diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-07 06:09:49 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-07 06:09:49 +0300 |
commit | fc5ff4728b3937c8a505aa06f9cfe5b2da672b03 (patch) | |
tree | 2f2d7036d8b76b5a62d47b24c1db006594df0ca6 /app | |
parent | d5f6f9fbcdeb231e03c24b56aaf736580ac40eb2 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app')
-rw-r--r-- | app/helpers/application_settings_helper.rb | 1 | ||||
-rw-r--r-- | app/models/application_setting.rb | 3 | ||||
-rw-r--r-- | app/models/application_setting_implementation.rb | 1 | ||||
-rw-r--r-- | app/models/user.rb | 2 | ||||
-rw-r--r-- | app/views/admin/application_settings/_visibility_and_access.html.haml | 8 | ||||
-rw-r--r-- | app/views/profiles/personal_access_tokens/index.html.haml | 33 |
6 files changed, 31 insertions, 17 deletions
diff --git a/app/helpers/application_settings_helper.rb b/app/helpers/application_settings_helper.rb index 67cfed0b015..f50b3297e7e 100644 --- a/app/helpers/application_settings_helper.rb +++ b/app/helpers/application_settings_helper.rb @@ -198,6 +198,7 @@ module ApplicationSettingsHelper :default_project_visibility, :default_projects_limit, :default_snippet_visibility, + :disable_feed_token, :disabled_oauth_sign_in_sources, :domain_denylist, :domain_denylist_enabled, diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb index dac68df1c80..fb5b49711d9 100644 --- a/app/models/application_setting.rb +++ b/app/models/application_setting.rb @@ -426,6 +426,9 @@ class ApplicationSetting < ApplicationRecord attr_encrypted :secret_detection_token_revocation_token, encryption_options_base_truncated_aes_256_gcm attr_encrypted :cloud_license_auth_token, encryption_options_base_truncated_aes_256_gcm + validates :disable_feed_token, + inclusion: { in: [true, false], message: 'must be a boolean value' } + before_validation :ensure_uuid! before_save :ensure_runners_registration_token diff --git a/app/models/application_setting_implementation.rb b/app/models/application_setting_implementation.rb index 1229ad57b4b..9c6f25d1986 100644 --- a/app/models/application_setting_implementation.rb +++ b/app/models/application_setting_implementation.rb @@ -58,6 +58,7 @@ module ApplicationSettingImplementation default_projects_limit: Settings.gitlab['default_projects_limit'], default_snippet_visibility: Settings.gitlab.default_projects_features['visibility_level'], diff_max_patch_bytes: Gitlab::Git::Diff::DEFAULT_MAX_PATCH_BYTES, + disable_feed_token: false, disabled_oauth_sign_in_sources: [], dns_rebinding_protection_enabled: true, domain_allowlist: Settings.gitlab['domain_allowlist'], diff --git a/app/models/user.rb b/app/models/user.rb index f602b771d84..6e01badf506 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1659,7 +1659,7 @@ class User < ApplicationRecord # we do this on read since migrating all existing users is not a feasible # solution. def feed_token - ensure_feed_token! + Gitlab::CurrentSettings.disable_feed_token ? nil : ensure_feed_token! end # Each existing user needs to have a `static_object_token`. diff --git a/app/views/admin/application_settings/_visibility_and_access.html.haml b/app/views/admin/application_settings/_visibility_and_access.html.haml index 46d8a8ac9c7..709ce497132 100644 --- a/app/views/admin/application_settings/_visibility_and_access.html.haml +++ b/app/views/admin/application_settings/_visibility_and_access.html.haml @@ -66,4 +66,12 @@ .form-group = f.label field_name, "#{type.upcase} SSH keys", class: 'label-bold' = f.select field_name, key_restriction_options_for_select(type), {}, class: 'form-control' + + .form-group + %label.label-bold= s_('AdminSettings|Feed token') + .form-check + = f.check_box :disable_feed_token, class: 'form-check-input' + = f.label :disable_feed_token, class: 'form-check-label' do + = s_('AdminSettings|Disable feed token') + = f.submit _('Save changes'), class: "gl-button btn btn-success" diff --git a/app/views/profiles/personal_access_tokens/index.html.haml b/app/views/profiles/personal_access_tokens/index.html.haml index 11750f2a6d5..577b64ba17a 100644 --- a/app/views/profiles/personal_access_tokens/index.html.haml +++ b/app/views/profiles/personal_access_tokens/index.html.haml @@ -32,22 +32,23 @@ active_tokens: @active_personal_access_tokens, revoke_route_helper: ->(token) { revoke_profile_personal_access_token_path(token) } -%hr -.row.gl-mt-3 - .col-lg-4.profile-settings-sidebar - %h4.gl-mt-0 - = s_('AccessTokens|Feed token') - %p - = s_('AccessTokens|Your feed token is used to authenticate you when your RSS reader loads a personalized RSS feed or when your calendar application loads a personalized calendar, and is included in those feed URLs.') - %p - = s_('AccessTokens|It cannot be used to access any other data.') - .col-lg-8.feed-token-reset - = label_tag :feed_token, s_('AccessTokens|Feed token'), class: 'label-bold' - = text_field_tag :feed_token, current_user.feed_token, class: 'form-control js-select-on-focus', readonly: true - %p.form-text.text-muted - - reset_link = link_to s_('AccessTokens|reset it'), [:reset, :feed_token, :profile], method: :put, data: { confirm: s_('AccessTokens|Are you sure? Any RSS or calendar URLs currently in use will stop working.') } - - reset_message = s_('AccessTokens|Keep this token secret. Anyone who gets ahold of it can read activity and issue RSS feeds or your calendar feed as if they were you. You should %{link_reset_it} if that ever happens.') % { link_reset_it: reset_link } - = reset_message.html_safe +- unless Gitlab::CurrentSettings.disable_feed_token + %hr + .row.gl-mt-3 + .col-lg-4.profile-settings-sidebar + %h4.gl-mt-0 + = s_('AccessTokens|Feed token') + %p + = s_('AccessTokens|Your feed token is used to authenticate you when your RSS reader loads a personalized RSS feed or when your calendar application loads a personalized calendar, and is included in those feed URLs.') + %p + = s_('AccessTokens|It cannot be used to access any other data.') + .col-lg-8.feed-token-reset + = label_tag :feed_token, s_('AccessTokens|Feed token'), class: 'label-bold' + = text_field_tag :feed_token, current_user.feed_token, class: 'form-control js-select-on-focus', readonly: true + %p.form-text.text-muted + - reset_link = link_to s_('AccessTokens|reset it'), [:reset, :feed_token, :profile], method: :put, data: { confirm: s_('AccessTokens|Are you sure? Any RSS or calendar URLs currently in use will stop working.') } + - reset_message = s_('AccessTokens|Keep this token secret. Anyone who gets ahold of it can read activity and issue RSS feeds or your calendar feed as if they were you. You should %{link_reset_it} if that ever happens.') % { link_reset_it: reset_link } + = reset_message.html_safe - if incoming_email_token_enabled? %hr |