Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Set default scope on PATs that don't have one set to allow them to be revokeddm-pat-revoke | Douwe Maan | 2017-10-03 | 1 | -0/+6 |
| | |||||
* | Clean up read_registry scope changes | Robin Bobbitt | 2017-09-18 | 1 | -1/+1 |
| | | | | Closes #37789 | ||||
* | Hide read_registry scope when registry is disabled on instance | Robin Bobbitt | 2017-08-21 | 1 | -1/+1 |
| | |||||
* | Rename ActiverecordSerialize cop | Yorick Peterse | 2017-07-06 | 1 | -1/+1 |
| | | | | | This cop has been renamed to ActiveRecordSerialize to match the way "ActiveRecord" is usually written. | ||||
* | Merge branch 'zj-read-registry-pat' into 'master' | Kamil TrzciĆski | 2017-06-07 | 1 | -6/+5 |
|\ | | | | | | | | | | | | | Allow pulling container images using personal access tokens Closes #19219 See merge request !11845 | ||||
| * | Create read_registry scope with JWT auth | Z.J. van de Weg | 2017-06-05 | 1 | -6/+5 |
| | | | | | | | | | | | | | | | | | | | | | | | | This is the first commit doing mainly 3 things: 1. create a new scope and allow users to use it 2. Have the JWTController respond correctly on this 3. Updates documentation to suggest usage of PATs There is one gotcha, there will be no support for impersonation tokens, as this seems not needed. Fixes gitlab-org/gitlab-ce#19219 | ||||
* | | Added Cop to blacklist the use of serializedocument-not-using-serialize | Yorick Peterse | 2017-05-31 | 1 | -1/+1 |
|/ | | | | | This Cop blacklists the use of ActiveRecord's "serialize" method, except for cases where we already use this. | ||||
* | Merge branch 'siemens/gitlab-ce-feature/openid-connect' | Sean McGivern | 2017-03-07 | 1 | -0/+11 |
|\ | |||||
| * | Require explicit scopes on personal access tokens | Markus Koller | 2017-03-07 | 1 | -3/+4 |
| | | | | | | | | | | | | Gitlab::Auth and API::APIGuard already check for at least one valid scope on personal access tokens, so if the scopes are empty the token will always fail validation. | ||||
| * | Only use API scopes for personal access tokens | Markus Koller | 2017-03-07 | 1 | -0/+10 |
| | | |||||
* | | refactors finder and correlated code | Tiago Botelho | 2017-03-01 | 1 | -4/+3 |
| | | |||||
* | | applies relevant changes to the code and code structure | Tiago Botelho | 2017-02-28 | 1 | -11/+4 |
| | | |||||
* | | add impersonation token | Simon Vocella | 2017-02-28 | 1 | -4/+10 |
| | | |||||
* | | manage personal_access_tokens through api | Simon Vocella | 2017-02-28 | 1 | -0/+5 |
|/ | |||||
* | Add a `scopes` column to the `personal_access_tokens` table | Timothy Andrew | 2016-12-16 | 1 | -0/+2 |
| | |||||
* | Address @DouweM's feedback on !3749. | Timothy Andrew | 2016-04-28 | 1 | -1/+4 |
| | | | | | | | | - Use `TokenAuthenticatable` to generate the personal access token - Remove a check for `authenticity_token` in application controller; this should've been `authentication_token`, maybe, and doesn't make any sense now. - Have the datepicker appear inline | ||||
* | Make fixes based on @vsizov's comments on MR !3749 | Timothy Andrew | 2016-04-28 | 1 | -2/+2 |
| | |||||
* | Add an "Inactive Personal Access Tokens" section. | Timothy Andrew | 2016-04-28 | 1 | -1/+2 |
| | | | | | | - Show the count for each section in parens - Remove the `revoked?` check, because everything in the active section is guaranteed to not be revoked. | ||||
* | Allow expiration of personal access tokens. | Timothy Andrew | 2016-04-28 | 1 | -1/+1 |
| | |||||
* | Allow revoking personal access tokens. | Timothy Andrew | 2016-04-28 | 1 | -0/+7 |
| | |||||
* | Allow creating Personal Access Tokens through the website. | Timothy Andrew | 2016-04-28 | 1 | -0/+9 |