diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-03 15:00:08 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-03 15:00:08 +0300 |
commit | b1bbcf85684cee176ed5bb7eb43dd487a75f18fa (patch) | |
tree | bda68adaad2e197482bf02f476e94b5908da1518 /app | |
parent | c7c74818948dbc63a284bb617b2af1937f999cc8 (diff) |
Add latest changes from gitlab-org/security/gitlab@14-1-stable-ee
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/admin/impersonation_tokens_controller.rb | 5 | ||||
-rw-r--r-- | app/views/admin/users/_head.html.haml | 5 |
2 files changed, 8 insertions, 2 deletions
diff --git a/app/controllers/admin/impersonation_tokens_controller.rb b/app/controllers/admin/impersonation_tokens_controller.rb index c3166d5dd82..eb279298baf 100644 --- a/app/controllers/admin/impersonation_tokens_controller.rb +++ b/app/controllers/admin/impersonation_tokens_controller.rb @@ -2,6 +2,7 @@ class Admin::ImpersonationTokensController < Admin::ApplicationController before_action :user + before_action :verify_impersonation_enabled! feature_category :authentication_and_authorization @@ -41,6 +42,10 @@ class Admin::ImpersonationTokensController < Admin::ApplicationController end # rubocop: enable CodeReuse/ActiveRecord + def verify_impersonation_enabled! + access_denied! unless helpers.impersonation_enabled? + end + def finder(options = {}) PersonalAccessTokensFinder.new({ user: user, impersonation: true }.merge(options)) end diff --git a/app/views/admin/users/_head.html.haml b/app/views/admin/users/_head.html.haml index b7b712e078d..f4b1a2853f1 100644 --- a/app/views/admin/users/_head.html.haml +++ b/app/views/admin/users/_head.html.haml @@ -42,6 +42,7 @@ = link_to _("SSH keys"), keys_admin_user_path(@user) = nav_link(controller: :identities) do = link_to _("Identities"), admin_user_identities_path(@user) - = nav_link(controller: :impersonation_tokens) do - = link_to _("Impersonation Tokens"), admin_user_impersonation_tokens_path(@user) + - if impersonation_enabled? + = nav_link(controller: :impersonation_tokens) do + = link_to _("Impersonation Tokens"), admin_user_impersonation_tokens_path(@user) .gl-mb-3 |