Commit 758177d1 authored by Zeger-Jan van de Weg's avatar Zeger-Jan van de Weg

Warn admin of granting admin rights during OAuth

Fixes #3951

Warning style the same as the warning a user sees on a archived project.
parent a9aa97b7
...@@ -16,6 +16,7 @@ v 8.4.1 ...@@ -16,6 +16,7 @@ v 8.4.1
and Nokogiri (1.6.7.2) and Nokogiri (1.6.7.2)
- Fix redirect loop during import - Fix redirect loop during import
- Fix diff highlighting for all syntax themes - Fix diff highlighting for all syntax themes
- Warn admin during OAuth of granting admin rights (Zeger-Jan van de Weg)
v 8.4.0 v 8.4.0
- Allow LDAP users to change their email if it was not set by the LDAP server - Allow LDAP users to change their email if it was not set by the LDAP server
......
...@@ -4,6 +4,13 @@ ...@@ -4,6 +4,13 @@
Authorize Authorize
%strong.text-info= @pre_auth.client.name %strong.text-info= @pre_auth.client.name
to use your account? to use your account?
- if current_user.admin?
.text-warning.prepend-top-20
%p
= icon("exclamation-triangle fw")
Caution! You are admin, and thus will grant admin permission to #{@pre_auth.client.name}.
- if @pre_auth.scopes - if @pre_auth.scopes
#oauth-permissions #oauth-permissions
%p This application will be able to: %p This application will be able to:
...@@ -25,4 +32,4 @@ ...@@ -25,4 +32,4 @@
= hidden_field_tag :state, @pre_auth.state = hidden_field_tag :state, @pre_auth.state
= hidden_field_tag :response_type, @pre_auth.response_type = hidden_field_tag :response_type, @pre_auth.response_type
= hidden_field_tag :scope, @pre_auth.scope = hidden_field_tag :scope, @pre_auth.scope
= submit_tag "Deny", class: "btn btn-danger prepend-left-10" = submit_tag "Deny", class: "btn btn-danger prepend-left-10"
\ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment