Make scope required on project and group access token creation forms
What does this MR do and why?
Make scope required on project and group access token creation forms. Previously when user doesn't select any scope, all the scopes were automatically granted to the created token. It would make sense to add validation here since user might accidentally give too much access to the token and also it aligns with the same behavior of personal access token form as well.
References
Screenshots or screen recordings
| Before | After |
|---|---|
How to set up and validate locally
- Checkout this branch and run gdk locally
- Go to any project's
settings > access tokenspage and/or group's access tokens page as well - Try creating new access token by clicking
Add new tokenbutton - Enter name of the token but don't select any scope
- Try clicking
Create project access tokenorCreate group access tokenbutton - Notice the error alert indicating at least one scope should be selected
- Compare with master branch where all the scopes were automatically granted to newly created token in same scenario
Edited by Rinku C