From fa7ffd9d1594a5bc9dba4fc65af0a4100988341b Mon Sep 17 00:00:00 2001
From: Fabian Mastenbroek <mail.fabianm@gmail.com>
Date: Fri, 2 Jul 2021 16:47:40 +0200
Subject: api: Restrict API scopes

This change adds support for restricting API scopes in the OpenDC API
server. This is necessary to make a distinction between runners and
regular users.
---
 opendc-web/opendc-web-api/conftest.py | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

(limited to 'opendc-web/opendc-web-api/conftest.py')

diff --git a/opendc-web/opendc-web-api/conftest.py b/opendc-web/opendc-web-api/conftest.py
index 430262f1..958a5894 100644
--- a/opendc-web/opendc-web-api/conftest.py
+++ b/opendc-web/opendc-web-api/conftest.py
@@ -8,7 +8,7 @@ from flask import _request_ctx_stack, g
 from opendc.database import Database
 
 
-def decorator(f):
+def requires_auth_mock(f):
     @wraps(f)
     def decorated_function(*args, **kwargs):
         _request_ctx_stack.top.current_user = {'sub': 'test'}
@@ -16,13 +16,24 @@ def decorator(f):
     return decorated_function
 
 
+def requires_scope_mock(required_scope):
+    def decorator(f):
+        @wraps(f)
+        def decorated_function(*args, **kwargs):
+            return f(*args, **kwargs)
+        return decorated_function
+    return decorator
+
+
 @pytest.fixture
 def client():
     """Returns a Flask API client to interact with."""
 
     # Disable authorization for test API endpoints
     from opendc import exts
-    exts.requires_auth = decorator
+    exts.requires_auth = requires_auth_mock
+    exts.requires_scope = requires_scope_mock
+    exts.has_scope = lambda x: False
 
     from app import create_app
 
-- 
cgit v1.2.3