Personal Access Tokens - display recently expired tokens
Proposal
In https://gitlab.com/-/profile/personal_access_tokens, once a token expires it is gone from the view. The view only displays Active tokens.
In some scenarios, a token will expire and you've missed the email; suddenly you get a report that features using that token stopped working, especially if it's a bot user that the token belongs to and it's not actively monitored.
You navigate over to https://gitlab.com/-/profile/personal_access_tokens, or maybe first you need to impersonate an user before you can do so, and you cannot find the token. You want to re-create it but you cannot remember the scopes that were assigned.
So what can do you do?
- Guess or over-guess the permissions it had to quickly resolve the problem.
- Query the API first, https://docs.gitlab.com/ee/api/personal_access_tokens.html, something like
GET /personal_access_tokens?state=inactive, to obtain the scopes and re-create the token.
Implementation Plan
Part 1: (First MR) - Refactor
- Migrate new access token UI created for service accounts to CE directories
- Verify no regressions, passing pipeline etc.
Part 2: (Second MR) - Vue App swap
-
Add API url endpoints to
ee/app/helpers/ee/auth_helper.rbin a similar pattern used foradmin_service_accounts_dataandgroups_service_accounts_data. Should be https://docs.gitlab.com/api/personal_access_tokens/ -
Inject html5 data attributes for API urls from
ee/app/helpers/ee/auth_helper.rbintoapp/views/user_settings/personal_access_tokens/index.html.haml -
In and
app/assets/javascripts/access_tokens/index.jsswap existing access token vue app for new one created for service accounts. -
Update any failing tests
-
I don't think any new unit tests would be needs other than the
auth_helpersince the existing Vue app is already tested and covered.
Aproximate UX
