1. 16 Dec, 2016 15 commits
    • Timothy Andrew's avatar
      Make `ChangePersonalAccessTokensDefaultBackToEmptyArray` a "post" migration. · 9be9072d
      Timothy Andrew authored
      If we leave this as a regular migration, we could have the following flow:
      
      1. Application knows nothing about scopes.
      2. First migration runs, all existing personal access tokens have `api` scope
      3. Application still knows nothing about scopes.
      4. Second migration runs, all tokens created after this point have no scope
      5. Application still knows nothing about scopes.
      6. Tokens created at this time _should have the API scope, but instead have no scope_
      7. Application code is reloaded, application knows about scopes
      8. Tokens created after this point only have no scope if the user deliberately
         chooses to have no scopes.
      
      Point #6 is the problem here. To avoid this, we move the second migration to a
      "post" migration, which runs after the application code is deployed/reloaded.
      9be9072d
    • Timothy Andrew's avatar
      Rename the `token_has_scope?` method. · 6a62e6db
      Timothy Andrew authored
      `valid_api_token?` is a better name. Scopes are just (potentially) one facet of
      a "valid" token.
      6a62e6db
    • Timothy Andrew's avatar
      Convert AccessTokenValidationService into a class. · b61a4282
      Timothy Andrew authored
      - Previously, AccessTokenValidationService was a module, and all its  public
      methods accepted a token. It makes sense to convert it to a class which accepts
      a token during initialization.
      
      - Also rename the `sufficient_scope?` method to `include_any_scope?`
      
      - Based on feedback from @rymai
      b61a4282
    • Timothy Andrew's avatar
      View-related (and other minor) changes to !5951 based on @rymai's review. · 63d01af4
      Timothy Andrew authored
      - The `scopes_form` partial can be used in the `admin/applications` view
        as well
      
      - Don't allow partials to access instance variables directly. Instead, pass
        in the instance variables as local variables, and use `local_assigns.fetch`
        to assert that the variables are passed in as expected.
      
      - Change a few instances of `render :partial` to `render`
      
      - Remove an instance of `required: false` in a view, since this is the default
      
      - Inline many instances of a local variable (`ip = 'ip'`) in `auth_spec`
      63d01af4
    • Timothy Andrew's avatar
      Add a controller spec for personal access tokens. · ef753965
      Timothy Andrew authored
      Split the existing feature spec into both feature and controller specs.
      Feature specs assert on browser DOM, and controller specs assert on database
      state.
      ef753965
    • Timothy Andrew's avatar
      Modify `ApiHelpers` spec to adhere to the Four-Phase test style. · 7ea04156
      Timothy Andrew authored
      - Use whitespace to separate the setup, expectation and teardown phases.
      7ea04156
    • Timothy Andrew's avatar
      Refactor access token validation in `Gitlab::Auth` · 38c0cbcc
      Timothy Andrew authored
      - Based on @dbalexandre's review
      - Extract token validity conditions into two separate methods, for
        personal access tokens and OAuth tokens.
      38c0cbcc
    • Timothy Andrew's avatar
      Move the scopes form/list view into a partial. · 4c1858c1
      Timothy Andrew authored
      - The list of scopes that's displayed while creating a personal access
        token is identical to the list that's displayed while creating an OAuth
        application. Extract these into a partial.
      
      - The list of scopes that's displayed while in the show page for an OAuth token
        in the profile settings and admin settings are identical. Extract these into
        a partial.
      4c1858c1
    • Timothy Andrew's avatar
      Implement minor changes from @dbalexandre's review. · 07f5be6b
      Timothy Andrew authored
      - Mainly whitespace changes.
      
      - Require the migration adding the `scope` column to the
        `personal_access_tokens` table to have downtime, since API calls will
        fail if the new code is in place, but the migration hasn't run.
      
      - Minor refactoring - load `@scopes` in a `before_action`, since we're
        doing it in three different places.
      07f5be6b
    • Timothy Andrew's avatar
      Update CHANGELOG · c400cae3
      Timothy Andrew authored
      c400cae3
    • Timothy Andrew's avatar
      Validate access token scopes in `Gitlab::Auth` · f7c27fd8
      Timothy Andrew authored
      - This module is used for git-over-http, as well as JWT.
      
      - The only valid scope here is `api`, currently.
      f7c27fd8
    • Timothy Andrew's avatar
      Calls to the API are checked for scope. · 184b923f
      Timothy Andrew authored
      - Move the `Oauth2::AccessTokenValidationService` class to
        `AccessTokenValidationService`, since it is now being used for
        personal access token validation as well.
      
      - Each API endpoint declares the scopes it accepts (if any). Currently,
        the top level API module declares the `api` scope, and the `Users` API
        module declares the `read_user` scope (for GET requests).
      
      - Move the `find_user_by_private_token` from the API `Helpers` module to
        the `APIGuard` module, to avoid littering `Helpers` with more
        auth-related methods to support `find_user_by_private_token`
      184b923f
    • Timothy Andrew's avatar
    • Timothy Andrew's avatar
    • Rémy Coutable's avatar
      API: Memoize the current_user so that the sudo can work properly · ca69c725
      Rémy Coutable authored
      The issue was arising when `#current_user` was called a second time
      after a user was impersonated: the `User#is_admin?` check would be
      performed on it and it would fail.
      Signed-off-by: default avatarRémy Coutable <remy@rymai.me>
      ca69c725
  2. 15 Dec, 2016 8 commits
  3. 14 Dec, 2016 14 commits
  4. 13 Dec, 2016 3 commits