PersonalAccessTokens can have associated projects (!20323) · Merge requests · GitLab.org / GitLab FOSS

James Edwards-Jones requested to merge jej/access-token-can-be-linked-to-projects into master Jul 03, 2018

Context

We're extending access tokens so they can be restricted to individual projects for https://gitlab.com/gitlab-org/gitlab-ce/issues/20993.

What does this MR do?

Adds TokenResource model to personal access tokens can be linked to projects in the database, and allows these to be set from the controller.

What this MR doesn't do

This MR doesn't enforce the per project restriction/scoping. This functionality is being prototyped in https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/6235 and will have it's own MR.

The frontend for this feature will also be in a separate MR and has it's own issue in https://gitlab.com/gitlab-org/gitlab-ce/issues/47865

Why the separate MR?

Smaller MRs and better iteration

By splitting out db/model changes here we can have an isolated review and merge to master early so we don't keep having to rebase later. This will also allow the frontend development to take place off of master, and if we choose to place the frontend behind a feature flag we'll be able to merge and iterate without needed the feature to be perfected first.

Database Checklist

When adding migrations:

Updated db/schema.rb
Added a down method so the migration can be reverted
Added the output of the migration(s) to the MR body

When adding tables:

Ordered columns based on the Ordering Table Columns guidelines
Added foreign keys to any columns pointing to data in other tables
Added indexes for fields that are used in statements such as WHERE, ORDER BY, GROUP BY, and JOINs

== 20180622054732 CreateTokenResources: migrating =============================
-- create_table(:token_resources)
   -> 0.0201s
== 20180622054732 CreateTokenResources: migrated (0.0203s) ====================

Acceptance criteria

Changelog entry added, if necessary
Documentation created/updated
API support added
Tests added for this feature/bug
Conform by the code review guidelines
- Has been reviewed by a Backend maintainer
- Has been reviewed by a Database specialist
Internationalization required/considered
End-to-end tests pass (package-and-qa manual pipeline job)

Backend issue: https://gitlab.com/gitlab-org/gitlab-ce/issues/20993
Frontend issue: https://gitlab.com/gitlab-org/gitlab-ce/issues/47865
Prototype MR: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/6235/diffs

Edited Jul 03, 2018 by Yorick Peterse

PersonalAccessTokens can have associated projects