READ_REPO = {
  'scope': 'repo:read',
  'description': ('Grants read-only access to all repositories for which the granting user or '
                  ' robot has access.')
}

WRITE_REPO = {
  'scope': 'repo:write',
  'description': ('Grants read-write access to all repositories for which the granting user or '
                  'robot has access, and is a superset of repo:read.')
}

ADMIN_REPO = {
  'scope': 'repo:admin',
  'description': ('Grants administrator access to all repositories for which the granting user or '
                  'robot has access, and is a superset of repo:read and repo:write.')  
}

CREATE_REPO = {
  'scope': 'repo:create',
  'description': ('Grants create repository access to all namespaces for which the granting user '
                  'or robot is allowed to create repositories.')
}

ALL_SCOPES = {scope['scope']:scope for scope in (READ_REPO, WRITE_REPO, ADMIN_REPO, CREATE_REPO)}


def scopes_from_scope_string(scopes):
  return {ALL_SCOPES.get(scope, {}).get('scope', None) for scope in scopes.split(',')}


def validate_scope_string(scopes):
  decoded = scopes_from_scope_string(scopes)
  return None not in decoded and len(decoded) > 0