diff options
Diffstat (limited to 'lib/api/personal_access_tokens.rb')
-rw-r--r-- | lib/api/personal_access_tokens.rb | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/lib/api/personal_access_tokens.rb b/lib/api/personal_access_tokens.rb new file mode 100644 index 00000000000..2c60938b75a --- /dev/null +++ b/lib/api/personal_access_tokens.rb @@ -0,0 +1,61 @@ +# frozen_string_literal: true + +module API + class PersonalAccessTokens < ::API::Base + include ::API::PaginationParams + + feature_category :authentication_and_authorization + + desc 'Get all Personal Access Tokens' do + detail 'This feature was added in GitLab 13.3' + success Entities::PersonalAccessToken + end + params do + optional :user_id, type: Integer, desc: 'User ID' + + use :pagination + end + + before do + authenticate! + restrict_non_admins! unless current_user.admin? + end + + helpers do + def finder_params(current_user) + current_user.admin? ? { user: user(params[:user_id]) } : { user: current_user } + end + + def user(user_id) + UserFinder.new(user_id).find_by_id + end + + def restrict_non_admins! + return if params[:user_id].blank? + + unauthorized! unless Ability.allowed?(current_user, :read_user_personal_access_tokens, user(params[:user_id])) + end + + def find_token(id) + PersonalAccessToken.find(id) || not_found! + end + end + + resources :personal_access_tokens do + get do + tokens = PersonalAccessTokensFinder.new(finder_params(current_user), current_user).execute + + present paginate(tokens), with: Entities::PersonalAccessToken + end + + delete ':id' do + service = ::PersonalAccessTokens::RevokeService.new( + current_user, + token: find_token(params[:id]) + ).execute + + service.success? ? no_content! : bad_request!(nil) + end + end + end +end |