Merge pull request #939 from coreos-inc/user-admin
Add user admin scope
This commit is contained in:
josephschorr
commit
e8faa9f843
2 changed files with 12 additions and 3 deletions
|
|
@ -43,6 +43,15 @@ READ_USER = Scope(scope= 'user:read',
|
|||
description=('This application will be able to read user information such as '
|
||||
'username and email address.'))
|
||||
|
||||
ADMIN_USER = Scope(scope= 'user:admin',
|
||||
icon='fa-gear',
|
||||
dangerous=True,
|
||||
title='Administer User',
|
||||
description=('This application will be able to administer your account '
|
||||
'including creating robots and granting them permissions '
|
||||
'to your repositories. You should have absolute trust in the '
|
||||
'requesting application before granting this permission.'))
|
||||
|
||||
ORG_ADMIN = Scope(scope='org:admin',
|
||||
icon='fa-gear',
|
||||
dangerous=True,
|
||||
|
|
@ -71,7 +80,7 @@ SUPERUSER = Scope(scope='super:user',
|
|||
'permission.'))
|
||||
|
||||
ALL_SCOPES = {scope.scope: scope for scope in (READ_REPO, WRITE_REPO, ADMIN_REPO, CREATE_REPO,
|
||||
READ_USER, ORG_ADMIN, SUPERUSER)}
|
||||
READ_USER, ORG_ADMIN, SUPERUSER, ADMIN_USER)}
|
||||
|
||||
IMPLIED_SCOPES = {
|
||||
ADMIN_REPO: {ADMIN_REPO, WRITE_REPO, READ_REPO},
|
||||
|
|
@ -81,6 +90,7 @@ IMPLIED_SCOPES = {
|
|||
READ_USER: {READ_USER},
|
||||
ORG_ADMIN: {ORG_ADMIN},
|
||||
SUPERUSER: {SUPERUSER},
|
||||
ADMIN_USER: {ADMIN_USER},
|
||||
None: set(),
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -306,8 +306,7 @@ def require_user_permission(permission_class, scope=None):
|
|||
|
||||
|
||||
require_user_read = require_user_permission(UserReadPermission, scopes.READ_USER)
|
||||
require_user_admin = require_user_permission(UserAdminPermission, None)
|
||||
require_fresh_user_admin = require_user_permission(UserAdminPermission, None)
|
||||
require_user_admin = require_user_permission(UserAdminPermission, scopes.ADMIN_USER)
|
||||
|
||||
|
||||
def verify_not_prod(func):
|
||||
|
|
|
|||
Reference in a new issue