Re: [LEDE-DEV] github oauth for webpage editing requests too many permission
On 06/08/2017 02:44 PM, Thomas Endt wrote: > Seems there is finally some movement after I nudged a bit: Pull request has > been opened. > https://github.com/cosmocode/dokuwiki-plugin-oauth/issues/41 > > However, the real implementation date is still unknown, and since the > solution is so easy, I'd say: Go ahead, apply that change to the LEDE wiki. > > > Thomas > > > I fixed it and tested with my github account, it asks only for read-only access to email now. -Alberto ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] github oauth for webpage editing requests too many permission
> Von: Lede-dev [mailto:lede-dev-boun...@lists.infradead.org] Im Auftrag > von Alberto Bursi > Gesendet: Mittwoch, 7. Juni 2017 20:11 > > On 06/07/2017 05:45 PM, Martin Tippmann wrote: > > On Wed, Jun 7, 2017 at 5:00 PM, Karl Palsson> wrote: > >> Hi, > >> > >> I was trying to fix something on the documentation pages of > >> lede-project today, and tried to login with github. > >> > >> However, the docuwiki/oauth thing is demanding full read/write > access > >> to my account, which seems excessive... > > Hi, we already noticed this: > > http://lists.infradead.org/pipermail/lede-dev/2016- > October/003099.html > > > > https://github.com/cosmocode/dokuwiki-plugin-oauth/issues/41 > > > > Looks like the original plugin is still not updated. > > > > Seems like the fix is pretty trivial though (change a line in a php > file), see this commit from a fork: > https://github.com/micgro42/dokuwiki-plugin- > oauth/commit/39b9184bb4c606c3d0fc43d8e565368bcaab2f92 > > Anyone with root access to the server can easily do that on our side. > > I can do that if we agree it's OK to do so. > > -Alberto Seems there is finally some movement after I nudged a bit: Pull request has been opened. https://github.com/cosmocode/dokuwiki-plugin-oauth/issues/41 However, the real implementation date is still unknown, and since the solution is so easy, I'd say: Go ahead, apply that change to the LEDE wiki. Thomas ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] github oauth for webpage editing requests too many permission
On 06/07/2017 05:45 PM, Martin Tippmann wrote: > On Wed, Jun 7, 2017 at 5:00 PM, Karl Palssonwrote: >> Hi, >> >> I was trying to fix something on the documentation pages of >> lede-project today, and tried to login with github. >> >> However, the docuwiki/oauth thing is demanding full read/write >> access to my account, which seems excessive... > Hi, we already noticed this: > http://lists.infradead.org/pipermail/lede-dev/2016-October/003099.html > > https://github.com/cosmocode/dokuwiki-plugin-oauth/issues/41 > > Looks like the original plugin is still not updated. > Seems like the fix is pretty trivial though (change a line in a php file), see this commit from a fork: https://github.com/micgro42/dokuwiki-plugin-oauth/commit/39b9184bb4c606c3d0fc43d8e565368bcaab2f92 Anyone with root access to the server can easily do that on our side. I can do that if we agree it's OK to do so. -Alberto ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
[LEDE-DEV] github oauth for webpage editing requests too many permission
Hi, I was trying to fix something on the documentation pages of lede-project today, and tried to login with github. However, the docuwiki/oauth thing is demanding full read/write access to my account, which seems excessive... ``` LEDE Project (lede-project.org) by lede-project wants to access your karlp account Personal user data Full access This application will be able to read and write all user data. This includes the following: Private email addresses Private profile information Followers Learn more ``` Can someone perhaps reconfigure that to request only what's necessary to do an oauth login for editing, not granting access to the account? Sincerely, Karl P signature.html Description: OpenPGP Digital Signature ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev