Introduce OAuth scopes for bookmarks
This commit is contained in:
parent
7d1dd59496
commit
03afc365d5
6 changed files with 8 additions and 4 deletions
|
@ -1,7 +1,7 @@
|
||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
|
|
||||||
class Api::V1::BookmarksController < Api::BaseController
|
class Api::V1::BookmarksController < Api::BaseController
|
||||||
before_action -> { doorkeeper_authorize! :read }
|
before_action -> { doorkeeper_authorize! :read, :'read:bookmarks' }
|
||||||
before_action :require_user!
|
before_action :require_user!
|
||||||
after_action :insert_pagination_headers
|
after_action :insert_pagination_headers
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
class Api::V1::Statuses::BookmarksController < Api::BaseController
|
class Api::V1::Statuses::BookmarksController < Api::BaseController
|
||||||
include Authorization
|
include Authorization
|
||||||
|
|
||||||
before_action -> { doorkeeper_authorize! :write }
|
before_action -> { doorkeeper_authorize! :write, :'write:bookmarks' }
|
||||||
before_action :require_user!
|
before_action :require_user!
|
||||||
|
|
||||||
respond_to :json
|
respond_to :json
|
||||||
|
|
|
@ -58,6 +58,7 @@ Doorkeeper.configure do
|
||||||
optional_scopes :write,
|
optional_scopes :write,
|
||||||
:'write:accounts',
|
:'write:accounts',
|
||||||
:'write:blocks',
|
:'write:blocks',
|
||||||
|
:'write:bookmarks',
|
||||||
:'write:favourites',
|
:'write:favourites',
|
||||||
:'write:filters',
|
:'write:filters',
|
||||||
:'write:follows',
|
:'write:follows',
|
||||||
|
@ -70,6 +71,7 @@ Doorkeeper.configure do
|
||||||
:read,
|
:read,
|
||||||
:'read:accounts',
|
:'read:accounts',
|
||||||
:'read:blocks',
|
:'read:blocks',
|
||||||
|
:'read:bookmarks',
|
||||||
:'read:favourites',
|
:'read:favourites',
|
||||||
:'read:filters',
|
:'read:filters',
|
||||||
:'read:follows',
|
:'read:follows',
|
||||||
|
|
|
@ -119,6 +119,7 @@ en:
|
||||||
read: read all your account's data
|
read: read all your account's data
|
||||||
read:accounts: see accounts information
|
read:accounts: see accounts information
|
||||||
read:blocks: see your blocks
|
read:blocks: see your blocks
|
||||||
|
read:bookmarks: see your bookmarks
|
||||||
read:favourites: see your favourites
|
read:favourites: see your favourites
|
||||||
read:filters: see your filters
|
read:filters: see your filters
|
||||||
read:follows: see your follows
|
read:follows: see your follows
|
||||||
|
@ -131,6 +132,7 @@ en:
|
||||||
write: modify all your account's data
|
write: modify all your account's data
|
||||||
write:accounts: modify your profile
|
write:accounts: modify your profile
|
||||||
write:blocks: block accounts and domains
|
write:blocks: block accounts and domains
|
||||||
|
write:bookmarks: bookmark statuses
|
||||||
write:favourites: favourite statuses
|
write:favourites: favourite statuses
|
||||||
write:filters: create filters
|
write:filters: create filters
|
||||||
write:follows: follow people
|
write:follows: follow people
|
||||||
|
|
|
@ -4,7 +4,7 @@ RSpec.describe Api::V1::BookmarksController, type: :controller do
|
||||||
render_views
|
render_views
|
||||||
|
|
||||||
let(:user) { Fabricate(:user) }
|
let(:user) { Fabricate(:user) }
|
||||||
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read') }
|
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read:bookmarks') }
|
||||||
|
|
||||||
describe 'GET #index' do
|
describe 'GET #index' do
|
||||||
context 'without token' do
|
context 'without token' do
|
||||||
|
|
|
@ -7,7 +7,7 @@ describe Api::V1::Statuses::BookmarksController do
|
||||||
|
|
||||||
let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) }
|
let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) }
|
||||||
let(:app) { Fabricate(:application, name: 'Test app', website: 'http://testapp.com') }
|
let(:app) { Fabricate(:application, name: 'Test app', website: 'http://testapp.com') }
|
||||||
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'write', application: app) }
|
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'write:bookmarks', application: app) }
|
||||||
|
|
||||||
context 'with an oauth token' do
|
context 'with an oauth token' do
|
||||||
before do
|
before do
|
||||||
|
|
Loading…
Reference in a new issue