~sircmpwn/meta.sr.ht

6e21a6905baa89ec87c8723d2b7a6de21d6241cd — Simon Ser 2 months ago cd0ef90 0.56.22
Add query param to select oauth2 token grants
2 files changed, 54 insertions(+), 43 deletions(-)

M metasrht/blueprints/oauth2.py
M metasrht/templates/oauth2-personal-token-registration.html
M metasrht/blueprints/oauth2.py => metasrht/blueprints/oauth2.py +5 -2
@@ 109,7 109,8 @@ def dashboard():
@loginrequired
def personal_token_GET():
    return render_template("oauth2-personal-token-registration.html",
            access_grants=access_grants)
            access_grants=access_grants,
            fixed_literal_grants=request.args.get("grants"))

@oauth2.route("/oauth2/personal-token", methods=["POST"])
@loginrequired


@@ 134,7 135,9 @@ def personal_token_POST():
        kwargs = valid.kwargs
        kwargs["grants"] = grants
        return render_template("oauth2-personal-token-registration.html",
                access_grants=access_grants, **valid.kwargs)
                access_grants=access_grants,
                fixed_literal_grants=request.args.get("grants"),
                **valid.kwargs)

    issue_token = """
    mutation IssueToken($grants: String, $comment: String) {

M metasrht/templates/oauth2-personal-token-registration.html => metasrht/templates/oauth2-personal-token-registration.html +49 -41
@@ 15,49 15,57 @@
      Personal access tokens are used by third-party applications and scripts
      to access to your {{cfg('sr.ht', 'site-name')}} account.
    </p>
    <details class=".details" {% if valid and not valid.ok %}open{% endif %}>
      <summary>Limit scope of access grant</summary>
      <div class="form-group">
        <label for="grants">Select access grants (multiple selections are permitted)</label>
        <select id="grants" name="grants" size="8" class="form-control" multiple>
          {% for group in access_grants %}
          <optgroup label="{{group['name']}}">
            {% for scope in group['scopes'] %}
            {% set val = group['name'] + "/" + scope %}
            <option
              value="{{val}}"
              {% if grants and (val + ":RO" in grants or val + ":RW" in grants) %}
              selected
              {% endif %}
            >{{scope}}</option>
            {% endfor %}
          </optgroup>
          {% endfor %}
        </select>
    {% if fixed_literal_grants %}
      <div class="alert alert-info">
        The permissions for this access token have been pre-set to
        <strong>{{fixed_literal_grants}}</strong>.
      </div>
      <div class="form-group">
        <label class="checkbox">
      <input type="hidden" name="literal_grants" value="{{fixed_literal_grants}}"/>
    {% else %}
      <details class=".details" {% if valid and not valid.ok %}open{% endif %}>
        <summary>Limit scope of access grant</summary>
        <div class="form-group">
          <label for="grants">Select access grants (multiple selections are permitted)</label>
          <select id="grants" name="grants" size="8" class="form-control" multiple>
            {% for group in access_grants %}
            <optgroup label="{{group['name']}}">
              {% for scope in group['scopes'] %}
              {% set val = group['name'] + "/" + scope %}
              <option
                value="{{val}}"
                {% if grants and (val + ":RO" in grants or val + ":RW" in grants) %}
                selected
                {% endif %}
              >{{scope}}</option>
              {% endfor %}
            </optgroup>
            {% endfor %}
          </select>
        </div>
        <div class="form-group">
          <label class="checkbox">
            <input
              type="checkbox"
              name="read_only"
              {% if read_only and read_only == "on" %}
              checked
              {% endif %} />
            Generate read-only access token
          </label>
        </div>
        <div class="form-group">
          <label for="literal_grants">Or use grant string</label>
          <input
            type="checkbox"
            name="read_only"
            {% if read_only and read_only == "on" %}
            checked
            {% endif %} />
          Generate read-only access token
        </label>
      </div>
      <div class="form-group">
        <label for="literal_grants">Or use grant string</label>
        <input
          type="text"
          name="literal_grants"
          id="literal_grants"
          class="form-control {{valid.cls("literal_grants")}}"
          placeholder="meta.sr.ht/BILLING:RW meta.sr.ht/PROFILE"
          value="{{literal_grants or ""}}" />
        {{valid.summary("literal_grants")}}
      </div>
    </details>
            type="text"
            name="literal_grants"
            id="literal_grants"
            class="form-control {{valid.cls("literal_grants")}}"
            placeholder="meta.sr.ht/BILLING:RW meta.sr.ht/PROFILE"
            value="{{literal_grants or ""}}" />
          {{valid.summary("literal_grants")}}
        </div>
      </details>
    {% endif %}
    <div class="form-group">
      <label for="comment">Comment</label>
      <input