cd74c1434e
Added Cop to blacklist the use of serialize
...
This Cop blacklists the use of ActiveRecord's "serialize" method, except
for cases where we already use this.
2017-05-31 14:03:37 +02:00
de37dcee90
Merge branch 'siemens/gitlab-ce-feature/openid-connect'
2017-03-07 16:16:08 +00:00
8699c8338f
Require explicit scopes on personal access tokens
...
Gitlab::Auth and API::APIGuard already check for at least one valid
scope on personal access tokens, so if the scopes are empty the token
will always fail validation.
2017-03-07 15:00:29 +01:00
eefbc83730
Only use API scopes for personal access tokens
2017-03-07 15:00:29 +01:00
2b474dc2b2
refactors finder and correlated code
2017-03-01 13:11:11 +00:00
9f2e4742e3
applies relevant changes to the code and code structure
2017-02-28 22:15:40 +00:00
a3dfb58e7f
add impersonation token
2017-02-28 22:15:39 +00:00
81246e5649
manage personal_access_tokens through api
2017-02-28 22:15:39 +00:00
1d0ccec6dd
Add a `scopes` column to the `personal_access_tokens` table
2016-12-16 15:08:10 +05:30
bafbf22c6a
Address @DouweM's feedback on !3749 .
...
- Use `TokenAuthenticatable` to generate the personal access token
- Remove a check for `authenticity_token` in application controller;
this should've been `authentication_token`, maybe, and doesn't make
any sense now.
- Have the datepicker appear inline
2016-04-28 22:28:36 +05:30
fc4bce755d
Make fixes based on @vsizov's comments on MR !3749
2016-04-28 22:28:36 +05:30
fb2da6795c
Add an "Inactive Personal Access Tokens" section.
...
- Show the count for each section in parens
- Remove the `revoked?` check, because everything in the
active section is guaranteed to not be revoked.
2016-04-28 22:28:36 +05:30
e5cf527f27
Allow expiration of personal access tokens.
2016-04-28 22:28:36 +05:30
6d76f14f54
Allow revoking personal access tokens.
2016-04-28 22:28:36 +05:30
3a60903874
Allow creating Personal Access Tokens through the website.
2016-04-28 22:28:36 +05:30
Yorick Peterse