diff options
author | Douwe Maan <douwe@selenight.nl> | 2017-11-13 12:47:43 +0100 |
---|---|---|
committer | Winnie Hellmann <winnie@gitlab.com> | 2017-11-13 15:04:11 +0100 |
commit | 644fe000fe1d965910bc200a0e87a52e2fc041ff (patch) | |
tree | 637bf45aca0a9918fef1461130a0cb08831c6fa2 | |
parent | 3df677a9ecdadfbfb660da8bca177d585374fbb9 (diff) | |
download | gitlab-ce-644fe000fe1d965910bc200a0e87a52e2fc041ff.tar.gz |
Prevent error when authorizing an admin-created OAauth application without a set owner
-rw-r--r-- | app/views/doorkeeper/authorizations/new.html.haml | 13 | ||||
-rw-r--r-- | changelogs/unreleased/dm-authorize-admin-oauth-application.yml | 6 |
2 files changed, 14 insertions, 5 deletions
diff --git a/app/views/doorkeeper/authorizations/new.html.haml b/app/views/doorkeeper/authorizations/new.html.haml index 85e4170aee9..6d9c6b5572a 100644 --- a/app/views/doorkeeper/authorizations/new.html.haml +++ b/app/views/doorkeeper/authorizations/new.html.haml @@ -1,5 +1,3 @@ -- auth_app_owner = @pre_auth.client.application.owner - %main{ :role => "main" } .modal-no-backdrop.modal-doorkeepr-auth .modal-content @@ -20,9 +18,14 @@ %p An application called = link_to @pre_auth.client.name, @pre_auth.redirect_uri, target: '_blank', rel: 'noopener noreferrer' - is requesting access to your GitLab account. This application was created by - = succeed "." do - = link_to auth_app_owner.name, user_path(auth_app_owner) + is requesting access to your GitLab account. + + - auth_app_owner = @pre_auth.client.application.owner + - if auth_app_owner + This application was created by + = succeed "." do + = link_to auth_app_owner.name, user_path(auth_app_owner) + Please note that this application is not provided by GitLab and you should verify its authenticity before allowing access. - if @pre_auth.scopes diff --git a/changelogs/unreleased/dm-authorize-admin-oauth-application.yml b/changelogs/unreleased/dm-authorize-admin-oauth-application.yml new file mode 100644 index 00000000000..2787485bc28 --- /dev/null +++ b/changelogs/unreleased/dm-authorize-admin-oauth-application.yml @@ -0,0 +1,6 @@ +--- +title: Prevent error when authorizing an admin-created OAauth application without + a set owner +merge_request: +author: +type: fixed |