Merge branch 'prat-scope-description' into 'master'

Project access token specific scope descriptions See merge request gitlab-org/gitlab!31667

Merge branch 'prat-scope-description' into 'master'
Project access token specific scope descriptions See merge request gitlab-org/gitlab!31667
b426455d · Douglas Barbosa Alexandre · e61979bb · ba62e826 · b426455d · b426455d
Commit b426455d authored May 13, 2020 by Douglas Barbosa Alexandre
5 changed files
--- a/app/helpers/access_tokens_helper.rb
+++ b/app/helpers/access_tokens_helper.rb
+# frozen_string_literal: true
+module AccessTokensHelper
+  def scope_description(prefix)
+    prefix == :project_access_token ? [:doorkeeper, :project_access_token_scope_desc] : [:doorkeeper, :scope_desc]
+  end
+end
--- a/app/views/shared/tokens/_scopes_form.html.haml
+++ b/app/views/shared/tokens/_scopes_form.html.haml
@@ -6,4 +6,4 @@
  %fieldset.form-group.form-check
    = check_box_tag "#{prefix}[scopes][]", scope, token.scopes.include?(scope), id: "#{prefix}_scopes_#{scope}", class: "form-check-input qa-#{scope}-radio"
    = label_tag ("#{prefix}_scopes_#{scope}"), scope, class: 'label-bold form-check-label'
-    .text-secondary= t scope, scope: [:doorkeeper, :scope_desc]
+    .text-secondary= t scope, scope: scope_description(prefix)
--- a/config/locales/doorkeeper.en.yml
+++ b/config/locales/doorkeeper.en.yml
@@ -88,6 +88,19 @@ en:
        Grants read-only access to the user's profile data using OpenID Connect.
      email:
        Grants read-only access to the user's primary email address using OpenID Connect.
+    project_access_token_scope_desc:
+      api:
+        Grants complete read/write access to the scoped project API.
+      read_api:
+        Grants read access to the scoped project API.
+      read_repository:
+        Allows read-only access (pull) to the repository.
+      write_repository:
+        Allows read-write access (pull, push) to the repository.
+      read_registry:
+        Allows read-access (pull) to container registry images if the project is private and authorization is required.
+      write_registry:
+        Allows write-access (push) to container registry.
    flash:
      applications:
        create:

--- a/doc/user/project/settings/project_access_tokens.md
+++ b/doc/user/project/settings/project_access_tokens.md
@@ -47,7 +47,7 @@ the following table.
 | Scope              |  Description |
 | ------------------ |  ----------- |
-| `api`              | Grants complete read/write access to scoped project API. |
+| `api`              | Grants complete read/write access to the scoped project API. |
 | `read_api`         | Grants read access to the scoped project API. |
 | `read_registry`    | Allows read-access (pull) to [container registry](../../packages/container_registry/index.md) images if a project is private and authorization is required. |
 | `write_registry`   | Allows write-access (push) to [container registry](../../packages/container_registry/index.md). |

--- a/spec/helpers/access_tokens_helper_spec.rb
+++ b/spec/helpers/access_tokens_helper_spec.rb
+# frozen_string_literal: true
+require "spec_helper"
+describe AccessTokensHelper do
+  describe "#scope_description" do
+    using RSpec::Parameterized::TableSyntax
+    where(:prefix, :description_location) do
+      :personal_access_token  | [:doorkeeper, :scope_desc]
+      :project_access_token   | [:doorkeeper, :project_access_token_scope_desc]
+    end
+    with_them do
+      it { expect(helper.scope_description(prefix)).to eq(description_location) }
+    end
+  end
+end