mirror of
1
Fork 0
forgejo/options/locale
Chongyi Zheng de484e86bc
Support scoped access tokens (#20908)
This PR adds the support for scopes of access tokens, mimicking the
design of GitHub OAuth scopes.

The changes of the core logic are in `models/auth` that `AccessToken`
struct will have a `Scope` field. The normalized (no duplication of
scope), comma-separated scope string will be stored in `access_token`
table in the database.
In `services/auth`, the scope will be stored in context, which will be
used by `reqToken` middleware in API calls. Only OAuth2 tokens will have
granular token scopes, while others like BasicAuth will default to scope
`all`.
A large amount of work happens in `routers/api/v1/api.go` and the
corresponding `tests/integration` tests, that is adding necessary scopes
to each of the API calls as they fit.


- [x] Add `Scope` field to `AccessToken`
- [x] Add access control to all API endpoints
- [x] Update frontend & backend for when creating tokens
- [x] Add a database migration for `scope` column (enable 'all' access
to past tokens)

I'm aiming to complete it before Gitea 1.19 release.

Fixes #4300
2023-01-17 15:46:03 -06:00
..
TRANSLATORS Fix missing left and right carets in TRANSLATORS (#21397) 2022-10-10 10:36:37 -04:00
locale_bg-BG.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_cs-CZ.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_de-DE.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_el-GR.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_en-US.ini Support scoped access tokens (#20908) 2023-01-17 15:46:03 -06:00
locale_es-ES.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_fa-IR.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_fi-FI.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_fr-FR.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_hu-HU.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_id-ID.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_is-IS.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_it-IT.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_ja-JP.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_ko-KR.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_lv-LV.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_ml-IN.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_nl-NL.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_pl-PL.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_pt-BR.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_pt-PT.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_ru-RU.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_si-LK.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_sk-SK.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_sv-SE.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_tr-TR.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_uk-UA.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_zh-CN.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_zh-HK.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00
locale_zh-TW.ini Revert "[skip ci] Updated translations via Crowdin" (#21689) 2022-11-06 11:29:52 +08:00