READ_REPO = {
'scope': 'repo:read',
'description': ('Grants read-only access to all repositories for which the granting user or '
' robot has access.')
}
WRITE_REPO = {
'scope': 'repo:write',
'description': ('Grants read-write access to all repositories for which the granting user or '
'robot has access, and is a superset of repo:read.')
ADMIN_REPO = {
'scope': 'repo:admin',
'description': ('Grants administrator access to all repositories for which the granting user or '
'robot has access, and is a superset of repo:read and repo:write.')
CREATE_REPO = {
'scope': 'repo:create',
'description': ('Grants create repository access to all namespaces for which the granting user '
'or robot is allowed to create repositories.')
ALL_SCOPES = {scope['scope']:scope for scope in (READ_REPO, WRITE_REPO, ADMIN_REPO, CREATE_REPO)}
def scopes_from_scope_string(scopes):
return {ALL_SCOPES.get(scope, {}).get('scope', None) for scope in scopes.split(',')}
def validate_scope_string(scopes):
decoded = scopes_from_scope_string(scopes)
return None not in decoded and len(decoded) > 0
