Add latest changes from gitlab-org/gitlab@15-4-stable-eev15.4.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-09-20 02:18:09 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-09-20 02:18:09 +0300
commit: 6ed4ec3e0b1340f96b7c043ef51d1b33bbe85fde (patch)
tree: dc4d20fe6064752c0bd323187252c77e0a89144b /lib/api/helpers/personal_access_tokens_helpers.rb
parent: 9868dae7fc0655bd7ce4a6887d4e6d487690eeed (diff)
1 files changed, 35 insertions, 0 deletions
diff --git a/lib/api/helpers/personal_access_tokens_helpers.rb b/lib/api/helpers/personal_access_tokens_helpers.rb
new file mode 100644
index 00000000000..db28daa5396
--- /dev/null
+++ b/lib/api/helpers/personal_access_tokens_helpers.rb
@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+module API
+  module Helpers
+    module PersonalAccessTokensHelpers
+      def finder_params(current_user)
+        if current_user.can_admin_all_resources?
+          { user: user(params[:user_id]) }
+        else
+          { user: current_user, impersonation: false }
+        end
+      end
+
+      def user(user_id)
+        UserFinder.new(user_id).find_by_id
+      end
+
+      def restrict_non_admins!
+        return if params[:user_id].blank?
+
+        unauthorized! unless Ability.allowed?(current_user, :read_user_personal_access_tokens, user(params[:user_id]))
+      end
+
+      def find_token(id)
+        PersonalAccessToken.find(id) || not_found!
+      end
+
+      def revoke_token(token)
+        service = ::PersonalAccessTokens::RevokeService.new(current_user, token: token).execute
+
+        service.success? ? no_content! : bad_request!(nil)
+      end
+    end
+  end
+end
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-09-20 02:18:09 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-09-20 02:18:09 +0300
commit	6ed4ec3e0b1340f96b7c043ef51d1b33bbe85fde (patch)
tree	dc4d20fe6064752c0bd323187252c77e0a89144b /lib/api/helpers/personal_access_tokens_helpers.rb
parent	9868dae7fc0655bd7ce4a6887d4e6d487690eeed (diff)