Commit 9cd23ebf authored by Jiaan Louw's avatar Jiaan Louw Committed by Natalia Tepluhina

Add revoked on to PAT credentials inventory

This adds a revoked PAT credentials
column to the credentials inventory.
parent 97f7010e
...@@ -14,7 +14,7 @@ module CredentialsInventoryActions ...@@ -14,7 +14,7 @@ module CredentialsInventoryActions
def filter_credentials def filter_credentials
if show_personal_access_tokens? if show_personal_access_tokens?
::PersonalAccessTokensFinder.new({ user: users, impersonation: false, state: 'active', sort: 'id_desc' }).execute ::PersonalAccessTokensFinder.new({ user: users, impersonation: false, sort: 'id_desc' }).execute
elsif show_ssh_keys? elsif show_ssh_keys?
::KeysFinder.new({ users: users, key_type: 'ssh' }).execute ::KeysFinder.new({ users: users, key_type: 'ssh' }).execute
end end
......
...@@ -4,5 +4,6 @@ ...@@ -4,5 +4,6 @@
.table-section.section-30{ role: 'rowheader' }= _('Scope') .table-section.section-30{ role: 'rowheader' }= _('Scope')
.table-section.section-10{ role: 'rowheader' }= _('Created On') .table-section.section-10{ role: 'rowheader' }= _('Created On')
.table-section.section-10{ role: 'rowheader' }= _('Expiration') .table-section.section-10{ role: 'rowheader' }= _('Expiration')
.table-section.section-10{ role: 'rowheader' }= _('Revoked')
= render partial: 'shared/credentials_inventory/personal_access_tokens/personal_access_token', collection: credentials = render partial: 'shared/credentials_inventory/personal_access_tokens/personal_access_token', collection: credentials
...@@ -7,7 +7,7 @@ ...@@ -7,7 +7,7 @@
.table-section.section-30 .table-section.section-30
.table-mobile-header{ role: 'rowheader' } .table-mobile-header{ role: 'rowheader' }
= _('Scope') = _('Scope')
.table-mobile-content .table-mobile-content.ws-normal
- scopes = personal_access_token.scopes - scopes = personal_access_token.scopes
= scopes.present? ? scopes.join(", ") : _('No Scopes') = scopes.present? ? scopes.join(", ") : _('No Scopes')
.table-section.section-10 .table-section.section-10
...@@ -23,3 +23,10 @@ ...@@ -23,3 +23,10 @@
= personal_access_token.expires_at = personal_access_token.expires_at
- else - else
= _('Never') = _('Never')
.table-section.section-10
.table-mobile-header{ role: 'rowheader' }
= _('Revoked')
.table-mobile-content
- if personal_access_token.revoked?
-# We're inferring the revoked date from the last updated_at, see https://gitlab.com/gitlab-org/gitlab/-/issues/218046#note_362875952
= personal_access_token.updated_at.to_date
---
title: Show revoked date in credentials inventory for personal access tokens
merge_request: 35251
author:
type: changed
...@@ -45,21 +45,9 @@ RSpec.describe 'Admin::CredentialsInventory' do ...@@ -45,21 +45,9 @@ RSpec.describe 'Admin::CredentialsInventory' do
context 'filtering' do context 'filtering' do
context 'by Personal Access Tokens' do context 'by Personal Access Tokens' do
before do let(:credentials_path) { admin_credentials_path(filter: 'personal_access_tokens') }
create(:personal_access_token,
user: create(:user, name: 'David'),
created_at: '2019-12-10',
expires_at: nil)
visit admin_credentials_path(filter: 'personal_access_tokens')
end
it 'shows details of personal access tokens' do it_behaves_like 'credentials inventory personal access tokens'
expect(first_row.text).to include('David')
expect(first_row.text).to include('api')
expect(first_row.text).to include('2019-12-10')
expect(first_row.text).to include('Never')
end
end end
context 'by SSH Keys' do context 'by SSH Keys' do
......
...@@ -42,21 +42,9 @@ RSpec.describe 'Groups::Security::Credentials' do ...@@ -42,21 +42,9 @@ RSpec.describe 'Groups::Security::Credentials' do
context 'filtering' do context 'filtering' do
context 'by Personal Access Tokens' do context 'by Personal Access Tokens' do
before do let(:credentials_path) { group_security_credentials_path(group_id: group_id, filter: 'personal_access_tokens') }
create(:personal_access_token,
user: managed_user,
created_at: '2019-12-10',
expires_at: nil)
visit group_security_credentials_path(group_id: group_id, filter: 'personal_access_tokens')
end
it 'shows details of personal access tokens' do it_behaves_like 'credentials inventory personal access tokens', group_managed_account: true
expect(first_row.text).to include('David')
expect(first_row.text).to include('api')
expect(first_row.text).to include('2019-12-10')
expect(first_row.text).to include('Never')
end
end end
context 'by SSH Keys' do context 'by SSH Keys' do
......
# frozen_string_literal: true
RSpec.shared_examples_for 'credentials inventory personal access tokens' do |group_managed_account: false|
let_it_be(:user) { group_managed_account ? managed_user : create(:user, name: 'David') }
context 'when a personal access token is active' do
before do
create(:personal_access_token,
user: user,
created_at: '2019-12-10',
updated_at: '2020-06-22',
expires_at: nil)
visit credentials_path
end
it 'shows the details with no revoked date' do
expect(first_row.text).to include('David')
expect(first_row.text).to include('api')
expect(first_row.text).to include('2019-12-10')
expect(first_row.text).to include('Never')
expect(first_row.text).not_to include('2020-06-22')
end
end
context 'when a personal access token is revoked' do
before do
create(:personal_access_token,
:revoked,
user: user,
created_at: '2019-12-10',
updated_at: '2020-06-22',
expires_at: nil)
visit credentials_path
end
it 'shows the details with a revoked date' do
expect(first_row.text).to include('David')
expect(first_row.text).to include('api')
expect(first_row.text).to include('2019-12-10')
expect(first_row.text).to include('2020-06-22')
end
end
end
...@@ -19531,6 +19531,9 @@ msgstr "" ...@@ -19531,6 +19531,9 @@ msgstr ""
msgid "Revoke" msgid "Revoke"
msgstr "" msgstr ""
msgid "Revoked"
msgstr ""
msgid "Revoked impersonation token %{token_name}!" msgid "Revoked impersonation token %{token_name}!"
msgstr "" msgstr ""
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment