chore: rename new scopes
This commit is contained in:
loks0n
parent
bc1858c516
commit
0092af7ac6
|
|
@ -8,8 +8,9 @@ $member = [
|
|||
'home',
|
||||
'console',
|
||||
'graphql',
|
||||
'sessions',
|
||||
'account',
|
||||
'sessions.write',
|
||||
'accounts.read',
|
||||
'accounts.write',
|
||||
'teams.read',
|
||||
'teams.write',
|
||||
'documents.read',
|
||||
|
|
@ -32,7 +33,7 @@ $member = [
|
|||
$admins = [
|
||||
'global',
|
||||
'graphql',
|
||||
'sessions',
|
||||
'sessions.write',
|
||||
'teams.read',
|
||||
'teams.write',
|
||||
'documents.read',
|
||||
|
|
@ -87,7 +88,7 @@ return [
|
|||
'home',
|
||||
'console',
|
||||
'graphql',
|
||||
'sessions',
|
||||
'sessions.write',
|
||||
'documents.read',
|
||||
'documents.write',
|
||||
'files.read',
|
||||
|
|
|
|||
|
|
@ -1,11 +1,14 @@
|
|||
<?php
|
||||
|
||||
return [ // List of publicly visible scopes
|
||||
'account' => [
|
||||
'description' => 'Access to make actions on behalf of a user account',
|
||||
'accounts.read' => [
|
||||
'description' => 'Access to read your active user account',
|
||||
],
|
||||
'sessions' => [
|
||||
'description' => 'Access to create new user sessions',
|
||||
'accounts.write' => [
|
||||
'description' => 'Access to create, update, and delete your active user account',
|
||||
],
|
||||
'sessions.write' => [
|
||||
'description' => 'Access to create, update, and delete user sessions',
|
||||
],
|
||||
'users.read' => [
|
||||
'description' => 'Access to read your project\'s users',
|
||||
|
|
|
|||
|
|
@ -55,7 +55,7 @@ App::post('/v1/account')
|
|||
->desc('Create account')
|
||||
->groups(['api', 'account', 'auth'])
|
||||
->label('event', 'users.[userId].create')
|
||||
->label('scope', 'sessions')
|
||||
->label('scope', 'sessions.write')
|
||||
->label('auth.type', 'emailPassword')
|
||||
->label('audits.event', 'user.create')
|
||||
->label('audits.resource', 'user/{response.$id}')
|
||||
|
|
@ -186,7 +186,7 @@ App::post('/v1/account/sessions/email')
|
|||
->desc('Create email password session')
|
||||
->groups(['api', 'account', 'auth', 'session'])
|
||||
->label('event', 'users.[userId].sessions.[sessionId].create')
|
||||
->label('scope', 'sessions')
|
||||
->label('scope', 'sessions.write')
|
||||
->label('auth.type', 'emailPassword')
|
||||
->label('audits.event', 'session.create')
|
||||
->label('audits.resource', 'user/{response.userId}')
|
||||
|
|
@ -310,7 +310,7 @@ App::get('/v1/account/sessions/oauth2/:provider')
|
|||
->desc('Create OAuth2 session')
|
||||
->groups(['api', 'account'])
|
||||
->label('error', __DIR__ . '/../../views/general/error.phtml')
|
||||
->label('scope', 'sessions')
|
||||
->label('scope', 'sessions.write')
|
||||
->label('sdk.auth', [])
|
||||
->label('sdk.hideServer', true)
|
||||
->label('sdk.namespace', 'account')
|
||||
|
|
@ -877,7 +877,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
|
|||
App::get('/v1/account/identities')
|
||||
->desc('List Identities')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.read')
|
||||
->label('usage.metric', 'users.{scope}.requests.read')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_JWT])
|
||||
->label('sdk.namespace', 'account')
|
||||
|
|
@ -928,7 +928,7 @@ App::get('/v1/account/identities')
|
|||
App::delete('/v1/account/identities/:identityId')
|
||||
->desc('Delete identity')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.write')
|
||||
->label('event', 'users.[userId].identities.[identityId].delete')
|
||||
->label('audits.event', 'identity.delete')
|
||||
->label('audits.resource', 'identity/{request.$identityId}')
|
||||
|
|
@ -966,7 +966,7 @@ App::post('/v1/account/tokens/magic-url')
|
|||
->alias('/v1/account/sessions/magic-url')
|
||||
->desc('Create magic URL token')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'sessions')
|
||||
->label('scope', 'sessions.write')
|
||||
->label('auth.type', 'magic-url')
|
||||
->label('audits.event', 'session.create')
|
||||
->label('audits.resource', 'user/{response.userId}')
|
||||
|
|
@ -1306,7 +1306,7 @@ App::put('/v1/account/sessions/magic-url')
|
|||
->desc('Create session (deprecated)')
|
||||
->label('event', 'users.[userId].sessions.[sessionId].create')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'sessions')
|
||||
->label('scope', 'sessions.write')
|
||||
->label('auth.type', 'token')
|
||||
->label('audits.event', 'session.create')
|
||||
->label('audits.resource', 'user/{response.userId}')
|
||||
|
|
@ -1337,7 +1337,7 @@ App::post('/v1/account/sessions/token')
|
|||
->desc('Create session')
|
||||
->label('event', 'users.[userId].sessions.[sessionId].create')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'sessions')
|
||||
->label('scope', 'sessions.write')
|
||||
->label('auth.type', 'token')
|
||||
->label('audits.event', 'session.create')
|
||||
->label('audits.resource', 'user/{response.userId}')
|
||||
|
|
@ -1368,7 +1368,7 @@ App::post('/v1/account/tokens/phone')
|
|||
->alias('/v1/account/sessions/phone')
|
||||
->desc('Create phone token')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'sessions')
|
||||
->label('scope', 'sessions.write')
|
||||
->label('auth.type', 'phone')
|
||||
->label('audits.event', 'session.create')
|
||||
->label('audits.resource', 'user/{response.userId}')
|
||||
|
|
@ -1534,7 +1534,7 @@ App::post('/v1/account/sessions/anonymous')
|
|||
->desc('Create anonymous session')
|
||||
->groups(['api', 'account', 'auth', 'session'])
|
||||
->label('event', 'users.[userId].sessions.[sessionId].create')
|
||||
->label('scope', 'sessions')
|
||||
->label('scope', 'sessions.write')
|
||||
->label('auth.type', 'anonymous')
|
||||
->label('audits.event', 'session.create')
|
||||
->label('audits.resource', 'user/{response.userId}')
|
||||
|
|
@ -1674,7 +1674,7 @@ App::post('/v1/account/sessions/anonymous')
|
|||
App::post('/v1/account/jwt')
|
||||
->desc('Create JWT')
|
||||
->groups(['api', 'account', 'auth'])
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.write')
|
||||
->label('auth.type', 'jwt')
|
||||
->label('sdk.auth', [])
|
||||
->label('sdk.namespace', 'account')
|
||||
|
|
@ -1796,7 +1796,7 @@ App::post('/v1/account/targets/push')
|
|||
App::get('/v1/account')
|
||||
->desc('Get account')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.read')
|
||||
->label('usage.metric', 'users.{scope}.requests.read')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_JWT])
|
||||
->label('sdk.namespace', 'account')
|
||||
|
|
@ -1817,7 +1817,7 @@ App::get('/v1/account')
|
|||
App::get('/v1/account/prefs')
|
||||
->desc('Get account preferences')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.read')
|
||||
->label('usage.metric', 'users.{scope}.requests.read')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_JWT])
|
||||
->label('sdk.namespace', 'account')
|
||||
|
|
@ -1840,7 +1840,7 @@ App::get('/v1/account/prefs')
|
|||
App::get('/v1/account/sessions')
|
||||
->desc('List sessions')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.read')
|
||||
->label('usage.metric', 'users.{scope}.requests.read')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_JWT])
|
||||
->label('sdk.namespace', 'account')
|
||||
|
|
@ -1879,7 +1879,7 @@ App::get('/v1/account/sessions')
|
|||
App::get('/v1/account/logs')
|
||||
->desc('List logs')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.read')
|
||||
->label('usage.metric', 'users.{scope}.requests.read')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_JWT])
|
||||
->label('sdk.namespace', 'account')
|
||||
|
|
@ -1940,7 +1940,7 @@ App::get('/v1/account/logs')
|
|||
App::get('/v1/account/sessions/:sessionId')
|
||||
->desc('Get session')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.read')
|
||||
->label('usage.metric', 'users.{scope}.requests.read')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_JWT])
|
||||
->label('sdk.namespace', 'account')
|
||||
|
|
@ -1986,7 +1986,7 @@ App::patch('/v1/account/name')
|
|||
->desc('Update name')
|
||||
->groups(['api', 'account'])
|
||||
->label('event', 'users.[userId].update.name')
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.write')
|
||||
->label('audits.event', 'user.update')
|
||||
->label('audits.resource', 'user/{response.$id}')
|
||||
->label('usage.metric', 'users.{scope}.requests.update')
|
||||
|
|
@ -2020,7 +2020,7 @@ App::patch('/v1/account/password')
|
|||
->desc('Update password')
|
||||
->groups(['api', 'account'])
|
||||
->label('event', 'users.[userId].update.password')
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.write')
|
||||
->label('audits.event', 'user.update')
|
||||
->label('audits.resource', 'user/{response.$id}')
|
||||
->label('audits.userId', '{response.$id}')
|
||||
|
|
@ -2087,7 +2087,7 @@ App::patch('/v1/account/email')
|
|||
->desc('Update email')
|
||||
->groups(['api', 'account'])
|
||||
->label('event', 'users.[userId].update.email')
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.write')
|
||||
->label('audits.event', 'user.update')
|
||||
->label('audits.resource', 'user/{response.$id}')
|
||||
->label('usage.metric', 'users.{scope}.requests.update')
|
||||
|
|
@ -2175,7 +2175,7 @@ App::patch('/v1/account/phone')
|
|||
->desc('Update phone')
|
||||
->groups(['api', 'account'])
|
||||
->label('event', 'users.[userId].update.phone')
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.write')
|
||||
->label('audits.event', 'user.update')
|
||||
->label('audits.resource', 'user/{response.$id}')
|
||||
->label('usage.metric', 'users.{scope}.requests.update')
|
||||
|
|
@ -2253,7 +2253,7 @@ App::patch('/v1/account/prefs')
|
|||
->desc('Update preferences')
|
||||
->groups(['api', 'account'])
|
||||
->label('event', 'users.[userId].update.prefs')
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.write')
|
||||
->label('audits.event', 'user.update')
|
||||
->label('audits.resource', 'user/{response.$id}')
|
||||
->label('usage.metric', 'users.{scope}.requests.update')
|
||||
|
|
@ -2287,7 +2287,7 @@ App::patch('/v1/account/status')
|
|||
->desc('Update status')
|
||||
->groups(['api', 'account'])
|
||||
->label('event', 'users.[userId].update.status')
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.write')
|
||||
->label('audits.event', 'user.update')
|
||||
->label('audits.resource', 'user/{response.$id}')
|
||||
->label('usage.metric', 'users.{scope}.requests.delete')
|
||||
|
|
@ -2330,7 +2330,7 @@ App::patch('/v1/account/status')
|
|||
App::delete('/v1/account/sessions/:sessionId')
|
||||
->desc('Delete session')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.write')
|
||||
->label('event', 'users.[userId].sessions.[sessionId].delete')
|
||||
->label('audits.event', 'session.delete')
|
||||
->label('audits.resource', 'user/{user.$id}')
|
||||
|
|
@ -2406,7 +2406,7 @@ App::delete('/v1/account/sessions/:sessionId')
|
|||
App::patch('/v1/account/sessions/:sessionId')
|
||||
->desc('Update OAuth session (refresh tokens)')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.write')
|
||||
->label('event', 'users.[userId].sessions.[sessionId].update')
|
||||
->label('audits.event', 'session.update')
|
||||
->label('audits.resource', 'user/{response.userId}')
|
||||
|
|
@ -2492,7 +2492,7 @@ App::patch('/v1/account/sessions/:sessionId')
|
|||
App::delete('/v1/account/sessions')
|
||||
->desc('Delete sessions')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.write')
|
||||
->label('event', 'users.[userId].sessions.[sessionId].delete')
|
||||
->label('audits.event', 'session.delete')
|
||||
->label('audits.resource', 'user/{user.$id}')
|
||||
|
|
@ -2553,7 +2553,7 @@ App::delete('/v1/account/sessions')
|
|||
App::post('/v1/account/recovery')
|
||||
->desc('Create password recovery')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'sessions')
|
||||
->label('scope', 'sessions.write')
|
||||
->label('event', 'users.[userId].recovery.[tokenId].create')
|
||||
->label('audits.event', 'recovery.create')
|
||||
->label('audits.resource', 'user/{response.userId}')
|
||||
|
|
@ -2731,7 +2731,7 @@ App::post('/v1/account/recovery')
|
|||
App::put('/v1/account/recovery')
|
||||
->desc('Create password recovery (confirmation)')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'sessions')
|
||||
->label('scope', 'sessions.write')
|
||||
->label('event', 'users.[userId].recovery.[tokenId].update')
|
||||
->label('audits.event', 'recovery.update')
|
||||
->label('audits.resource', 'user/{response.userId}')
|
||||
|
|
@ -2814,7 +2814,7 @@ App::put('/v1/account/recovery')
|
|||
App::post('/v1/account/verification')
|
||||
->desc('Create email verification')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.write')
|
||||
->label('event', 'users.[userId].verification.[tokenId].create')
|
||||
->label('audits.event', 'verification.create')
|
||||
->label('audits.resource', 'user/{response.userId}')
|
||||
|
|
@ -3036,7 +3036,7 @@ App::put('/v1/account/verification')
|
|||
App::post('/v1/account/verification/phone')
|
||||
->desc('Create phone verification')
|
||||
->groups(['api', 'account'])
|
||||
->label('scope', 'account')
|
||||
->label('scope', 'accounts.write')
|
||||
->label('event', 'users.[userId].verification.[tokenId].create')
|
||||
->label('audits.event', 'verification.create')
|
||||
->label('audits.resource', 'user/{response.userId}')
|
||||
|
|
|
|||
|
|
@ -83,8 +83,9 @@ trait ProjectCustom
|
|||
'health.read',
|
||||
'rules.read',
|
||||
'rules.write',
|
||||
'sessions',
|
||||
'account',
|
||||
'sessions.write',
|
||||
'accounts.write',
|
||||
'accounts.read',
|
||||
'targets.read',
|
||||
'targets.write',
|
||||
'providers.read',
|
||||
|
|
|
|||
Loading…
Reference in a new issue