Make scope required on project and group access token creation forms

What does this MR do and why?

Make scope required on project and group access token creation forms. Previously when user doesn't select any scope, all the scopes were automatically granted to the created token. It would make sense to add validation here since user might accidentally give too much access to the token and also it aligns with the same behavior of personal access token form as well.

References

#583570 (closed)

Screenshots or screen recordings

Before After

How to set up and validate locally

  1. Checkout this branch and run gdk locally
  2. Go to any project's settings > access tokens page and/or group's access tokens page as well
  3. Try creating new access token by clicking Add new token button
  4. Enter name of the token but don't select any scope
  5. Try clicking Create project access token or Create group access token button
  6. Notice the error alert indicating at least one scope should be selected
  7. Compare with master branch where all the scopes were automatically granted to newly created token in same scenario
Edited by Rinku C

Merge request reports

Loading