Merge branch 'warn-admin-oauth' into 'master'

Warn admin of granting admin rights during OAuth

Fixes #3951

Warning style the same as the warning a user sees on a archived project.



![Screenshot_from_2016-01-25_20-06-33](/uploads/42e6a218b963311fd20c0b7c87c8cf4f/Screenshot_from_2016-01-25_20-06-33.png)


See merge request !2601

2 files changed, 11 insertions, 1 deletions

diff --git a/CHANGELOG b/CHANGELOG
index e5a32d3b49e..d1a0e467147 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -41,6 +41,7 @@ v 8.4.1
     and Nokogiri (1.6.7.2)
   - Fix redirect loop during import
   - Fix diff highlighting for all syntax themes
+  - Warn admin during OAuth of granting admin rights (Zeger-Jan van de Weg)
 
 v 8.4.0
   - Allow LDAP users to change their email if it was not set by the LDAP server
diff --git a/app/views/doorkeeper/authorizations/new.html.haml b/app/views/doorkeeper/authorizations/new.html.haml
index 15f9ee266c1..eae80e5210f 100644
--- a/app/views/doorkeeper/authorizations/new.html.haml
+++ b/app/views/doorkeeper/authorizations/new.html.haml
@@ -4,6 +4,15 @@
     Authorize
     %strong.text-info= @pre_auth.client.name
     to use your account?
+
+  - if current_user.admin?
+    .text-warning.prepend-top-20
+      %p
+        = icon("exclamation-triangle fw")
+        You are an admin, which means granting access to
+        %strong #{@pre_auth.client.name}
+        will allow them to interact with GitLab as an admin as well. Proceed with caution.
+
   - if @pre_auth.scopes
     #oauth-permissions
       %p This application will be able to:
@@ -25,4 +34,4 @@
       = hidden_field_tag :state, @pre_auth.state
       = hidden_field_tag :response_type, @pre_auth.response_type
       = hidden_field_tag :scope, @pre_auth.scope
-      = submit_tag "Deny", class: "btn btn-danger prepend-left-10"
\ No newline at end of file
+      = submit_tag "Deny", class: "btn btn-danger prepend-left-10"