Client - update scopes

2022-06-15 20:37:24 +02:00
parent 8b2543eb61
commit 40a5fcccf3
6 changed files with 76 additions and 42 deletions
--- a/fittrackee_client/src/components/User/UserApps/AddUserApp.vue
+++ b/fittrackee_client/src/components/User/UserApps/AddUserApp.vue
@@ -48,32 +48,29 @@
            <div class="form-item-scope-label">
              {{ $t('oauth2.APP.SCOPE.LABEL') }}*
            </div>
-            <div class="form-item-scope-checkboxes">
-              <label>
+            <div
+              v-for="scope in oauth2_scopes"
+              class="form-item-scope-checkboxes"
+              :key="scope"
+            >
+              <label class="scope-label">
                <input
                  type="checkbox"
-                  :checked="appForm.read"
-                  @change="appForm.read = !appForm.read"
+                  :name="scope"
+                  :checked="scopes.includes(scope)"
+                  @change="updateScopes(scope)"
                />
-                {{ $t('oauth2.APP.SCOPE.READ') }}
-              </label>
-              <label>
-                <input
-                  type="checkbox"
-                  :checked="appForm.write"
-                  @change="appForm.write = !appForm.write"
-                />
-                {{ $t('oauth2.APP.SCOPE.WRITE') }}
+                <code>{{ scope }}</code>
              </label>
+              <p
+                class="scope-description"
+                v-html="$t(`oauth2.APP.SCOPE.${scope}_DESCRIPTION`)"
+              ></p>
            </div>
          </div>
        </div>
        <div class="form-buttons">
-          <button
-            class="confirm"
-            type="submit"
-            :disabled="!appForm.read && !appForm.write"
-          >
+          <button class="confirm" type="submit" :disabled="scopes.length === 0">
            {{ $t('buttons.SUBMIT') }}
          </button>
          <button
@@ -94,6 +91,7 @@
  import { OAUTH2_STORE } from '@/store/constants'
  import { IOAuth2ClientPayload } from '@/types/oauth'
  import { useStore } from '@/use/useStore'
+  import { oauth2_scopes } from '@/utils/oauth'

  const store = useStore()
  const appForm = reactive({
@@ -101,9 +99,8 @@
    client_uri: '',
    client_description: '',
    redirect_uri: '',
-    read: true,
-    write: false,
  })
+  const scopes: string[] = reactive([])

  function createApp() {
    const payload: IOAuth2ClientPayload = {
@@ -111,13 +108,21 @@
      client_description: appForm.client_description,
      client_uri: appForm.client_uri,
      redirect_uris: [appForm.redirect_uri],
-      scope: `${appForm.read ? 'read' : ''} ${appForm.write ? 'write' : ''}`,
+      scope: scopes.join(' '),
    }
    store.dispatch(OAUTH2_STORE.ACTIONS.CREATE_CLIENT, payload)
  }
  function updateDescription(value: string) {
    appForm.client_description = value
  }
+  function updateScopes(scope: string) {
+    const index = scopes.indexOf(scope)
+    if (index > -1) {
+      scopes.splice(index, 1)
+    } else {
+      scopes.push(scope)
+    }
+  }
 </script>

 <style scoped lang="scss">
@@ -135,7 +140,7 @@
        display: flex;
        flex-direction: column;

-        input {
+        input[type='text'] {
          height: 20px;
        }
        .form-item-scope {
@@ -146,8 +151,15 @@
          }

          .form-item-scope-checkboxes {
-            display: flex;
-            gap: $default-padding;
+            padding-bottom: $default-padding;
+
+            .scope-label {
+              height: inherit;
+            }
+            .scope-description {
+              font-style: italic;
+              margin: 0 $default-margin * 0.5;
+            }
          }
        }

--- a/fittrackee_client/src/components/User/UserApps/AuthorizeUserApp.vue
+++ b/fittrackee_client/src/components/User/UserApps/AuthorizeUserApp.vue
@@ -9,17 +9,16 @@
        </i18n-t>
      </h1>
      <ErrorMessage :message="errorMessages" v-if="errorMessages" />
-      <div class="oauth2-access">
+      <div class="oauth2-access description-list">
        <p>{{ $t('oauth2.APP_REQUESTING_ACCESS') }}</p>
-        <ul>
-          <li
-            class="client-scope"
-            v-for="scope in client.scope.split(' ')"
-            :key="scope"
-          >
-            {{ $t(`oauth2.APP.SCOPE.${scope.toUpperCase()}`) }}
-          </li>
-        </ul>
+        <dl>
+          <template v-for="scope in client.scope.split(' ')" :key="scope">
+            <dt class="client-scope">
+              <code>{{ scope }}</code>
+            </dt>
+            <dd v-html="$t(`oauth2.APP.SCOPE.${scope}_DESCRIPTION`)"></dd>
+          </template>
+        </dl>
        <div class="authorize-oauth2-buttons">
          <button class="danger" @click="authorizeApp">
            {{ $t('buttons.AUTHORIZE') }}
--- a/fittrackee_client/src/components/User/UserApps/UserApp.vue
+++ b/fittrackee_client/src/components/User/UserApps/UserApp.vue
@@ -53,13 +53,13 @@
          {{ client.redirect_uris.length > 0 ? client.redirect_uris[0] : '' }}
        </dd>
        <dt>{{ $t('oauth2.APP.SCOPE.LABEL') }}:</dt>
-        <dd>
+        <dd class="client-scopes">
          <span
            class="client-scope"
            v-for="scope in client.scope.split(' ')"
            :key="scope"
          >
-            {{ $t(`oauth2.APP.SCOPE.${scope.toUpperCase()}`) }}
+            <code>{{ scope }}</code>
          </span>
        </dd>
      </dl>
@@ -183,8 +183,12 @@
      flex-wrap: wrap;
      gap: $default-padding;
    }
-    .client-scope {
-      padding-right: $default-padding * 0.5;
+    .client-scopes {
+      display: flex;
+      flex-wrap: wrap;
+      .client-scope {
+        padding-right: $default-padding * 1.5;
+      }
    }
    .no-description {
      font-style: italic;
--- a/fittrackee_client/src/locales/en/oauth2.json
+++ b/fittrackee_client/src/locales/en/oauth2.json
@@ -9,8 +9,13 @@
    "REDIRECT_URL": "Redirect URL",
    "SCOPE": {
      "LABEL": "Scope",
-      "READ": "read",
-      "WRITE": "write"
+      "application:write_DESCRIPTION": "grants write access to application configuration.",
+      "profile:read_DESCRIPTION": "grants read access to <code>auth</code> endpoints.",
+      "profile:write_DESCRIPTION": "grants write access to <code>auth</code> endpoints.",
+      "users:read_DESCRIPTION": "grants read access to <code>users</code>  endpoints.",
+      "users:write_DESCRIPTION": "grants write access to <code>users</code> endpoints.",
+      "workouts:read_DESCRIPTION": "grants read access to <code>workouts</code> endpoints.",
+      "workouts:write_DESCRIPTION": "grants write access to <code>workouts</code> endpoints."
    },
    "URL": "Application URL"
  },
--- a/fittrackee_client/src/locales/fr/oauth2.json
+++ b/fittrackee_client/src/locales/fr/oauth2.json
@@ -9,8 +9,13 @@
    "REDIRECT_URL": "URL de redirection",
    "SCOPE": {
      "LABEL": "Scope",
-      "READ": "lecture",
-      "WRITE": "écriture"
+      "application:write_DESCRIPTION": "donne les droits en écriture à la configuration de l'application.",
+      "profile:read_DESCRIPTION": "donne les droits en lecture aux routes <code>auth</code>.",
+      "profile:write_DESCRIPTION": "donne les droits en écriture aux routes <code>auth</code>.",
+      "users:read_DESCRIPTION": "donne les droits en lecture aux routes <code>users</code>.",
+      "users:write_DESCRIPTION": "donne les droits en écriture aux routes <code>users</code>.",
+      "workouts:read_DESCRIPTION": "donne les droits en lecture aux routes <code>workouts</code>.",
+      "workouts:write_DESCRIPTION": "donne les droits en écriture aux routes <code>workouts</code>."
    },
    "URL": "URL de l'application"
  },
--- a/fittrackee_client/src/utils/oauth.ts
+++ b/fittrackee_client/src/utils/oauth.ts
@@ -0,0 +1,9 @@
+export const oauth2_scopes = [
+  'application:write',
+  'profile:read',
+  'profile:write',
+  'users:read',
+  'users:write',
+  'workouts:read',
+  'workouts:write',
+]