Always allow user to revoke an authorized application
Even if User OAuth applications setting is disabled in admin settings. Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
This commit is contained in:
parent
8c2192943a
commit
98a319a482
|
@ -4,7 +4,7 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
|
||||||
include PageLayoutHelper
|
include PageLayoutHelper
|
||||||
include OauthApplications
|
include OauthApplications
|
||||||
|
|
||||||
before_action :verify_user_oauth_applications_enabled
|
before_action :verify_user_oauth_applications_enabled, except: :index
|
||||||
before_action :authenticate_user!
|
before_action :authenticate_user!
|
||||||
before_action :add_gon_variables
|
before_action :add_gon_variables
|
||||||
before_action :load_scopes, only: [:index, :create, :edit]
|
before_action :load_scopes, only: [:index, :create, :edit]
|
||||||
|
|
|
@ -28,18 +28,17 @@
|
||||||
= link_to profile_account_path do
|
= link_to profile_account_path do
|
||||||
%strong.fly-out-top-item-name
|
%strong.fly-out-top-item-name
|
||||||
= _('Account')
|
= _('Account')
|
||||||
- if Gitlab::CurrentSettings.user_oauth_applications?
|
= nav_link(controller: 'oauth/applications') do
|
||||||
= nav_link(controller: 'oauth/applications') do
|
= link_to applications_profile_path do
|
||||||
= link_to applications_profile_path do
|
.nav-icon-container
|
||||||
.nav-icon-container
|
= sprite_icon('applications')
|
||||||
= sprite_icon('applications')
|
%span.nav-item-name
|
||||||
%span.nav-item-name
|
= _('Applications')
|
||||||
= _('Applications')
|
%ul.sidebar-sub-level-items.is-fly-out-only
|
||||||
%ul.sidebar-sub-level-items.is-fly-out-only
|
= nav_link(controller: 'oauth/applications', html_options: { class: "fly-out-top-item" } ) do
|
||||||
= nav_link(controller: 'oauth/applications', html_options: { class: "fly-out-top-item" } ) do
|
= link_to applications_profile_path do
|
||||||
= link_to applications_profile_path do
|
%strong.fly-out-top-item-name
|
||||||
%strong.fly-out-top-item-name
|
= _('Applications')
|
||||||
= _('Applications')
|
|
||||||
= nav_link(controller: :chat_names) do
|
= nav_link(controller: :chat_names) do
|
||||||
= link_to profile_chat_names_path do
|
= link_to profile_chat_names_path do
|
||||||
.nav-icon-container
|
.nav-icon-container
|
||||||
|
|
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
title: Allow user to revoke an authorized application even if User OAuth applications
|
||||||
|
setting is disabled in admin settings
|
||||||
|
merge_request: 21835
|
||||||
|
author:
|
||||||
|
type: changed
|
|
@ -16,13 +16,43 @@ describe Oauth::ApplicationsController do
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'redirects back to profile page if OAuth applications are disabled' do
|
it 'redirects back to profile page if OAuth applications are disabled' do
|
||||||
allow(Gitlab::CurrentSettings.current_application_settings).to receive(:user_oauth_applications?).and_return(false)
|
disable_user_oauth
|
||||||
|
|
||||||
get :index
|
get :index
|
||||||
|
|
||||||
|
expect(response).to have_gitlab_http_status(200)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe 'POST #create' do
|
||||||
|
it 'creates an application' do
|
||||||
|
post :create, oauth_params
|
||||||
|
|
||||||
|
expect(response).to have_gitlab_http_status(302)
|
||||||
|
expect(response).to redirect_to(oauth_application_path(Doorkeeper::Application.last))
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'redirects back to profile page if OAuth applications are disabled' do
|
||||||
|
disable_user_oauth
|
||||||
|
|
||||||
|
post :create, oauth_params
|
||||||
|
|
||||||
expect(response).to have_gitlab_http_status(302)
|
expect(response).to have_gitlab_http_status(302)
|
||||||
expect(response).to redirect_to(profile_path)
|
expect(response).to redirect_to(profile_path)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def disable_user_oauth
|
||||||
|
allow(Gitlab::CurrentSettings.current_application_settings).to receive(:user_oauth_applications?).and_return(false)
|
||||||
|
end
|
||||||
|
|
||||||
|
def oauth_params
|
||||||
|
{
|
||||||
|
doorkeeper_application: {
|
||||||
|
name: 'foo',
|
||||||
|
redirect_uri: 'http://example.org'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue