Save the scopes in the requester

This commit is contained in:
Quentin Gliech 2022-06-17 16:58:05 +02:00 committed by Patrick Cloke
parent e82ec6d008
commit c5cf1b421d
3 changed files with 11 additions and 0 deletions

View File

@ -224,4 +224,5 @@ class OAuthDelegatedAuth(BaseAuth):
return create_requester( return create_requester(
user_id=user_id, user_id=user_id,
device_id=device_id, device_id=device_id,
scope=scope,
) )

View File

@ -131,6 +131,7 @@ class Requester:
user: "UserID" user: "UserID"
access_token_id: Optional[int] access_token_id: Optional[int]
is_guest: bool is_guest: bool
scope: Set[str]
shadow_banned: bool shadow_banned: bool
device_id: Optional[str] device_id: Optional[str]
app_service: Optional["ApplicationService"] app_service: Optional["ApplicationService"]
@ -147,6 +148,7 @@ class Requester:
"user_id": self.user.to_string(), "user_id": self.user.to_string(),
"access_token_id": self.access_token_id, "access_token_id": self.access_token_id,
"is_guest": self.is_guest, "is_guest": self.is_guest,
"scope": list(self.scope),
"shadow_banned": self.shadow_banned, "shadow_banned": self.shadow_banned,
"device_id": self.device_id, "device_id": self.device_id,
"app_server_id": self.app_service.id if self.app_service else None, "app_server_id": self.app_service.id if self.app_service else None,
@ -175,6 +177,7 @@ class Requester:
user=UserID.from_string(input["user_id"]), user=UserID.from_string(input["user_id"]),
access_token_id=input["access_token_id"], access_token_id=input["access_token_id"],
is_guest=input["is_guest"], is_guest=input["is_guest"],
scope=set(input["scope"]),
shadow_banned=input["shadow_banned"], shadow_banned=input["shadow_banned"],
device_id=input["device_id"], device_id=input["device_id"],
app_service=appservice, app_service=appservice,
@ -186,6 +189,7 @@ def create_requester(
user_id: Union[str, "UserID"], user_id: Union[str, "UserID"],
access_token_id: Optional[int] = None, access_token_id: Optional[int] = None,
is_guest: bool = False, is_guest: bool = False,
scope: StrCollection = (),
shadow_banned: bool = False, shadow_banned: bool = False,
device_id: Optional[str] = None, device_id: Optional[str] = None,
app_service: Optional["ApplicationService"] = None, app_service: Optional["ApplicationService"] = None,
@ -199,6 +203,7 @@ def create_requester(
access_token_id: *ID* of the access token used for this access_token_id: *ID* of the access token used for this
request, or None if it came via the appservice API or similar request, or None if it came via the appservice API or similar
is_guest: True if the user making this request is a guest user is_guest: True if the user making this request is a guest user
scope: the scope of the access token used for this request, if any
shadow_banned: True if the user making this request is shadow-banned. shadow_banned: True if the user making this request is shadow-banned.
device_id: device_id which was set at authentication time device_id: device_id which was set at authentication time
app_service: the AS requesting on behalf of the user app_service: the AS requesting on behalf of the user
@ -215,10 +220,13 @@ def create_requester(
if authenticated_entity is None: if authenticated_entity is None:
authenticated_entity = user_id.to_string() authenticated_entity = user_id.to_string()
scope = set(scope)
return Requester( return Requester(
user_id, user_id,
access_token_id, access_token_id,
is_guest, is_guest,
scope,
shadow_banned, shadow_banned,
device_id, device_id,
app_service, app_service,

View File

@ -426,6 +426,7 @@ class AuthTestCase(unittest.HomeserverTestCase):
access_token_id=None, access_token_id=None,
device_id="FOOBAR", device_id="FOOBAR",
is_guest=False, is_guest=False,
scope=set(),
shadow_banned=False, shadow_banned=False,
app_service=appservice, app_service=appservice,
authenticated_entity="@appservice:server", authenticated_entity="@appservice:server",
@ -456,6 +457,7 @@ class AuthTestCase(unittest.HomeserverTestCase):
access_token_id=None, access_token_id=None,
device_id="FOOBAR", device_id="FOOBAR",
is_guest=False, is_guest=False,
scope=set(),
shadow_banned=False, shadow_banned=False,
app_service=appservice, app_service=appservice,
authenticated_entity="@appservice:server", authenticated_entity="@appservice:server",