app/controllers/groups/settings/applications_controller.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92

# frozen_string_literal: true

module Groups
  module Settings
    class ApplicationsController < Groups::ApplicationController
      include OauthApplications

      prepend_before_action :authorize_admin_group!
      before_action :set_application, only: [:show, :edit, :update, :renew, :destroy]
      before_action :load_scopes, only: [:index, :create, :edit, :update]

      feature_category :authentication_and_authorization

      def index
        set_index_vars
      end

      def show
        @created = get_created_session if Feature.disabled?('hash_oauth_secrets')
      end

      def edit
      end

      def create
        @application = Applications::CreateService.new(current_user, application_params).execute(request)

        if @application.persisted?
          flash[:notice] = I18n.t(:notice, scope: [:doorkeeper, :flash, :applications, :create])

          if Feature.enabled?('hash_oauth_secrets')

            @created = true
            render :show
          else
            set_created_session

            redirect_to group_settings_application_url(@group, @application)
          end
        else
          set_index_vars
          render :index
        end
      end

      def update
        if @application.update(application_params)
          redirect_to group_settings_application_path(@group, @application), notice: _('Application was successfully updated.')
        else
          render :edit
        end
      end

      def renew
        @application.renew_secret

        if @application.save
          flash.now[:notice] = s_('AuthorizedApplication|Application secret was successfully updated.')
          render :show
        else
          redirect_to group_settings_application_url(@group, @application)
        end
      end

      def destroy
        @application.destroy
        redirect_to group_settings_applications_url(@group), status: :found, notice: _('Application was successfully destroyed.')
      end

      private

      def set_index_vars
        # TODO: Remove limit(100) and implement pagination
        # https://gitlab.com/gitlab-org/gitlab/-/issues/324187
        @applications = @group.oauth_applications.limit(100)

        # Don't overwrite a value possibly set by `create`
        @application ||= Doorkeeper::Application.new
      end

      def set_application
        @application = @group.oauth_applications.find(params[:id])
      end

      def application_params
        super.tap do |params|
          params[:owner] = @group
        end
      end
    end
  end
end