57 lines
1.4 KiB
Ruby
57 lines
1.4 KiB
Ruby
require 'travis/api/app'
|
|
|
|
class Travis::Api::App
|
|
module Extensions
|
|
module Scoping
|
|
module Helpers
|
|
def scope
|
|
env['travis.scope'].to_sym
|
|
end
|
|
|
|
def public?
|
|
scope == :public
|
|
end
|
|
end
|
|
|
|
def self.registered(app)
|
|
app.set default_scope: :public, anonymous_scopes: [:public]
|
|
app.helpers(Helpers)
|
|
end
|
|
|
|
def scope(*names)
|
|
condition do
|
|
names = [settings.default_scope] if names == [:default]
|
|
scopes = env['travis.access_token'].try(:scopes) || settings.anonymous_scopes
|
|
|
|
result = names.any? do |name|
|
|
if scopes.include? name
|
|
headers['X-OAuth-Scopes'] = scopes.map(&:to_s).join(',')
|
|
headers['X-Accepted-OAuth-Scopes'] = name.to_s
|
|
|
|
env['travis.scope'] = name
|
|
headers['Vary'] = 'Accept'
|
|
headers['Vary'] << ', Authorization' unless public?
|
|
true
|
|
end
|
|
end
|
|
|
|
if !result
|
|
if env['travis.access_token']
|
|
pass { halt 403, "insufficient access" }
|
|
else
|
|
pass { halt 401, "no access token supplied" }
|
|
end
|
|
end
|
|
|
|
result
|
|
end
|
|
end
|
|
|
|
def route(verb, path, options = {}, &block)
|
|
options[:scope] ||= :default
|
|
super(verb, path, options, &block)
|
|
end
|
|
end
|
|
end
|
|
end
|