Require follow and read OAuth scopes for GET /api/v1/apps - pleroma - My custom branche(s) on git.pleroma.social/pleroma/pleroma

commit: eab6291094314846425339ec51fffbc94cab5501
parent baa8196fc910cfdbaefd6059bdb1a8445d83f563
Author: Sean King <seanking2919@protonmail.com>
Date:   Sat, 28 Aug 2021 11:13:25 -0600

Require follow and read OAuth scopes for GET /api/v1/apps

Diffstat:
M lib/pleroma/web/api_spec/operations/app_operation.ex 26 ++------------------------
M lib/pleroma/web/mastodon_api/controllers/app_controller.ex 2 +-

2 files changed, 3 insertions(+), 25 deletions(-)
diff --git a/lib/pleroma/web/api_spec/operations/app_operation.ex b/lib/pleroma/web/api_spec/operations/app_operation.ex
@@ -36,7 +36,7 @@ defmodule Pleroma.Web.ApiSpec.AppOperation do
       operationId: "AppController.create",
       requestBody: Helpers.request_body("Parameters", create_request(), required: true),
       responses: %{
-        200 => Operation.response("App", "application/json", create_response()),
+        200 => create_response(),
         422 =>
           Operation.response(
             "Unprocessable Entity",
@@ -135,29 +135,7 @@ defmodule Pleroma.Web.ApiSpec.AppOperation do
   end
 
   defp create_response do
-    %Schema{
-      title: "AppCreateResponse",
-      description: "Response schema for an app",
-      type: :object,
-      properties: %{
-        id: %Schema{type: :string},
-        name: %Schema{type: :string},
-        client_id: %Schema{type: :string},
-        client_secret: %Schema{type: :string},
-        redirect_uri: %Schema{type: :string},
-        vapid_key: %Schema{type: :string},
-        website: %Schema{type: :string, nullable: true}
-      },
-      example: %{
-        "id" => "123",
-        "name" => "My App",
-        "client_id" => "TWhM-tNSuncnqN7DBJmoyeLnk6K3iJJ71KKXxgL1hPM",
-        "client_secret" => "ZEaFUFmF0umgBX1qKJDjaU99Q31lDkOU8NutzTOoliw",
-        "vapid_key" =>
-          "BCk-QqERU0q-CfYZjcuB6lnyyOYfJ2AifKqfeGIm7Z-HiTU5T9eTG5GxVA0_OH5mMlI4UkkDTpaZwozy0TzdZ2M=",
-        "website" => "https://myapp.com/"
-      }
-    }
+    Operation.response("App", "application/json", App)
   end
 
   defp array_of_apps do
diff --git a/lib/pleroma/web/mastodon_api/controllers/app_controller.ex b/lib/pleroma/web/mastodon_api/controllers/app_controller.ex
@@ -20,7 +20,7 @@ defmodule Pleroma.Web.MastodonAPI.AppController do
 
   plug(:skip_auth when action in [:create, :verify_credentials])
 
-  plug(:skip_plug, OAuthScopesPlug when action in [:index])
+  plug(OAuthScopesPlug, %{scopes: ["follow", "read"]} when action in [:index])
 
   plug(Pleroma.Web.ApiSpec.CastAndValidate)

M	lib/pleroma/web/api_spec/operations/app_operation.ex	26	++------------------------
M	lib/pleroma/web/mastodon_api/controllers/app_controller.ex	2	+-