Add more granular OAuth scopes (#7929)

* Add more granular OAuth scopes * Add human-readable descriptions of the new scopes * Ensure new scopes look good on the app UI * Add tests * Group scopes in screen and color-code dangerous ones * Fix wrong extra scope
2018-07-05 18:31:35 +02:00 · 2018-07-05 18:31:35 +02:00 · 1f6ed4f86a
commit 1f6ed4f86a
parent ca2cc556f1
69 changed files with 295 additions and 105 deletions
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@ -1,6 +1,12 @@
 # frozen_string_literal: true

 module ApplicationHelper
+  DANGEROUS_SCOPES = %w(
+    read
+    write
+    follow
+  ).freeze
+
  def active_nav_class(path)
    current_page?(path) ? 'active' : ''
  end
@ -43,6 +49,10 @@ module ApplicationHelper
    Rails.env.production? ? site_title : "#{site_title} (Dev)"
  end

+  def class_for_scope(scope)
+    'scope-danger' if DANGEROUS_SCOPES.include?(scope.to_s)
+  end
+
  def can?(action, record)
    return false if record.nil?
    policy(record).public_send("#{action}?")