Allow setting access token scope by CLI (#22648)

Followup for #20908 to allow setting the scopes when creating new access token via CLI. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2023-02-02 04:10:37 +01:00 · 2023-02-02 04:10:37 +01:00 · 3f2e721372
parent 15c035775a
commit 3f2e721372
1 changed files with 13 additions and 2 deletions
--- a/cmd/admin.go
+++ b/cmd/admin.go
@ -180,6 +180,11 @@ var (
 				Name:  "raw",
 				Usage: "Display only the token value",
 			},
+			cli.StringFlag{
+				Name:  "scopes",
+				Value: "",
+				Usage: "Comma separated list of scopes to apply to access token",
+			},
 		},
 		Action: runGenerateAccessToken,
 	}
@ -698,9 +703,15 @@ func runGenerateAccessToken(c *cli.Context) error {
 		return err
 	}

+	accessTokenScope, err := auth_model.AccessTokenScope(c.String("scopes")).Normalize()
+	if err != nil {
+		return err
+	}
+
 	t := &auth_model.AccessToken{
-		Name: c.String("token-name"),
-		UID:  user.ID,
+		Name:  c.String("token-name"),
+		UID:   user.ID,
+		Scope: accessTokenScope,
 	}

 	if err := auth_model.NewAccessToken(t); err != nil {