diff options
| author | rinpatch <rinpatch@sdf.org> | 2019-04-24 20:01:42 +0300 |
|---|---|---|
| committer | rinpatch <rinpatch@sdf.org> | 2019-04-24 20:01:42 +0300 |
| commit | 4baea6e6d9efa619402a031a84f74787653df2b5 (patch) | |
| tree | 02fe60e2fc34ca6164ae67b1ab47bc4b4179890b /docs/api | |
| parent | 030a7876b42a0c925fd52474de514ae5e9171e55 (diff) | |
| download | pleroma-4baea6e6d9efa619402a031a84f74787653df2b5.tar.gz | |
Fix leaking private configuration parameters in Mastodon and Twitter APIs, and add new configuration parameters to Mastodon API
This patch:
- Fixes `rights` in twitterapi ignoring `show_role`
- Fixes exposing default scope of the user to anyone in Mastodon API
- Extends Mastodon API to be able to show and set `no_rich_text`, `default_scope`, `hide_follows`, `hide_followers`, `hide_favorites` (requested by the FE in #674)
Sorry in advance for 500 line one commit diff, I should have split it up to separate MRs
Diffstat (limited to 'docs/api')
| -rw-r--r-- | docs/api/differences_in_mastoapi_responses.md | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/docs/api/differences_in_mastoapi_responses.md b/docs/api/differences_in_mastoapi_responses.md index 3bb1bd41f..7f05527fb 100644 --- a/docs/api/differences_in_mastoapi_responses.md +++ b/docs/api/differences_in_mastoapi_responses.md @@ -38,9 +38,12 @@ Has these additional fields under the `pleroma` object: - `tags`: Lists an array of tags for the user - `relationship{}`: Includes fields as documented for Mastodon API https://docs.joinmastodon.org/api/entities/#relationship -- `is_moderator`: boolean, true if user is a moderator -- `is_admin`: boolean, true if user is an admin +- `is_moderator`: boolean, nullable, true if user is a moderator +- `is_admin`: boolean, nullable, true if user is an admin - `confirmation_pending`: boolean, true if a new user account is waiting on email confirmation to be activated +- `hide_followers`: boolean, true when the user has follower hiding enabled +- `hide_follows`: boolean, true when the user has follow hiding enabled +- `show_role`: boolean, nullable (only shown when the user is requesting themselves), true when the user wants his role (e.g admin, moderator) to be shown ## Account Search @@ -60,3 +63,13 @@ Additional parameters can be added to the JSON body/Form data: - `preview`: boolean, if set to `true` the post won't be actually posted, but the status entitiy would still be rendered back. This could be useful for previewing rich text/custom emoji, for example. - `content_type`: string, contain the MIME type of the status, it is transformed into HTML by the backend. You can get the list of the supported MIME types with the nodeinfo endpoint. + +## PATCH `/api/v1/update_credentials` + +Additional parameters can be added to the JSON body/Form data: + +- `no_rich_text` - if true, html tags are stripped from all statuses requested from the API +- `hide_followers` - if true, user's followers will be hidden +- `hide_follows` - if true, user's follows will be hidden +- `hide_favorites` - if true, user's favorites timeline will be hidden +- `show_role` - if true, user's role (e.g admin, moderator) will be exposed to anyone in the API |