Merge branch 'fix-endless-redirect' into 'master'

Fix endless redirections when accessing user OAuth applications when they are disabled

## What does this MR do?

This MR fixes a bug where the browser would be redirect endlessly when attempting to access the user's OAuth applications when an admin has disabled this system-wide setting.

## Are there points in the code the reviewer needs to double check?

I assume disabling the nav button is better than showing a page that says, "OAuth applications are disabled by the admin."

## Why was this MR needed?

Lots of users were confused when they hit endless redirect errors.

## What are the relevant issue numbers?

#14770 

See merge request !4525

1 files changed, 29 insertions, 0 deletions

diff --git a/spec/controllers/oauth/applications_controller_spec.rb b/spec/controllers/oauth/applications_controller_spec.rb
new file mode 100644
index 00000000000..af378304893
--- /dev/null
+++ b/spec/controllers/oauth/applications_controller_spec.rb
@@ -0,0 +1,29 @@
+require 'spec_helper'
+
+describe Oauth::ApplicationsController do
+  let(:user) { create(:user) }
+
+  context 'project members' do
+    before do
+      sign_in(user)
+    end
+
+    describe 'GET #index' do
+      it 'shows list of applications' do
+        get :index
+
+        expect(response.status).to eq(200)
+      end
+
+      it 'redirects back to profile page if OAuth applications are disabled' do
+        settings = double(user_oauth_applications?: false)
+        allow_any_instance_of(Gitlab::CurrentSettings).to receive(:current_application_settings).and_return(settings)
+
+        get :index
+
+        expect(response.status).to eq(302)
+        expect(response).to redirect_to(profile_path)
+      end
+    end
+  end
+end