docs: Document scope design and AND semantics (#3267)#601
docs: Document scope design and AND semantics (#3267)#601abdulawalarif wants to merge 3 commits into
Conversation
Swiftaxe
left a comment
Swiftaxe
left a comment
There was a problem hiding this comment.
Thank you for a good PR on this @abdulawalarif!
I added some comments, mostly nits about improving clarity and simplification.
| @override | ||
| Set<Scope> get requiredScopes => { | ||
| Scope.admin, | ||
| const Scope('userWrite'), |
There was a problem hiding this comment.
-
Custom scopes are introduced in this code example, and below on line 157, before the section "Custom Scopes" which introduces it to the reader.
-
These two examples show creating scopes using a magic string, while the Custom Scopes section teaches the reader to define constants in a class.
Please change the order so Custom Scopes gets introduced first and consider the constant vs magic string examples.
Reorder custom scope examples, simplify wording, and remove em dashes per style guide. Co-authored-by: Cursor <cursoragent@cursor.com>
|
@Swiftaxe All feedback addressed: em dashes removed, wording simplified, Custom scopes moved before How scopes combine with constant-based examples. |
Swiftaxe
left a comment
Swiftaxe
left a comment
There was a problem hiding this comment.
Thank you, @abdulawalarif! Looks neat!
|
Hey, Alexander! |
2 participants
Summary
Addresses serverpod/serverpod#3267.
Expands the Authorization on endpoints section in The basics to explain how Serverpod scopes are intended to be used and why multiple scopes are combined with AND logic.
Changes in
docs/06-concepts/11-authentication/02-basics.md:Scope.admindoes not imply other scopes).requireLoginandrequiredScopes, including that non-emptyrequiredScopesalways requires authentication.Also fixes a missing newline before the User authentication heading.
Test plan
npm startand open http://localhost:3000/concepts/authentication/basics#authorization-on-endpoints