Part of canonical.launchpad.browser.oauth View In Hierarchy
| Method | visible_actions | Restrict the actions to the subset the client can make use of. |
| Method | initialize | Undocumented |
| Method | render | Undocumented |
| Method | storeTokenContext | Store the context given by the consumer in this view. |
| Method | reviewToken | Undocumented |
Inherited from JSONTokenMixin:
| Method | getJSONRepresentation | Return a JSON representation of the authorization policy. |
Not all client programs can function with all levels of access. For instance, a client that needs to modify the dataset won't work correctly if the end-user only gives it read access. By setting the 'allow_permission' query variable the client program can get Launchpad to show the end-user an acceptable subset of OAuthPermission.
The user always has the option to deny the client access altogether, so it makes sense for the client to ask for the least access possible.
If the client sends nonsensical values for allow_permissions, the end-user will be given a choice among all the permissions used by normal applications.