Merge branch '35721-auth-style-confirmation' into 'master'

Authorizations regarding OAuth - style confirmation Closes #35721 See merge request !13691

Merge branch '35721-auth-style-confirmation' into 'master'
Authorizations regarding OAuth - style confirmation Closes #35721 See merge request !13691
4fb49156 · Clement Ho · c842e29a · 5167a76f · 4fb49156 · 4fb49156
Commit 4fb49156 authored Aug 25, 2017 by Clement Ho
3 changed files
--- a/app/assets/stylesheets/framework/modal.scss
+++ b/app/assets/stylesheets/framework/modal.scss
@@ -16,6 +16,14 @@ body.modal-open {
  overflow: hidden;
 }
+.modal-no-backdrop {
+  @extend .modal-dialog;
+  .modal-content {
+    box-shadow: none;
+  }
+}
 @media (min-width: $screen-md-min) {
  .modal-dialog {
    width: 860px;

--- a/app/views/doorkeeper/authorizations/new.html.haml
+++ b/app/views/doorkeeper/authorizations/new.html.haml
-%h3.page-title Authorization required
 %main{ :role => "main" }
-  %p.h4
+  .modal-no-backdrop
-    Authorize
+    .modal-content
-    %strong.text-info= @pre_auth.client.name
+      .modal-header
-    to use your account?
+        %h3.page-title
+          Authorize
+          = link_to @pre_auth.client.name, @pre_auth.redirect_uri, target: '_blank', rel: 'noopener noreferrer'
+          to use your account?
-  - if current_user.admin?
+      .modal-body
-    .text-warning.prepend-top-20
+        - if current_user.admin?
-      %p
+          .text-warning
-        = icon("exclamation-triangle fw")
+            %p
-        You are an admin, which means granting access to
+              = icon("exclamation-triangle fw")
-        %strong= @pre_auth.client.name
+              You are an admin, which means granting access to
-        will allow them to interact with GitLab as an admin as well. Proceed with caution.
+              %strong= @pre_auth.client.name
+              will allow them to interact with GitLab as an admin as well. Proceed with caution.
-  - if @pre_auth.scopes
+        %p
-    #oauth-permissions
+          You are about to authorize
-      %p This application will be able to:
+          = link_to @pre_auth.client.name, @pre_auth.redirect_uri, target: '_blank', rel: 'noopener noreferrer'
-      %ul.text-info
+          to use your account.
-        - @pre_auth.scopes.each do |scope|
+          - if @pre_auth.scopes
-          %li= t scope, scope: [:doorkeeper, :scopes]
+            This application will be able to:
-  %hr/
+            %ul
-  .actions
+              - @pre_auth.scopes.each do |scope|
-    = form_tag oauth_authorization_path, method: :post do
+                %li= t scope, scope: [:doorkeeper, :scopes]
-      = hidden_field_tag :client_id, @pre_auth.client.uid
+        .form-actions.text-right
-      = hidden_field_tag :redirect_uri, @pre_auth.redirect_uri
+          = form_tag oauth_authorization_path, method: :delete, class: 'inline'  do
-      = hidden_field_tag :state, @pre_auth.state
+            = hidden_field_tag :client_id, @pre_auth.client.uid
-      = hidden_field_tag :response_type, @pre_auth.response_type
+            = hidden_field_tag :redirect_uri, @pre_auth.redirect_uri
-      = hidden_field_tag :scope, @pre_auth.scope
+            = hidden_field_tag :state, @pre_auth.state
-      = hidden_field_tag :nonce, @pre_auth.nonce
+            = hidden_field_tag :response_type, @pre_auth.response_type
-      = submit_tag "Authorize", class: "btn btn-success wide pull-left"
+            = hidden_field_tag :scope, @pre_auth.scope
-    = form_tag oauth_authorization_path, method: :delete do
+            = hidden_field_tag :nonce, @pre_auth.nonce
-      = hidden_field_tag :client_id, @pre_auth.client.uid
+            = submit_tag "Deny", class: "btn btn-danger"
-      = hidden_field_tag :redirect_uri, @pre_auth.redirect_uri
+          = form_tag oauth_authorization_path, method: :post, class: 'inline' do
-      = hidden_field_tag :state, @pre_auth.state
+            = hidden_field_tag :client_id, @pre_auth.client.uid
-      = hidden_field_tag :response_type, @pre_auth.response_type
+            = hidden_field_tag :redirect_uri, @pre_auth.redirect_uri
-      = hidden_field_tag :scope, @pre_auth.scope
+            = hidden_field_tag :state, @pre_auth.state
-      = hidden_field_tag :nonce, @pre_auth.nonce
+            = hidden_field_tag :response_type, @pre_auth.response_type
-      = submit_tag "Deny", class: "btn btn-danger prepend-left-10"
+            = hidden_field_tag :scope, @pre_auth.scope
+            = hidden_field_tag :nonce, @pre_auth.nonce
+            = submit_tag "Authorize", class: "btn btn-success prepend-left-10"
--- a/changelogs/unreleased/35721-auth-style-confirmation.yml
+++ b/changelogs/unreleased/35721-auth-style-confirmation.yml
+---
+title: restyling of OAuth authorization confirmation
+merge_request:
+author: Jacopo Beschi @jacopo-beschi
+type: changed