FEATURE: More API scopes (#10493)

2025-03-21 03:55:43 +08:00 · 2020-08-24 12:15:08 -03:00 · 2020-08-24 12:15:08 -03:00 · dd13304b81
commit dd13304b81
parent b6dd3eca9a
5 changed files with 53 additions and 26 deletions
--- a/app/assets/javascripts/admin/templates/api-keys-new.hbs
+++ b/app/assets/javascripts/admin/templates/api-keys-new.hbs
@ -39,17 +39,23 @@
    {{#unless useGlobalKey}}
      <div class="scopes-title">{{i18n "admin.api.scopes.title"}}</div>
      <p>{{i18n "admin.api.scopes.description"}}</p>
-      {{#each-in scopes as |resource actions|}}
-        <table class="scopes-table">
-          <thead>
+      <table class="scopes-table">
+        <thead>
+          <tr>
+            <td></td>
+            <td></td>
+            <td>{{i18n "admin.api.scopes.allowed_urls"}}</td>
+            <td>{{i18n "admin.api.scopes.optional_allowed_parameters"}}</td>
+          </tr>
+        </thead>
+        <tbody>
+          {{#each-in scopes as |resource actions|}}
            <tr>
-              <td><b>{{resource}}</b></td>
+              <td class="scope-resource-name"><b>{{resource}}</b></td>
+              <td></td>
+              <td></td>
              <td></td>
-              <td>{{i18n "admin.api.scopes.allowed_urls"}}</td>
-              <td>{{i18n "admin.api.scopes.optional_allowed_parameters"}}</td>
            </tr>
-          </thead>
-          <tbody>
            {{#each actions as |act|}}
              <tr>
                <td>{{input type="checkbox" checked=act.selected}}</td>
@ -71,9 +77,9 @@
                </td>
              </tr>
            {{/each}}
-          </tbody>
-        </table>
-      {{/each-in}}
+          {{/each-in}}
+        </tbody>
+      </table>
    {{/unless}}

    {{d-button icon="check" label="admin.api.save" action=(action "save") class="btn-primary" disabled=saveDisabled}}
--- a/app/assets/stylesheets/common/admin/api.scss
+++ b/app/assets/stylesheets/common/admin/api.scss
@ -143,6 +143,10 @@ table.api-keys {
  .scopes-table {
    margin: 20px 0 20px 0;
  }
+
+  .scope-resource-name {
+    font-size: $font-up-1;
+  }
 }

 // Webhook
--- a/app/models/api_key_scope.rb
+++ b/app/models/api_key_scope.rb
@ -18,22 +18,36 @@ class ApiKeyScope < ActiveRecord::Base
    end

    def default_mappings
-      write_actions = %w[posts#create]
-      read_actions = %w[topics#show topics#feed]
+      return @default_mappings unless @default_mappings.nil?

-      @default_mappings ||= {
+      mappings = {
        topics: {
-          write: { actions: write_actions, params: %i[topic_id], urls: find_urls(write_actions) },
+          write: { actions: %w[posts#create], params: %i[topic_id] },
          read: {
-            actions: read_actions, params: %i[topic_id],
-            aliases: { topic_id: :id }, urls: find_urls(read_actions)
+            actions: %w[topics#show topics#feed topics#posts],
+            params: %i[topic_id], aliases: { topic_id: :id }
          },
          read_lists: {
            actions: list_actions, params: %i[category_id],
-            aliases: { category_id: :category_slug_path_with_id }, urls: find_urls(list_actions)
-          }
+            aliases: { category_id: :category_slug_path_with_id }
+          },
+          wordpress: { actions: %w[topics#wordpress], params: %i[topic_id] }
+        },
+        users: {
+          bookmarks: { actions: %w[users#bookmarks], params: %i[username] },
+          sync_sso: { actions: %w[admin/users#sync_sso], params: %i[sso sig] },
+          show: { actions: %w[users#show], params: %i[username external_id] },
+          check_emails: { actions: %w[users#check_emails], params: %i[username] }
        }
      }
+
+      mappings.each_value do |resource_actions|
+        resource_actions.each_value do |action_data|
+          action_data[:urls] = find_urls(action_data[:actions])
+        end
+      end
+
+      @default_mappings = mappings
    end

    def scope_mappings
--- a/config/locales/client.en.yml
+++ b/config/locales/client.en.yml
@ -3662,12 +3662,15 @@ en:
          allowed_urls: Allowed URLs
          descriptions:
            topics:
-              read: |
-                Read a topic or a specific post in it. RSS is also supported.
-              write: |
-                Create a new topic or post to an existing one.
-              read_lists: |
-                Read topic lists like top, new, latest, etc. RSS is also supported.
+              read: Read a topic or a specific post in it. RSS is also supported.
+              write: Create a new topic or post to an existing one.
+              read_lists: Read topic lists like top, new, latest, etc. RSS is also supported.
+              wordpress: Necessary for the WordPress wp-discourse plugin to work.
+            users:
+              bookmarks: List user bookmarks. It returns bookmark reminders when using the ICS format.
+              sync_sso: Synchronize a user using SSO.
+              show: Obtain information about an user.
+              check_emails: List user emails.

      web_hooks:
        title: "Webhooks"
--- a/spec/requests/admin/api_controller_spec.rb
+++ b/spec/requests/admin/api_controller_spec.rb
@ -222,7 +222,7 @@ describe Admin::ApiController do

        scopes = response.parsed_body['scopes']

-        expect(scopes.keys).to contain_exactly('topics')
+        expect(scopes.keys).to contain_exactly('topics', 'users')
      end
    end
  end