This PR adds functionality to the API for basic scope management, supporting the basic CRUD actions.
Some additional enhancements include the AuthoriseRoles scope which attempts to match a role name passed as a string (e.g. "admin") to a UserRole object associated with the currently authenticated user, allowing the action to proceed if it's present and returning a 403 if it's not.
This PR adds functionality to the API for basic scope management, supporting the basic CRUD actions.
Some additional enhancements include the
AuthoriseRoles
scope which attempts to match a role name passed as a string (e.g. "admin") to aUserRole
object associated with the currently authenticated user, allowing the action to proceed if it's present and returning a 403 if it's not.