diff options
Diffstat (limited to 'app/controllers/groups/settings/repository_controller.rb')
-rw-r--r-- | app/controllers/groups/settings/repository_controller.rb | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/app/controllers/groups/settings/repository_controller.rb b/app/controllers/groups/settings/repository_controller.rb new file mode 100644 index 00000000000..6e8c5628d24 --- /dev/null +++ b/app/controllers/groups/settings/repository_controller.rb @@ -0,0 +1,53 @@ +# frozen_string_literal: true + +module Groups + module Settings + class RepositoryController < Groups::ApplicationController + skip_cross_project_access_check :show + before_action :authorize_admin_group! + before_action :define_deploy_token_variables + before_action do + push_frontend_feature_flag(:ajax_new_deploy_token, @group) + end + + def create_deploy_token + result = Groups::DeployTokens::CreateService.new(@group, current_user, deploy_token_params).execute + @new_deploy_token = result[:deploy_token] + + if result[:status] == :success + respond_to do |format| + format.json do + # IMPORTANT: It's a security risk to expose the token value more than just once here! + json = API::Entities::DeployTokenWithToken.represent(@new_deploy_token).as_json + render json: json, status: result[:http_status] + end + format.html do + flash.now[:notice] = s_('DeployTokens|Your new group deploy token has been created.') + render :show + end + end + else + respond_to do |format| + format.json { render json: { message: result[:message] }, status: result[:http_status] } + format.html do + flash.now[:alert] = result[:message] + render :show + end + end + end + end + + private + + def define_deploy_token_variables + @deploy_tokens = @group.deploy_tokens.active + + @new_deploy_token = DeployToken.new + end + + def deploy_token_params + params.require(:deploy_token).permit(:name, :expires_at, :read_repository, :read_registry, :write_registry, :username) + end + end + end +end |