kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
64,731 Commits 1 Branch 0 Tags 899 MiB
Commit Graph

21 Commits

Author SHA1 Message Date
Douwe Maan 55fe0d7d0a Set default scope on PATs that don't have one set to allow them to be revoked 2017-10-03 16:57:36 +02:00
Robin Bobbitt 0013e6c00d Clean up read_registry scope changes 
Closes #37789
 2017-09-18 08:39:01 -04:00
Robin Bobbitt 62ef67acc3 Hide read_registry scope when registry is disabled on instance 2017-08-21 18:13:32 -04:00
Yorick Peterse e1a3bf30b6
Rename ActiverecordSerialize cop 
This cop has been renamed to ActiveRecordSerialize to match the way
"ActiveRecord" is usually written.
 2017-07-06 12:01:36 +02:00
Kamil Trzciński 7adddf4996 Merge branch 'zj-read-registry-pat' into 'master' 
Allow pulling container images using personal access tokens

Closes #19219

See merge request !11845
 2017-06-07 09:20:57 +00:00
Z.J. van de Weg 0b81b5ace0 Create read_registry scope with JWT auth 
This is the first commit doing mainly 3 things:
1. create a new scope and allow users to use it
2. Have the JWTController respond correctly on this
3. Updates documentation to suggest usage of PATs

There is one gotcha, there will be no support for impersonation tokens, as this
seems not needed.

Fixes gitlab-org/gitlab-ce#19219
 2017-06-05 12:26:49 +02:00
Yorick Peterse cd74c1434e
Added Cop to blacklist the use of serialize 
This Cop blacklists the use of ActiveRecord's "serialize" method, except
for cases where we already use this.
 2017-05-31 14:03:37 +02:00
Sean McGivern de37dcee90 Merge branch 'siemens/gitlab-ce-feature/openid-connect' 2017-03-07 16:16:08 +00:00
Markus Koller 8699c8338f Require explicit scopes on personal access tokens 
Gitlab::Auth and API::APIGuard already check for at least one valid
scope on personal access tokens, so if the scopes are empty the token
will always fail validation.
 2017-03-07 15:00:29 +01:00
Markus Koller eefbc83730 Only use API scopes for personal access tokens 2017-03-07 15:00:29 +01:00
Tiago Botelho 2b474dc2b2 refactors finder and correlated code 2017-03-01 13:11:11 +00:00
Tiago Botelho 9f2e4742e3 applies relevant changes to the code and code structure 2017-02-28 22:15:40 +00:00
Simon Vocella a3dfb58e7f add impersonation token 2017-02-28 22:15:39 +00:00
Simon Vocella 81246e5649 manage personal_access_tokens through api 2017-02-28 22:15:39 +00:00
Timothy Andrew 1d0ccec6dd Add a `scopes` column to the `personal_access_tokens` table 2016-12-16 15:08:10 +05:30
Timothy Andrew bafbf22c6a Address @DouweM's feedback on !3749. 
- Use `TokenAuthenticatable` to generate the personal access token
- Remove a check for `authenticity_token` in application controller;
  this should've been `authentication_token`, maybe, and doesn't make
  any sense now.
- Have the datepicker appear inline
 2016-04-28 22:28:36 +05:30
Timothy Andrew fc4bce755d Make fixes based on @vsizov's comments on MR !3749 2016-04-28 22:28:36 +05:30
Timothy Andrew fb2da6795c Add an "Inactive Personal Access Tokens" section. 
- Show the count for each section in parens
- Remove the `revoked?` check, because everything in the
  active section is guaranteed to not be revoked.
 2016-04-28 22:28:36 +05:30
Timothy Andrew e5cf527f27 Allow expiration of personal access tokens. 2016-04-28 22:28:36 +05:30
Timothy Andrew 6d76f14f54 Allow revoking personal access tokens. 2016-04-28 22:28:36 +05:30
Timothy Andrew 3a60903874 Allow creating Personal Access Tokens through the website. 2016-04-28 22:28:36 +05:30