aboutsummaryrefslogtreecommitdiff
path: root/lib/pleroma/plugs
diff options
context:
space:
mode:
Diffstat (limited to 'lib/pleroma/plugs')
-rw-r--r--lib/pleroma/plugs/oauth_scopes_plug.ex12
-rw-r--r--lib/pleroma/plugs/parsers_plug.ex21
-rw-r--r--lib/pleroma/plugs/user_is_admin_plug.ex27
3 files changed, 56 insertions, 4 deletions
diff --git a/lib/pleroma/plugs/oauth_scopes_plug.ex b/lib/pleroma/plugs/oauth_scopes_plug.ex
index a3278dbef..174a8389c 100644
--- a/lib/pleroma/plugs/oauth_scopes_plug.ex
+++ b/lib/pleroma/plugs/oauth_scopes_plug.ex
@@ -6,6 +6,7 @@ defmodule Pleroma.Plugs.OAuthScopesPlug do
import Plug.Conn
import Pleroma.Web.Gettext
+ alias Pleroma.Config
alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
@behaviour Plug
@@ -15,6 +16,8 @@ defmodule Pleroma.Plugs.OAuthScopesPlug do
def call(%Plug.Conn{assigns: assigns} = conn, %{scopes: scopes} = options) do
op = options[:op] || :|
token = assigns[:token]
+
+ scopes = transform_scopes(scopes, options)
matched_scopes = token && filter_descendants(scopes, token.scopes)
cond do
@@ -60,6 +63,15 @@ defmodule Pleroma.Plugs.OAuthScopesPlug do
)
end
+ @doc "Transforms scopes by applying supported options (e.g. :admin)"
+ def transform_scopes(scopes, options) do
+ if options[:admin] do
+ Config.oauth_admin_scopes(scopes)
+ else
+ scopes
+ end
+ end
+
defp maybe_perform_instance_privacy_check(%Plug.Conn{} = conn, options) do
if options[:skip_instance_privacy_check] do
conn
diff --git a/lib/pleroma/plugs/parsers_plug.ex b/lib/pleroma/plugs/parsers_plug.ex
new file mode 100644
index 000000000..2e493ce0e
--- /dev/null
+++ b/lib/pleroma/plugs/parsers_plug.ex
@@ -0,0 +1,21 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Plugs.Parsers do
+ @moduledoc "Initializes Plug.Parsers with upload limit set at boot time"
+
+ @behaviour Plug
+
+ def init(_opts) do
+ Plug.Parsers.init(
+ parsers: [:urlencoded, :multipart, :json],
+ pass: ["*/*"],
+ json_decoder: Jason,
+ length: Pleroma.Config.get([:instance, :upload_limit]),
+ body_reader: {Pleroma.Web.Plugs.DigestPlug, :read_body, []}
+ )
+ end
+
+ defdelegate call(conn, opts), to: Plug.Parsers
+end
diff --git a/lib/pleroma/plugs/user_is_admin_plug.ex b/lib/pleroma/plugs/user_is_admin_plug.ex
index ee808f31f..582fb1f92 100644
--- a/lib/pleroma/plugs/user_is_admin_plug.ex
+++ b/lib/pleroma/plugs/user_is_admin_plug.ex
@@ -5,19 +5,38 @@
defmodule Pleroma.Plugs.UserIsAdminPlug do
import Pleroma.Web.TranslationHelpers
import Plug.Conn
+
alias Pleroma.User
+ alias Pleroma.Web.OAuth
def init(options) do
options
end
- def call(%{assigns: %{user: %User{is_admin: true}}} = conn, _) do
- conn
+ def call(%{assigns: %{user: %User{is_admin: true}} = assigns} = conn, _) do
+ token = assigns[:token]
+
+ cond do
+ not Pleroma.Config.enforce_oauth_admin_scope_usage?() ->
+ conn
+
+ token && OAuth.Scopes.contains_admin_scopes?(token.scopes) ->
+ # Note: checking for _any_ admin scope presence, not necessarily fitting requested action.
+ # Thus, controller must explicitly invoke OAuthScopesPlug to verify scope requirements.
+ conn
+
+ true ->
+ fail(conn)
+ end
end
def call(conn, _) do
+ fail(conn)
+ end
+
+ defp fail(conn) do
conn
- |> render_error(:forbidden, "User is not admin.")
- |> halt
+ |> render_error(:forbidden, "User is not an admin or OAuth admin scope is not granted.")
+ |> halt()
end
end
generated by cgit v1.2.3 (git 2.26.2) at 2025-04-25 15:03:14 +0000