Cloud Storage Scopes List
Overview
"Scope" defines the permissions granted to the application. Some cloud storage providers have a lot of "scopes", some have only a few. Usually these are listed while users allow access to their storage, so we should ask only for those permissions we really need.
Dropbox
Dropbox has only two scopes: one is to get access to the whole user's storage and the other is to ask access to App Folder only.
ScummVM uses the latter. Scope is selected when application is created and it seems one can't change it later.
OneDrive
OneDrive has the following scopes (https://dev.onedrive.com/auth/msa_oauth.htm#authentication-scopes):
- offline_access - provides refresh_token;
- onedrive.readonly - read-only access to all user's files;
- onedrive.readwrite - read and write access to all user's files;
- onedrive.appfolder - read and write access to a special App Folder.
ScummVM uses onedrive.appfolder offline_access
. These are passed as "scope" GET parameter in the OAuth link.
Google Drive
Google Drive has different scopes (https://developers.google.com/drive/v3/web/about-auth#OAuth2Authorizing). The most important for us are:
- https://www.googleapis.com/auth/drive - full access to user files;
- https://www.googleapis.com/auth/drive.file - full access to user files created by the application;
- https://www.googleapis.com/auth/drive.readonly - read-only access to file metadata and file content;
- https://www.googleapis.com/auth/drive.appfolder - access to the Application Data folder.
Application Data folder is completely hidden from user, thus ScummVM uses https://www.googleapis.com/auth/drive.file
and creates "ScummVM" folder in the root. Scope is passed as "scope" GET parameter in the OAuth link.
Because the app is restricted to it's own files, users can not place files in the google drive manually.
Box
Box has special scopes for Organisation and Application Users management, but there is only one scope for Files: get whole access to Box storage.
ScummVM uses that one. Scopes are set in application settings within developer's page.