Add revoked date column to credentials inventory for PAT
What does this MR do?
This MR updates the credentials inventory to display when a PAT (personal access token) was revoked for admins & managed groups #218046 (closed).
What changes are made:
- Add a
Revoked
column to credentials inventory. - Update credentials inventory to display all tokens.
- Fix column overflow of
Scope
on smaller window sizes.
Screenshots
Desktop
Before | After |
---|---|
Mobile
Before | After |
---|---|
Bug fix
Before | After |
---|---|
Database
Before
Query
SELECT "personal_access_tokens".* FROM "personal_access_tokens" WHERE "personal_access_tokens"."impersonation" = FALSE AND (revoked = false AND (expires_at >= NOW() OR expires_at IS NULL)) ORDER BY "personal_access_tokens"."id" DESC LIMIT 21 OFFSET 0;
Plan with execution
Limit (cost=0.43..2.54 rows=21 width=110) (actual time=0.024..0.071 rows=21 loops=1)
Buffers: shared hit=26
-> Index Scan using personal_access_tokens_pkey on public.personal_access_tokens (cost=0.43..209751.24 rows=2089925 width=110) (actual time=0.023..0.067 rows=21 loops=1)
Filter: ((NOT personal_access_tokens.impersonation) AND (NOT personal_access_tokens.revoked) AND ((personal_access_tokens.expires_at >= now()) OR (personal_access_tokens.expires_at IS NULL)))
Rows Removed by Filter: 2
Buffers: shared hit=26
Summary
Time: 0.336 ms
- planning: 0.239 ms
- execution: 0.097 ms
- I/O read: 0.000 ms
- I/O write: 0.000 ms
Shared buffers:
hits: 26 (~208.00 KiB) from the buffer pool
reads: 0 from the OS file cache, including disk I/O
dirtied: 0
writes: 0
After
Query
SELECT "personal_access_tokens".* FROM "personal_access_tokens" WHERE "personal_access_tokens"."impersonation" = FALSE ORDER BY "personal_access_tokens"."id" DESC LIMIT 21 OFFSET 0;
Plan with execution
Limit (cost=0.43..1.84 rows=21 width=110) (actual time=0.024..0.060 rows=21 loops=1)
Buffers: shared hit=24
-> Index Scan using personal_access_tokens_pkey on public.personal_access_tokens (cost=0.43..195234.80 rows=2900511 width=110) (actual time=0.022..0.056 rows=21 loops=1)
Filter: (NOT personal_access_tokens.impersonation)
Rows Removed by Filter: 0
Buffers: shared hit=24
Summary
Time: 0.339 ms
- planning: 0.243 ms
- execution: 0.096 ms
- I/O read: 0.000 ms
- I/O write: 0.000 ms
Shared buffers:
hits: 24 (~192.00 KiB) from the buffer pool
reads: 0 from the OS file cache, including disk I/O
dirtied: 0
writes: 0
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) Need to create seperate MR -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Closes #218046 (closed)
Edited by GitLab Release Tools Bot