Looking for usage examples of add_api_key_scope

Hey all,

I’m trying to work with this method on Plugin::Instance: discourse/instance.rb at 06c60b017c86ddab489fd3d30c951c10b5c4d281 · ayampenyetan/discourse · GitHub

I tried to search for existing usages of this method across Discourse code base / Github, but it doesn’t seem like this is actually used anywhere outside of test cases (as far as publicly accessible code goes).

Can someone explain the following things to me:

  • What is the right way to get an instance of Plugin::Instance in a plugin so that the method can be invoked?
  • What is the right timing to call the method linked above? If I create a new endpoint in my plugin, should I put this call after the endpoint is created? Should it be before or inside the after_initialize?
  • The following code seems to register the scope, but when trying to hit the endpoint I register with an admin api key that has that scope, it doesn’t seem to be able to find the action. The endpoint works fine when hitting it with an admin api key with all scopes. Why is this not working, what am I doing incorrectly here?
  • I tried to add a urls entry to the actions, but it does not seem to be picked up. How do I successfully add a list of urls that the scope applies to to this structure?
after_initialize do

    module ::ApiKeyScopeTest
        class Engine < ::Rails::Engine
            engine_name "api_key_scope_test"
            isolate_namespace ApiKeyScopeTest
        end
    end

    class ApiKeyScopeTest::ApiKeyScopeTestController < ::ApplicationController

        def action
            ...
        end

    end

    ApiKeyScopeTest::Engine.routes.draw do
        post "/admin/plugins/api-key-scope-test" => "api_key_scope_test#action", constraints: AdminConstraint.new
    end

    Discourse::Application.routes.append do
        mount ::ApiKeyScopeTest::Engine, at: "/"
    end

    plugin = Plugin::Instance.new # Note: not clear this is correct

    plugin.add_api_key_scope(
        :test_scope,
        {
            post: {
                actions: %w[api_key_scope_test#action]
            }
        }
    )

end
1 Like