kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
90617 commits 1 branch 0 tags 899 MiB
Commit graph

12 commits

Author SHA1 Message Date
blackst0ne
b44a2c801a Update specs to rails5 format 
Updates specs to use new rails5 format.

The old format:
`get :show, { some: params }, { some: headers }`

The new format:
`get :show, params: { some: params }, headers: { some: headers }`
 2018-12-19 10:04:31 +11:00
Cindy Pallares
5736d6606a
Merge branch 'security-fix-uri-xss-applications' into 'master' 
[master] Resolve "Reflected XSS in OAuth Authorize window due to redirect_uri allowing arbitrary protocols"

See merge request gitlab/gitlabhq!2572
 2018-11-28 19:14:15 -05:00
Dmitriy Zaporozhets
d304af4bb4
Fix spec message in spec/controllers/oauth/applications_controller_spec.rb 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2018-09-21 11:03:00 +03:00
Dmitriy Zaporozhets
98a319a482
Always allow user to revoke an authorized application 
Even if User OAuth applications setting is disabled in admin settings.

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2018-09-20 14:02:59 +03:00
Francisco Javier López
7a0bb214f3 Fix OAuth application authorization screen to appear with every access 2018-06-29 08:15:42 +00:00
Bob Van Landuyt
417e3ba8e3 Specify base controller for Doorkeeper 
This will make sure the `ApplicantionController#can?` method is
available for views rendering menus based on the current user's abilities.
 2018-02-28 12:05:19 +01:00
Mario de la Ossa
eaada9d706 use Gitlab::UserSettings directly as a singleton instead of including/extending it 2018-02-02 18:39:55 +00:00
Jacopo
2f40dac352 Refactor have_http_status into have_gitlab_http_status in the specs 2017-10-20 10:13:18 +02:00
Oswaldo Ferreira
e561b142fa Backport gitlab-ee!2456 2017-07-27 12:09:46 -04:00
Dmitriy Zaporozhets
c277b2c34d
Add tests for Oauth::AuthorizationsController 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2017-04-28 15:45:18 +03:00
Z.J. van de Weg
abca19da8b Use HTTP matchers if possible 2016-06-27 20:10:42 +02:00
Stan Hu
3b50d96b8a Fix endless redirections when accessing user OAuth applications when they are disabled 
Also hides the "Applications" nav button if OAuth applications are disabled by the admin.

Closes #14770
 2016-06-08 05:52:04 -07:00