From 1f6ed4f86ab2aa98bb271b40bf381370fab4fdf2 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Thu, 5 Jul 2018 18:31:35 +0200 Subject: Add more granular OAuth scopes (#7929) * Add more granular OAuth scopes * Add human-readable descriptions of the new scopes * Ensure new scopes look good on the app UI * Add tests * Group scopes in screen and color-code dangerous ones * Fix wrong extra scope --- .../api/v1/statuses/favourited_by_accounts_controller.rb | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) (limited to 'app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb') diff --git a/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb b/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb index 3fe304153..8f4070bc7 100644 --- a/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb +++ b/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb @@ -3,7 +3,7 @@ class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController include Authorization - before_action :authorize_if_got_token + before_action -> { authorize_if_got_token! :read, :'read:accounts' } before_action :set_status after_action :insert_pagination_headers @@ -71,11 +71,6 @@ class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController raise ActiveRecord::RecordNotFound end - def authorize_if_got_token - request_token = Doorkeeper::OAuth::Token.from_request(request, *Doorkeeper.configuration.access_token_methods) - doorkeeper_authorize! :read if request_token - end - def pagination_params(core_params) params.slice(:limit).permit(:limit).merge(core_params) end -- cgit