 Girish Ramakrishnan
|
240ee5f563
|
Ensure we hand out max user.scope
The token.scope was valid at token creation time. The user's scope
could since have changed (maybe we got kicked out of a group).
|
2018-04-30 22:51:57 -07:00 |
|
|
Girish Ramakrishnan
|
61d803f528
|
Use SCOPE_ANY everywhere
|
2018-04-30 21:44:24 -07:00 |
|
|
Girish Ramakrishnan
|
bc4f9cf596
|
Remove redundant requireAdmin
We already hand out scopes based on the user's access control
|
2018-04-30 21:38:48 -07:00 |
|
|
Girish Ramakrishnan
|
9789966017
|
Set the scope for a token basedon what the user has access to
|
2018-04-30 21:21:18 -07:00 |
|
|
Girish Ramakrishnan
|
91e846d976
|
Add SCOPE_DOMAINS
|
2018-04-29 18:11:33 -07:00 |
|
|
Girish Ramakrishnan
|
3b7bcc1f61
|
refactor scopes into accesscontrol.js
this will be our authorization layer for oauth and non-oauth tokens.
|
2018-04-29 17:50:07 -07:00 |
|