Introduce OAuth scopes for bookmarks
This commit is contained in:
parent
7d1dd59496
commit
03afc365d5
@ -1,7 +1,7 @@
|
||||
# frozen_string_literal: true
|
||||
|
||||
class Api::V1::BookmarksController < Api::BaseController
|
||||
before_action -> { doorkeeper_authorize! :read }
|
||||
before_action -> { doorkeeper_authorize! :read, :'read:bookmarks' }
|
||||
before_action :require_user!
|
||||
after_action :insert_pagination_headers
|
||||
|
||||
|
@ -3,7 +3,7 @@
|
||||
class Api::V1::Statuses::BookmarksController < Api::BaseController
|
||||
include Authorization
|
||||
|
||||
before_action -> { doorkeeper_authorize! :write }
|
||||
before_action -> { doorkeeper_authorize! :write, :'write:bookmarks' }
|
||||
before_action :require_user!
|
||||
|
||||
respond_to :json
|
||||
|
@ -58,6 +58,7 @@ Doorkeeper.configure do
|
||||
optional_scopes :write,
|
||||
:'write:accounts',
|
||||
:'write:blocks',
|
||||
:'write:bookmarks',
|
||||
:'write:favourites',
|
||||
:'write:filters',
|
||||
:'write:follows',
|
||||
@ -70,6 +71,7 @@ Doorkeeper.configure do
|
||||
:read,
|
||||
:'read:accounts',
|
||||
:'read:blocks',
|
||||
:'read:bookmarks',
|
||||
:'read:favourites',
|
||||
:'read:filters',
|
||||
:'read:follows',
|
||||
|
@ -119,6 +119,7 @@ en:
|
||||
read: read all your account's data
|
||||
read:accounts: see accounts information
|
||||
read:blocks: see your blocks
|
||||
read:bookmarks: see your bookmarks
|
||||
read:favourites: see your favourites
|
||||
read:filters: see your filters
|
||||
read:follows: see your follows
|
||||
@ -131,6 +132,7 @@ en:
|
||||
write: modify all your account's data
|
||||
write:accounts: modify your profile
|
||||
write:blocks: block accounts and domains
|
||||
write:bookmarks: bookmark statuses
|
||||
write:favourites: favourite statuses
|
||||
write:filters: create filters
|
||||
write:follows: follow people
|
||||
|
@ -4,7 +4,7 @@ RSpec.describe Api::V1::BookmarksController, type: :controller do
|
||||
render_views
|
||||
|
||||
let(:user) { Fabricate(:user) }
|
||||
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read') }
|
||||
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read:bookmarks') }
|
||||
|
||||
describe 'GET #index' do
|
||||
context 'without token' do
|
||||
|
@ -7,7 +7,7 @@ describe Api::V1::Statuses::BookmarksController do
|
||||
|
||||
let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) }
|
||||
let(:app) { Fabricate(:application, name: 'Test app', website: 'http://testapp.com') }
|
||||
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'write', application: app) }
|
||||
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'write:bookmarks', application: app) }
|
||||
|
||||
context 'with an oauth token' do
|
||||
before do
|
||||
|
Loading…
Reference in New Issue
Block a user