Add a user info scope and thread it through the code. Protect the org modification API.

auth/scopes.py

@@ -10,16 +10,16 @@ WRITE_REPO = {
   'scope': 'repo:write',
   'icon': 'fa-hdd-o',
   'title': 'Read/Write to any accessible repositories',
-  'description': ('This application will be able to view, push and pull to all repositories to which the '
-                  'granting user or robot account has write access')
+  'description': ('This application will be able to view, push and pull to all repositories to '
+                  'which the granting user or robot account has write access')
 }
 
 ADMIN_REPO = {
   'scope': 'repo:admin',
   'icon': 'fa-hdd-o',
   'title': 'Administer Repositories',
-  'description': ('This application will have administrator access to all repositories to which the '
-                  'granting user or robot account has access')  
+  'description': ('This application will have administrator access to all repositories to which '
+                  'the granting user or robot account has access')  
 }
 
 CREATE_REPO = {
@@ -30,7 +30,16 @@ CREATE_REPO = {
                   'the granting user or robot account is allowed to create repositories')
 }
 
-ALL_SCOPES = {scope['scope']:scope for scope in (READ_REPO, WRITE_REPO, ADMIN_REPO, CREATE_REPO)}
+USER_READ = {
+  'scope': 'user:read',
+  'icon': 'fa-user',
+  'title': 'Read User Information',
+  'description': ('This application will be able to read user information such as username and '
+                  'email address.'),
+}
+
+ALL_SCOPES = {scope['scope']:scope for scope in (READ_REPO, WRITE_REPO, ADMIN_REPO, CREATE_REPO,
+                                                 USER_READ)}
 
 
 def scopes_from_scope_string(scopes):