diff options
| author | Eugen Rochko <eugen@zeonfederated.com> | 2018-12-20 01:30:43 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-12-20 01:30:43 +0100 |
| commit | 108b2139cd87321f6c0aec63ef93db85ce30bfec (patch) | |
| tree | 00d52fc87ce207f7797b052ac4b555f5a27555c1 /app | |
| parent | 8389b496ba9f8b5fa04a34ccc14c8e4195e03ea3 (diff) | |
Allow unauthenticated REST API access to GET /api/v1/accounts/:id/statuses (#9573)
Fix #7087 The same data is available over the ActivityPub outbox, RSS, and Atom, so there is little benefit to keeping it limited in this method.
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/api/v1/accounts/statuses_controller.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/controllers/api/v1/accounts/statuses_controller.rb b/app/controllers/api/v1/accounts/statuses_controller.rb index b68a8805f..d3f1197f8 100644 --- a/app/controllers/api/v1/accounts/statuses_controller.rb +++ b/app/controllers/api/v1/accounts/statuses_controller.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true class Api::V1::Accounts::StatusesController < Api::BaseController - before_action -> { doorkeeper_authorize! :read, :'read:statuses' } + before_action -> { authorize_if_got_token! :read, :'read:statuses' } before_action :set_account after_action :insert_pagination_headers |