hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-12 12:33:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Revert "Change read:users(services):admin scope to read:users(services):roles"

Browse Source 
read:users(services):roles scopes will be added together with changes to api handlers
This commit is contained in:
IvanaH8
2021-04-30 15:13:29 +02:00
parent 60c73de8b2
commit cc35d84f25
3 changed files with 3 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
jupyterhub/roles.py
View File

@@ -64,7 +64,6 @@ def expand_self_scope(name):
'users', 'users',
'users:name', 'users:name',
'users:groups', 'users:groups',
'users:roles',
'users:activity', 'users:activity',
'users:servers', 'users:servers',
'users:tokens', 'users:tokens',
@@ -89,7 +88,6 @@ def _get_scope_hierarchy():
'read:users': [ 'read:users': [
'read:users:name', 'read:users:name',
'read:users:groups', 'read:users:groups',
'read:users:roles',
'read:users:activity', 'read:users:activity',
], ],
'users:activity': ['read:users:activity'], 'users:activity': ['read:users:activity'],
@@ -99,7 +97,7 @@ def _get_scope_hierarchy():
'read:users:servers': ['read:users:name'], 'read:users:servers': ['read:users:name'],
'admin:groups': ['groups'], 'admin:groups': ['groups'],
'groups': ['read:groups'], 'groups': ['read:groups'],
'read:services': ['read:services:name', 'read:services:roles'], 'read:services': None,
'read:hub': None, 'read:hub': None,
'proxy': None, 'proxy': None,
'shutdown': None, 'shutdown': None,

4
jupyterhub/scopes.py
View File

@@ -208,11 +208,11 @@ def identify_scopes(obj):
if isinstance(obj, orm.User): if isinstance(obj, orm.User):
return { return {
f"read:users:{field}!user={obj.name}" f"read:users:{field}!user={obj.name}"
for field in {"name", "roles", "groups"} for field in {"name", "admin", "groups"}
} }
elif isinstance(obj, orm.Service): elif isinstance(obj, orm.Service):
return { return {
f"read:services:{field}!service={obj.name}" for field in {"name", "roles"} f"read:services:{field}!service={obj.name}" for field in {"name", "admin"}
} }
else: else:
raise TypeError(f"Expected orm.User or orm.Service, got {obj!r}") raise TypeError(f"Expected orm.User or orm.Service, got {obj!r}")

3
jupyterhub/tests/test_roles.py
View File

@@ -185,7 +185,6 @@ def test_orm_roles_delete_cascade(db):
'users:activity', 'users:activity',
'read:users:name', 'read:users:name',
'read:users:groups', 'read:users:groups',
'read:users:roles',
'read:users:activity', 'read:users:activity',
}, },
), ),
@@ -197,7 +196,6 @@ def test_orm_roles_delete_cascade(db):
'users:activity', 'users:activity',
'read:users:name', 'read:users:name',
'read:users:groups', 'read:users:groups',
'read:users:roles',
'read:users:activity', 'read:users:activity',
}, },
), ),
@@ -207,7 +205,6 @@ def test_orm_roles_delete_cascade(db):
'read:users', 'read:users',
'read:users:name', 'read:users:name',
'read:users:groups', 'read:users:groups',
'read:users:roles',
'read:users:activity', 'read:users:activity',
}, },
), ),