveRecord::Schema.define(version: 20180405142733) do
t.string "path", null: false t.string "path", null: false
t.datetime "created_at", null: false t.datetime "created_at", null: false
t.datetime "updated_at", null: false t.datetime "updated_at", null: false
t.boolean "permanent"
end end
add_index "redirect_routes", ["path"], name: "index_redirect_routes_on_path", unique: true, using: :btree add_index "redirect_routes", ["path"], name: "index_redirect_routes_on_path", unique: true, using: :btree
......
...@@ -7,7 +7,7 @@ Deploy tokens allow to download (through `git clone`), or read the container reg ...@@ -7,7 +7,7 @@ Deploy tokens allow to download (through `git clone`), or read the container reg
Please note, that the expiration of deploy tokens happens on the date you define, Please note, that the expiration of deploy tokens happens on the date you define,
at midnight UTC and that they can be only managed by [masters](https://docs.gitlab.com/ee/user/permissions.html). at midnight UTC and that they can be only managed by [masters](https://docs.gitlab.com/ee/user/permissions.html).
## Creating a personal access token ## Creating a Deploy Token
You can create as many deploy tokens as you like from the settings of your project: You can create as many deploy tokens as you like from the settings of your project:
...@@ -36,7 +36,7 @@ the following table. ...@@ -36,7 +36,7 @@ the following table.
| Scope | Description | | Scope | Description |
| ----- | ----------- | | ----- | ----------- |
|`read_repository` | Allows read-access to the repository through `git clone` | | `read_repository` | Allows read-access to the repository through `git clone` |
| `read_registry` | Allows read-access to [container registry] images if a project is private and authorization is required. | | `read_registry` | Allows read-access to [container registry] images if a project is private and authorization is required. |
## Usage ## Usage
......
...@@ -164,8 +164,8 @@ module Gitlab ...@@ -164,8 +164,8 @@ module Gitlab
def abilities_for_scopes(scopes) def abilities_for_scopes(scopes)
abilities_by_scope = { abilities_by_scope = {
api: full_authentication_abilities, api: full_authentication_abilities,
read_registry: build_authentication_abilities - [:build_create_container_image], read_registry: [:build_read_container_image],
read_repository: read_authentication_abilities - [:read_container_image] read_repository: [:download_code]
} }
scopes.flat_map do |scope| scopes.flat_map do |scope|
......
...@@ -11,6 +11,7 @@ describe Projects::DeployTokensController do ...@@ -11,6 +11,7 @@ describe Projects::DeployTokensController do
describe 'POST #create' do describe 'POST #create' do
let(:deploy_token_params) { attributes_for(:deploy_token) } let(:deploy_token_params) { attributes_for(:deploy_token) }
subject do subject do
post :create, post :create,
namespace_id: project.namespace, namespace_id: project.namespace,
......
...@@ -264,7 +264,7 @@ describe Gitlab::Auth do ...@@ -264,7 +264,7 @@ describe Gitlab::Auth do
let(:deploy_token) { create(:deploy_token, read_registry: false, projects: [project]) } let(:deploy_token) { create(:deploy_token, read_registry: false, projects: [project]) }
it 'succeeds when project is present, token is valid and has read_repository as scope' do it 'succeeds when project is present, token is valid and has read_repository as scope' do
abilities = %i(read_project download_code) abilities = %i(download_code)
auth_success = Gitlab::Auth::Result.new(deploy_token, project, :deploy_token, abilities) auth_success = Gitlab::Auth::Result.new(deploy_token, project, :deploy_token, abilities)
expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: '') expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: '')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment