debian-mirror-gitlab/lib/api/personal_access_tokens/self_revocation.rb
2022-10-11 01:57:18 +05:30

26 lines
717 B
Ruby

# frozen_string_literal: true
module API
class PersonalAccessTokens
class SelfRevocation < ::API::Base
include APIGuard
feature_category :authentication_and_authorization
helpers ::API::Helpers::PersonalAccessTokensHelpers
# As any token regardless of `scope` should be able to revoke itself
# all availabe scopes are allowed for this API class.
# Please be aware of the permissive scope when adding new endpoints to this class.
allow_access_with_scope(Gitlab::Auth.all_available_scopes)
before { authenticate! }
resource :personal_access_tokens do
delete 'self' do
revoke_token(access_token)
end
end
end
end
end