DEV: Check for authorization based on token
This commit is contained in:
parent
6b4e0e6faa
commit
8d9d55b861
2 changed files with 18 additions and 1 deletions
|
@ -3,7 +3,12 @@
|
|||
Rails.application.config.to_prepare do
|
||||
Scimitar.engine_configuration = Scimitar::EngineConfiguration.new({
|
||||
token_authenticator: Proc.new do | token, options |
|
||||
true
|
||||
api_key = ApiKey.active.with_key(token).first
|
||||
allowed = false
|
||||
if api_key
|
||||
allowed = api_key.api_key_scopes.any? { |s| s.resource == "scim" || s.action == "access_scim_endpoints" }
|
||||
end
|
||||
allowed
|
||||
end
|
||||
})
|
||||
end
|
12
plugin.rb
12
plugin.rb
|
@ -20,6 +20,18 @@ require "scimitar"
|
|||
|
||||
enabled_site_setting :scim_enabled
|
||||
|
||||
add_api_key_scope(
|
||||
:scim,
|
||||
{
|
||||
access_scim_endpoints: {
|
||||
actions: %w[scim_v2/users#index scim_v2/users#show scim_v2/users#create
|
||||
scim_v2/users#replace scim_v2/users#update scim_v2/users#destroy
|
||||
scim_v2/groups#index scim_v2/groups#show scim_v2/groups#create
|
||||
scim_v2/groups#update],
|
||||
},
|
||||
},
|
||||
)
|
||||
|
||||
module ::DiscourseScimPlugin
|
||||
PLUGIN_NAME = "scim"
|
||||
|
||||
|
|
Loading…
Reference in a new issue