vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #245 from jakedt/fixscopes

Browse source 
Make the scopes dynamic based on app config.
This commit is contained in:
josephschorr 2015-07-15 18:15:12 -04:00
commit 410b5497ca
3 changed files with 14 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
auth/scopes.py
View file

@ -70,7 +70,7 @@ SUPERUSER = Scope(scope='super:user',
'permission.')) 'permission.'))
ALL_SCOPES = {scope.scope: scope for scope in (READ_REPO, WRITE_REPO, ADMIN_REPO, CREATE_REPO, ALL_SCOPES = {scope.scope: scope for scope in (READ_REPO, WRITE_REPO, ADMIN_REPO, CREATE_REPO,
READ_USER, ORG_ADMIN)} READ_USER, ORG_ADMIN, SUPERUSER)}
IMPLIED_SCOPES = { IMPLIED_SCOPES = {
ADMIN_REPO: {ADMIN_REPO, WRITE_REPO, READ_REPO}, ADMIN_REPO: {ADMIN_REPO, WRITE_REPO, READ_REPO},
@ -79,12 +79,18 @@ IMPLIED_SCOPES = {
CREATE_REPO: {CREATE_REPO}, CREATE_REPO: {CREATE_REPO},
READ_USER: {READ_USER}, READ_USER: {READ_USER},
ORG_ADMIN: {ORG_ADMIN}, ORG_ADMIN: {ORG_ADMIN},
SUPERUSER: {SUPERUSER},
None: set(), None: set(),
} }
if features.SUPER_USERS:
ALL_SCOPES[SUPERUSER.scope] = SUPERUSER def app_scopes(app_config):
IMPLIED_SCOPES[SUPERUSER] = {SUPERUSER} if not app_config.get('FEATURE_SUPER_USERS', False):
scopes_from_config = dict(ALL_SCOPES)
del scopes_from_config[SUPERUSER.scope]
return scopes_from_config
return ALL_SCOPES
def scopes_from_scope_string(scopes): def scopes_from_scope_string(scopes):
if not scopes: if not scopes:

3
endpoints/api/discovery.py
View file

@ -220,7 +220,8 @@ def swagger_route_data(include_internal=False, compact=False):
"type": "oauth2", "type": "oauth2",
"flow": "implicit", "flow": "implicit",
"authorizationUrl": "%s://%s/oauth/authorize" % (PREFERRED_URL_SCHEME, SERVER_HOSTNAME), "authorizationUrl": "%s://%s/oauth/authorize" % (PREFERRED_URL_SCHEME, SERVER_HOSTNAME),
'scopes': {scope.scope:scope.description for scope in scopes.ALL_SCOPES.values()}, 'scopes': {scope.scope:scope.description
for scope in scopes.app_scopes(app.config).values()},
}, },
}, },
'paths': paths, 'paths': paths,

2
endpoints/common.py
View file

@ -182,7 +182,7 @@ def render_page_template(name, **kwargs):
feature_set=json.dumps(features.get_features()), feature_set=json.dumps(features.get_features()),
config_set=json.dumps(getFrontendVisibleConfig(app.config)), config_set=json.dumps(getFrontendVisibleConfig(app.config)),
oauth_set=json.dumps(get_oauth_config()), oauth_set=json.dumps(get_oauth_config()),
scope_set=json.dumps(scopes.ALL_SCOPES), scope_set=json.dumps(scopes.app_scopes(app.config)),
mixpanel_key=app.config.get('MIXPANEL_KEY', ''), mixpanel_key=app.config.get('MIXPANEL_KEY', ''),
google_analytics_key=app.config.get('GOOGLE_ANALYTICS_KEY', ''), google_analytics_key=app.config.get('GOOGLE_ANALYTICS_KEY', ''),
sentry_public_dsn=app.config.get('SENTRY_PUBLIC_DSN', ''), sentry_public_dsn=app.config.get('SENTRY_PUBLIC_DSN', ''),