- breadcrumb_title s_('AccessTokens|Access Tokens')
- page_title s_('AccessTokens|Personal Access Tokens')
- type = _('personal access token')
- type_plural = _('personal access tokens')
- @content_class = 'limit-container-width' unless fluid_layout

.row.gl-mt-3.js-search-settings-section
  .col-lg-4.profile-settings-sidebar
    %h4.gl-mt-0
      = page_title
    %p
      = s_('AccessTokens|You can generate a personal access token for each application you use that needs access to the GitLab API.')
    %p
      = s_('AccessTokens|You can also use personal access tokens to authenticate against Git over HTTP.')
      = s_('AccessTokens|They are the only accepted password when you have Two-Factor Authentication (2FA) enabled.')

  .col-lg-8
    - if @new_personal_access_token
      = render 'shared/access_tokens/created_container',
        type: type,
        new_token_value: @new_personal_access_token

    = render 'shared/access_tokens/form',
        type: type,
        path: profile_personal_access_tokens_path,
        token: @personal_access_token,
        scopes: @scopes

    = render 'shared/access_tokens/table',
        type: type,
        type_plural: type_plural,
        active_tokens: @active_personal_access_tokens,
        revoke_route_helper: ->(token) { revoke_profile_personal_access_token_path(token) }

- unless Gitlab::CurrentSettings.disable_feed_token
  .col-lg-12
    %hr
  .row.gl-mt-3.js-search-settings-section
    .col-lg-4.profile-settings-sidebar
      %h4.gl-mt-0
        = s_('AccessTokens|Feed token')
      %p
        = s_('AccessTokens|Your feed token is used to authenticate you when your RSS reader loads a personalized RSS feed or when your calendar application loads a personalized calendar, and is included in those feed URLs.')
      %p
        = s_('AccessTokens|It cannot be used to access any other data.')
    .col-lg-8.feed-token-reset
      = label_tag :feed_token, s_('AccessTokens|Feed token'), class: 'label-bold'
      = text_field_tag :feed_token, current_user.feed_token, class: 'form-control js-select-on-focus', readonly: true
      %p.form-text.text-muted
        - reset_link = link_to s_('AccessTokens|reset it'), [:reset, :feed_token, :profile], method: :put, data: { confirm: s_('AccessTokens|Are you sure? Any RSS or calendar URLs currently in use will stop working.') }
        - reset_message = s_('AccessTokens|Keep this token secret. Anyone who gets ahold of it can read activity and issue RSS feeds or your calendar feed as if they were you. You should %{link_reset_it} if that ever happens.') % { link_reset_it: reset_link }
        = reset_message.html_safe

- if incoming_email_token_enabled?
  .col-lg-12
    %hr
  .row.gl-mt-3.js-search-settings-section
    .col-lg-4.profile-settings-sidebar
      %h4.gl-mt-0
        = s_('AccessTokens|Incoming email token')
      %p
        = s_('AccessTokens|Your incoming email token is used to authenticate you when you create a new issue by email, and is included in your personal project-specific email addresses.')
      %p
        = s_('AccessTokens|It cannot be used to access any other data.')
    .col-lg-8.incoming-email-token-reset
      = label_tag :incoming_email_token, s_('AccessTokens|Incoming email token'), class: 'label-bold'
      = text_field_tag :incoming_email_token, current_user.incoming_email_token, class: 'form-control js-select-on-focus', readonly: true
      %p.form-text.text-muted
        - reset_link = link_to s_('AccessTokens|reset it'), [:reset, :incoming_email_token, :profile], method: :put, data: { confirm: s_('AccessTokens|Are you sure? Any issue email addresses currently in use will stop working.') }
        - reset_message = s_('AccessTokens|Keep this token secret. Anyone who gets ahold of it can create issues as if they were you. You should %{link_reset_it} if that ever happens.') % { link_reset_it: reset_link }
        = reset_message.html_safe

- if static_objects_external_storage_enabled?
  .col-lg-12
    %hr
  .row.gl-mt-3.js-search-settings-section
    .col-lg-4
      %h4.gl-mt-0
        = s_('AccessTokens|Static object token')
      %p
        = s_('AccessTokens|Your static object token is used to authenticate you when repository static objects (e.g. archives, blobs, ...) are being served from an external storage.')
      %p
        = s_('AccessTokens|It cannot be used to access any other data.')
    .col-lg-8
      = label_tag :static_object_token, s_('AccessTokens|Static object token'), class: "label-bold"
      = text_field_tag :static_object_token, current_user.static_object_token, class: 'form-control', readonly: true, onclick: 'this.select()'
      %p.form-text.text-muted
        - reset_link = url_for [:reset, :static_object_token, :profile]
        - reset_link_start = '<a data-confirm="%{confirm}" rel="nofollow" data-method="put" href="%{url}">'.html_safe % { confirm: s_('AccessTokens|Are you sure?'), url: reset_link }
        - reset_link_end = '</a>'.html_safe
        - reset_message = s_('AccessTokens|Keep this token secret. Anyone who gets ahold of it can access repository static objects as if they were you. You should %{reset_link_start}reset it%{reset_link_end} if that ever happens.') % { reset_link_start: reset_link_start, reset_link_end: reset_link_end }
        = reset_message.html_safe