~sircmpwn/sr.ht-dev

This thread contains a patchset. You're looking at the original emails, but you may wish to use the patch review UI. Review patch
2 2

[PATCH core.sr.ht] Fix scope checks for webhook subscriptions

Details
Message ID
<20190801085019.13763-1-rycwo@posteo.net>
DKIM signature
missing
Download raw message
Patch: +3 -1
Use OAuthScope.fulfills() instead of __eq__() to validate if token scopes are
applicable for webhook subscriptions.
---
 srht/webhook/magic.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/srht/webhook/magic.py b/srht/webhook/magic.py
index b91c808..0fd7229 100644
--- a/srht/webhook/magic.py
+++ b/srht/webhook/magic.py
@@ -47,8 +47,10 @@ class _SubscriptionMixin:
        except ValueError:
            valid.expect(False,
                    f"Unsupported event type", field="events")
        fulfills_scope = lambda req: any(scope.fulfills(req)
                for scope in token.scopes)
        valid.expect(OAuthScope.all in token.scopes or
            all(self._Webhook.event_scope[ev] in token.scopes
            all(fulfills_scope(self._Webhook.event_scope[ev])
                for ev in self.events),
            "Permission denied - does your token have the appropriate scopes?")
        if hasattr(self._Webhook, "__init__"):
-- 
2.22.0
Details
Message ID
<BVZ6MBQPANMQ.WWXMPEQILSK3@homura>
In-Reply-To
<20190801085019.13763-1-rycwo@posteo.net> (view parent)
DKIM signature
missing
Download raw message
I hit this same issue yesterday and fixed it differently. Thanks though!
Details
Message ID
<812dad5f4e7447e7a41a6fda0bbaa50f@posteo.net>
In-Reply-To
<BVZ6MBQPANMQ.WWXMPEQILSK3@homura> (view parent)
DKIM signature
missing
Download raw message
On 02-08-2019 15:35, Drew DeVault wrote:
> I hit this same issue yesterday and fixed it differently. Thanks 
> though!

Ah cool. (b^_^)b
Reply to thread Export thread (mbox)