BigW Consortium Gitlab

Commit 17f2fc10 by Timothy Andrew

Change the root param while creating personal access tokens.

- Can't use `personal_access_token` anymore, because the contents of that param are assumed to be a token string, and authenticated against.
parent 611f3ad2
......@@ -32,6 +32,8 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
private
def personal_access_token_params
params.require(:personal_access_token).permit(:name, :expires_at)
# We aren't using `personal_access_token` as the root param because the authentication
# system expects to find a token string there - it's off-limits to us.
params.require(:personal_access_token_params).permit(:name, :expires_at)
end
end
......@@ -12,7 +12,8 @@
Add a Personal Access Token
%p.profile-settings-content
Pick a name for the application, and we'll give you a unique token.
= form_for [:profile, @personal_access_token], method: :post, html: { class: 'js-requires-input' } do |f|
= form_for [:profile, @personal_access_token], as: "personal_access_token_params",
method: :post, html: { class: 'js-requires-input' } do |f|
.form-group
= f.label :name, class: 'label-light'
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment