Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Permissions #477

Merged
merged 28 commits into from
Apr 13, 2022
Merged

Permissions #477

merged 28 commits into from
Apr 13, 2022

Conversation

johakoch
Copy link
Collaborator

@johakoch johakoch commented Apr 8, 2022
edited
Loading

Changed permission handling:

  • renamed beta_scope attribute for api and endpoint blocks to beta_required_permission; beta_required_permission in endpoint now overriding beta_required_permission in containing api block
  • renamed beta_scope_claim and beta_scope_map attributes for jwt block to beta_permissions_claim and beta_permissions_map
  • removed beta_operation_denied and beta_scope error types
  • renamed beta_insufficient_scope error type to beta_insufficient_permissions
  • renamed undocumented request.context.scopes to request.context.beta_granted_permissions
  • added request.context.beta_required_permission
server {
  api {
    access_control = ["at"]

    error_handler "beta_insufficient_permissions" {
      response {
        status = 403
        json_body = {
          missing_permission = request.context.beta_required_permission
        }
      }
    }

    endpoint "/" {
      beta_required_permission = {
        GET = "calendar.readonly"
        POST = "calendar"
      }
      response {
        json_body = {
          granted_permissions = request.context.beta_granted_permissions
        }
      }
    }

    endpoint "/open" {
      beta_required_permission = ""
      response {
        body = "open"
      }
    }
  }
}

definitions {
  jwt "at" {
    beta_permissions_claim = "scope"
    beta_permissions_map = {
      calendar = ["calendar.readonly"]
    }
  }
}
Reviewer checklist
  • Read PR description: a summary about the changes is required
  • Changelog updated
  • Documentation: docs/{Reference, Cli, ...}, Docker and cli help/usage
  • Pulled branch, manually tested
  • Verified requirements are met
  • Reviewed the code
  • Reviewed the related tests

@johakoch johakoch marked this pull request as ready for review April 8, 2022 14:33
@johakoch johakoch marked this pull request as draft April 11, 2022 06:16
@johakoch johakoch marked this pull request as ready for review April 11, 2022 07:02
afflerbach
afflerbach reviewed Apr 11, 2022
View reviewed changes
docs/REFERENCE.md Outdated Show resolved Hide resolved
afflerbach
afflerbach reviewed Apr 11, 2022
View reviewed changes
docs/REFERENCE.md Outdated Show resolved Hide resolved
@afflerbach
Update docs/REFERENCE.md
24c4e56 
permissions are not merged (other than scopes) + typo
@afflerbach
permissions are not merged (other than scopes)
a4b7c44
afflerbach
afflerbach reviewed Apr 11, 2022
View reviewed changes
docs/REFERENCE.md Outdated Show resolved Hide resolved
@johakoch johakoch marked this pull request as draft April 12, 2022 12:54
@johakoch johakoch marked this pull request as ready for review April 12, 2022 14:39
@afflerbach afflerbach merged commit f3c0f73 into master Apr 13, 2022
@afflerbach afflerbach deleted the permissions branch April 13, 2022 10:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@afflerbach afflerbach afflerbach approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@johakoch @afflerbach