Merge pull request #273 from nemunaire/f/dynamic_scopes

Make authentication scopes dynamic
ddvk · Nov 18, 2023 · ed3c969 · ed3c969
2 parents 5f5e2fc + 3d094f1
commit ed3c969
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 4 deletions.
diff --git a/internal/app/handlers.go b/internal/app/handlers.go
@@ -143,14 +143,27 @@ func (app *App) newUserToken(c *gin.Context) {
 		return
 	}
 
-	scopes := []string{"intgr", "screenshare", "hwcmail:-1", "mail:-1"}
+	scopes := []string{"intgr", "screenshare"}
+
+	if app.cfg.HWRApplicationKey != "" && app.cfg.HWRHmac != "" {
+		scopes = append(scopes, "hwcmail:-1")
+	}
+
+	if app.cfg.SMTPConfig != nil {
+		scopes = append(scopes, "mail:-1")
+	}
 
 	if user.Sync15 {
 		log.Info("Using sync 1.5")
 		scopes = append(scopes, syncNew)
 	} else {
 		scopes = append(scopes, syncDefault)
 	}
+
+	if len(user.AdditionalScopes) > 0 {
+		scopes = append(scopes, user.AdditionalScopes...)
+	}
+
 	scopesStr := strings.Join(scopes, " ")
 	log.Info("setting scopes: ", scopesStr)
 

diff --git a/internal/model/user.go b/internal/model/user.go
@@ -47,9 +47,13 @@ type User struct {
 	FamilyName    string
 	CreatedAt     time.Time
 	UpdatedAt     time.Time
-	IsAdmin       bool
-	// Sync15 if the user should use this sync type (which uses a lot less bandwidth)
-	Sync15       bool
+	// IsAdmin indicates if the user can managed others users in this instance.
+	IsAdmin bool
+	// Sync15 if the user should use this sync type (which uses a lot less bandwidth).
+	Sync15 bool
+	// AdditionalScopes is a list of scopes to add to the user session.
+	AdditionalScopes []string
+	// Integrations stores the list of "Integrations" as shown on the tablet.
 	Integrations []IntegrationConfig
 }