d4ce9e078c
I think this provides a better separation. Tokens and the policy editor don't belong on a page for managing users, since they are not users. Tokens are tied to both an account and a project, so it is reasonable to store them on a project-specific page. Add text to that page to explain how personal access tokens work.
85 lines
3.9 KiB
Plaintext
85 lines
3.9 KiB
Plaintext
<% @page_title = "#{@project_data[:name]} - Personal Access Tokens" %>
|
|
<%== render("project/user-tabbar") %>
|
|
|
|
<div class="space-y-1">
|
|
<%== render(
|
|
"components/breadcrumb",
|
|
locals: {
|
|
back: "/project",
|
|
parts: [%w[Projects /project], [@project_data[:name], @project_data[:path]], ["Personal Access Tokens", "#"]]
|
|
}
|
|
) %>
|
|
<%== render("components/page_header", locals: { title: "Personal Access Tokens" }) %>
|
|
</div>
|
|
|
|
<div class="grid gap-6">
|
|
<div>
|
|
<div class="md:flex md:items-center md:justify-between pb-1 lg:pb-2">
|
|
<div class="min-w-0 flex-1">
|
|
You can create as many personal access tokens as you want. Personal access tokens are both account-specific and
|
|
project-specific. You can use a separate access policy for each token, but be aware that regardless of the
|
|
access permissions of the token, requests made using the token cannot exceed the access permissions of your
|
|
account.
|
|
</div>
|
|
<div class="mb-2 md:mb-0">
|
|
<form id="create-pat" action="<%= "#{@project_data[:path]}/user/token" %>" role="form" method="POST">
|
|
<%== csrf_tag("#{@project_data[:path]}/user/token") %>
|
|
<%== render("components/form/submit_button", locals: { text: "Create Token" }) %>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="overflow-hidden rounded-lg shadow ring-1 ring-black ring-opacity-5 bg-white divide-y divide-gray-200">
|
|
<% unless @tokens.empty? %>
|
|
<form id="managed-token" action="<%= "#{@project_data[:path]}/user/token/update-policies" %>" role="form" method="POST">
|
|
<%== csrf_tag("#{@project_data[:path]}/user/token/update-policies") %>
|
|
<table class="min-w-full divide-y divide-gray-300">
|
|
<thead class="bg-gray-50">
|
|
<tr>
|
|
<th scope="col" class="py-3.5 pl-4 pr-3 text-left text-sm font-semibold text-gray-900 sm:pl-6">ID</th>
|
|
<th scope="col" class="px-3 py-3.5 text-left text-sm font-semibold text-gray-900">Token</th>
|
|
<th scope="col" class="px-3 py-3.5 text-left text-sm font-semibold text-gray-900">Access Policy</th>
|
|
<th scope="col" class="py-3.5 pl-3 pr-4 sm:pr-6 text-left text-sm font-semibold text-gray-900"></th>
|
|
</tr>
|
|
</thead>
|
|
<tbody class="divide-y divide-gray-200 bg-white">
|
|
<% @tokens.each do |token| %>
|
|
<tr id="token-<%= token.ubid %>">
|
|
<td class="whitespace-nowrap py-4 pl-4 pr-3 text-sm font-medium text-gray-900 sm:pl-6" scope="row">
|
|
<%= token.ubid %>
|
|
</td>
|
|
<td class="whitespace-nowrap px-3 py-4 text-sm text-gray-500">
|
|
<%== render("components/revealable_content", locals: { content: "pat-#{token.ubid}-#{token.key}" }) %>
|
|
</td>
|
|
<td class="whitespace-nowrap px-3 py-4 text-sm text-gray-500">
|
|
<%== render(
|
|
"components/form/policy_select",
|
|
locals: {
|
|
name: "token_policies[#{token.ubid}]",
|
|
selected: @token_policies[token.ubid]
|
|
}
|
|
) %>
|
|
</td>
|
|
<td class="py-4 pl-3 pr-4 text-right sm:pr-6">
|
|
<%== render(
|
|
"components/delete_button",
|
|
locals: {
|
|
text: "Remove",
|
|
url: "#{@project_data[:path]}/user/token/#{token.ubid}",
|
|
confirmation: "delete token"
|
|
}
|
|
) %>
|
|
</td>
|
|
</tr>
|
|
<% end %>
|
|
</tbody>
|
|
</table>
|
|
<div class="px-4 py-5 sm:p-6">
|
|
<%== render("components/form/submit_button", locals: { text: "Update Personal Access Token Policies" }) %>
|
|
</div>
|
|
</form>
|
|
<% end %>
|
|
</div>
|
|
</div>
|
|
</div>
|