Prevent admin Web IDE OAuth app misconfigurations (!157093) · Merge requests · GitLab.org / GitLab

Cindy Halim requested to merge 433322-prevent-web-ide-oauth-app-misconfigurations into master Jun 21, 2024

Issue: Prevent misconfigurations when admin updates th... (#433322)

What does this MR do and why?

In this MR, we introduce a callout that is rendered at the top of the edit Web IDE OAuth application admin page that serves to:

Warn admins that changes to the configuration can affect the functionality of the Web IDE
Educate them of conditions are required for the Web IDE
Ability to restore configuration back to the default

Note that this applies to Web IDE OAuth application only.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Dev QA:

Web IDE OAuth application:

web_ide_app demo.mov

Callout rendered for Web IDE OAuth application with appropriate copy.
On Restore to default button click, a confirmation modal is shown. Clicking the confirm button restores the application back to its original settings.
Confirm Web IDE works post restoration ✨

Non Web IDE applications:

not_web_ide_app.mov

Does not show callout

How to set up and validate locally

Prerequisites:

Ensure the web_ide_oauth flag is enabled.
If you haven't before, you will need to access the Web IDE (Open a project via Web IDE or click . on the project page). This action will create the OAuth Application.

Steps:

Go to the admin application page > select Web IDE OAuth application (Name: GitLab Web IDE).
Click Edit
Should observe new alert.

Edited Jul 01, 2024 by Ethan Urie

Prevent admin Web IDE OAuth app misconfigurations

What does this MR do and why?

MR acceptance checklist

Dev QA:

How to set up and validate locally

Merge request reports