BigW Consortium Gitlab
Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
G
gitlab-ce
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Forest Godfrey
gitlab-ce
Commits
96d6fdc2
Commit
96d6fdc2
authored
May 29, 2015
by
Douwe Maan
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add option to disallow users from registering any application to use GitLab as an OAuth provider
parent
70b29c35
Hide whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
63 additions
and
29 deletions
+63
-29
CHANGELOG
CHANGELOG
+1
-0
application_settings_controller.rb
app/controllers/admin/application_settings_controller.rb
+1
-0
applications_controller.rb
app/controllers/oauth/applications_controller.rb
+8
-0
application_settings_helper.rb
app/helpers/application_settings_helper.rb
+4
-0
application_setting.rb
app/models/application_setting.rb
+1
-0
_form.html.haml
app/views/admin/application_settings/_form.html.haml
+8
-1
applications.html.haml
app/views/profiles/applications.html.haml
+33
-27
20150529111607_add_user_oauth_applications_to_application_settings.rb
...07_add_user_oauth_applications_to_application_settings.rb
+5
-0
schema.rb
db/schema.rb
+2
-1
No files found.
CHANGELOG
View file @
96d6fdc2
Please view this file on the master branch, on stable branches it's out of date.
v 7.12.0 (unreleased)
- Add option to disallow users from registering any application to use GitLab as an OAuth provider
- Refactor permission checks with issues and merge requests project settings (Stan Hu)
- Fix Markdown preview not working in Edit Milestone page (Stan Hu)
- Fix Zen Mode not closing with ESC key (Stan Hu)
...
...
app/controllers/admin/application_settings_controller.rb
View file @
96d6fdc2
...
...
@@ -43,6 +43,7 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
:default_snippet_visibility
,
:restricted_signup_domains_raw
,
:version_check_enabled
,
:user_oauth_applications
,
restricted_visibility_levels:
[],
)
end
...
...
app/controllers/oauth/applications_controller.rb
View file @
96d6fdc2
class
Oauth
::
ApplicationsController
<
Doorkeeper
::
ApplicationsController
include
Gitlab
::
CurrentSettings
include
PageLayoutHelper
before_action
:verify_user_oauth_applications_enabled
before_action
:authenticate_user!
layout
'profile'
...
...
@@ -32,6 +34,12 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
private
def
verify_user_oauth_applications_enabled
return
if
current_application_settings
.
user_oauth_applications?
redirect_to
applications_profile_url
end
def
set_application
@application
=
current_user
.
oauth_applications
.
find
(
params
[
:id
])
end
...
...
app/helpers/application_settings_helper.rb
View file @
96d6fdc2
...
...
@@ -19,6 +19,10 @@ module ApplicationSettingsHelper
current_application_settings
.
sign_in_text
end
def
user_oauth_applications?
current_application_settings
.
user_oauth_applications
end
# Return a group of checkboxes that use Bootstrap's button plugin for a
# toggle button effect.
def
restricted_level_checkboxes
(
help_block_id
)
...
...
app/models/application_setting.rb
View file @
96d6fdc2
...
...
@@ -18,6 +18,7 @@
# default_project_visibility :integer
# default_snippet_visibility :integer
# restricted_signup_domains :text
# user_oauth_applications :bool default(TRUE)
#
class
ApplicationSetting
<
ActiveRecord
::
Base
...
...
app/views/admin/application_settings/_form.html.haml
View file @
96d6fdc2
...
...
@@ -30,7 +30,7 @@
.checkbox
=
f
.
label
:twitter_sharing_enabled
do
=
f
.
check_box
:twitter_sharing_enabled
,
:'aria-describedby'
=>
'twitter_help_block'
%strong
Twitter enabled
Twitter enabled
%span
.help-block
#twitter_help_block
Show users a button to share their newly created public or internal projects on twitter
.form-group
.col-sm-offset-2.col-sm-10
...
...
@@ -83,6 +83,13 @@
.col-sm-10
=
f
.
text_area
:restricted_signup_domains_raw
,
placeholder:
'domain.com'
,
class:
'form-control'
.help-block
Only users with e-mail addresses that match these domain(s) will be able to sign-up. Wildcards allowed. Use separate lines for multiple entries. Ex: domain.com, *.domain.com
.form_group
=
f
.
label
:user_oauth_applications
,
'User OAuth applications'
,
class:
'control-label col-sm-2'
.col-sm-10
.checkbox
=
f
.
label
:user_oauth_applications
do
=
f
.
check_box
:user_oauth_applications
Allow users to register any application to use GitLab as an OAuth provider
.form-actions
=
f
.
submit
'Save'
,
class:
'btn btn-primary'
app/views/profiles/applications.html.haml
View file @
96d6fdc2
...
...
@@ -2,37 +2,43 @@
%h3
.page-title
=
page_title
%p
.light
OAuth2 protocol settings below.
-
if
user_oauth_applications?
Manage applications that can use GitLab as an OAuth provider,
and applications that you've authorized to use your account.
-
else
Manage applications that you've authorized to use your account.
%hr
.oauth-applications
%h3
Your applications
.pull-right
=
link_to
'New Application'
,
new_oauth_application_path
,
class:
'btn btn-success'
-
if
@applications
.
any?
%table
.table.table-striped
%thead
%tr
%th
Name
%th
Callback URL
%th
Clients
%th
%th
%tbody
-
@applications
.
each
do
|
application
|
%tr
{
:id
=>
"application_#{application.id}"
}
%td
=
link_to
application
.
name
,
oauth_application_path
(
application
)
%td
-
application
.
redirect_uri
.
split
.
each
do
|
uri
|
%div
=
uri
%td
=
application
.
access_tokens
.
count
%td
=
link_to
'Edit'
,
edit_oauth_application_path
(
application
),
class:
'btn btn-link btn-sm'
%td
=
render
'doorkeeper/applications/delete_form'
,
application:
application
-
if
user_oauth_applications?
.oauth-applications
%h3
Your applications
.pull-right
=
link_to
'New Application'
,
new_oauth_application_path
,
class:
'btn btn-success'
-
if
@applications
.
any?
%table
.table.table-striped
%thead
%tr
%th
Name
%th
Callback URL
%th
Clients
%th
%th
%tbody
-
@applications
.
each
do
|
application
|
%tr
{
:id
=>
"application_#{application.id}"
}
%td
=
link_to
application
.
name
,
oauth_application_path
(
application
)
%td
-
application
.
redirect_uri
.
split
.
each
do
|
uri
|
%div
=
uri
%td
=
application
.
access_tokens
.
count
%td
=
link_to
'Edit'
,
edit_oauth_application_path
(
application
),
class:
'btn btn-link btn-sm'
%td
=
render
'doorkeeper/applications/delete_form'
,
application:
application
.oauth-authorized-applications.prepend-top-20
%h3
Authorized applications
-
if
user_oauth_applications?
%h3
Authorized applications
-
if
@authorized_tokens
.
any?
%table
.table.table-striped
...
...
db/migrate/20150529111607_add_user_oauth_applications_to_application_settings.rb
0 → 100644
View file @
96d6fdc2
class
AddUserOauthApplicationsToApplicationSettings
<
ActiveRecord
::
Migration
def
change
add_column
:application_settings
,
:user_oauth_applications
,
:bool
,
default:
true
end
end
db/schema.rb
View file @
96d6fdc2
...
...
@@ -11,7 +11,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord
::
Schema
.
define
(
version:
201505
16060434
)
do
ActiveRecord
::
Schema
.
define
(
version:
201505
29111607
)
do
# These are extensions that must be enabled in order to support this database
enable_extension
"plpgsql"
...
...
@@ -33,6 +33,7 @@ ActiveRecord::Schema.define(version: 20150516060434) do
t
.
integer
"default_project_visibility"
t
.
integer
"default_snippet_visibility"
t
.
text
"restricted_signup_domains"
t
.
boolean
"user_oauth_applications"
,
default:
true
end
create_table
"broadcast_messages"
,
force:
true
do
|
t
|
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment