Allow creating personal access tokens / OAuth applications with scopes.

author: Timothy Andrew <mail@timothyandrew.net> 2016-11-22 11:57:31 +0300
committer: Timothy Andrew <mail@timothyandrew.net> 2016-12-16 12:38:10 +0300
commit: 6c809dfae84e702f7a49d3fac5725745264e0ff9 (patch)
tree: 185c6d1444abd3f884515b92f077e747cac96e1d /app/controllers
parent: 1d0ccec6dd8375b751846f69bb170ebd11e9a391 (diff)
4 files changed, 31 insertions, 7 deletions
diff --git a/app/controllers/admin/applications_controller.rb b/app/controllers/admin/applications_controller.rb
index 471d24934a0..759044910bb 100644
--- a/app/controllers/admin/applications_controller.rb
+++ b/app/controllers/admin/applications_controller.rb
@@ -1,4 +1,6 @@
 class Admin::ApplicationsController < Admin::ApplicationController
+  include OauthApplications
+
   before_action :set_application, only: [:show, :edit, :update, :destroy]
 
   def index
@@ -10,9 +12,11 @@ class Admin::ApplicationsController < Admin::ApplicationController
 
   def new
     @application = Doorkeeper::Application.new
+    @scopes = Doorkeeper.configuration.scopes
   end
 
   def edit
+    @scopes = Doorkeeper.configuration.scopes
   end
 
   def create
@@ -47,6 +51,6 @@ class Admin::ApplicationsController < Admin::ApplicationController
 
   # Only allow a trusted parameter "white list" through.
   def application_params
-    params[:doorkeeper_application].permit(:name, :redirect_uri)
+    params[:doorkeeper_application].permit(:name, :redirect_uri, :scopes)
   end
 end
diff --git a/app/controllers/concerns/oauth_applications.rb b/app/controllers/concerns/oauth_applications.rb
new file mode 100644
index 00000000000..34ad43ededd
--- /dev/null
+++ b/app/controllers/concerns/oauth_applications.rb
@@ -0,0 +1,14 @@
+module OauthApplications
+  extend ActiveSupport::Concern
+
+  included do
+    before_action :prepare_scopes, only: [:create, :update]
+  end
+
+  def prepare_scopes
+    scopes = params.dig(:doorkeeper_application, :scopes)
+    if scopes
+      params[:doorkeeper_application][:scopes] = scopes.join(' ')
+    end
+  end
+end
diff --git a/app/controllers/oauth/applications_controller.rb b/app/controllers/oauth/applications_controller.rb
index 0f54dfa4efc..b5449a6c30e 100644
--- a/app/controllers/oauth/applications_controller.rb
+++ b/app/controllers/oauth/applications_controller.rb
@@ -2,6 +2,7 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
   include Gitlab::CurrentSettings
   include Gitlab::GonHelper
   include PageLayoutHelper
+  include OauthApplications
 
   before_action :verify_user_oauth_applications_enabled
   before_action :authenticate_user!
@@ -13,6 +14,10 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
     set_index_vars
   end
 
+  def edit
+    @scopes = Doorkeeper.configuration.scopes
+  end
+
   def create
     @application = Doorkeeper::Application.new(application_params)
 
@@ -40,6 +45,7 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
     @authorized_tokens = current_user.oauth_authorized_tokens
     @authorized_anonymous_tokens = @authorized_tokens.reject(&:application)
     @authorized_apps = @authorized_tokens.map(&:application).uniq.reject(&:nil?)
+    @scopes = Doorkeeper.configuration.scopes
 
     # Don't overwrite a value possibly set by `create`
     @application ||= Doorkeeper::Application.new
diff --git a/app/controllers/profiles/personal_access_tokens_controller.rb b/app/controllers/profiles/personal_access_tokens_controller.rb
index 508b82a9a6c..6e007f17913 100644
--- a/app/controllers/profiles/personal_access_tokens_controller.rb
+++ b/app/controllers/profiles/personal_access_tokens_controller.rb
@@ -1,8 +1,6 @@
 class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
-  before_action :load_personal_access_tokens, only: :index
-
   def index
-    @personal_access_token = current_user.personal_access_tokens.build
+    set_index_vars
   end
 
   def create
@@ -12,7 +10,7 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
       flash[:personal_access_token] = @personal_access_token.token
       redirect_to profile_personal_access_tokens_path, notice: "Your new personal access token has been created."
     else
-      load_personal_access_tokens
+      set_index_vars
       render :index
     end
   end
@@ -32,10 +30,12 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
   private
 
   def personal_access_token_params
-    params.require(:personal_access_token).permit(:name, :expires_at)
+    params.require(:personal_access_token).permit(:name, :expires_at, scopes: [])
   end
 
-  def load_personal_access_tokens
+  def set_index_vars
+    @personal_access_token ||= current_user.personal_access_tokens.build
+    @scopes = Gitlab::Auth::SCOPES
     @active_personal_access_tokens = current_user.personal_access_tokens.active.order(:expires_at)
     @inactive_personal_access_tokens = current_user.personal_access_tokens.inactive
   end
author	Timothy Andrew <mail@timothyandrew.net>	2016-11-22 11:57:31 +0300
committer	Timothy Andrew <mail@timothyandrew.net>	2016-12-16 12:38:10 +0300
commit	6c809dfae84e702f7a49d3fac5725745264e0ff9 (patch)
tree	185c6d1444abd3f884515b92f077e747cac96e1d /app/controllers
parent	1d0ccec6dd8375b751846f69bb170ebd11e9a391 (diff)