Warn admin of granting admin rights during OAuth

Fixes #3951

Warning style the same as the warning a user sees on a archived project.

2 files changed, 9 insertions, 1 deletions

diff --git a/CHANGELOG b/CHANGELOG
index 858c5dd96a2..b7eddb25bce 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -16,6 +16,7 @@ v 8.4.1
     and Nokogiri (1.6.7.2)
   - Fix redirect loop during import
   - Fix diff highlighting for all syntax themes
+  - Warn admin during OAuth of granting admin rights (Zeger-Jan van de Weg)
 
 v 8.4.0
   - Allow LDAP users to change their email if it was not set by the LDAP server
diff --git a/app/views/doorkeeper/authorizations/new.html.haml b/app/views/doorkeeper/authorizations/new.html.haml
index 15f9ee266c1..185182a10de 100644
--- a/app/views/doorkeeper/authorizations/new.html.haml
+++ b/app/views/doorkeeper/authorizations/new.html.haml
@@ -4,6 +4,13 @@
     Authorize
     %strong.text-info= @pre_auth.client.name
     to use your account?
+
+  - if current_user.admin?
+    .text-warning.prepend-top-20
+      %p
+        = icon("exclamation-triangle fw")
+        Caution! You are admin, and thus will grant admin permission to #{@pre_auth.client.name}.
+
   - if @pre_auth.scopes
     #oauth-permissions
       %p This application will be able to:
@@ -25,4 +32,4 @@
       = hidden_field_tag :state, @pre_auth.state
       = hidden_field_tag :response_type, @pre_auth.response_type
       = hidden_field_tag :scope, @pre_auth.scope
-      = submit_tag "Deny", class: "btn btn-danger prepend-left-10"
\ No newline at end of file
+      = submit_tag "Deny", class: "btn btn-danger prepend-left-10"