Moderators: reorganize :admin_api pipeline in Router - pleroma - My custom branche(s) on git.pleroma.social/pleroma/pleroma

commit: 1f093cb216ed0d6b0d23b05e1ffbbf55dc72bbee
parent 9bc1e79c5675efb70e45b63f6530194888b182de
Author: Alex Gleason <alex@alexgleason.me>
Date:   Mon, 12 Jul 2021 22:00:44 -0500

Moderators: reorganize :admin_api pipeline in Router

Diffstat:
M lib/pleroma/web/router.ex 12 ++++++++----
M test/pleroma/web/admin_api/controllers/report_controller_test.exs 2 +-

2 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
@@ -96,10 +96,14 @@ defmodule Pleroma.Web.Router do
     plug(Pleroma.Web.Plugs.AdminSecretAuthenticationPlug)
     plug(:after_auth)
     plug(Pleroma.Web.Plugs.EnsureAuthenticatedPlug)
-    plug(Pleroma.Web.Plugs.UserIsAdminPlug)
+    plug(Pleroma.Web.Plugs.UserIsStaffPlug)
     plug(Pleroma.Web.Plugs.IdempotencyPlug)
   end
 
+  pipeline :require_admin do
+    plug(Pleroma.Web.Plugs.UserIsAdminPlug)
+  end
+
   pipeline :mastodon_html do
     plug(:browser)
     plug(:authenticate)
@@ -156,7 +160,7 @@ defmodule Pleroma.Web.Router do
   end
 
   scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do
-    pipe_through(:admin_api)
+    pipe_through([:admin_api, :require_admin])
 
     put("/users/disable_mfa", AdminAPIController, :disable_mfa)
     put("/users/tag", AdminAPIController, :tag_users)
@@ -261,7 +265,7 @@ defmodule Pleroma.Web.Router do
 
   scope "/api/v1/pleroma/emoji", Pleroma.Web.PleromaAPI do
     scope "/pack" do
-      pipe_through(:admin_api)
+      pipe_through([:admin_api, :require_admin])
 
       post("/", EmojiPackController, :create)
       patch("/", EmojiPackController, :update)
@@ -276,7 +280,7 @@ defmodule Pleroma.Web.Router do
 
     # Modifying packs
     scope "/packs" do
-      pipe_through(:admin_api)
+      pipe_through([:admin_api, :require_admin])
 
       get("/import", EmojiPackController, :import_from_filesystem)
       get("/remote", EmojiPackController, :remote)
diff --git a/test/pleroma/web/admin_api/controllers/report_controller_test.exs b/test/pleroma/web/admin_api/controllers/report_controller_test.exs
@@ -305,7 +305,7 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
         |> get("/api/pleroma/admin/reports")
 
       assert json_response(conn, :forbidden) ==
-               %{"error" => "User is not an admin."}
+               %{"error" => "User is not a staff member."}
     end
 
     test "returns 403 when requested by anonymous" do

M	lib/pleroma/web/router.ex	12	++++++++----
M	test/pleroma/web/admin_api/controllers/report_controller_test.exs	2	+-