Warn admin of granting admin rights during OAuth

Fixes #3951

Warning style the same as the warning a user sees on a archived project.
This commit is contained in:
Zeger-Jan van de Weg 2016-01-25 20:08:29 +01:00
parent a9aa97b727
commit 758177d14c
2 changed files with 9 additions and 1 deletions

View file

@ -16,6 +16,7 @@ v 8.4.1
and Nokogiri (1.6.7.2) and Nokogiri (1.6.7.2)
- Fix redirect loop during import - Fix redirect loop during import
- Fix diff highlighting for all syntax themes - Fix diff highlighting for all syntax themes
- Warn admin during OAuth of granting admin rights (Zeger-Jan van de Weg)
v 8.4.0 v 8.4.0
- Allow LDAP users to change their email if it was not set by the LDAP server - Allow LDAP users to change their email if it was not set by the LDAP server

View file

@ -4,6 +4,13 @@
Authorize Authorize
%strong.text-info= @pre_auth.client.name %strong.text-info= @pre_auth.client.name
to use your account? to use your account?
- if current_user.admin?
.text-warning.prepend-top-20
%p
= icon("exclamation-triangle fw")
Caution! You are admin, and thus will grant admin permission to #{@pre_auth.client.name}.
- if @pre_auth.scopes - if @pre_auth.scopes
#oauth-permissions #oauth-permissions
%p This application will be able to: %p This application will be able to:
@ -25,4 +32,4 @@
= hidden_field_tag :state, @pre_auth.state = hidden_field_tag :state, @pre_auth.state
= hidden_field_tag :response_type, @pre_auth.response_type = hidden_field_tag :response_type, @pre_auth.response_type
= hidden_field_tag :scope, @pre_auth.scope = hidden_field_tag :scope, @pre_auth.scope
= submit_tag "Deny", class: "btn btn-danger prepend-left-10" = submit_tag "Deny", class: "btn btn-danger prepend-left-10"