From 7655163927de1f283fc281cf967290afe0678202 Mon Sep 17 00:00:00 2001 From: Tanner Heffner Date: Thu, 2 Nov 2023 14:37:13 -0700 Subject: [PATCH 1/3] Update create-oauth-client.mdx Update docs around Drupal permissions --- .../tutorials/preview-mode/create-oauth-client.mdx | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/www/content/tutorials/preview-mode/create-oauth-client.mdx b/www/content/tutorials/preview-mode/create-oauth-client.mdx index 7bb38b66..eb0f8e88 100644 --- a/www/content/tutorials/preview-mode/create-oauth-client.mdx +++ b/www/content/tutorials/preview-mode/create-oauth-client.mdx @@ -27,9 +27,14 @@ As from `next-drupal 1.5`, user roles are used for OAuth scopes. The scopes are Next, assign the following permissions to the newly created role. -- Bypass content access control -- Issue subrequests -- View user information + + - 'access content' + - 'access user profiles' + - 'issue subrequests' + - 'view all revisions' + - 'view any unpublished content' + - 'view latest version' + - 'view media' @@ -55,7 +60,7 @@ const articles = await drupal.getResource( ## 3. Create User -Add a new user at `/admin/people/create` and **assign them all the roles that are going to be used for scopes, including the administrator role and the role we created above**. +Add a new user at `/admin/people/create` and **assign them all the roles that are going to be used for scopes, including the role we created above**. --- From cdff3c5cfdd0a8dbfa10ae07231482f8011dc1dd Mon Sep 17 00:00:00 2001 From: Tanner Heffner Date: Tue, 14 Nov 2023 07:34:28 -0800 Subject: [PATCH 2/3] Update create-oauth-client.mdx clean up whitspaces? --- www/content/tutorials/preview-mode/create-oauth-client.mdx | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/www/content/tutorials/preview-mode/create-oauth-client.mdx b/www/content/tutorials/preview-mode/create-oauth-client.mdx index eb0f8e88..d516f74c 100644 --- a/www/content/tutorials/preview-mode/create-oauth-client.mdx +++ b/www/content/tutorials/preview-mode/create-oauth-client.mdx @@ -27,7 +27,6 @@ As from `next-drupal 1.5`, user roles are used for OAuth scopes. The scopes are Next, assign the following permissions to the newly created role. - - 'access content' - 'access user profiles' - 'issue subrequests' @@ -38,7 +37,7 @@ Next, assign the following permissions to the newly created role. -We are assigning the _Bypass content access control_ permission to allow Next.js to access unpublished content and revisions. +We are assigning the _view all revisions_ and _view any unpublished content_ permissions to allow Next.js to access unpublished content and revisions. This scope is only going to be used when making authenticated requests from Next.js to Drupal. From 6a27db006d4f6f5f16ca6e94b74f91bd6da1c7bc Mon Sep 17 00:00:00 2001 From: Tanner Heffner Date: Tue, 14 Nov 2023 08:33:37 -0800 Subject: [PATCH 3/3] actually run prettier --- .../tutorials/preview-mode/create-oauth-client.mdx | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/www/content/tutorials/preview-mode/create-oauth-client.mdx b/www/content/tutorials/preview-mode/create-oauth-client.mdx index d516f74c..a126db56 100644 --- a/www/content/tutorials/preview-mode/create-oauth-client.mdx +++ b/www/content/tutorials/preview-mode/create-oauth-client.mdx @@ -27,13 +27,13 @@ As from `next-drupal 1.5`, user roles are used for OAuth scopes. The scopes are Next, assign the following permissions to the newly created role. - - 'access content' - - 'access user profiles' - - 'issue subrequests' - - 'view all revisions' - - 'view any unpublished content' - - 'view latest version' - - 'view media' +- 'access content' +- 'access user profiles' +- 'issue subrequests' +- 'view all revisions' +- 'view any unpublished content' +- 'view latest version' +- 'view media'