Task #3475

Story #3532: [Keep] Keepstore queries API server to verify tokens

Consult API server for user's admin status and scopes.

Added by Tim Pierce almost 5 years ago. Updated 3 months ago.

Status:
Closed
Priority:
Normal
Assigned To:
-
Category:
-
Target version:
-
Start date:
08/08/2014
Due date:
% Done:

0%

Estimated time:
0.00 h

Description

To determine whether a user is authorized to delete blocks, Keep must ask the API server for their user record and for their api_client_authorization,

Method IsAdmin(api_token): return true if the api_token is associated with a user whose is_admin field is true.

Method HasUnlimitedScope(api_token): return true if the api_client_authorization record for this api_token includes the string "all" in its "scopes" field.

History

#1 Updated by Tim Pierce almost 5 years ago

  • Status changed from New to In Progress

#2 Updated by Tim Pierce almost 5 years ago

  • Description updated (diff)
  • Assigned To set to Tim Pierce

#3 Updated by Tom Clegg almost 5 years ago

  • Assigned To deleted (Tim Pierce)
  • Start date changed from 07/25/2014 to 08/08/2014
  • Parent task changed from #2769 to #3532

#4 Updated by Tom Clegg about 1 year ago

  • Status changed from In Progress to Closed
  • Remaining (hours) set to 0.0

#5 Updated by Tom Morris 3 months ago

  • Estimated time set to 0.00 h

Also available in: Atom PDF