nandi.latha.org / lichen.wiki
forked from juprodh.me/lichen.wiki
🌿 Collaborative wiki on ATProto
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Add granular permission to only lichen.wiki and blobs

juprodh 20205a73 abe8ffa2

+31 -2
+25
lexicons/wiki.lichen.permissions.json
··· 1 + { 2 + "lexicon": 1, 3 + "id": "wiki.lichen.permissions", 4 + "defs": { 5 + "main": { 6 + "type": "permission-set", 7 + "title": "Lichen Wiki", 8 + "detail": "Create and edit wikis, notes, and manage memberships and bookmarks.", 9 + "permissions": [ 10 + { 11 + "type": "permission", 12 + "resource": "repo", 13 + "collection": [ 14 + "wiki.lichen.wiki", 15 + "wiki.lichen.note", 16 + "wiki.lichen.noteRevision", 17 + "wiki.lichen.membership", 18 + "wiki.lichen.memberRequest", 19 + "wiki.lichen.bookmark" 20 + ] 21 + } 22 + ] 23 + } 24 + } 25 + }
+2 -1
src/atproto/client.ts
··· 5 5 type NodeSavedSession, 6 6 type NodeSavedState, 7 7 } from "@atproto/oauth-client-node"; 8 + import { OAUTH_SCOPE } from "../lib/constants.ts"; 8 9 import { getDb } from "../server/db/index.ts"; 9 10 import type { AtprotoEnv } from "./env.ts"; 10 11 ··· 91 92 redirect_uris: [`${url}/atproto-oauth-callback`], 92 93 grant_types: ["authorization_code", "refresh_token"], 93 94 response_types: ["code"], 94 - scope: "atproto transition:generic", 95 + scope: OAUTH_SCOPE, 95 96 token_endpoint_auth_method: "private_key_jwt", 96 97 token_endpoint_auth_signing_alg: "ES256", 97 98 application_type: "web",
+2 -1
src/atproto/routes.ts
··· 1 1 import { Elysia } from "elysia"; 2 + import { OAUTH_SCOPE } from "../lib/constants.ts"; 2 3 import { escapeHtml } from "../lib/html.ts"; 3 4 import { fmt, resolveLocale, t } from "../lib/i18n/index.ts"; 4 5 import { htmlResponse } from "../lib/response.ts"; ··· 87 88 try { 88 89 const did = await resolveHandle(handle); 89 90 const authUrl = await client.authorize(did, { 90 - scope: "atproto transition:generic", 91 + scope: OAUTH_SCOPE, 91 92 }); 92 93 return Response.redirect(authUrl.toString()); 93 94 } catch {
+2
src/lib/constants.ts
··· 7 7 bookmark: "wiki.lichen.bookmark", 8 8 } as const; 9 9 10 + export const OAUTH_SCOPE = `atproto include:wiki.lichen.permissions blob:*/*`; 11 + 10 12 export type MemberRole = "admin" | "contributor" | "viewer"; 11 13 12 14 export function normalizeRole(raw: string | null | undefined): MemberRole {