about summary refs log tree commit diff
path: root/config/initializers
diff options
context:
space:
mode:
authorEugen Rochko <eugen@zeonfederated.com>2018-07-05 18:31:35 +0200
committerGitHub <noreply@github.com>2018-07-05 18:31:35 +0200
commit1f6ed4f86ab2aa98bb271b40bf381370fab4fdf2 (patch)
treec7f4668bc9e5fae31ea8dc8b7dd10edd0f2c1164 /config/initializers
parentca2cc556f1875e431ea9ceb2d3f4766366c76846 (diff)
Add more granular OAuth scopes (#7929)
* Add more granular OAuth scopes

* Add human-readable descriptions of the new scopes

* Ensure new scopes look good on the app UI

* Add tests

* Group scopes in screen and color-code dangerous ones

* Fix wrong extra scope
Diffstat (limited to 'config/initializers')
-rw-r--r--config/initializers/doorkeeper.rb27
1 files changed, 26 insertions, 1 deletions
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
index 469553803..fe2490b32 100644
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -55,7 +55,32 @@ Doorkeeper.configure do
   # For more information go to
   # https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes
   default_scopes  :read
-  optional_scopes :write, :follow, :push
+  optional_scopes :write,
+                  :'write:accounts',
+                  :'write:blocks',
+                  :'write:favourites',
+                  :'write:filters',
+                  :'write:follows',
+                  :'write:lists',
+                  :'write:media',
+                  :'write:mutes',
+                  :'write:notifications',
+                  :'write:reports',
+                  :'write:statuses',
+                  :read,
+                  :'read:accounts',
+                  :'read:blocks',
+                  :'read:favourites',
+                  :'read:filters',
+                  :'read:follows',
+                  :'read:lists',
+                  :'read:mutes',
+                  :'read:notifications',
+                  :'read:reports',
+                  :'read:search',
+                  :'read:statuses',
+                  :follow,
+                  :push
 
   # Change the way client credentials are retrieved from the request object.
   # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then