BigW Consortium Gitlab

Commit 4b93429a by Douwe Maan

Remove Private Token from User Settings > Account

parent 3c03388b
...@@ -24,16 +24,6 @@ class ProfilesController < Profiles::ApplicationController ...@@ -24,16 +24,6 @@ class ProfilesController < Profiles::ApplicationController
end end
end end
def reset_private_token
Users::UpdateService.new(current_user, user: @user).execute! do |user|
user.reset_authentication_token!
end
flash[:notice] = "Private token was successfully reset"
redirect_to profile_account_path
end
def reset_incoming_email_token def reset_incoming_email_token
Users::UpdateService.new(current_user, user: @user).execute! do |user| Users::UpdateService.new(current_user, user: @user).execute! do |user|
user.reset_incoming_email_token! user.reset_incoming_email_token!
......
...@@ -9,17 +9,16 @@ ...@@ -9,17 +9,16 @@
.row.prepend-top-default .row.prepend-top-default
.col-lg-4.profile-settings-sidebar .col-lg-4.profile-settings-sidebar
%h4.prepend-top-0 %h4.prepend-top-0
Private Tokens - number_of_tokens = incoming_email_token_enabled? ? 2 : 1
= "Private Token".pluralize(number_of_tokens)
%p %p
Keep these tokens secret, anyone with access to them can interact with Keep your private tokens secret. Anyone with access to them can interact with some part of
GitLab as if they were you. GitLab as if they were you.
.col-lg-8.private-tokens-reset .col-lg-8.private-tokens-reset
= render partial: 'reset_token', locals: { label: 'Private token', button_label: 'Reset private token', help_text: 'Your private token is used to access the API and Atom feeds without username/password authentication.' } = render partial: 'reset_token', locals: { label: 'RSS token', button_label: 'Reset RSS token', help_text: 'Your RSS token is used to access your personalized RSS feeds without username/password authentication. It cannot be used to access any other data.' }
= render partial: 'reset_token', locals: { label: 'RSS token', button_label: 'Reset RSS token', help_text: 'Your RSS token is used to create urls for personalized RSS feeds.' }
- if incoming_email_token_enabled? - if incoming_email_token_enabled?
= render partial: 'reset_token', locals: { label: 'Incoming email token', button_label: 'Reset incoming email token', help_text: 'Your incoming email token is used to create new issues by email, and is included in your project-specific email addresses.' } = render partial: 'reset_token', locals: { label: 'Incoming email token', button_label: 'Reset incoming email token', help_text: 'Your incoming email token is used to authenticate you when creating new issues by email, and is included in your project-specific email addresses. It cannot be used to access any other data.' }
%hr %hr
.row.prepend-top-default .row.prepend-top-default
......
...@@ -6,7 +6,6 @@ resource :profile, only: [:show, :update] do ...@@ -6,7 +6,6 @@ resource :profile, only: [:show, :update] do
get :audit_log get :audit_log
get :applications, to: 'oauth/applications#index' get :applications, to: 'oauth/applications#index'
put :reset_private_token
put :reset_incoming_email_token put :reset_incoming_email_token
put :reset_rss_token put :reset_rss_token
put :update_username put :update_username
......
...@@ -141,7 +141,7 @@ separate Rails process to debug the issue: ...@@ -141,7 +141,7 @@ separate Rails process to debug the issue:
1. Log in to your GitLab account. 1. Log in to your GitLab account.
1. Copy the URL that is causing problems (e.g. https://gitlab.com/ABC). 1. Copy the URL that is causing problems (e.g. https://gitlab.com/ABC).
1. Obtain the private token for your user (Profile Settings -> Account). 1. Create a Personal Access Token for your user (Profile Settings -> Access Tokens).
1. Bring up the GitLab Rails console. For omnibus users, run: 1. Bring up the GitLab Rails console. For omnibus users, run:
``` ```
......
...@@ -52,7 +52,7 @@ You can edit your account settings by navigating from the up-right corner menu b ...@@ -52,7 +52,7 @@ You can edit your account settings by navigating from the up-right corner menu b
From there, you can: From there, you can:
- Update your personal information - Update your personal information
- Manage [private tokens](../../api/README.md#private-tokens), email tokens, [2FA](account/two_factor_authentication.md) - Manage [2FA](account/two_factor_authentication.md)
- Change your username and [delete your account](account/delete_account.md) - Change your username and [delete your account](account/delete_account.md)
- Manage applications that can - Manage applications that can
[use GitLab as an OAuth provider](../../integration/oauth_provider.md#introduction-to-oauth) [use GitLab as an OAuth provider](../../integration/oauth_provider.md#introduction-to-oauth)
......
...@@ -135,7 +135,6 @@ end ...@@ -135,7 +135,6 @@ end
# profile_history GET /profile/history(.:format) profile#history # profile_history GET /profile/history(.:format) profile#history
# profile_password PUT /profile/password(.:format) profile#password_update # profile_password PUT /profile/password(.:format) profile#password_update
# profile_token GET /profile/token(.:format) profile#token # profile_token GET /profile/token(.:format) profile#token
# profile_reset_private_token PUT /profile/reset_private_token(.:format) profile#reset_private_token
# profile GET /profile(.:format) profile#show # profile GET /profile(.:format) profile#show
# profile_update PUT /profile/update(.:format) profile#update # profile_update PUT /profile/update(.:format) profile#update
describe ProfilesController, "routing" do describe ProfilesController, "routing" do
...@@ -147,10 +146,6 @@ describe ProfilesController, "routing" do ...@@ -147,10 +146,6 @@ describe ProfilesController, "routing" do
expect(get("/profile/audit_log")).to route_to('profiles#audit_log') expect(get("/profile/audit_log")).to route_to('profiles#audit_log')
end end
it "to #reset_private_token" do
expect(put("/profile/reset_private_token")).to route_to('profiles#reset_private_token')
end
it "to #reset_rss_token" do it "to #reset_rss_token" do
expect(put("/profile/reset_rss_token")).to route_to('profiles#reset_rss_token') expect(put("/profile/reset_rss_token")).to route_to('profiles#reset_rss_token')
end end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment