ynerant/nk20
1
0
Fork 0
mirror of https://gitlab.crans.org/bde/nk20 synced 2025-07-17 14:55:53 +02:00
Code Issues Releases Wiki Activity

scopes

Browse Source
This commit is contained in:
quark
2025-07-09 15:29:50 +02:00
parent 432f50e49a
commit cf9d208586
3 changed files with 28 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
apps/permission/scopes.py
View File

@ -18,7 +18,18 @@ class PermissionScopes(BaseScopes):
and can be useful to make queries through the API with limited privileges. and can be useful to make queries through the API with limited privileges.
""" """
def get_all_scopes(self): def get_all_scopes(self, **kwargs):
scopes = {}
if 'scopes' in kwargs:
for scope in kwargs['scopes']:
if scope == 'openid' :
scopes['openid'] = "OpenID Connect"
else:
p = Permission.objects.get(id=scope.split('_')[0])
club = Club.objects.get(id=scope.split('_')[1])
scopes[scope] = f"{p.description} (club {club.name})"
return scopes
scopes = {f"{p.id}_{club.id}": f"{p.description} (club {club.name})" scopes = {f"{p.id}_{club.id}": f"{p.description} (club {club.name})"
for p in Permission.objects.all() for club in Club.objects.all()} for p in Permission.objects.all() for club in Club.objects.all()}
scopes['openid'] = "OpenID Connect" scopes['openid'] = "OpenID Connect"

22
apps/permission/views.py
View File

@ -163,15 +163,25 @@ class ScopesView(LoginRequiredMixin, TemplateView):
from oauth2_provider.models import Application from oauth2_provider.models import Application
from .scopes import PermissionScopes from .scopes import PermissionScopes
scopes = PermissionScopes() oidc = False
context["scopes"] = {} context["scopes"] = {}
all_scopes = scopes.get_all_scopes()
for app in Application.objects.filter(user=self.request.user).all(): for app in Application.objects.filter(user=self.request.user).all():
available_scopes = scopes.get_available_scopes(app) available_scopes = PermissionScopes().get_available_scopes(app)
context["scopes"][app] = OrderedDict() context["scopes"][app] = OrderedDict()
items = [(k, v) for (k, v) in all_scopes.items() if k in available_scopes] all_scopes = PermissionScopes().get_all_scopes(scopes=available_scopes)
# items.sort(key=lambda x: (int(x[0].split("_")[1]), int(x[0].split("_")[0]))) scopes = {}
for scope in available_scopes:
scopes[scope] = all_scopes[scope]
# remove OIDC scope for sort
if 'openid' in scopes:
del scopes['openid']
oidc = True
items = [(k, v) for (k, v) in scopes.items()]
items.sort(key=lambda x: (int(x[0].split("_")[1]), int(x[0].split("_")[0])))
# add oidc if necessary
if oidc:
items.append(('openid', PermissionScopes().get_all_scopes(scopes=['openid'])['openid']))
for k, v in items: for k, v in items:
context["scopes"][app][k] = v context["scopes"][app][k] = v

4
entrypoint.sh
View File

@ -11,10 +11,6 @@ else
sed -i -e "s/REPLACEME/La Note Kfet \\\\ud83c\\\\udf7b/g" /var/www/note_kfet/note_kfet/fixtures/cas.json sed -i -e "s/REPLACEME/La Note Kfet \\\\ud83c\\\\udf7b/g" /var/www/note_kfet/note_kfet/fixtures/cas.json
fi fi
# fix lag issues with django-oauth-toolkit (cf https://gitlab.crans.org/bde/nk20/issues/134 )
sed -i -e "s/all_scopes =/# all_scopes =/g" /var/www/note_kfet/env/lib/python3.11/site-packages/oauth2_provider/views/base.py
sed -i -e 's/kwargs\["scopes_descriptions"\] =/# kwargs\["scopes_descriptions"\] =/g' /var/www/note_kfet/env/lib/python3.11/site-packages/oauth2_provider/views/base.py
# Set up Django project # Set up Django project
python3 manage.py collectstatic --noinput python3 manage.py collectstatic --noinput
python3 manage.py compilemessages python3 manage.py compilemessages