Add read:me OAuth 2.0 scope, allowing more limited access to user data (#29087)

2024-04-23 13:47:00 +02:00 · 2024-04-23 13:47:00 +02:00 · 049b159beb
commit 049b159beb
parent d754b15afb
4 changed files with 17 additions and 1 deletions
--- a/spec/requests/api/v1/accounts/credentials_spec.rb
+++ b/spec/requests/api/v1/accounts/credentials_spec.rb
@ -28,6 +28,20 @@ RSpec.describe 'credentials API' do
        locked: true,
      })
    end
+
+    describe 'allows the read:me scope' do
+      let(:scopes) { 'read:me' }
+
+      it 'returns the response successfully' do
+        subject
+
+        expect(response).to have_http_status(200)
+
+        expect(body_as_json).to include({
+          locked: true,
+        })
+      end
+    end
  end

  describe 'PATCH /api/v1/accounts/update_credentials' do