Commit graph

22 commits

Author SHA1 Message Date
Eric Eastwood
116d8cfcfb Fix new personal access token showing up in a flash message 2017-12-07 16:22:37 -06:00
Douwe Maan
55fe0d7d0a Set default scope on PATs that don't have one set to allow them to be revoked 2017-10-03 16:57:36 +02:00
Robin Bobbitt
0013e6c00d Clean up read_registry scope changes
Closes #37789
2017-09-18 08:39:01 -04:00
Robin Bobbitt
62ef67acc3 Hide read_registry scope when registry is disabled on instance 2017-08-21 18:13:32 -04:00
Yorick Peterse
e1a3bf30b6
Rename ActiverecordSerialize cop
This cop has been renamed to ActiveRecordSerialize to match the way
"ActiveRecord" is usually written.
2017-07-06 12:01:36 +02:00
Kamil Trzciński
7adddf4996 Merge branch 'zj-read-registry-pat' into 'master'
Allow pulling container images using personal access tokens

Closes #19219

See merge request !11845
2017-06-07 09:20:57 +00:00
Z.J. van de Weg
0b81b5ace0 Create read_registry scope with JWT auth
This is the first commit doing mainly 3 things:
1. create a new scope and allow users to use it
2. Have the JWTController respond correctly on this
3. Updates documentation to suggest usage of PATs

There is one gotcha, there will be no support for impersonation tokens, as this
seems not needed.

Fixes gitlab-org/gitlab-ce#19219
2017-06-05 12:26:49 +02:00
Yorick Peterse
cd74c1434e
Added Cop to blacklist the use of serialize
This Cop blacklists the use of ActiveRecord's "serialize" method, except
for cases where we already use this.
2017-05-31 14:03:37 +02:00
Sean McGivern
de37dcee90 Merge branch 'siemens/gitlab-ce-feature/openid-connect' 2017-03-07 16:16:08 +00:00
Markus Koller
8699c8338f Require explicit scopes on personal access tokens
Gitlab::Auth and API::APIGuard already check for at least one valid
scope on personal access tokens, so if the scopes are empty the token
will always fail validation.
2017-03-07 15:00:29 +01:00
Markus Koller
eefbc83730 Only use API scopes for personal access tokens 2017-03-07 15:00:29 +01:00
Tiago Botelho
2b474dc2b2 refactors finder and correlated code 2017-03-01 13:11:11 +00:00
Tiago Botelho
9f2e4742e3 applies relevant changes to the code and code structure 2017-02-28 22:15:40 +00:00
Simon Vocella
a3dfb58e7f add impersonation token 2017-02-28 22:15:39 +00:00
Simon Vocella
81246e5649 manage personal_access_tokens through api 2017-02-28 22:15:39 +00:00
Timothy Andrew
1d0ccec6dd Add a scopes column to the personal_access_tokens table 2016-12-16 15:08:10 +05:30
Timothy Andrew
bafbf22c6a Address @DouweM's feedback on !3749.
- Use `TokenAuthenticatable` to generate the personal access token
- Remove a check for `authenticity_token` in application controller;
  this should've been `authentication_token`, maybe, and doesn't make
  any sense now.
- Have the datepicker appear inline
2016-04-28 22:28:36 +05:30
Timothy Andrew
fc4bce755d Make fixes based on @vsizov's comments on MR !3749 2016-04-28 22:28:36 +05:30
Timothy Andrew
fb2da6795c Add an "Inactive Personal Access Tokens" section.
- Show the count for each section in parens
- Remove the `revoked?` check, because everything in the
  active section is guaranteed to not be revoked.
2016-04-28 22:28:36 +05:30
Timothy Andrew
e5cf527f27 Allow expiration of personal access tokens. 2016-04-28 22:28:36 +05:30
Timothy Andrew
6d76f14f54 Allow revoking personal access tokens. 2016-04-28 22:28:36 +05:30
Timothy Andrew
3a60903874 Allow creating Personal Access Tokens through the website. 2016-04-28 22:28:36 +05:30