Commit Graph

15 Commits

Author SHA1 Message Date
Claude 64c3f464ac
feat: add project-scoped API tokens
Add optional project scope to API tokens, allowing tokens to be restricted
to a specific project and optionally its sub-projects. This builds on the
existing API token system by adding two new fields: project_id and
include_sub_projects.

Key changes:
- Database migration adding project_id and include_sub_projects columns
- ProjectScopedAuth wrapper type implementing web.Auth with scope info
- AuthUnwrapper interface for transparent auth type unwrapping
- Scope enforcement in project/task permission checks and list queries
- Middleware resolves scoped project IDs (with recursive CTE for sub-projects)
- Frontend: project selector in token creation form, scope display in list
- Tests for scope resolution, permission enforcement, and token creation

https://claude.ai/code/session_015JjPNeSkwxYQNCeMf2PYTi
2026-03-22 11:28:40 +00:00
kolaente a81a3ee0e5
feat!: rename right to permission (#1277) 2025-08-13 11:05:05 +02:00
kolaente f9b31ab4bf
fix: ambiguous title column in task search (#1012) 2025-06-24 20:38:35 +00:00
Dominik Pschenitschni 296577a875
fix: correct license header references (#882)
See originals:
- https://www.gnu.org/licenses/agpl-3.0.txt
- https://www.gnu.org/licenses/gpl-3.0.txt
2025-06-10 12:18:38 +02:00
kolaente 2063da9eec
chore(web): move web handler package to Vikunja 2024-08-29 16:15:28 +02:00
kolaente 2c84cec044
docs(webhooks): add swagger docs for all webhook endpoints 2023-10-17 20:35:14 +02:00
kolaente eac4e455fd
fix(api tokens): lint 2023-09-01 15:56:35 +02:00
kolaente e3c5a93f4f
chore(api tokens): remove updated date from tokens as it can't be updated anyway 2023-09-01 11:16:36 +02:00
kolaente d9bfcdab8e
feat(api tokens): add tests 2023-09-01 10:19:31 +02:00
kolaente e3dac16398
feat(api tokens): check permissions when saving 2023-09-01 08:52:57 +02:00
kolaente e4c71123ef
fix: lint 2023-09-01 08:39:25 +02:00
kolaente fb2a1c59db
feat(api tokens): check if a provided token matched a hashed on in the database 2023-09-01 08:36:15 +02:00
kolaente c88cbaa973
feat(api tokens): properly hash tokens 2023-09-01 08:36:11 +02:00
kolaente e6b25bd57b
feat(api tokens): add crud routes to manage api tokens 2023-09-01 08:35:54 +02:00
kolaente 3faf48706a
feat(api tokens): add api token struct and migration 2023-09-01 08:35:54 +02:00