Add Revoke buttons to the PAT tab of the credential inventory
Problem to solve
Currently, the credential inventory provides passive insight to
group owners. With the introduction of credential management capabilities like optional SSH key expiration and PAT expiration (#118893 (closed) for gitlab.com), additional functionality is required to enable
group owners to facilitate the rotation of credentials once they're expired.
GitLab would like to strike a balance between necessary policy definition and enforcement that compliance-minded organizations require and maintaining a great developer experience. Abrupt credential revocation is disruptive and frustrating, but an organization unable to rotate credentials for their users faces an increased risk of a credential's compromise.
There's no way to revoke SSH or PAT credentials on behalf of
group owners, who need to enforce this action.
In the "Personal Access Tokens" tab of the credentials inventory
- Add a
Revokebutton that appears for each PAT that is "active" (not already expired, where expiration is enforced or revoked).
- Show a modal to confirm the action after clicking
- Use default browser modal for MVC
Are you sure you wish to revoke this personal access token? This action cannot be undone. [Cancel|Okay]
- Implementing Pajamas modal → #228881
|Token state||Expiry Enforced?||Show Revoke button||Comments|
|Active||Enforced||Yes||When admin voluntarily wishes to revoke (e.g. compromised account)|
|Active||Not Enforced||Yes||When admin voluntarily wishes to revoke (e.g. compromised account)|
|Expired||Enforced||No||PAT expires automatically|
|Expired||Not Enforced||Yes||Admin revokes to prevent users from using the PAT indefinitely|
|Revoked||Enforced||No||Not applicable to revoke an already revoked token|
|Revoked||Not Enforced||No||Not applicable to revoke an already revoked token|
|Personal Access Tokens||Default Browser Modal|
Stretch Goal (moved to #228721): Add a
Revoke Allbutton to the top of the inventory that revokes all
expiredSSH and PAT credentials.
- Add the
revokebutton to rows which are not expired or already revoked (see table above). The button should be placed within the
- On click, show a standard browser modal, on yes, redirect to endpoint
- Update tests
1 | 2
- Add new endpoint to
ee/app/controllers/concerns/credentials_inventory_actions.rbto handle the
- Add new route to
- Trigger revoke service from !38501 (merged)
indexwith service message