bool allowsScope(AuthScope incomingScope)

Whether or not incomingScope has at least the same scoping access as this instance.

This check is used to determine if an Authorizer can allow a Request to pass if the Request's Request.authorization has a scope that has the same or more scope than there required scope of an Authorizer.

For example, the scope user:location would allow both user and user:location.

The scope user would allow user, but would not allow user:location, as user:location is more restrictive than the required scope.

Source

bool allowsScope(AuthScope incomingScope) {
  if (incomingScope._lastModifier != null) {
    // If the modifier of the incoming scope is restrictive,
    // and this scope requires no restrictions, then it's not allowed.
    if (_lastModifier == null) {
      return false;
    }

    // If the incoming scope's modifier doesn't match this one,
    // then we also don't have access.
    if (_lastModifier != incomingScope._lastModifier) {
      return false;
    }
  }

  // If we aren't restricted by modifier, let's make sure we have access.
  var thisIterator = _segments.iterator;
  for (var incomingSegment in incomingScope._segments) {
    thisIterator.moveNext();
    var current = thisIterator.current;

    // If the incoming scope is more restrictive than this scope,
    // then it's not allowed.
    if (current == null) {
      return false;
    }

    // If we have a mismatch here, then we're going
    // down the wrong path.
    if (incomingSegment.name != current.name) {
      return false;
    }
  }

  return true;
}