diff options
| author | Sean McGivern <sean@mcgivern.me.uk> | 2017-11-13 12:37:38 +0000 |
|---|---|---|
| committer | Oswaldo Ferreira <oswaldo@gitlab.com> | 2017-11-14 16:17:05 +0000 |
| commit | ae857f5568e781941bb0ed1d8b3c56a43f5d384f (patch) | |
| tree | 4fc821187520272bf82e2d7735414362d1d89dae | |
| parent | ba6a53f8f3be2d31de0449de23a4bb69f228ed62 (diff) | |
| download | gitlab-ce-10-2-stable-prepare-rc2.tar.gz | |
Merge branch 'dm-authorize-admin-oauth-application' into 'master'10-2-stable-prepare-rc2
Prevent error when authorizing an admin-created OAauth application without a set owner
Closes #40086
See merge request gitlab-org/gitlab-ce!15349
(cherry picked from commit c608c25003906da8c934b99fc0d1bdf6f8e21c90)
ade23934 Prevent error when authorizing an admin-created OAauth application without a set owner
| -rw-r--r-- | app/views/doorkeeper/authorizations/new.html.haml | 13 | ||||
| -rw-r--r-- | changelogs/unreleased/dm-authorize-admin-oauth-application.yml | 6 |
2 files changed, 14 insertions, 5 deletions
diff --git a/app/views/doorkeeper/authorizations/new.html.haml b/app/views/doorkeeper/authorizations/new.html.haml index 85e4170aee9..6d9c6b5572a 100644 --- a/app/views/doorkeeper/authorizations/new.html.haml +++ b/app/views/doorkeeper/authorizations/new.html.haml @@ -1,5 +1,3 @@ -- auth_app_owner = @pre_auth.client.application.owner - %main{ :role => "main" } .modal-no-backdrop.modal-doorkeepr-auth .modal-content @@ -20,9 +18,14 @@ %p An application called = link_to @pre_auth.client.name, @pre_auth.redirect_uri, target: '_blank', rel: 'noopener noreferrer' - is requesting access to your GitLab account. This application was created by - = succeed "." do - = link_to auth_app_owner.name, user_path(auth_app_owner) + is requesting access to your GitLab account. + + - auth_app_owner = @pre_auth.client.application.owner + - if auth_app_owner + This application was created by + = succeed "." do + = link_to auth_app_owner.name, user_path(auth_app_owner) + Please note that this application is not provided by GitLab and you should verify its authenticity before allowing access. - if @pre_auth.scopes diff --git a/changelogs/unreleased/dm-authorize-admin-oauth-application.yml b/changelogs/unreleased/dm-authorize-admin-oauth-application.yml new file mode 100644 index 00000000000..2787485bc28 --- /dev/null +++ b/changelogs/unreleased/dm-authorize-admin-oauth-application.yml @@ -0,0 +1,6 @@ +--- +title: Prevent error when authorizing an admin-created OAauth application without + a set owner +merge_request: +author: +type: fixed |