debian-mirror-gitlab/app/controllers/oauth/applications_controller.rb

# frozen_string_literal: true

class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
  include Gitlab::GonHelper
  include PageLayoutHelper
  include OauthApplications
  include Gitlab::Experimentation::ControllerConcern
  include InitializesCurrentUserMode

  # Defined by the `Doorkeeper::ApplicationsController` and is redundant as we call `authenticate_user!` below. Not
  # defining or skipping this will result in a `403` response to all requests.
  skip_before_action :authenticate_admin!

  prepend_before_action :verify_user_oauth_applications_enabled, except: :index
  prepend_before_action :authenticate_user!
  before_action :add_gon_variables
  before_action :load_scopes, only: [:index, :create, :edit, :update]

  around_action :set_locale

  layout 'profile'

  def index
    set_index_vars
  end

  def show
    @created = get_created_session
  end

  def create
    @application = Applications::CreateService.new(current_user, application_params).execute(request)

    if @application.persisted?
      flash[:notice] = I18n.t(:notice, scope: [:doorkeeper, :flash, :applications, :create])

      set_created_session

      redirect_to oauth_application_url(@application)
    else
      set_index_vars
      render :index
    end
  end

  private

  def verify_user_oauth_applications_enabled
    return if Gitlab::CurrentSettings.user_oauth_applications?

    redirect_to profile_path
  end

  def set_index_vars
    @applications = current_user.oauth_applications
    @authorized_tokens = current_user.oauth_authorized_tokens
    @authorized_anonymous_tokens = @authorized_tokens.reject(&:application)
    @authorized_apps = @authorized_tokens.map(&:application).uniq.reject(&:nil?)

    # Default access tokens to expire. This preserves backward compatibility
    # with existing applications. This will be removed in 15.0.
    # Removal issue: https://gitlab.com/gitlab-org/gitlab/-/issues/340848
    @application ||= Doorkeeper::Application.new(expire_access_tokens: true)
  end

  # Override Doorkeeper to scope to the current user
  def set_application
    @application = current_user.oauth_applications.find(params[:id])
  end

  rescue_from ActiveRecord::RecordNotFound do |exception|
    render "errors/not_found", layout: "errors", status: :not_found
  end

  def application_params
    super.tap do |params|
      params[:owner] = current_user
    end
  end

  def set_locale(&block)
    Gitlab::I18n.with_user_locale(current_user, &block)
  end
end
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# frozen_string_literal: true`

Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`class Oauth::ApplicationsController < Doorkeeper::ApplicationsController`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`include Gitlab::GonHelper`
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`include PageLayoutHelper`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`include OauthApplications`
New upstream version 12.4.6 2019-12-21 20:55:43 +05:30			`include Gitlab::Experimentation::ControllerConcern`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`include InitializesCurrentUserMode`
Imported Upstream version 8.0.2 2015-09-25 12:07:36 +05:30
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			# Defined by the `Doorkeeper::ApplicationsController` and is redundant as we call `authenticate_user!` below. Not
			# defining or skipping this will result in a `403` response to all requests.
			`skip_before_action :authenticate_admin!`

			`prepend_before_action :verify_user_oauth_applications_enabled, except: :index`
			`prepend_before_action :authenticate_user!`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`before_action :add_gon_variables`
New upstream version 11.3.11+dfsg 2018-11-29 20:51:05 +05:30			`before_action :load_scopes, only: [:index, :create, :edit, :update]`
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30
New upstream version 13.2.1 2020-07-28 23:09:34 +05:30			`around_action :set_locale`

Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`layout 'profile'`
Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30
			`def index`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`set_index_vars`
Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`end`

New upstream version 14.5.2+ds1 2021-12-11 22:18:48 +05:30			`def show`
			`@created = get_created_session`
			`end`

Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`def create`
New upstream version 14.3.4+ds1 2021-11-11 11:23:49 +05:30			`@application = Applications::CreateService.new(current_user, application_params).execute(request)`
Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`if @application.persisted?`
Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`flash[:notice] = I18n.t(:notice, scope: [:doorkeeper, :flash, :applications, :create])`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
New upstream version 14.5.2+ds1 2021-12-11 22:18:48 +05:30			`set_created_session`

Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`redirect_to oauth_application_url(@application)`
			`else`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`set_index_vars`
			`render :index`
Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`end`
			`end`

			`private`

Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`def verify_user_oauth_applications_enabled`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`return if Gitlab::CurrentSettings.user_oauth_applications?`
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30
Imported Upstream version 8.9.0+debian~rc4 2016-06-16 23:09:34 +05:30			`redirect_to profile_path`
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`end`

Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`def set_index_vars`
			`@applications = current_user.oauth_applications`
			`@authorized_tokens = current_user.oauth_authorized_tokens`
			`@authorized_anonymous_tokens = @authorized_tokens.reject(&:application)`
			`@authorized_apps = @authorized_tokens.map(&:application).uniq.reject(&:nil?)`

New upstream version 14.3.4+ds1 2021-11-11 11:23:49 +05:30			`# Default access tokens to expire. This preserves backward compatibility`
			`# with existing applications. This will be removed in 15.0.`
			`# Removal issue: https://gitlab.com/gitlab-org/gitlab/-/issues/340848`
			`@application \|\|= Doorkeeper::Application.new(expire_access_tokens: true)`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`end`

			`# Override Doorkeeper to scope to the current user`
Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`def set_application`
			`@application = current_user.oauth_applications.find(params[:id])`
			`end`

			`rescue_from ActiveRecord::RecordNotFound do \|exception\|`
New upstream version 12.5.4 2019-12-26 22:10:19 +05:30			`render "errors/not_found", layout: "errors", status: :not_found`
Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`end`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
New upstream version 14.3.4+ds1 2021-11-11 11:23:49 +05:30			`def application_params`
			`super.tap do \|params\|`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`params[:owner] = current_user`
			`end`
			`end`
New upstream version 13.2.1 2020-07-28 23:09:34 +05:30
			`def set_locale(&block)`
			`Gitlab::I18n.with_user_locale(current_user, &block)`
			`end`
Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`end`