From 55fe0d7d0aeb9e10730610a646080f8717f37fd0 Mon Sep 17 00:00:00 2001
From: Douwe Maan <douwe@selenight.nl>
Date: Tue, 3 Oct 2017 16:57:31 +0200
Subject: Set default scope on PATs that don't have one set to allow them to be
 revoked

---
 app/models/personal_access_token.rb | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'app/models/personal_access_token.rb')

diff --git a/app/models/personal_access_token.rb b/app/models/personal_access_token.rb
index 1f9d712ef84..cfcb03138b7 100644
--- a/app/models/personal_access_token.rb
+++ b/app/models/personal_access_token.rb
@@ -17,6 +17,8 @@ class PersonalAccessToken < ActiveRecord::Base
   validates :scopes, presence: true
   validate :validate_scopes
 
+  after_initialize :set_default_scopes, if: :persisted?
+
   def revoke!
     update!(revoked: true)
   end
@@ -32,4 +34,8 @@ class PersonalAccessToken < ActiveRecord::Base
       errors.add :scopes, "can only contain available scopes"
     end
   end
+
+  def set_default_scopes
+    self.scopes = Gitlab::Auth::DEFAULT_SCOPES if self.scopes.empty?
+  end
 end
-- 
cgit v1.2.3