Add owner scope to API keys #4935
Conversation
| AllowedAction = allowedAction; | ||
| } | ||
|
|
||
| // Deprecated: Should be removed once ApiKeys.cshtml is updated to support owner scope. |
There was a problem hiding this comment.
Wouldn't this just be as simple as changing a constructor call to pass the current username as owner?
You can add the ability to choose what user later. I would just prefer not having deprecated methods if it's very easy to fix.
There was a problem hiding this comment.
Yes, but then I'd need to update all callers. I'm minimizing changes in this PR (schema and copying org scope for temp keys). I'll remove this ctor when I start requiring the owner, which happens when I enable the UI.
chenriksson
requested review from
joelverhagen,
agr,
loic-sharma,
xavierdecoster,
shishirx34,
ryuyu,
cristinamanum,
skofman1 and
scottbommarito
| /// Package owner (user or organization) scoping. | ||
| /// </summary> | ||
| [JsonProperty("o")] | ||
| public string Owner { get; set; } |
There was a problem hiding this comment.
The "identity" of a user is the Key property.
There was a problem hiding this comment.
Good question... there was debate about whether keys can be scoped to multiple owners (yourself, and your organization(s)). We decided that we'd start with a single owner, but my impression was that we might change that.
I typed as string so that it could change with the same schema. Alternatively, I could change to FK and we move to many-many relation if we change our minds on supporting multiple owners.
There was a problem hiding this comment.
@joelverhagen Switched owner scope to FK. This does make more sense - if we support multiple owners per API key, we can just add more scopes.
Remaining work: