projects / arvados.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 4fb7673) | patch
api: Introduce reader_tokens for extra access.
authorBrett Smith <brett@curoverse.com>
Wed, 30 Apr 2014 17:26:15 +0000 (13:26 -0400)
committerBrett Smith <brett@curoverse.com>
Wed, 30 Apr 2014 17:27:35 +0000 (13:27 -0400)
commite87cfcde836ef572a722d645655c7a05fb3f473d
tree367a20fcbdd13ffcc28b613af1b2bc7b7cedbf23tree | snapshot
parent4fb767326911e01898e5ae28a55a1491b9535b36commit | diff
api: Introduce reader_tokens for extra access.

reader_tokens are API tokens whose read permissions will be added to
the primary API token's.  For actions that only read resources, like
:index and :show, you can now omit the API token as long as you
provide at least one reader_token.

This allows users to get access to one-off resources without
interrupting their primary session.  For example, Workbench will use
it to access Collections shared via secret link.
services/api/app/controllers/application_controller.rb diff | blob | history
services/api/app/models/api_client_authorization.rb diff | blob | history
services/api/app/models/arvados_model.rb diff | blob | history
services/api/lib/current_api_client.rb diff | blob | history
services/api/test/fixtures/api_client_authorizations.yml diff | blob | history
services/api/test/integration/reader_tokens_test.rb [new file with mode: 0644] blob