jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Remove SDK Role

Browse Source 
Just compare with the token's clientId instead
This commit is contained in:
Girish Ramakrishnan
2018-04-30 23:03:28 -07:00
parent 240ee5f563
commit 23bc0e8db7
6 changed files with 11 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/accesscontrol.js
View File

@@ -14,10 +14,6 @@ exports = module.exports = {
SCOPE_ANY: '*',
// roles are handled just like the above scopes, they are parallel to scopes
// scopes enclose API groups, roles specify the usage role
SCOPE_ROLE_SDK: 'roleSdk',
validateScope: validateScope,
validateRequestedScopes: validateRequestedScopes,
normalizeScope: normalizeScope
@@ -40,8 +36,7 @@ function validateScope(scope) {
exports.SCOPE_DOMAIN,
exports.SCOPE_CLIENTS,
exports.SCOPE_MAIL,
exports.SCOPE_ANY, // includes all scopes, but not roles
exports.SCOPE_ROLE_SDK
exports.SCOPE_ANY // includes all scopes
];
if (scope === '') return new Error('Empty scope not allowed');
@@ -61,11 +56,6 @@ function validateRequestedScopes(authInfo, requestedScopes) {
var scopes = authInfo.scope.split(',');
// check for roles separately
if (requestedScopes.indexOf(exports.SCOPE_ROLE_SDK) !== -1 && scopes.indexOf(exports.SCOPE_ROLE_SDK) === -1) {
return new Error('Missing required scope role "' + exports.SCOPE_ROLE_SDK + '"');
}
if (scopes.indexOf(exports.SCOPE_ANY) !== -1) return null;
for (var i = 0; i < requestedScopes.length; ++i) {