diff options
author | wxiaoguang <wxiaoguang@gmail.com> | 2023-07-26 10:53:31 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-07-26 02:53:31 +0000 |
commit | 915cdf8f87380bb6ea9cb518837726eb85c89fc7 (patch) | |
tree | 04aaf3b8d0b75b341902bac3dbbd37629d9089d5 /docs/content | |
parent | 9ed3700ad2b373b6fa22f50dbd31ca106e1f82bc (diff) | |
download | gitea-915cdf8f87380bb6ea9cb518837726eb85c89fc7.tar.gz gitea-915cdf8f87380bb6ea9cb518837726eb85c89fc7.zip |
Remove "misc" scope check from public API endpoints (#26134)
Fix #26035
Diffstat (limited to 'docs/content')
-rw-r--r-- | docs/content/doc/development/oauth2-provider.en-us.md | 60 |
1 files changed, 30 insertions, 30 deletions
diff --git a/docs/content/doc/development/oauth2-provider.en-us.md b/docs/content/doc/development/oauth2-provider.en-us.md index 03833b5ac0..f7a73dcc88 100644 --- a/docs/content/doc/development/oauth2-provider.en-us.md +++ b/docs/content/doc/development/oauth2-provider.en-us.md @@ -51,36 +51,36 @@ Gitea supports scoped access tokens, which allow users the ability to restrict t Gitea token scopes are as follows: -| Name | Description | -| ---- |--------------------------------------------------------------------------------------------------------------------------------------------------| -| **(no scope)** | Not supported. A scope is required even for public repositories. | -| **activitypub** | `activitypub` API routes: ActivityPub related operations. | -| **read:activitypub** | Grants read access for ActivityPub operations. | -| **write:activitypub** | Grants read/write/delete access for ActivityPub operations. | -| **admin** | `/admin/*` API routes: Site-wide administrative operations (hidden for non-admin accounts). | -| **read:admin** | Grants read access for admin operations, such as getting cron jobs or registered user emails. | -| **write:admin** | Grants read/write/delete access for admin operations, such as running cron jobs or updating user accounts. | | -| **issue** | `issues/*`, `labels/*`, `milestones/*` API routes: Issue-related operations. | -| **read:issue** | Grants read access for issues operations, such as getting issue comments, issue attachments, and milestones. | -| **write:issue** | Grants read/write/delete access for issues operations, such as posting or editing an issue comment or attachment, and updating milestones. | -| **misc** | miscellaneous and settings top-level API routes. | -| **read:misc** | Grants read access to miscellaneous operations, such as getting label and gitignore templates. | -| **write:misc** | Grants read/write/delete access to miscellaneous operations, such as markup utility operations. | -| **notification** | `notification/*` API routes: user notification operations. | -| **read:notification** | Grants read access to user notifications, such as which notifications users are subscribed to and read new notifications. | -| **write:notification** | Grants read/write/delete access to user notifications, such as marking notifications as read. | -| **organization** | `orgs/*` and `teams/*` API routes: Organization and team management operations. | -| **read:organization** | Grants read access to org and team status, such as listing all orgs a user has visibility to, teams, and team members. | -| **write:organization** | Grants read/write/delete access to org and team status, such as creating and updating teams and updating org settings. | -| **package** | `/packages/*` API routes: Packages operations | -| **read:package** | Grants read access to package operations, such as reading and downloading available packages. | -| **write:package** | Grants read/write/delete access to package operations. Currently the same as `read:package`. | -| **repository** | `/repos/*` API routes except `/repos/issues/*`: Repository file, pull-request, and release operations. | -| **read:repository** | Grants read access to repository operations, such as getting repository files, releases, collaborators. | -| **write:repository** | Grants read/write/delete access to repository operations, such as getting updating repository files, creating pull requests, updating collaborators. | -| **user** | `/user/*` and `/users/*` API routes: User-related operations. | -| **read:user** | Grants read access to user operations, such as getting user repo subscriptions and user settings. | -| **write:user** | Grants read/write/delete access to user operations, such as updating user repo subscriptions, followed users, and user settings. | +| Name | Description | +| ---- |------------------------------------------------------------------------------------------------------------------------------------------------------| +| **(no scope)** | Not supported. A scope is required even for public repositories. | +| **activitypub** | `activitypub` API routes: ActivityPub related operations. | +| **read:activitypub** | Grants read access for ActivityPub operations. | +| **write:activitypub** | Grants read/write/delete access for ActivityPub operations. | +| **admin** | `/admin/*` API routes: Site-wide administrative operations (hidden for non-admin accounts). | +| **read:admin** | Grants read access for admin operations, such as getting cron jobs or registered user emails. | +| **write:admin** | Grants read/write/delete access for admin operations, such as running cron jobs or updating user accounts. | +| **issue** | `issues/*`, `labels/*`, `milestones/*` API routes: Issue-related operations. | +| **read:issue** | Grants read access for issues operations, such as getting issue comments, issue attachments, and milestones. | +| **write:issue** | Grants read/write/delete access for issues operations, such as posting or editing an issue comment or attachment, and updating milestones. | +| **misc** | Reserved for future usage. | +| **read:misc** | Reserved for future usage. | +| **write:misc** | Reserved for future usage. | +| **notification** | `notification/*` API routes: user notification operations. | +| **read:notification** | Grants read access to user notifications, such as which notifications users are subscribed to and read new notifications. | +| **write:notification** | Grants read/write/delete access to user notifications, such as marking notifications as read. | +| **organization** | `orgs/*` and `teams/*` API routes: Organization and team management operations. | +| **read:organization** | Grants read access to org and team status, such as listing all orgs a user has visibility to, teams, and team members. | +| **write:organization** | Grants read/write/delete access to org and team status, such as creating and updating teams and updating org settings. | +| **package** | `/packages/*` API routes: Packages operations | +| **read:package** | Grants read access to package operations, such as reading and downloading available packages. | +| **write:package** | Grants read/write/delete access to package operations. Currently the same as `read:package`. | +| **repository** | `/repos/*` API routes except `/repos/issues/*`: Repository file, pull-request, and release operations. | +| **read:repository** | Grants read access to repository operations, such as getting repository files, releases, collaborators. | +| **write:repository** | Grants read/write/delete access to repository operations, such as getting updating repository files, creating pull requests, updating collaborators. | +| **user** | `/user/*` and `/users/*` API routes: User-related operations. | +| **read:user** | Grants read access to user operations, such as getting user repo subscriptions and user settings. | +| **write:user** | Grants read/write/delete access to user operations, such as updating user repo subscriptions, followed users, and user settings. | ## Client types |