summaryrefslogtreecommitdiff
path: root/app/models/personal_access_token.rb
Commit message (Collapse)AuthorAgeFilesLines
* Set default scope on PATs that don't have one set to allow them to be revokeddm-pat-revokeDouwe Maan2017-10-031-0/+6
|
* Clean up read_registry scope changesRobin Bobbitt2017-09-181-1/+1
| | | | Closes #37789
* Hide read_registry scope when registry is disabled on instanceRobin Bobbitt2017-08-211-1/+1
|
* Rename ActiverecordSerialize copYorick Peterse2017-07-061-1/+1
| | | | | This cop has been renamed to ActiveRecordSerialize to match the way "ActiveRecord" is usually written.
* Merge branch 'zj-read-registry-pat' into 'master'Kamil TrzciƄski2017-06-071-6/+5
|\ | | | | | | | | | | | | Allow pulling container images using personal access tokens Closes #19219 See merge request !11845
| * Create read_registry scope with JWT authZ.J. van de Weg2017-06-051-6/+5
| | | | | | | | | | | | | | | | | | | | | | | | This is the first commit doing mainly 3 things: 1. create a new scope and allow users to use it 2. Have the JWTController respond correctly on this 3. Updates documentation to suggest usage of PATs There is one gotcha, there will be no support for impersonation tokens, as this seems not needed. Fixes gitlab-org/gitlab-ce#19219
* | Added Cop to blacklist the use of serializedocument-not-using-serializeYorick Peterse2017-05-311-1/+1
|/ | | | | This Cop blacklists the use of ActiveRecord's "serialize" method, except for cases where we already use this.
* Merge branch 'siemens/gitlab-ce-feature/openid-connect'Sean McGivern2017-03-071-0/+11
|\
| * Require explicit scopes on personal access tokensMarkus Koller2017-03-071-3/+4
| | | | | | | | | | | | Gitlab::Auth and API::APIGuard already check for at least one valid scope on personal access tokens, so if the scopes are empty the token will always fail validation.
| * Only use API scopes for personal access tokensMarkus Koller2017-03-071-0/+10
| |
* | refactors finder and correlated codeTiago Botelho2017-03-011-4/+3
| |
* | applies relevant changes to the code and code structureTiago Botelho2017-02-281-11/+4
| |
* | add impersonation tokenSimon Vocella2017-02-281-4/+10
| |
* | manage personal_access_tokens through apiSimon Vocella2017-02-281-0/+5
|/
* Add a `scopes` column to the `personal_access_tokens` tableTimothy Andrew2016-12-161-0/+2
|
* Address @DouweM's feedback on !3749.Timothy Andrew2016-04-281-1/+4
| | | | | | | | - Use `TokenAuthenticatable` to generate the personal access token - Remove a check for `authenticity_token` in application controller; this should've been `authentication_token`, maybe, and doesn't make any sense now. - Have the datepicker appear inline
* Make fixes based on @vsizov's comments on MR !3749Timothy Andrew2016-04-281-2/+2
|
* Add an "Inactive Personal Access Tokens" section.Timothy Andrew2016-04-281-1/+2
| | | | | | - Show the count for each section in parens - Remove the `revoked?` check, because everything in the active section is guaranteed to not be revoked.
* Allow expiration of personal access tokens.Timothy Andrew2016-04-281-1/+1
|
* Allow revoking personal access tokens.Timothy Andrew2016-04-281-0/+7
|
* Allow creating Personal Access Tokens through the website.Timothy Andrew2016-04-281-0/+9
View Lorry Controller Status