Add more granular OAuth scopes (#7929)

* Add more granular OAuth scopes * Add human-readable descriptions of the new scopes * Ensure new scopes look good on the app UI * Add tests * Group scopes in screen and color-code dangerous ones * Fix wrong extra scope
author: Eugen Rochko <eugen@zeonfederated.com> 2018-07-05 18:31:35 +0200
committer: GitHub <noreply@github.com> 2018-07-05 18:31:35 +0200
commit: 1f6ed4f86ab2aa98bb271b40bf381370fab4fdf2 (patch)
tree: c7f4668bc9e5fae31ea8dc8b7dd10edd0f2c1164 /app/controllers/api/v1/notifications_controller.rb
parent: ca2cc556f1875e431ea9ceb2d3f4766366c76846 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/app/controllers/api/v1/notifications_controller.rb b/app/controllers/api/v1/notifications_controller.rb
index ebbe0b292..593c8f9a9 100644
--- a/app/controllers/api/v1/notifications_controller.rb
+++ b/app/controllers/api/v1/notifications_controller.rb
@@ -1,7 +1,8 @@
 # frozen_string_literal: true
 
 class Api::V1::NotificationsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read }
+  before_action -> { doorkeeper_authorize! :read, :'read:notifications' }, except: [:clear, :dismiss]
+  before_action -> { doorkeeper_authorize! :write, :'write:notifications' }, only: [:clear, :dismiss]
   before_action :require_user!
   after_action :insert_pagination_headers, only: :index
author	Eugen Rochko <eugen@zeonfederated.com>	2018-07-05 18:31:35 +0200
committer	GitHub <noreply@github.com>	2018-07-05 18:31:35 +0200
commit	1f6ed4f86ab2aa98bb271b40bf381370fab4fdf2 (patch)
tree	c7f4668bc9e5fae31ea8dc8b7dd10edd0f2c1164 /app/controllers/api/v1/notifications_controller.rb
parent	ca2cc556f1875e431ea9ceb2d3f4766366c76846 (diff)