forked from AkkomaGang/akkoma
Make backups require its own scope (#218)
Pulled from https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3721. This makes backups require its own scope (`read:backups`) instead of the `read:accounts` scope. Co-authored-by: Tusooa Zhu <tusooa@kazv.moe> Reviewed-on: AkkomaGang/akkoma#218 Co-authored-by: Norm <normandy@biribiri.dev> Co-committed-by: Norm <normandy@biribiri.dev>
This commit is contained in:
parent
0aabe4d0c3
commit
561e1f2470
4 changed files with 10 additions and 5 deletions
|
@ -4,6 +4,11 @@ All notable changes to this project will be documented in this file.
|
||||||
|
|
||||||
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
|
|
||||||
|
## Unreleased
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
- **Breaking**: `/api/v1/pleroma/backups` endpoints now requires `read:backups` scope instead of `read:accounts`
|
||||||
|
|
||||||
## 2022.09
|
## 2022.09
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
|
@ -16,7 +16,7 @@ def index_operation do
|
||||||
%Operation{
|
%Operation{
|
||||||
tags: ["Backups"],
|
tags: ["Backups"],
|
||||||
summary: "List backups",
|
summary: "List backups",
|
||||||
security: [%{"oAuth" => ["read:account"]}],
|
security: [%{"oAuth" => ["read:backups"]}],
|
||||||
operationId: "PleromaAPI.BackupController.index",
|
operationId: "PleromaAPI.BackupController.index",
|
||||||
responses: %{
|
responses: %{
|
||||||
200 =>
|
200 =>
|
||||||
|
@ -37,7 +37,7 @@ def create_operation do
|
||||||
%Operation{
|
%Operation{
|
||||||
tags: ["Backups"],
|
tags: ["Backups"],
|
||||||
summary: "Create a backup",
|
summary: "Create a backup",
|
||||||
security: [%{"oAuth" => ["read:account"]}],
|
security: [%{"oAuth" => ["read:backups"]}],
|
||||||
operationId: "PleromaAPI.BackupController.create",
|
operationId: "PleromaAPI.BackupController.create",
|
||||||
responses: %{
|
responses: %{
|
||||||
200 =>
|
200 =>
|
||||||
|
|
|
@ -9,7 +9,7 @@ defmodule Pleroma.Web.PleromaAPI.BackupController do
|
||||||
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
|
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
|
||||||
plug(OAuthScopesPlug, %{scopes: ["read:accounts"]} when action in [:index, :create])
|
plug(OAuthScopesPlug, %{scopes: ["read:backups"]} when action in [:index, :create])
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
|
|
||||||
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.PleromaBackupOperation
|
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.PleromaBackupOperation
|
||||||
|
|
|
@ -11,7 +11,7 @@ defmodule Pleroma.Web.PleromaAPI.BackupControllerTest do
|
||||||
setup do
|
setup do
|
||||||
clear_config([Pleroma.Upload, :uploader])
|
clear_config([Pleroma.Upload, :uploader])
|
||||||
clear_config([Backup, :limit_days])
|
clear_config([Backup, :limit_days])
|
||||||
oauth_access(["read:accounts"])
|
oauth_access(["read:backups"])
|
||||||
end
|
end
|
||||||
|
|
||||||
test "GET /api/v1/pleroma/backups", %{user: user, conn: conn} do
|
test "GET /api/v1/pleroma/backups", %{user: user, conn: conn} do
|
||||||
|
@ -85,7 +85,7 @@ test "POST /api/v1/pleroma/backups", %{user: _user, conn: conn} do
|
||||||
|
|
||||||
test "Backup without email address" do
|
test "Backup without email address" do
|
||||||
user = Pleroma.Factory.insert(:user, email: nil)
|
user = Pleroma.Factory.insert(:user, email: nil)
|
||||||
%{conn: conn} = oauth_access(["read:accounts"], user: user)
|
%{conn: conn} = oauth_access(["read:backups"], user: user)
|
||||||
|
|
||||||
assert is_nil(user.email)
|
assert is_nil(user.email)
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue