#4257 src.fp.o user API tokens should have the same perms as web ui
Opened 7 months ago by ttomecek. Modified 6 months ago

We are working on package automation tooling (packit) which interacts with src.fp.o pagure deployment. One of the expected workflows we want to cover is that people will be able to run the tool locally (hi @pingou!) and do the same actions as the service would have done. Sadly, that's a bit problematic because we need 3 distinct API tokens. It is described in our README [1].

Our expectation is that user-bound API tokens should have the same permissions as what the user is able to do in the web interface.

We can't really ask packit users to:

  • get one user-scoped api token
  • generate a token for each of the package
  • and each fork

(I should have opened this at fedora-infra issue tracker but first I want to be sure there are no code changes needed to be done to enable this.)

[1] https://github.com/packit-service/packit/blame/master/README.md#L69

Metadata Update from @pingou:
- Issue tagged with: RFE

7 months ago

Practical example: we are creating a fork of some src.fp.o project via API and we need a different token to perform such operation.

Login to comment on this ticket.