From 5a8e0350c72ed4536fb7962bd9c4e921a62d6217 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Fri, 9 Jul 2021 00:09:58 +0000 Subject: [PATCH] Add latest changes from gitlab-org/gitlab@master --- .../javascripts/token_access/components/token_access.vue | 4 ++++ app/graphql/mutations/issues/set_confidential.rb | 3 +++ doc/user/project/settings/project_access_tokens.md | 4 ++-- spec/frontend/token_access/token_access_spec.js | 7 ++++++- 4 files changed, 15 insertions(+), 3 deletions(-) diff --git a/app/assets/javascripts/token_access/components/token_access.vue b/app/assets/javascripts/token_access/components/token_access.vue index 271c90921f0..5ed1af72f79 100644 --- a/app/assets/javascripts/token_access/components/token_access.vue +++ b/app/assets/javascripts/token_access/components/token_access.vue @@ -101,6 +101,10 @@ export default { } } catch (error) { createFlash({ message: error }); + } finally { + if (this.jobTokenScopeEnabled) { + this.getProjects(); + } } }, async addProject() { diff --git a/app/graphql/mutations/issues/set_confidential.rb b/app/graphql/mutations/issues/set_confidential.rb index 4f2ca7e029c..cfee2420ee0 100644 --- a/app/graphql/mutations/issues/set_confidential.rb +++ b/app/graphql/mutations/issues/set_confidential.rb @@ -3,6 +3,8 @@ module Mutations module Issues class SetConfidential < Base + include Mutations::SpamProtection + graphql_name 'IssueSetConfidential' argument :confidential, @@ -19,6 +21,7 @@ module Mutations ::Issues::UpdateService.new(project: project, current_user: current_user, params: { confidential: confidential }, spam_params: spam_params) .execute(issue) + check_spam_action_response!(issue) { issue: issue, diff --git a/doc/user/project/settings/project_access_tokens.md b/doc/user/project/settings/project_access_tokens.md index fca13556a05..bcdb0bbdde4 100644 --- a/doc/user/project/settings/project_access_tokens.md +++ b/doc/user/project/settings/project_access_tokens.md @@ -29,11 +29,11 @@ For examples of how you can use a project access token to authenticate with the 1. Navigate to the project you would like to create an access token for. 1. In the **Settings** menu choose **Access Tokens**. 1. Choose a name and optional expiry date for the token. -1. Choose the access level the token should have in the project. +1. Choose a role for the token. 1. Choose the [desired scopes](#limiting-scopes-of-a-project-access-token). 1. Click the **Create project access token** button. 1. Save the project access token somewhere safe. Once you leave or refresh - the page, you won't be able to access it again. + the page, you don't have access to it again. ## Project bot users diff --git a/spec/frontend/token_access/token_access_spec.js b/spec/frontend/token_access/token_access_spec.js index 244a7f00cb9..c7323eb19fe 100644 --- a/spec/frontend/token_access/token_access_spec.js +++ b/spec/frontend/token_access/token_access_spec.js @@ -108,7 +108,7 @@ describe('TokenAccess component', () => { expect(findTokenSection().exists()).toBe(false); }); - it('switching the toggle calls the mutation', async () => { + it('switching the toggle calls the mutation and fetches the projects again', async () => { createComponent([ [getCIJobTokenScopeQuery, disabledJobTokenScopeHandler], [updateCIJobTokenScopeMutation, updateJobTokenScopeHandler], @@ -117,11 +117,16 @@ describe('TokenAccess component', () => { await waitForPromises(); + expect(getProjectsWithScope).toHaveBeenCalledTimes(1); + findToggle().vm.$emit('change', true); + await waitForPromises(); + expect(updateJobTokenScopeHandler).toHaveBeenCalledWith({ input: { fullPath: projectPath, jobTokenScopeEnabled: true }, }); + expect(getProjectsWithScope).toHaveBeenCalledTimes(2); }); });