From 8bc4a30f1c2c4ff9ffb481e0b95a6522c8d86fb5 Mon Sep 17 00:00:00 2001
From: "hinoka@google.com"
 <hinoka@google.com@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Thu, 27 Mar 2014 01:05:02 +0000
Subject: [PATCH] Allow prodaccess based gsutil to also write into a bucket

The Telemetry workflow happily uses this gsutil to download artifacts, but they would also like to use the same workflow to upload artifacts.

I don't see a big harm in enabling read_write access for prodaccess based gsutil since its already more restrictive than the normal gsutil auth flow.  I could also be convinced to make this full_control, but that need has not arisen yet.

BUG= 341665

Review URL: https://codereview.chromium.org/148203012

git-svn-id: svn://svn.chromium.org/chrome/trunk/tools/depot_tools@259761 0039d316-1c4b-4281-b951-d872f2087c98
---
 third_party/gsutil/plugins/sso_auth.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/third_party/gsutil/plugins/sso_auth.py b/third_party/gsutil/plugins/sso_auth.py
index cf956b89f..6f23ca43b 100644
--- a/third_party/gsutil/plugins/sso_auth.py
+++ b/third_party/gsutil/plugins/sso_auth.py
@@ -24,7 +24,7 @@ STUBBY_CMD = """target: {
 target_credential: {
   type: OAUTH2_TOKEN
   oauth2_attributes: {
-    scope: 'https://www.googleapis.com/auth/devstorage.read_only'
+    scope: 'https://www.googleapis.com/auth/devstorage.read_write'
   }
 }"""