Hide feed, incoming email, and static object tokens by default
What does this MR do and why?
Currently the feed, incoming email, and static object tokens are displayed in plain text on the screen. This MR changes this so they are hidden by default and requires the user to click a button to revel the token. In the process this MR converts that section from HAML to Vue
Screenshots or screen recordings
Desktop
Before | After |
---|---|
Mobile
Before | After |
---|---|
How to set up and validate locally
- Enable the
hide_access_tokens
feature flagbin/rails console
Feature.enable(:hide_access_tokens)
- Open
gitlab.yml
in thegdk/gitlab
directory. Find theincoming_email
property and changeenabled
totrue
. Rungdk restart
- Sign in as an Admin.
- Navigate to
/admin/application_settings/general
. Open theVisibility and access controls
section and ensure theDisable feed token
checkbox is unchecked. - Navigate to
/admin/application_settings/repository
. Open theExternal storage for repository static objects
section. Enterhttps://foo.bar
for theExternal storage URL
field and a random value (fdsafasdf
) forExternal storage authentication token
. - Navigate to
/-/profile/personal_access_tokens
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #344237 (closed)
Edited by Peter Hegman