Commit abab0cd6 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch...

Merge branch '47398-user-is-unable-revoke-a-authorized-application-unless-user-oauth-applications-is-checked-in-admin-settings' into 'master'

Resolve "User is unable revoke a Authorized application unless User OAuth applications is checked in admin settings"

Closes #47398

See merge request gitlab-org/gitlab-ce!21835
parents e18d8d59 0c812544
...@@ -4,7 +4,7 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController ...@@ -4,7 +4,7 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
include PageLayoutHelper include PageLayoutHelper
include OauthApplications include OauthApplications
before_action :verify_user_oauth_applications_enabled before_action :verify_user_oauth_applications_enabled, except: :index
before_action :authenticate_user! before_action :authenticate_user!
before_action :add_gon_variables before_action :add_gon_variables
before_action :load_scopes, only: [:index, :create, :edit] before_action :load_scopes, only: [:index, :create, :edit]
......
...@@ -16,6 +16,9 @@ ...@@ -16,6 +16,9 @@
= _('Add new application') = _('Add new application')
= render 'form', application: @application = render 'form', application: @application
%hr %hr
- else
.bs-callout.bs-callout-disabled
= _('Adding new applications is disabled in your GitLab instance. Please contact your GitLab administrator to get the permission')
- if user_oauth_applications? - if user_oauth_applications?
.oauth-applications .oauth-applications
%h5 %h5
......
...@@ -28,18 +28,17 @@ ...@@ -28,18 +28,17 @@
= link_to profile_account_path do = link_to profile_account_path do
%strong.fly-out-top-item-name %strong.fly-out-top-item-name
= _('Account') = _('Account')
- if Gitlab::CurrentSettings.user_oauth_applications? = nav_link(controller: 'oauth/applications') do
= nav_link(controller: 'oauth/applications') do = link_to applications_profile_path do
= link_to applications_profile_path do .nav-icon-container
.nav-icon-container = sprite_icon('applications')
= sprite_icon('applications') %span.nav-item-name
%span.nav-item-name = _('Applications')
= _('Applications') %ul.sidebar-sub-level-items.is-fly-out-only
%ul.sidebar-sub-level-items.is-fly-out-only = nav_link(controller: 'oauth/applications', html_options: { class: "fly-out-top-item" } ) do
= nav_link(controller: 'oauth/applications', html_options: { class: "fly-out-top-item" } ) do = link_to applications_profile_path do
= link_to applications_profile_path do %strong.fly-out-top-item-name
%strong.fly-out-top-item-name = _('Applications')
= _('Applications')
= nav_link(controller: :chat_names) do = nav_link(controller: :chat_names) do
= link_to profile_chat_names_path do = link_to profile_chat_names_path do
.nav-icon-container .nav-icon-container
......
---
title: Allow user to revoke an authorized application even if User OAuth applications
setting is disabled in admin settings
merge_request: 21835
author:
type: changed
...@@ -355,6 +355,9 @@ msgstr "" ...@@ -355,6 +355,9 @@ msgstr ""
msgid "Add users to group" msgid "Add users to group"
msgstr "" msgstr ""
msgid "Adding new applications is disabled in your GitLab instance. Please contact your GitLab administrator to get the permission"
msgstr ""
msgid "Admin Area" msgid "Admin Area"
msgstr "" msgstr ""
......
...@@ -15,14 +15,44 @@ describe Oauth::ApplicationsController do ...@@ -15,14 +15,44 @@ describe Oauth::ApplicationsController do
expect(response).to have_gitlab_http_status(200) expect(response).to have_gitlab_http_status(200)
end end
it 'redirects back to profile page if OAuth applications are disabled' do it 'shows list of applications' do
allow(Gitlab::CurrentSettings.current_application_settings).to receive(:user_oauth_applications?).and_return(false) disable_user_oauth
get :index get :index
expect(response).to have_gitlab_http_status(200)
end
end
describe 'POST #create' do
it 'creates an application' do
post :create, oauth_params
expect(response).to have_gitlab_http_status(302)
expect(response).to redirect_to(oauth_application_path(Doorkeeper::Application.last))
end
it 'redirects back to profile page if OAuth applications are disabled' do
disable_user_oauth
post :create, oauth_params
expect(response).to have_gitlab_http_status(302) expect(response).to have_gitlab_http_status(302)
expect(response).to redirect_to(profile_path) expect(response).to redirect_to(profile_path)
end end
end end
end end
def disable_user_oauth
allow(Gitlab::CurrentSettings.current_application_settings).to receive(:user_oauth_applications?).and_return(false)
end
def oauth_params
{
doorkeeper_application: {
name: 'foo',
redirect_uri: 'http://example.org'
}
}
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment