Changes for PAT creation to calculate expiry date as set by user (!137983) · Merge requests · GitLab.org / GitLab

Smriti Garg requested to merge smriti-429864/create_pat_to_consider_user_set_expiry_date into master Nov 27, 2023

What does this MR do and why?

Currently if expires_at field is left blank, the creation of PAT throws error since default expiry of 365.days may be more that what admin is set on Application level.

With this change we are making sure in case admin sets max_expiry_lifetime_for_a_token at group or application level, that is taken into consideration while dealing with empty expires_at param

Screenshots or screen recordings

Before CURL Request fails	After CURL Request is success

How to set up and validate locally

Use the curl request to create PAT without specifying expires_at

curl --request POST --header "PRIVATE-TOKEN: [REDACTED]" --data "name=mytoken453" --data "scopes[]=api" "http://127.0.0.1:3000/api/v4/users/1/personal_access_tokens"

This call should work with new changes

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Dec 07, 2023 by Smriti Garg

Changes for PAT creation to calculate expiry date as set by user

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports