Skip to content
Snippets Groups Projects
Verified Commit 15ef8895 authored by Eduardo Sanz García's avatar Eduardo Sanz García :zero:
Browse files

Remove the `pat_ip` derisk feature flag

The `pat_ip` derisk feature flag has deemed safe. We proceed to clean it
up.

Related to !161076

Related to #513302

Changelog: changed
parent 0e6dca7b
No related branches found
No related tags found
No related merge requests found
......@@ -12,7 +12,6 @@ import DomElementListener from '~/vue_shared/components/dom_element_listener.vue
import TimeAgoTooltip from '~/vue_shared/components/time_ago_tooltip.vue';
import HelpIcon from '~/vue_shared/components/help_icon/help_icon.vue';
import UserDate from '~/vue_shared/components/user_date.vue';
import glFeatureFlagsMixin from '~/vue_shared/mixins/gl_feature_flags_mixin';
import { EVENT_SUCCESS, FIELDS, INITIAL_PAGE, PAGE_SIZE } from './constants';
/**
......@@ -38,7 +37,6 @@ export default {
directives: {
GlTooltip: GlTooltipDirective,
},
mixins: [glFeatureFlagsMixin()],
lastUsedHelpLink: helpPagePath('/user/profile/personal_access_tokens.md', {
anchor: 'view-the-time-at-and-ips-where-a-token-was-last-used',
}),
......@@ -95,10 +93,6 @@ export default {
ignoredFields.push('role');
}
if (!this.glFeatures.patIp) {
ignoredFields.push('lastUsedIps');
}
const fields = FIELDS.filter(({ key }) => !ignoredFields.includes(key));
// Remove the sortability of the columns if backend pagination is on.
......
......@@ -8,9 +8,6 @@ class PersonalAccessTokensController < ApplicationController
feature_category :system_access
before_action :check_personal_access_tokens_enabled
before_action do
push_frontend_feature_flag(:pat_ip, current_user)
end
prepend_before_action(only: [:index]) { authenticate_sessionless_user!(:ics) }
def index
......
......@@ -63,7 +63,6 @@ def update_pat_ip
end
def last_used_ip_needs_update?
return false unless Feature.enabled?(:pat_ip, @personal_access_token.user)
return false unless Gitlab::IpAddressState.current
return true if @personal_access_token.last_used_at.nil?
......
---
name: pat_ip
feature_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/428577
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/161076
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/428577
milestone: '17.8'
group: group::authentication
type: gitlab_com_derisk
default_enabled: false
......@@ -4,7 +4,7 @@ feature_categories:
- system_access
description: Keeps the data for last used IP addresses for personal access tokens
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/161076
milestone: '17.8'
milestone: '17.9'
gitlab_schema: gitlab_main_cell
sharding_key:
organization_id: organizations
\ No newline at end of file
organization_id: organizations
......@@ -3,7 +3,7 @@
class AddPersonalAccessTokenLastUsedIpsTable < Gitlab::Database::Migration[2.2]
INDEX_NAME = 'idx_pat_last_used_ips_on_pat_id'
milestone '17.8'
milestone '17.9'
def up
create_table :personal_access_token_last_used_ips do |t|
......
......@@ -166,6 +166,7 @@ To disable the enterprise users' personal access tokens:
> - In GitLab 16.0 and earlier, token usage information is updated every 24 hours.
> - The frequency of token usage information updates [changed](https://gitlab.com/gitlab-org/gitlab/-/issues/410168) in GitLab 16.1 from 24 hours to 10 minutes.
> - Ability to view IP addresses [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/428577) in GitLab 17.8 [with a flag](../../administration/feature_flags.md) named `pat_ip`. Disabled by default.
> - In GitLab 17.9, the `pat_ip` feature flag was removed and the ability to view IP addresses was enabled.
Token usage information is updated every 10 minutes. GitLab considers a token used when the token is used to:
......
......@@ -59,9 +59,6 @@ describe('~/access_tokens/components/access_token_table_app', () => {
initialActiveAccessTokens: defaultActiveAccessTokens,
noActiveTokensMessage,
showRole,
glFeatures: {
patIp: true,
},
...props,
},
});
......
......@@ -45,25 +45,6 @@
end
end
context 'when PAT IP feature flag is disabled' do
let(:current_ip_address) { '127.0.0.1' }
before do
stub_feature_flags(pat_ip: false)
end
it "does not update the personal access token's last used ips" do
allow(Gitlab::IpAddressState).to receive(:current).and_return(current_ip_address)
expect { service_execution }.not_to change { personal_access_token.last_used_ips.count }
expect(
Authn::PersonalAccessTokenLastUsedIp
.where(personal_access_token_id: personal_access_token.id, ip_address: Gitlab::IpAddressState.current)
.exists?
).to be_falsy
end
end
context 'when the personal access token was used more than 1 minute ago', :freeze_time do
let(:current_ip_address) { '::1' }
let(:personal_access_token) { create(:personal_access_token, last_used_at: 2.minutes.ago) }
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment