Merge branch '1427-oauth-admin-scopes' into 'develop'

[#1427] OAuth admin scopes Closes #1427 See merge request pleroma/pleroma!2025
author: lain <lain@soykaf.club> 2019-12-10 13:44:06 +0000
committer: lain <lain@soykaf.club> 2019-12-10 13:44:06 +0000
commit: aac0187ec13078d2756db1671e644d6eb9c0947b (patch)
tree: 1e0b4fa5d7ca5d12ac2d41ee5a077f669f64fb43 /lib/pleroma/web/admin_api
parent: 54b1b2c9c0c24165b5b32c352fa684eed28bfa93 (diff)
parent: 1ae976ac51d5ad7c224fa4d1ddee0bbd007d6787 (diff)
download: pleroma-aac0187ec13078d2756db1671e644d6eb9c0947b.tar.gz
1 files changed, 10 insertions, 8 deletions
diff --git a/lib/pleroma/web/admin_api/admin_api_controller.ex b/lib/pleroma/web/admin_api/admin_api_controller.ex
index b003d1f35..0a8a56cd8 100644
--- a/lib/pleroma/web/admin_api/admin_api_controller.ex
+++ b/lib/pleroma/web/admin_api/admin_api_controller.ex
@@ -30,13 +30,13 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
 
   plug(
     OAuthScopesPlug,
-    %{scopes: ["read:accounts"]}
+    %{scopes: ["read:accounts"], admin: true}
     when action in [:list_users, :user_show, :right_get, :invites]
   )
 
   plug(
     OAuthScopesPlug,
-    %{scopes: ["write:accounts"]}
+    %{scopes: ["write:accounts"], admin: true}
     when action in [
            :get_invite_token,
            :revoke_invite,
@@ -58,35 +58,37 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
 
   plug(
     OAuthScopesPlug,
-    %{scopes: ["read:reports"]} when action in [:list_reports, :report_show]
+    %{scopes: ["read:reports"], admin: true}
+    when action in [:list_reports, :report_show]
   )
 
   plug(
     OAuthScopesPlug,
-    %{scopes: ["write:reports"]}
+    %{scopes: ["write:reports"], admin: true}
     when action in [:report_update_state, :report_respond]
   )
 
   plug(
     OAuthScopesPlug,
-    %{scopes: ["read:statuses"]} when action == :list_user_statuses
+    %{scopes: ["read:statuses"], admin: true}
+    when action == :list_user_statuses
   )
 
   plug(
     OAuthScopesPlug,
-    %{scopes: ["write:statuses"]}
+    %{scopes: ["write:statuses"], admin: true}
     when action in [:status_update, :status_delete]
   )
 
   plug(
     OAuthScopesPlug,
-    %{scopes: ["read"]}
+    %{scopes: ["read"], admin: true}
     when action in [:config_show, :migrate_to_db, :migrate_from_db, :list_log]
   )
 
   plug(
     OAuthScopesPlug,
-    %{scopes: ["write"]}
+    %{scopes: ["write"], admin: true}
     when action in [:relay_follow, :relay_unfollow, :config_update]
   )
author	lain <lain@soykaf.club>	2019-12-10 13:44:06 +0000
committer	lain <lain@soykaf.club>	2019-12-10 13:44:06 +0000
commit	aac0187ec13078d2756db1671e644d6eb9c0947b (patch)
tree	1e0b4fa5d7ca5d12ac2d41ee5a077f669f64fb43 /lib/pleroma/web/admin_api
parent	54b1b2c9c0c24165b5b32c352fa684eed28bfa93 (diff)
parent	1ae976ac51d5ad7c224fa4d1ddee0bbd007d6787 (diff)
download	pleroma-aac0187ec13078d2756db1671e644d6eb9c0947b.tar.gz