forked from AkkomaGang/akkoma
Moderators: reorganize :admin_api pipeline in Router
This commit is contained in:
parent
9bc1e79c56
commit
1f093cb216
2 changed files with 9 additions and 5 deletions
|
@ -96,10 +96,14 @@ defmodule Pleroma.Web.Router do
|
||||||
plug(Pleroma.Web.Plugs.AdminSecretAuthenticationPlug)
|
plug(Pleroma.Web.Plugs.AdminSecretAuthenticationPlug)
|
||||||
plug(:after_auth)
|
plug(:after_auth)
|
||||||
plug(Pleroma.Web.Plugs.EnsureAuthenticatedPlug)
|
plug(Pleroma.Web.Plugs.EnsureAuthenticatedPlug)
|
||||||
plug(Pleroma.Web.Plugs.UserIsAdminPlug)
|
plug(Pleroma.Web.Plugs.UserIsStaffPlug)
|
||||||
plug(Pleroma.Web.Plugs.IdempotencyPlug)
|
plug(Pleroma.Web.Plugs.IdempotencyPlug)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
pipeline :require_admin do
|
||||||
|
plug(Pleroma.Web.Plugs.UserIsAdminPlug)
|
||||||
|
end
|
||||||
|
|
||||||
pipeline :mastodon_html do
|
pipeline :mastodon_html do
|
||||||
plug(:browser)
|
plug(:browser)
|
||||||
plug(:authenticate)
|
plug(:authenticate)
|
||||||
|
@ -156,7 +160,7 @@ defmodule Pleroma.Web.Router do
|
||||||
end
|
end
|
||||||
|
|
||||||
scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do
|
scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do
|
||||||
pipe_through(:admin_api)
|
pipe_through([:admin_api, :require_admin])
|
||||||
|
|
||||||
put("/users/disable_mfa", AdminAPIController, :disable_mfa)
|
put("/users/disable_mfa", AdminAPIController, :disable_mfa)
|
||||||
put("/users/tag", AdminAPIController, :tag_users)
|
put("/users/tag", AdminAPIController, :tag_users)
|
||||||
|
@ -261,7 +265,7 @@ defmodule Pleroma.Web.Router do
|
||||||
|
|
||||||
scope "/api/v1/pleroma/emoji", Pleroma.Web.PleromaAPI do
|
scope "/api/v1/pleroma/emoji", Pleroma.Web.PleromaAPI do
|
||||||
scope "/pack" do
|
scope "/pack" do
|
||||||
pipe_through(:admin_api)
|
pipe_through([:admin_api, :require_admin])
|
||||||
|
|
||||||
post("/", EmojiPackController, :create)
|
post("/", EmojiPackController, :create)
|
||||||
patch("/", EmojiPackController, :update)
|
patch("/", EmojiPackController, :update)
|
||||||
|
@ -276,7 +280,7 @@ defmodule Pleroma.Web.Router do
|
||||||
|
|
||||||
# Modifying packs
|
# Modifying packs
|
||||||
scope "/packs" do
|
scope "/packs" do
|
||||||
pipe_through(:admin_api)
|
pipe_through([:admin_api, :require_admin])
|
||||||
|
|
||||||
get("/import", EmojiPackController, :import_from_filesystem)
|
get("/import", EmojiPackController, :import_from_filesystem)
|
||||||
get("/remote", EmojiPackController, :remote)
|
get("/remote", EmojiPackController, :remote)
|
||||||
|
|
|
@ -305,7 +305,7 @@ test "returns 403 when requested by a non-admin" do
|
||||||
|> get("/api/pleroma/admin/reports")
|
|> get("/api/pleroma/admin/reports")
|
||||||
|
|
||||||
assert json_response(conn, :forbidden) ==
|
assert json_response(conn, :forbidden) ==
|
||||||
%{"error" => "User is not an admin."}
|
%{"error" => "User is not a staff member."}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "returns 403 when requested by anonymous" do
|
test "returns 403 when requested by anonymous" do
|
||||||
|
|
Loading…
Reference in a new issue