2018-12-05 23:21:45 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2016-06-22 15:30:34 +05:30
|
|
|
class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
|
2023-01-13 00:05:48 +05:30
|
|
|
include RenderAccessTokens
|
|
|
|
|
2023-05-27 22:25:52 +05:30
|
|
|
feature_category :system_access
|
2021-01-03 14:25:43 +05:30
|
|
|
|
2023-03-04 22:38:38 +05:30
|
|
|
before_action :check_personal_access_tokens_enabled
|
|
|
|
|
2016-06-22 15:30:34 +05:30
|
|
|
def index
|
2017-08-17 22:00:37 +05:30
|
|
|
set_index_vars
|
2021-09-30 23:02:18 +05:30
|
|
|
scopes = params[:scopes].split(',').map(&:squish).select(&:present?).map(&:to_sym) unless params[:scopes].nil?
|
|
|
|
@personal_access_token = finder.build(
|
|
|
|
name: params[:name],
|
|
|
|
scopes: scopes
|
|
|
|
)
|
2022-08-13 15:12:31 +05:30
|
|
|
|
|
|
|
respond_to do |format|
|
|
|
|
format.html
|
|
|
|
format.json do
|
2023-01-13 00:05:48 +05:30
|
|
|
render json: @active_access_tokens
|
2022-08-13 15:12:31 +05:30
|
|
|
end
|
|
|
|
end
|
2016-06-22 15:30:34 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
def create
|
2021-01-29 00:20:46 +05:30
|
|
|
result = ::PersonalAccessTokens::CreateService.new(
|
2023-05-27 22:25:52 +05:30
|
|
|
current_user: current_user,
|
|
|
|
target_user: current_user,
|
|
|
|
params: personal_access_token_params,
|
|
|
|
concatenate_errors: false
|
2021-01-29 00:20:46 +05:30
|
|
|
).execute
|
2016-06-22 15:30:34 +05:30
|
|
|
|
2021-01-29 00:20:46 +05:30
|
|
|
@personal_access_token = result.payload[:personal_access_token]
|
|
|
|
|
|
|
|
if result.success?
|
2022-07-23 23:45:48 +05:30
|
|
|
render json: { new_token: @personal_access_token.token,
|
2023-01-13 00:05:48 +05:30
|
|
|
active_access_tokens: active_access_tokens }, status: :ok
|
2016-06-22 15:30:34 +05:30
|
|
|
else
|
2022-07-23 23:45:48 +05:30
|
|
|
render json: { errors: result.errors }, status: :unprocessable_entity
|
2016-06-22 15:30:34 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def revoke
|
2017-08-17 22:00:37 +05:30
|
|
|
@personal_access_token = finder.find(params[:id])
|
2020-10-24 23:57:45 +05:30
|
|
|
service = PersonalAccessTokens::RevokeService.new(current_user, token: @personal_access_token).execute
|
|
|
|
service.success? ? flash[:notice] = service.message : flash[:alert] = service.message
|
2016-06-22 15:30:34 +05:30
|
|
|
|
|
|
|
redirect_to profile_personal_access_tokens_path
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
def finder(options = {})
|
|
|
|
PersonalAccessTokensFinder.new({ user: current_user, impersonation: false }.merge(options))
|
|
|
|
end
|
|
|
|
|
2016-06-22 15:30:34 +05:30
|
|
|
def personal_access_token_params
|
2017-08-17 22:00:37 +05:30
|
|
|
params.require(:personal_access_token).permit(:name, :expires_at, scopes: [])
|
2016-06-22 15:30:34 +05:30
|
|
|
end
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
def set_index_vars
|
2019-07-31 22:56:46 +05:30
|
|
|
@scopes = Gitlab::Auth.available_scopes_for(current_user)
|
2023-01-13 00:05:48 +05:30
|
|
|
@active_access_tokens = active_access_tokens
|
2016-06-22 15:30:34 +05:30
|
|
|
end
|
2020-07-28 23:09:34 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
def represent(tokens)
|
2022-10-11 01:57:18 +05:30
|
|
|
::PersonalAccessTokenSerializer.new.represent(tokens)
|
2020-07-28 23:09:34 +05:30
|
|
|
end
|
2023-03-04 22:38:38 +05:30
|
|
|
|
|
|
|
def check_personal_access_tokens_enabled
|
|
|
|
render_404 if Gitlab::CurrentSettings.personal_access_tokens_disabled?
|
|
|
|
end
|
2016-06-22 15:30:34 +05:30
|
|
|
end
|