Task #3475
Updated by Tim Pierce over 9 years ago
To determine whether a user is authorized to delete blocks, Keep must ask the API server for their user record and for their api_client_authorization,
Method IsAdmin(api_token): return true if the api_token is associated with a user whose is_admin field is true.
Method HasUnlimitedScope(api_token): return true if the api_client_authorization record for this api_token includes the string "all" in its "scopes" field.