Set default scope on PATs that don't have one set to allow them to be revoked

author: Douwe Maan <douwe@selenight.nl> 2017-10-03 17:57:31 +0300
committer: Douwe Maan <douwe@selenight.nl> 2017-10-03 17:57:36 +0300
commit: 55fe0d7d0aeb9e10730610a646080f8717f37fd0 (patch)
tree: 140e9ccb61db907a81d61830d5b98f6e79c43c77 /app/models/personal_access_token.rb
parent: b8e47d72637167be5a225fe20b5f893c43b9a885 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/app/models/personal_access_token.rb b/app/models/personal_access_token.rb
index 1f9d712ef84..cfcb03138b7 100644
--- a/app/models/personal_access_token.rb
+++ b/app/models/personal_access_token.rb
@@ -17,6 +17,8 @@ class PersonalAccessToken < ActiveRecord::Base
   validates :scopes, presence: true
   validate :validate_scopes
 
+  after_initialize :set_default_scopes, if: :persisted?
+
   def revoke!
     update!(revoked: true)
   end
@@ -32,4 +34,8 @@ class PersonalAccessToken < ActiveRecord::Base
       errors.add :scopes, "can only contain available scopes"
     end
   end
+
+  def set_default_scopes
+    self.scopes = Gitlab::Auth::DEFAULT_SCOPES if self.scopes.empty?
+  end
 end
author	Douwe Maan <douwe@selenight.nl>	2017-10-03 17:57:31 +0300
committer	Douwe Maan <douwe@selenight.nl>	2017-10-03 17:57:36 +0300
commit	55fe0d7d0aeb9e10730610a646080f8717f37fd0 (patch)
tree	140e9ccb61db907a81d61830d5b98f6e79c43c77 /app/models/personal_access_token.rb
parent	b8e47d72637167be5a225fe20b5f893c43b9a885 (diff)