Girish Ramakrishnan
|
ad6bc191f9
|
Make hasScopes take an array
|
2018-06-17 21:06:17 -07:00 |
|
Girish Ramakrishnan
|
682f7a710c
|
Add an appstore scope for subscription settings
|
2018-06-17 18:09:13 -07:00 |
|
Girish Ramakrishnan
|
156ffb40c9
|
Remove scope from users.get
|
2018-06-17 16:07:20 -07:00 |
|
Girish Ramakrishnan
|
24b0a96f07
|
Move passport logic to routes
|
2018-06-15 17:32:40 -07:00 |
|
Girish Ramakrishnan
|
a1ac7f2ef9
|
Remove support for authenticating non-oauth2 clients via BasicStrategy
This is not used anywhere
|
2018-06-15 15:38:58 -07:00 |
|
Girish Ramakrishnan
|
6aef9213aa
|
Add notes on the various strategies
|
2018-06-15 15:38:53 -07:00 |
|
Girish Ramakrishnan
|
a77d45f5de
|
Add rolesJson to groups table
This will contain the roles ('role definition') of a group of
users. We will internally map these to our API scopes.
|
2018-06-14 22:54:52 -07:00 |
|
Girish Ramakrishnan
|
8795da5d20
|
Allow subscopes
We can now have scopes as apps:read, apps:write etc
|
2018-06-14 20:56:04 -07:00 |
|
Girish Ramakrishnan
|
dc86b0f319
|
validateRequestedScopes -> hasScopes
|
2018-06-14 20:31:48 -07:00 |
|
Girish Ramakrishnan
|
f7089c52ff
|
normalizeScope -> intersectScope
|
2018-06-14 20:23:56 -07:00 |
|
Girish Ramakrishnan
|
62793ca7b3
|
Add accesscontrol.canonicalScope tests
|
2018-06-14 20:17:59 -07:00 |
|
Girish Ramakrishnan
|
f09e8664d1
|
Return canonical scope in REST responses
The '*' scope is purely an implementation detail. It cannot
be requested as such.
|
2018-05-02 12:36:41 -07:00 |
|
Girish Ramakrishnan
|
f1abb2149d
|
gravatar url is already generated client side
|
2018-05-01 14:30:48 -07:00 |
|
Girish Ramakrishnan
|
8c4015851a
|
merge auth.js into accesscontrol.js
|
2018-05-01 14:03:10 -07:00 |
|
Girish Ramakrishnan
|
d5b594fade
|
return the scope as part of the user profile
send canonical scope in the profile response
|
2018-05-01 13:25:47 -07:00 |
|
Girish Ramakrishnan
|
c5ffb65563
|
Fix usage of normalizeScope
|
2018-05-01 13:21:53 -07:00 |
|
Girish Ramakrishnan
|
23bc0e8db7
|
Remove SDK Role
Just compare with the token's clientId instead
|
2018-04-30 23:03:30 -07:00 |
|
Girish Ramakrishnan
|
240ee5f563
|
Ensure we hand out max user.scope
The token.scope was valid at token creation time. The user's scope
could since have changed (maybe we got kicked out of a group).
|
2018-04-30 22:51:57 -07:00 |
|
Girish Ramakrishnan
|
61d803f528
|
Use SCOPE_ANY everywhere
|
2018-04-30 21:44:24 -07:00 |
|
Girish Ramakrishnan
|
bc4f9cf596
|
Remove redundant requireAdmin
We already hand out scopes based on the user's access control
|
2018-04-30 21:38:48 -07:00 |
|
Girish Ramakrishnan
|
9789966017
|
Set the scope for a token basedon what the user has access to
|
2018-04-30 21:21:18 -07:00 |
|
Girish Ramakrishnan
|
91e846d976
|
Add SCOPE_DOMAINS
|
2018-04-29 18:11:33 -07:00 |
|
Girish Ramakrishnan
|
3b7bcc1f61
|
refactor scopes into accesscontrol.js
this will be our authorization layer for oauth and non-oauth tokens.
|
2018-04-29 17:50:07 -07:00 |
|