FEATURE: More API scopes (#10493)

2025-03-22 02:35:51 +08:00 · 2020-08-24 12:15:08 -03:00 · 2020-08-24 12:15:08 -03:00 · dd13304b81
commit dd13304b81
parent b6dd3eca9a
5 changed files with 53 additions and 26 deletions
--- a/app/assets/javascripts/admin/templates/api-keys-new.hbs
+++ b/app/assets/javascripts/admin/templates/api-keys-new.hbs
@ -39,17 +39,23 @@
    {{#unless useGlobalKey}}
      <div class="scopes-title">{{i18n "admin.api.scopes.title"}}</div>
      <p>{{i18n "admin.api.scopes.description"}}</p>
-      {{#each-in scopes as |resource actions|}}
+      <table class="scopes-table">
-        <table class="scopes-table">
+        <thead>
-          <thead>
+          <tr>
            <td></td>
            <td></td>
            <td>{{i18n "admin.api.scopes.allowed_urls"}}</td>
            <td>{{i18n "admin.api.scopes.optional_allowed_parameters"}}</td>
          </tr>
        </thead>
        <tbody>
          {{#each-in scopes as |resource actions|}}
            <tr>
-              <td><b>{{resource}}</b></td>
+              <td class="scope-resource-name"><b>{{resource}}</b></td>
              <td></td>
              <td></td>
              <td></td>
              <td>{{i18n "admin.api.scopes.allowed_urls"}}</td>
              <td>{{i18n "admin.api.scopes.optional_allowed_parameters"}}</td>
            </tr>
          </thead>
          <tbody>
            {{#each actions as |act|}}
              <tr>
                <td>{{input type="checkbox" checked=act.selected}}</td>
@ -71,9 +77,9 @@
                </td>
              </tr>
            {{/each}}
-          </tbody>
+          {{/each-in}}
-        </table>
+        </tbody>
-      {{/each-in}}
+      </table>
    {{/unless}}
    {{d-button icon="check" label="admin.api.save" action=(action "save") class="btn-primary" disabled=saveDisabled}}
--- a/app/assets/stylesheets/common/admin/api.scss
+++ b/app/assets/stylesheets/common/admin/api.scss
@ -143,6 +143,10 @@ table.api-keys {
  .scopes-table {
    margin: 20px 0 20px 0;
  }
  .scope-resource-name {
    font-size: $font-up-1;
  }
 }
 // Webhook
--- a/app/models/api_key_scope.rb
+++ b/app/models/api_key_scope.rb
@ -18,22 +18,36 @@ class ApiKeyScope < ActiveRecord::Base
    end
    def default_mappings
-      write_actions = %w[posts#create]
+      return @default_mappings unless @default_mappings.nil?
      read_actions = %w[topics#show topics#feed]
-      @default_mappings ||= {
+      mappings = {
        topics: {
-          write: { actions: write_actions, params: %i[topic_id], urls: find_urls(write_actions) },
+          write: { actions: %w[posts#create], params: %i[topic_id] },
          read: {
-            actions: read_actions, params: %i[topic_id],
+            actions: %w[topics#show topics#feed topics#posts],
-            aliases: { topic_id: :id }, urls: find_urls(read_actions)
+            params: %i[topic_id], aliases: { topic_id: :id }
          },
          read_lists: {
            actions: list_actions, params: %i[category_id],
-            aliases: { category_id: :category_slug_path_with_id }, urls: find_urls(list_actions)
+            aliases: { category_id: :category_slug_path_with_id }
-          }
+          },
          wordpress: { actions: %w[topics#wordpress], params: %i[topic_id] }
        },
        users: {
          bookmarks: { actions: %w[users#bookmarks], params: %i[username] },
          sync_sso: { actions: %w[admin/users#sync_sso], params: %i[sso sig] },
          show: { actions: %w[users#show], params: %i[username external_id] },
          check_emails: { actions: %w[users#check_emails], params: %i[username] }
        }
      }
      mappings.each_value do |resource_actions|
        resource_actions.each_value do |action_data|
          action_data[:urls] = find_urls(action_data[:actions])
        end
      end
      @default_mappings = mappings
    end
    def scope_mappings
--- a/config/locales/client.en.yml
+++ b/config/locales/client.en.yml
@ -3662,12 +3662,15 @@ en:
          allowed_urls: Allowed URLs
          descriptions:
            topics:
-              read: |
+              read: Read a topic or a specific post in it. RSS is also supported.
-                Read a topic or a specific post in it. RSS is also supported.
+              write: Create a new topic or post to an existing one.
-              write: |
+              read_lists: Read topic lists like top, new, latest, etc. RSS is also supported.
-                Create a new topic or post to an existing one.
+              wordpress: Necessary for the WordPress wp-discourse plugin to work.
-              read_lists: |
+            users:
-                Read topic lists like top, new, latest, etc. RSS is also supported.
+              bookmarks: List user bookmarks. It returns bookmark reminders when using the ICS format.
              sync_sso: Synchronize a user using SSO.
              show: Obtain information about an user.
              check_emails: List user emails.
      web_hooks:
        title: "Webhooks"
--- a/spec/requests/admin/api_controller_spec.rb
+++ b/spec/requests/admin/api_controller_spec.rb
@ -222,7 +222,7 @@ describe Admin::ApiController do
        scopes = response.parsed_body['scopes']
-        expect(scopes.keys).to contain_exactly('topics')
+        expect(scopes.keys).to contain_exactly('topics', 'users')
      end
    end
  end