github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-06-29 13:42:51 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: Add more actions to the uploads API key scope (#15306)

Browse Source 
The uploads API key create scope did not cover the
external upload API endpoints, or the direct S3
multipart endpoints, and this commit adds them.

cf. https://meta.discourse.org/t/upload-create-api-key-insufficient/211896
This commit is contained in:
Martin Brennan
2021-12-15 14:08:11 +10:00
committed by GitHub
parent 15752da957
commit 4519f3f137
2 changed files with 12 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
app/models/api_key_scope.rb
View File

@ -36,7 +36,17 @@ class ApiKeyScope < ActiveRecord::Base
edit: { actions: %w[posts#update], params: %i[id] } edit: { actions: %w[posts#update], params: %i[id] }
}, },
uploads: { uploads: {
create: { actions: %w[uploads#create] } create: {
actions: %w[
uploads#create
uploads#generate_presigned_put
uploads#complete_external_upload
uploads#create_multipart
uploads#batch_presign_multipart_parts
uploads#abort_multipart
uploads#complete_multipart
]
}
}, },
users: { users: {
bookmarks: { actions: %w[users#bookmarks], params: %i[username] }, bookmarks: { actions: %w[users#bookmarks], params: %i[username] },

2
config/locales/client.en.yml
View File

@ -4210,7 +4210,7 @@ en:
posts: posts:
edit: Edit any post or a specific one. edit: Edit any post or a specific one.
uploads: uploads:
create: Upload a new file. create: Upload a new file or initiate single or multipart direct uploads to external storage.
users: users:
bookmarks: List user bookmarks. It returns bookmark reminders when using the ICS format. bookmarks: List user bookmarks. It returns bookmark reminders when using the ICS format.
sync_sso: Synchronize a user using DiscourseConnect. sync_sso: Synchronize a user using DiscourseConnect.