Merge branch 'master' into glitch-soc/tentative-merge

Conflicts: README.md app/controllers/statuses_controller.rb app/lib/feed_manager.rb config/navigation.rb spec/lib/feed_manager_spec.rb Conflicts were resolved by taking both versions for each change. This means the two filter systems (glitch-soc's keyword mutes and tootsuite's custom filters) are in place, which will be changed in a follow-up commit.
author: Thibaut Girka <thib@sitedethib.com> 2018-07-09 07:05:29 +0200
committer: Thibaut Girka <thib@sitedethib.com> 2018-07-09 07:13:59 +0200
commit: d392020da6ff4511a2925b327de23933f374bea3 (patch)
tree: e86a590276a96ef72d5ed49f79998e7680969cb6 /app/controllers/api/v1/statuses
parent: c699b2d141d7aa910bd81ae5fe881ecec7039395 (diff)
parent: 1ca4e51eb38de6de81cedf3ddcdaa626f1d1c569 (diff)
6 files changed, 6 insertions, 16 deletions
diff --git a/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb b/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb
index 3fe304153..8f4070bc7 100644
--- a/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb
+++ b/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb
@@ -3,7 +3,7 @@
 class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController
   include Authorization
 
-  before_action :authorize_if_got_token
+  before_action -> { authorize_if_got_token! :read, :'read:accounts' }
   before_action :set_status
   after_action :insert_pagination_headers
 
@@ -71,11 +71,6 @@ class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController
     raise ActiveRecord::RecordNotFound
   end
 
-  def authorize_if_got_token
-    request_token = Doorkeeper::OAuth::Token.from_request(request, *Doorkeeper.configuration.access_token_methods)
-    doorkeeper_authorize! :read if request_token
-  end
-
   def pagination_params(core_params)
     params.slice(:limit).permit(:limit).merge(core_params)
   end
diff --git a/app/controllers/api/v1/statuses/favourites_controller.rb b/app/controllers/api/v1/statuses/favourites_controller.rb
index 35f8a48cd..cceee9060 100644
--- a/app/controllers/api/v1/statuses/favourites_controller.rb
+++ b/app/controllers/api/v1/statuses/favourites_controller.rb
@@ -3,7 +3,7 @@
 class Api::V1::Statuses::FavouritesController < Api::BaseController
   include Authorization
 
-  before_action -> { doorkeeper_authorize! :write }
+  before_action -> { doorkeeper_authorize! :write, :'write:favourites' }
   before_action :require_user!
 
   respond_to :json
diff --git a/app/controllers/api/v1/statuses/mutes_controller.rb b/app/controllers/api/v1/statuses/mutes_controller.rb
index a4bf0acdd..b02469b4f 100644
--- a/app/controllers/api/v1/statuses/mutes_controller.rb
+++ b/app/controllers/api/v1/statuses/mutes_controller.rb
@@ -3,7 +3,7 @@
 class Api::V1::Statuses::MutesController < Api::BaseController
   include Authorization
 
-  before_action -> { doorkeeper_authorize! :write }
+  before_action -> { doorkeeper_authorize! :write, :'write:mutes' }
   before_action :require_user!
   before_action :set_status
   before_action :set_conversation
diff --git a/app/controllers/api/v1/statuses/pins_controller.rb b/app/controllers/api/v1/statuses/pins_controller.rb
index 54f8be667..4118a8ce4 100644
--- a/app/controllers/api/v1/statuses/pins_controller.rb
+++ b/app/controllers/api/v1/statuses/pins_controller.rb
@@ -3,7 +3,7 @@
 class Api::V1::Statuses::PinsController < Api::BaseController
   include Authorization
 
-  before_action -> { doorkeeper_authorize! :write }
+  before_action -> { doorkeeper_authorize! :write, :'write:accounts' }
   before_action :require_user!
   before_action :set_status
 
diff --git a/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb b/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb
index b065db2c7..93b83ce48 100644
--- a/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb
+++ b/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb
@@ -3,7 +3,7 @@
 class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController
   include Authorization
 
-  before_action :authorize_if_got_token
+  before_action -> { authorize_if_got_token! :read, :'read:accounts' }
   before_action :set_status
   after_action :insert_pagination_headers
 
@@ -68,11 +68,6 @@ class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController
     raise ActiveRecord::RecordNotFound
   end
 
-  def authorize_if_got_token
-    request_token = Doorkeeper::OAuth::Token.from_request(request, *Doorkeeper.configuration.access_token_methods)
-    doorkeeper_authorize! :read if request_token
-  end
-
   def pagination_params(core_params)
     params.slice(:limit).permit(:limit).merge(core_params)
   end
diff --git a/app/controllers/api/v1/statuses/reblogs_controller.rb b/app/controllers/api/v1/statuses/reblogs_controller.rb
index 634af474f..04847a6b7 100644
--- a/app/controllers/api/v1/statuses/reblogs_controller.rb
+++ b/app/controllers/api/v1/statuses/reblogs_controller.rb
@@ -3,7 +3,7 @@
 class Api::V1::Statuses::ReblogsController < Api::BaseController
   include Authorization
 
-  before_action -> { doorkeeper_authorize! :write }
+  before_action -> { doorkeeper_authorize! :write, :'write:statuses' }
   before_action :require_user!
 
   respond_to :json
author	Thibaut Girka <thib@sitedethib.com>	2018-07-09 07:05:29 +0200
committer	Thibaut Girka <thib@sitedethib.com>	2018-07-09 07:13:59 +0200
commit	d392020da6ff4511a2925b327de23933f374bea3 (patch)
tree	e86a590276a96ef72d5ed49f79998e7680969cb6 /app/controllers/api/v1/statuses
parent	c699b2d141d7aa910bd81ae5fe881ecec7039395 (diff)
parent	1ca4e51eb38de6de81cedf3ddcdaa626f1d1c569 (diff)