Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
116d8cfc
Commit
116d8cfc
authored
Dec 03, 2017
by
Eric Eastwood
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fix new personal access token showing up in a flash message
parent
e0f84130
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
52 additions
and
5 deletions
+52
-5
app/controllers/profiles/personal_access_tokens_controller.rb
...controllers/profiles/personal_access_tokens_controller.rb
+3
-1
app/models/personal_access_token.rb
app/models/personal_access_token.rb
+21
-0
app/views/profiles/personal_access_tokens/index.html.haml
app/views/profiles/personal_access_tokens/index.html.haml
+3
-4
spec/models/personal_access_token_spec.rb
spec/models/personal_access_token_spec.rb
+25
-0
No files found.
app/controllers/profiles/personal_access_tokens_controller.rb
View file @
116d8cfc
...
@@ -8,7 +8,7 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
...
@@ -8,7 +8,7 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
@personal_access_token
=
finder
.
build
(
personal_access_token_params
)
@personal_access_token
=
finder
.
build
(
personal_access_token_params
)
if
@personal_access_token
.
save
if
@personal_access_token
.
save
flash
[
:personal_access_token
]
=
@personal_access_token
.
token
PersonalAccessToken
.
redis_store!
(
current_user
.
id
,
@personal_access_token
.
token
)
redirect_to
profile_personal_access_tokens_path
,
notice:
"Your new personal access token has been created."
redirect_to
profile_personal_access_tokens_path
,
notice:
"Your new personal access token has been created."
else
else
set_index_vars
set_index_vars
...
@@ -43,5 +43,7 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
...
@@ -43,5 +43,7 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
@inactive_personal_access_tokens
=
finder
(
state:
'inactive'
).
execute
@inactive_personal_access_tokens
=
finder
(
state:
'inactive'
).
execute
@active_personal_access_tokens
=
finder
(
state:
'active'
).
execute
.
order
(
:expires_at
)
@active_personal_access_tokens
=
finder
(
state:
'active'
).
execute
.
order
(
:expires_at
)
@new_personal_access_token
=
PersonalAccessToken
.
redis_getdel
(
current_user
.
id
)
end
end
end
end
app/models/personal_access_token.rb
View file @
116d8cfc
...
@@ -3,6 +3,8 @@ class PersonalAccessToken < ActiveRecord::Base
...
@@ -3,6 +3,8 @@ class PersonalAccessToken < ActiveRecord::Base
include
TokenAuthenticatable
include
TokenAuthenticatable
add_authentication_token_field
:token
add_authentication_token_field
:token
REDIS_EXPIRY_TIME
=
3
.
minutes
serialize
:scopes
,
Array
# rubocop:disable Cop/ActiveRecordSerialize
serialize
:scopes
,
Array
# rubocop:disable Cop/ActiveRecordSerialize
belongs_to
:user
belongs_to
:user
...
@@ -27,6 +29,21 @@ class PersonalAccessToken < ActiveRecord::Base
...
@@ -27,6 +29,21 @@ class PersonalAccessToken < ActiveRecord::Base
!
revoked?
&&
!
expired?
!
revoked?
&&
!
expired?
end
end
def
self
.
redis_getdel
(
user_id
)
Gitlab
::
Redis
::
SharedState
.
with
do
|
redis
|
token
=
redis
.
get
(
redis_shared_state_key
(
user_id
))
redis
.
del
(
redis_shared_state_key
(
user_id
))
token
end
end
def
self
.
redis_store!
(
user_id
,
token
)
Gitlab
::
Redis
::
SharedState
.
with
do
|
redis
|
redis
.
set
(
redis_shared_state_key
(
user_id
),
token
,
ex:
REDIS_EXPIRY_TIME
)
token
end
end
protected
protected
def
validate_scopes
def
validate_scopes
...
@@ -38,4 +55,8 @@ class PersonalAccessToken < ActiveRecord::Base
...
@@ -38,4 +55,8 @@ class PersonalAccessToken < ActiveRecord::Base
def
set_default_scopes
def
set_default_scopes
self
.
scopes
=
Gitlab
::
Auth
::
DEFAULT_SCOPES
if
self
.
scopes
.
empty?
self
.
scopes
=
Gitlab
::
Auth
::
DEFAULT_SCOPES
if
self
.
scopes
.
empty?
end
end
def
self
.
redis_shared_state_key
(
user_id
)
"gitlab:personal_access_token:
#{
user_id
}
"
end
end
end
app/views/profiles/personal_access_tokens/index.html.haml
View file @
116d8cfc
...
@@ -15,14 +15,13 @@
...
@@ -15,14 +15,13 @@
They are the only accepted password when you have Two-Factor Authentication (2FA) enabled.
They are the only accepted password when you have Two-Factor Authentication (2FA) enabled.
.col-lg-8
.col-lg-8
-
if
@new_personal_access_token
-
if
flash
[
:personal_access_token
]
.created-personal-access-token-container
.created-personal-access-token-container
%h5
.prepend-top-0
%h5
.prepend-top-0
Your New Personal Access Token
Your New Personal Access Token
.form-group
.form-group
=
text_field_tag
'created-personal-access-token'
,
flash
[
:personal_access_token
]
,
readonly:
true
,
class:
"form-control js-select-on-focus"
,
'aria-describedby'
=>
"created-personal-access-token-help-block"
=
text_field_tag
'created-personal-access-token'
,
@new_personal_access_token
,
readonly:
true
,
class:
"form-control js-select-on-focus"
,
'aria-describedby'
=>
"created-personal-access-token-help-block"
=
clipboard_button
(
text:
flash
[
:personal_access_token
]
,
title:
"Copy personal access token to clipboard"
,
placement:
"left"
)
=
clipboard_button
(
text:
@new_personal_access_token
,
title:
"Copy personal access token to clipboard"
,
placement:
"left"
)
%span
#created-personal-access-token-help-block
.help-block.text-danger
Make sure you save it - you won't be able to access it again.
%span
#created-personal-access-token-help-block
.help-block.text-danger
Make sure you save it - you won't be able to access it again.
%hr
%hr
...
...
spec/models/personal_access_token_spec.rb
View file @
116d8cfc
require
'spec_helper'
require
'spec_helper'
describe
PersonalAccessToken
do
describe
PersonalAccessToken
do
subject
{
described_class
}
describe
'.build'
do
describe
'.build'
do
let
(
:personal_access_token
)
{
build
(
:personal_access_token
)
}
let
(
:personal_access_token
)
{
build
(
:personal_access_token
)
}
let
(
:invalid_personal_access_token
)
{
build
(
:personal_access_token
,
:invalid
)
}
let
(
:invalid_personal_access_token
)
{
build
(
:personal_access_token
,
:invalid
)
}
...
@@ -45,6 +47,29 @@ describe PersonalAccessToken do
...
@@ -45,6 +47,29 @@ describe PersonalAccessToken do
end
end
end
end
describe
'Redis storage'
do
let
(
:user_id
)
{
123
}
let
(
:token
)
{
'abc000foo'
}
before
do
subject
.
redis_store!
(
user_id
,
token
)
end
it
'returns stored data'
do
expect
(
subject
.
redis_getdel
(
user_id
)).
to
eq
(
token
)
end
context
'after deletion'
do
before
do
expect
(
subject
.
redis_getdel
(
user_id
)).
to
eq
(
token
)
end
it
'token is removed'
do
expect
(
subject
.
redis_getdel
(
user_id
)).
to
be_nil
end
end
end
context
"validations"
do
context
"validations"
do
let
(
:personal_access_token
)
{
build
(
:personal_access_token
)
}
let
(
:personal_access_token
)
{
build
(
:personal_access_token
)
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment