Open drdaeman opened 11 years ago
My first attempt at it was backwards-compatible — a relatively simple addition of third field to OAUTH_SCOPES
.
Then I've thought that bit mangling is a bit too tricky and scopes should be better represented as DB models. So I've did this change. I haven't yet tested this except for running existing testsuite, though. And I did a mistake, starting the branch from a wrong commit, so this probably won't apply cleanly.
@drdaeman Thanks for your help. I'd like to discuss this issue more over something more concrete. Would you be interested in creating a clean pull request?
I'd suggest adding human-readable scope descriptions in configuration, instead of keeping them template-only hack.
I.e. I mean something like this:
Or, maybe, separating permissions from scopes:
Then, instead of
{% if permission == "read" %}...{% else %}...{% endif %}
hack do something like:However, I'm unsure on how this should be actually done.