Add latest changes from gitlab-org/gitlab@13-2-stable-ee

6 files changed, 17 insertions, 6 deletions

diff --git a/app/controllers/concerns/enforces_two_factor_authentication.rb b/app/controllers/concerns/enforces_two_factor_authentication.rb
index 6c443611a60..f1dd46648f1 100644
--- a/app/controllers/concerns/enforces_two_factor_authentication.rb
+++ b/app/controllers/concerns/enforces_two_factor_authentication.rb
@@ -12,10 +12,17 @@ module EnforcesTwoFactorAuthentication
 
   included do
     before_action :check_two_factor_requirement
-    helper_method :two_factor_grace_period_expired?, :two_factor_skippable?
+
+    # to include this in controllers inheriting from `ActionController::Metal`
+    # we need to add this block
+    if respond_to?(:helper_method)
+      helper_method :two_factor_grace_period_expired?, :two_factor_skippable?
+    end
   end
 
   def check_two_factor_requirement
+    return unless respond_to?(:current_user)
+
     if two_factor_authentication_required? && current_user_requires_two_factor?
       redirect_to profile_two_factor_auth_path
     end
diff --git a/app/controllers/oauth/applications_controller.rb b/app/controllers/oauth/applications_controller.rb
index 6532501733a..8158db282fb 100644
--- a/app/controllers/oauth/applications_controller.rb
+++ b/app/controllers/oauth/applications_controller.rb
@@ -2,7 +2,6 @@
 
 class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
   include Gitlab::GonHelper
-  include Gitlab::Allowable
   include PageLayoutHelper
   include OauthApplications
   include Gitlab::Experimentation::ControllerConcern
@@ -19,8 +18,6 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
 
   around_action :set_locale
 
-  helper_method :can?
-
   layout 'profile'
 
   def index
diff --git a/app/controllers/oauth/authorizations_controller.rb b/app/controllers/oauth/authorizations_controller.rb
index f6ad2bf5312..6e8686ee90b 100644
--- a/app/controllers/oauth/authorizations_controller.rb
+++ b/app/controllers/oauth/authorizations_controller.rb
@@ -4,7 +4,7 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
   include Gitlab::Experimentation::ControllerConcern
   include InitializesCurrentUserMode
 
-  before_action :verify_confirmed_email!, only: [:new]
+  before_action :verify_confirmed_email!
 
   layout 'profile'
 
diff --git a/app/controllers/oauth/authorized_applications_controller.rb b/app/controllers/oauth/authorized_applications_controller.rb
index addec71f0bf..3f476c0d717 100644
--- a/app/controllers/oauth/authorized_applications_controller.rb
+++ b/app/controllers/oauth/authorized_applications_controller.rb
@@ -16,7 +16,7 @@ class Oauth::AuthorizedApplicationsController < Doorkeeper::AuthorizedApplicatio
     if params[:token_id].present?
       current_resource_owner.oauth_authorized_tokens.find(params[:token_id]).revoke
     else
-      Doorkeeper::AccessToken.revoke_all_for(params[:id], current_resource_owner)
+      Doorkeeper::Application.revoke_tokens_and_grants_for(params[:id], current_resource_owner)
     end
 
     redirect_to applications_profile_url,
diff --git a/app/controllers/oauth/token_info_controller.rb b/app/controllers/oauth/token_info_controller.rb
index 492c24b53b1..e37f8992d92 100644
--- a/app/controllers/oauth/token_info_controller.rb
+++ b/app/controllers/oauth/token_info_controller.rb
@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 
 class Oauth::TokenInfoController < Doorkeeper::TokenInfoController
+  include EnforcesTwoFactorAuthentication
+
   def show
     if doorkeeper_token && doorkeeper_token.accessible?
       token_json = doorkeeper_token.as_json
diff --git a/app/controllers/oauth/tokens_controller.rb b/app/controllers/oauth/tokens_controller.rb
new file mode 100644
index 00000000000..012fa318eea
--- /dev/null
+++ b/app/controllers/oauth/tokens_controller.rb
@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class Oauth::TokensController < Doorkeeper::TokensController
+  include EnforcesTwoFactorAuthentication
+end