Merge branch 'pat-alert-when-signin-disabled' into 'master'

Provide hint to create a personal access token for Git over HTTP

See merge request !12105

5 files changed, 38 insertions, 9 deletions

diff --git a/app/helpers/button_helper.rb b/app/helpers/button_helper.rb
index 00464810054..ba84dbe4a7a 100644
--- a/app/helpers/button_helper.rb
+++ b/app/helpers/button_helper.rb
@@ -50,10 +50,17 @@ module ButtonHelper
 
   def http_clone_button(project, placement = 'right', append_link: true)
     klass = 'http-selector'
-    klass << ' has-tooltip' if current_user.try(:require_password?)
+    klass << ' has-tooltip' if current_user.try(:require_password?) || current_user.try(:require_personal_access_token?)
 
     protocol = gitlab_config.protocol.upcase
 
+    tooltip_title =
+      if current_user.try(:require_password?)
+        _("Set a password on your account to pull or push via %{protocol}.") % { protocol: protocol }
+      else
+        _("Create a personal access token on your account to pull or push via %{protocol}.") % { protocol: protocol }
+      end
+
     content_tag (append_link ? :a : :span), protocol,
       class: klass,
       href: (project.http_url_to_repo if append_link),
@@ -61,7 +68,7 @@ module ButtonHelper
         html: true,
         placement: placement,
         container: 'body',
-        title: _("Set a password on your account to pull or push via %{protocol}") % { protocol: protocol }
+        title: tooltip_title
       }
   end
 
diff --git a/app/helpers/projects_helper.rb b/app/helpers/projects_helper.rb
index d10e0bd45b0..c04b1419a19 100644
--- a/app/helpers/projects_helper.rb
+++ b/app/helpers/projects_helper.rb
@@ -198,6 +198,23 @@ module ProjectsHelper
       .load_in_batch_for_projects(projects)
   end
 
+  def show_no_ssh_key_message?
+    cookies[:hide_no_ssh_message].blank? && !current_user.hide_no_ssh_key && current_user.require_ssh_key?
+  end
+
+  def show_no_password_message?
+    cookies[:hide_no_password_message].blank? && !current_user.hide_no_password &&
+      ( current_user.require_password? || current_user.require_personal_access_token? )
+  end
+
+  def link_to_set_password
+    if current_user.require_password?
+      link_to s_('SetPasswordToCloneLink|set a password'), edit_profile_password_path
+    else
+      link_to s_('CreateTokenToCloneLink|create a personal access token'), profile_personal_access_tokens_path
+    end
+  end
+
   private
 
   def repo_children_classes(field)
diff --git a/app/models/user.rb b/app/models/user.rb
index 650b64e7551..6dd1b1415d6 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -570,7 +570,13 @@ class User < ActiveRecord::Base
   end
 
   def require_password?
-    password_automatically_set? && !ldap_user?
+    password_automatically_set? && !ldap_user? && current_application_settings.signin_enabled?
+  end
+
+  def require_personal_access_token?
+    return false if current_application_settings.signin_enabled? || ldap_user?
+
+    PersonalAccessTokensFinder.new(user: self, impersonation: false, state: 'active').execute.none?
   end
 
   def can_change_username?
diff --git a/app/views/shared/_no_password.html.haml b/app/views/shared/_no_password.html.haml
index b561e6dc248..9b1a467df6b 100644
--- a/app/views/shared/_no_password.html.haml
+++ b/app/views/shared/_no_password.html.haml
@@ -1,9 +1,8 @@
-- if cookies[:hide_no_password_message].blank? && !current_user.hide_no_password && current_user.require_password?
+- if show_no_password_message?
   .no-password-message.alert.alert-warning
-    - set_password_link = link_to s_('SetPasswordToCloneLink|set a password'), edit_profile_password_path
-    - translation_params = { protocol: gitlab_config.protocol.upcase, set_password_link: set_password_link }
+    - translation_params = { protocol: gitlab_config.protocol.upcase, set_password_link: link_to_set_password }
     - set_password_message = _("You won't be able to pull or push project code via %{protocol} until you %{set_password_link} on your account") % translation_params
-
+    = set_password_message.html_safe
     .alert-link-group
       = link_to _("Don't show again"), profile_path(user: {hide_no_password: true}), method: :put
       |
diff --git a/app/views/shared/_no_ssh.html.haml b/app/views/shared/_no_ssh.html.haml
index e7815e28017..17ef5327341 100644
--- a/app/views/shared/_no_ssh.html.haml
+++ b/app/views/shared/_no_ssh.html.haml
@@ -1,8 +1,8 @@
-- if cookies[:hide_no_ssh_message].blank? && !current_user.hide_no_ssh_key && current_user.require_ssh_key?
+- if show_no_ssh_key_message?
   .no-ssh-key-message.alert.alert-warning
     - add_ssh_key_link = link_to s_('MissingSSHKeyWarningLink|add an SSH key'), profile_keys_path, class: 'alert-link'
     - ssh_message = _("You won't be able to pull or push project code via SSH until you %{add_ssh_key_link} to your profile") % { add_ssh_key_link: add_ssh_key_link }
-    #{ ssh_message.html_safe }
+    = ssh_message.html_safe
     .alert-link-group
       = link_to _("Don't show again"), profile_path(user: {hide_no_ssh_key: true}), method: :put, class: 'alert-link'
       |