This PR adds functionality to the API for basic scope management, supporting the basic CRUD actions.
Some additional enhancements include the AuthoriseRoles scope which attempts to match a role name passed as a string (e.g. "admin") to a UserRole object associated with the currently authenticated user, allowing the action to proceed if it's present and returning a 403 if it's not.
This PR adds functionality to the API for basic scope management, supporting the basic CRUD actions.
Some additional enhancements include the
AuthoriseRolesscope which attempts to match a role name passed as a string (e.g. "admin") to aUserRoleobject associated with the currently authenticated user, allowing the action to proceed if it's present and returning a 403 if it's not.