FEATURE: More API scopes (#10493)

FEATURE: More API scopes (#10493)

diff --git a/app/assets/javascripts/admin/templates/api-keys-new.hbs b/app/assets/javascripts/admin/templates/api-keys-new.hbs
index 59678c1..5825354 100644
--- a/app/assets/javascripts/admin/templates/api-keys-new.hbs
+++ b/app/assets/javascripts/admin/templates/api-keys-new.hbs
@@ -39,17 +39,23 @@
     {{#unless useGlobalKey}}
       <div class="scopes-title">{{i18n "admin.api.scopes.title"}}</div>
       <p>{{i18n "admin.api.scopes.description"}}</p>
-      {{#each-in scopes as |resource actions|}}
-        <table class="scopes-table">
-          <thead>
+      <table class="scopes-table">
+        <thead>
+          <tr>
+            <td></td>
+            <td></td>
+            <td>{{i18n "admin.api.scopes.allowed_urls"}}</td>
+            <td>{{i18n "admin.api.scopes.optional_allowed_parameters"}}</td>
+          </tr>
+        </thead>
+        <tbody>
+          {{#each-in scopes as |resource actions|}}
             <tr>
-              <td><b>{{resource}}</b></td>
+              <td class="scope-resource-name"><b>{{resource}}</b></td>
+              <td></td>
+              <td></td>
               <td></td>
-              <td>{{i18n "admin.api.scopes.allowed_urls"}}</td>
-              <td>{{i18n "admin.api.scopes.optional_allowed_parameters"}}</td>
             </tr>
-          </thead>
-          <tbody>
             {{#each actions as |act|}}
               <tr>
                 <td>{{input type="checkbox" checked=act.selected}}</td>
@@ -71,9 +77,9 @@
                 </td>
               </tr>
             {{/each}}
-          </tbody>
-        </table>
-      {{/each-in}}
+          {{/each-in}}
+        </tbody>
+      </table>
     {{/unless}}
 
     {{d-button icon="check" label="admin.api.save" action=(action "save") class="btn-primary" disabled=saveDisabled}}
diff --git a/app/assets/stylesheets/common/admin/api.scss b/app/assets/stylesheets/common/admin/api.scss
index 2b42c0a..1bde84a 100644
--- a/app/assets/stylesheets/common/admin/api.scss
+++ b/app/assets/stylesheets/common/admin/api.scss
@@ -143,6 +143,10 @@ table.api-keys {
   .scopes-table {
     margin: 20px 0 20px 0;
   }
+
+  .scope-resource-name {
+    font-size: $font-up-1;
+  }
 }
 
 // Webhook
diff --git a/app/models/api_key_scope.rb b/app/models/api_key_scope.rb
index 0e45ff6..b66bb3b 100644
--- a/app/models/api_key_scope.rb
+++ b/app/models/api_key_scope.rb
@@ -18,22 +18,36 @@ class ApiKeyScope < ActiveRecord::Base
     end
 
     def default_mappings
-      write_actions = %w[posts#create]
-      read_actions = %w[topics#show topics#feed]
+      return @default_mappings unless @default_mappings.nil?
 
-      @default_mappings ||= {
+      mappings = {
         topics: {
-          write: { actions: write_actions, params: %i[topic_id], urls: find_urls(write_actions) },
+          write: { actions: %w[posts#create], params: %i[topic_id] },
           read: {
-            actions: read_actions, params: %i[topic_id],
-            aliases: { topic_id: :id }, urls: find_urls(read_actions)
+            actions: %w[topics#show topics#feed topics#posts],
+            params: %i[topic_id], aliases: { topic_id: :id }
           },
           read_lists: {
             actions: list_actions, params: %i[category_id],
-            aliases: { category_id: :category_slug_path_with_id }, urls: find_urls(list_actions)
-          }
+            aliases: { category_id: :category_slug_path_with_id }
+          },
+          wordpress: { actions: %w[topics#wordpress], params: %i[topic_id] }
+        },
+        users: {
+          bookmarks: { actions: %w[users#bookmarks], params: %i[username] },
+          sync_sso: { actions: %w[admin/users#sync_sso], params: %i[sso sig] },
+          show: { actions: %w[users#show], params: %i[username external_id] },
+          check_emails: { actions: %w[users#check_emails], params: %i[username] }
         }
       }
+
+      mappings.each_value do |resource_actions|
+        resource_actions.each_value do |action_data|
+          action_data[:urls] = find_urls(action_data[:actions])
+        end
+      end
+
+      @default_mappings = mappings
     end
 
     def scope_mappings
diff --git a/config/locales/client.en.yml b/config/locales/client.en.yml
index cba7f6b..452a1ca 100644
--- a/config/locales/client.en.yml
+++ b/config/locales/client.en.yml
@@ -3662,12 +3662,15 @@ en:
           allowed_urls: Allowed URLs
           descriptions:
             topics:
-              read: |
-                Read a topic or a specific post in it. RSS is also supported.
-              write: |
-                Create a new topic or post to an existing one.
-              read_lists: |
-                Read topic lists like top, new, latest, etc. RSS is also supported.
+              read: Read a topic or a specific post in it. RSS is also supported.
+              write: Create a new topic or post to an existing one.
+              read_lists: Read topic lists like top, new, latest, etc. RSS is also supported.
+              wordpress: Necessary for the WordPress wp-discourse plugin to work.
+            users:
+              bookmarks: List user bookmarks. It returns bookmark reminders when using the ICS format.
+              sync_sso: Synchronize a user using SSO.
+              show: Obtain information about an user.
+              check_emails: List user emails.
 
       web_hooks:
         title: "Webhooks"
diff --git a/spec/requests/admin/api_controller_spec.rb b/spec/requests/admin/api_controller_spec.rb
index d7dc8c6..05e7399 100644
--- a/spec/requests/admin/api_controller_spec.rb
+++ b/spec/requests/admin/api_controller_spec.rb
@@ -222,7 +222,7 @@ describe Admin::ApiController do
 
         scopes = response.parsed_body['scopes']
 
-        expect(scopes.keys).to contain_exactly('topics')
+        expect(scopes.keys).to contain_exactly('topics', 'users')
       end
     end
   end

GitHub sha: dd13304b

This commit appears in #10493 which was approved by eviltrout. It was merged by romanrizzi.