Fix VCS + migrations scopes
This commit is contained in:
parent
e82c22ac1e
commit
fc3ff188b1
2
.gitmodules
vendored
2
.gitmodules
vendored
|
@ -1,4 +1,4 @@
|
|||
[submodule "app/console"]
|
||||
path = app/console
|
||||
url = https://github.com/appwrite/console
|
||||
branch = 3.0.1
|
||||
branch = 3.0.2
|
||||
|
|
|
@ -57,6 +57,9 @@ $admins = [
|
|||
'rules.write',
|
||||
'migrations.read',
|
||||
'migrations.write',
|
||||
'vcs.read',
|
||||
'vcs.write',
|
||||
'assistant.read',
|
||||
];
|
||||
|
||||
return [
|
||||
|
|
|
@ -87,5 +87,14 @@ return [ // List of publicly visible scopes
|
|||
],
|
||||
'migrations.write' => [
|
||||
'description' => 'Access to create, update, and delete your project\'s migrations.',
|
||||
]
|
||||
],
|
||||
'vcs.read' => [
|
||||
'description' => 'Access to read your project\'s VCS repositories',
|
||||
],
|
||||
'vcs.write' => [
|
||||
'description' => 'Access to create, update, and delete your project\'s VCS repositories',
|
||||
],
|
||||
'assistant.read' => [
|
||||
'description' => 'Access to read the Assistant service',
|
||||
],
|
||||
];
|
||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -1 +1 @@
|
|||
Subproject commit bfd14ef923e57938639e95e5ab32e68d49e24407
|
||||
Subproject commit 88b6d59051992ed86183ee83d77bf678d1cb73bf
|
|
@ -58,6 +58,7 @@ App::get('/v1/console/variables')
|
|||
App::post('/v1/console/assistant')
|
||||
->desc('Ask Query')
|
||||
->groups(['api', 'assistant'])
|
||||
->label('scope', 'assistant.read')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
|
||||
->label('sdk.namespace', 'assistant')
|
||||
->label('sdk.method', 'chat')
|
||||
|
|
|
@ -580,7 +580,7 @@ App::get('/v1/migrations/firebase/report/oauth')
|
|||
App::get('/v1/migrations/firebase/connect')
|
||||
->desc('Authorize with firebase')
|
||||
->groups(['api', 'migrations'])
|
||||
->label('origin', '*')
|
||||
->label('scope', 'migrations.read')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
|
||||
->label('sdk.namespace', 'migrations')
|
||||
->label('sdk.method', 'createFirebaseAuth')
|
||||
|
@ -622,6 +622,7 @@ App::get('/v1/migrations/firebase/connect')
|
|||
App::get('/v1/migrations/firebase/redirect')
|
||||
->desc('Capture and receive data on Firebase authorization')
|
||||
->groups(['api', 'migrations'])
|
||||
->label('scope', 'public')
|
||||
->label('error', __DIR__ . '/../../views/general/error.phtml')
|
||||
->param('code', '', new Text(2048), 'OAuth2 code. This is a temporary code that the will be later exchanged for an access token.', true)
|
||||
->inject('user')
|
||||
|
@ -733,6 +734,7 @@ App::get('/v1/migrations/firebase/redirect')
|
|||
App::get('/v1/migrations/firebase/projects')
|
||||
->desc('List Firebase Projects')
|
||||
->groups(['api', 'migrations'])
|
||||
->label('scope', 'migrations.read')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
|
||||
->label('sdk.namespace', 'migrations')
|
||||
->label('sdk.method', 'listFirebaseProjects')
|
||||
|
@ -821,6 +823,7 @@ App::get('/v1/migrations/firebase/projects')
|
|||
App::get('/v1/migrations/firebase/deauthorize')
|
||||
->desc('Revoke Appwrite\'s authorization to access Firebase Projects')
|
||||
->groups(['api', 'migrations'])
|
||||
->label('scope', 'migrations.write')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
|
||||
->label('sdk.namespace', 'migrations')
|
||||
->label('sdk.method', 'deleteFirebaseAuth')
|
||||
|
|
|
@ -226,8 +226,7 @@ $createGitDeployments = function (GitHub $github, string $providerInstallationId
|
|||
App::get('/v1/vcs/github/authorize')
|
||||
->desc('Install GitHub App')
|
||||
->groups(['api', 'vcs'])
|
||||
->label('origin', '*')
|
||||
->label('sdk.auth', [])
|
||||
->label('scope', 'vcs.read')
|
||||
->label('sdk.namespace', 'vcs')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
|
||||
->label('sdk.method', 'createGitHubInstallation')
|
||||
|
@ -238,12 +237,12 @@ App::get('/v1/vcs/github/authorize')
|
|||
->label('sdk.hide', true)
|
||||
->param('success', '', fn ($clients) => new Host($clients), 'URL to redirect back to console after a successful installation attempt.', true, ['clients'])
|
||||
->param('failure', '', fn ($clients) => new Host($clients), 'URL to redirect back to console after a failed installation attempt.', true, ['clients'])
|
||||
->param('projectId', '', new UID(), 'Project ID')
|
||||
->inject('request')
|
||||
->inject('response')
|
||||
->action(function (string $success, string $failure, string $projectId, Request $request, Response $response) {
|
||||
->inject('project')
|
||||
->action(function (string $success, string $failure, Request $request, Response $response, Document $project) {
|
||||
$state = \json_encode([
|
||||
'projectId' => $projectId,
|
||||
'projectId' => $project->getId(),
|
||||
'success' => $success,
|
||||
'failure' => $failure,
|
||||
]);
|
||||
|
@ -263,6 +262,7 @@ App::get('/v1/vcs/github/authorize')
|
|||
App::get('/v1/vcs/github/callback')
|
||||
->desc('Capture installation and authorization from GitHub App')
|
||||
->groups(['api', 'vcs'])
|
||||
->label('scope', 'public')
|
||||
->label('error', __DIR__ . '/../../views/general/error.phtml')
|
||||
->param('installation_id', '', new Text(256, 0), 'GitHub installation ID', true)
|
||||
->param('setup_action', '', new Text(256, 0), 'GitHub setup actuon type', true)
|
||||
|
@ -422,6 +422,7 @@ App::get('/v1/vcs/github/callback')
|
|||
App::post('/v1/vcs/github/installations/:installationId/providerRepositories/:providerRepositoryId/detection')
|
||||
->desc('Detect runtime settings from source code')
|
||||
->groups(['api', 'vcs'])
|
||||
->label('scope', 'vcs.write')
|
||||
->label('sdk.namespace', 'vcs')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
|
||||
->label('sdk.method', 'createRepositoryDetection')
|
||||
|
@ -488,6 +489,7 @@ App::post('/v1/vcs/github/installations/:installationId/providerRepositories/:pr
|
|||
App::get('/v1/vcs/github/installations/:installationId/providerRepositories')
|
||||
->desc('List Repositories')
|
||||
->groups(['api', 'vcs'])
|
||||
->label('scope', 'vcs.read')
|
||||
->label('sdk.namespace', 'vcs')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
|
||||
->label('sdk.method', 'listRepositories')
|
||||
|
@ -580,6 +582,7 @@ App::get('/v1/vcs/github/installations/:installationId/providerRepositories')
|
|||
App::post('/v1/vcs/github/installations/:installationId/providerRepositories')
|
||||
->desc('Create repository')
|
||||
->groups(['api', 'vcs'])
|
||||
->label('scope', 'vcs.write')
|
||||
->label('sdk.namespace', 'vcs')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
|
||||
->label('sdk.method', 'createRepository')
|
||||
|
@ -680,6 +683,7 @@ App::post('/v1/vcs/github/installations/:installationId/providerRepositories')
|
|||
App::get('/v1/vcs/github/installations/:installationId/providerRepositories/:providerRepositoryId')
|
||||
->desc('Get repository')
|
||||
->groups(['api', 'vcs'])
|
||||
->label('scope', 'vcs.read')
|
||||
->label('sdk.namespace', 'vcs')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
|
||||
->label('sdk.method', 'getRepository')
|
||||
|
@ -725,6 +729,7 @@ App::get('/v1/vcs/github/installations/:installationId/providerRepositories/:pro
|
|||
App::get('/v1/vcs/github/installations/:installationId/providerRepositories/:providerRepositoryId/branches')
|
||||
->desc('List Repository Branches')
|
||||
->groups(['api', 'vcs'])
|
||||
->label('scope', 'vcs.read')
|
||||
->label('sdk.namespace', 'vcs')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
|
||||
->label('sdk.method', 'listRepositoryBranches')
|
||||
|
@ -770,6 +775,7 @@ App::get('/v1/vcs/github/installations/:installationId/providerRepositories/:pro
|
|||
App::post('/v1/vcs/github/events')
|
||||
->desc('Create Event')
|
||||
->groups(['api', 'vcs'])
|
||||
->label('scope', 'public')
|
||||
->inject('gitHub')
|
||||
->inject('request')
|
||||
->inject('response')
|
||||
|
@ -905,8 +911,9 @@ App::post('/v1/vcs/github/events')
|
|||
);
|
||||
|
||||
App::get('/v1/vcs/installations')
|
||||
->groups(['api', 'vcs'])
|
||||
->desc('List installations')
|
||||
->groups(['api', 'vcs'])
|
||||
->label('scope', 'vcs.read')
|
||||
->label('sdk.namespace', 'vcs')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
|
||||
->label('sdk.method', 'listInstallations')
|
||||
|
@ -956,8 +963,9 @@ App::get('/v1/vcs/installations')
|
|||
});
|
||||
|
||||
App::get('/v1/vcs/installations/:installationId')
|
||||
->groups(['api', 'vcs'])
|
||||
->desc('Get installation')
|
||||
->groups(['api', 'vcs'])
|
||||
->label('scope', 'vcs.read')
|
||||
->label('sdk.namespace', 'vcs')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
|
||||
->label('sdk.method', 'getInstallation')
|
||||
|
@ -984,8 +992,9 @@ App::get('/v1/vcs/installations/:installationId')
|
|||
});
|
||||
|
||||
App::delete('/v1/vcs/installations/:installationId')
|
||||
->groups(['api', 'vcs'])
|
||||
->desc('Delete Installation')
|
||||
->groups(['api', 'vcs'])
|
||||
->label('scope', 'vcs.write')
|
||||
->label('sdk.namespace', 'vcs')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
|
||||
->label('sdk.method', 'deleteInstallation')
|
||||
|
@ -1018,6 +1027,7 @@ App::delete('/v1/vcs/installations/:installationId')
|
|||
App::patch('/v1/vcs/github/installations/:installationId/repositories/:repositoryId')
|
||||
->desc('Authorize external deployment')
|
||||
->groups(['api', 'vcs'])
|
||||
->label('scope', 'vcs.write')
|
||||
->label('sdk.namespace', 'vcs')
|
||||
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
|
||||
->label('sdk.method', 'updateExternalDeployments')
|
||||
|
|
Loading…
Reference in a new issue