Merge branch 'feat/enforce-admin-scope-unconditionally' into 'develop'

Remove `:auth, :enforce_oauth_admin_scope_usage` See merge request pleroma/pleroma!3327
author: Haelwenn <contact+git.pleroma.social@hacktivis.me> 2021-02-17 22:31:11 +0000
committer: Haelwenn <contact+git.pleroma.social@hacktivis.me> 2021-02-17 22:31:11 +0000
commit: c0437d12440acb08f30a456fade657de735c19d8 (patch)
tree: 36eb248552c51c1bd234966b65b2aa9a855772cd /lib/pleroma/web/api_spec/operations/admin
parent: 679a2e799e464f044d7afceb4c9a650d2d3b2e2a (diff)
parent: 2ab9499258ee4abe92dd89dfe8ebaf0a7dad7564 (diff)
download: pleroma-c0437d12440acb08f30a456fade657de735c19d8.tar.gz
pleroma-c0437d12440acb08f30a456fade657de735c19d8.zip
10 files changed, 34 insertions, 34 deletions
diff --git a/lib/pleroma/web/api_spec/operations/admin/chat_operation.ex b/lib/pleroma/web/api_spec/operations/admin/chat_operation.ex
index cbe4b8972..57906445e 100644
--- a/lib/pleroma/web/api_spec/operations/admin/chat_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/admin/chat_operation.ex
@@ -33,7 +33,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ChatOperation do
       },
       security: [
         %{
-          "oAuth" => ["write:chats"]
+          "oAuth" => ["admin:write:chats"]
         }
       ]
     }
@@ -57,7 +57,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ChatOperation do
       },
       security: [
         %{
-          "oAuth" => ["read:chats"]
+          "oAuth" => ["admin:read:chats"]
         }
       ]
     }
@@ -88,7 +88,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ChatOperation do
       },
       security: [
         %{
-          "oAuth" => ["read"]
+          "oAuth" => ["admin:read"]
         }
       ]
     }
diff --git a/lib/pleroma/web/api_spec/operations/admin/config_operation.ex b/lib/pleroma/web/api_spec/operations/admin/config_operation.ex
index b8ccc1d00..30c3433b7 100644
--- a/lib/pleroma/web/api_spec/operations/admin/config_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/admin/config_operation.ex
@@ -28,7 +28,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ConfigOperation do
         )
         | admin_api_params()
       ],
-      security: [%{"oAuth" => ["read"]}],
+      security: [%{"oAuth" => ["admin:read"]}],
       responses: %{
         200 => Operation.response("Config", "application/json", config_response()),
         400 => Operation.response("Bad Request", "application/json", ApiError)
@@ -41,7 +41,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ConfigOperation do
       tags: ["Instance configuration"],
       summary: "Update instance configuration",
       operationId: "AdminAPI.ConfigController.update",
-      security: [%{"oAuth" => ["write"]}],
+      security: [%{"oAuth" => ["admin:write"]}],
       parameters: admin_api_params(),
       requestBody:
         request_body("Parameters", %Schema{
@@ -74,7 +74,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ConfigOperation do
       tags: ["Instance configuration"],
       summary: "Retrieve config description",
       operationId: "AdminAPI.ConfigController.descriptions",
-      security: [%{"oAuth" => ["read"]}],
+      security: [%{"oAuth" => ["admin:read"]}],
       parameters: admin_api_params(),
       responses: %{
         200 =>
diff --git a/lib/pleroma/web/api_spec/operations/admin/frontend_operation.ex b/lib/pleroma/web/api_spec/operations/admin/frontend_operation.ex
index b149becf9..566f1eeb1 100644
--- a/lib/pleroma/web/api_spec/operations/admin/frontend_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/admin/frontend_operation.ex
@@ -19,7 +19,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.FrontendOperation do
       tags: ["Frontend managment"],
       summary: "Retrieve a list of available frontends",
       operationId: "AdminAPI.FrontendController.index",
-      security: [%{"oAuth" => ["read"]}],
+      security: [%{"oAuth" => ["admin:read"]}],
       responses: %{
         200 => Operation.response("Response", "application/json", list_of_frontends()),
         403 => Operation.response("Forbidden", "application/json", ApiError)
@@ -32,7 +32,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.FrontendOperation do
       tags: ["Frontend managment"],
       summary: "Install a frontend",
       operationId: "AdminAPI.FrontendController.install",
-      security: [%{"oAuth" => ["read"]}],
+      security: [%{"oAuth" => ["admin:read"]}],
       requestBody: request_body("Parameters", install_request(), required: true),
       responses: %{
         200 => Operation.response("Response", "application/json", list_of_frontends()),
diff --git a/lib/pleroma/web/api_spec/operations/admin/instance_document_operation.ex b/lib/pleroma/web/api_spec/operations/admin/instance_document_operation.ex
index 3e89abfb5..79ceae970 100644
--- a/lib/pleroma/web/api_spec/operations/admin/instance_document_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/admin/instance_document_operation.ex
@@ -18,7 +18,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.InstanceDocumentOperation do
       tags: ["Instance documents"],
       summary: "Retrieve an instance document",
       operationId: "AdminAPI.InstanceDocumentController.show",
-      security: [%{"oAuth" => ["read"]}],
+      security: [%{"oAuth" => ["admin:read"]}],
       parameters: [
         Operation.parameter(:name, :path, %Schema{type: :string}, "The document name",
           required: true
@@ -39,7 +39,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.InstanceDocumentOperation do
       tags: ["Instance documents"],
       summary: "Update an instance document",
       operationId: "AdminAPI.InstanceDocumentController.update",
-      security: [%{"oAuth" => ["write"]}],
+      security: [%{"oAuth" => ["admin:write"]}],
       requestBody: Helpers.request_body("Parameters", update_request()),
       parameters: [
         Operation.parameter(:name, :path, %Schema{type: :string}, "The document name",
@@ -77,7 +77,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.InstanceDocumentOperation do
       tags: ["Instance documents"],
       summary: "Delete an instance document",
       operationId: "AdminAPI.InstanceDocumentController.delete",
-      security: [%{"oAuth" => ["write"]}],
+      security: [%{"oAuth" => ["admin:write"]}],
       parameters: [
         Operation.parameter(:name, :path, %Schema{type: :string}, "The document name",
           required: true
diff --git a/lib/pleroma/web/api_spec/operations/admin/invite_operation.ex b/lib/pleroma/web/api_spec/operations/admin/invite_operation.ex
index 60d69c767..704f082ba 100644
--- a/lib/pleroma/web/api_spec/operations/admin/invite_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/admin/invite_operation.ex
@@ -19,7 +19,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.InviteOperation do
       tags: ["Invites"],
       summary: "Get a list of generated invites",
       operationId: "AdminAPI.InviteController.index",
-      security: [%{"oAuth" => ["read:invites"]}],
+      security: [%{"oAuth" => ["admin:read:invites"]}],
       parameters: admin_api_params(),
       responses: %{
         200 =>
@@ -51,7 +51,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.InviteOperation do
       tags: ["Invites"],
       summary: "Create an account registration invite token",
       operationId: "AdminAPI.InviteController.create",
-      security: [%{"oAuth" => ["write:invites"]}],
+      security: [%{"oAuth" => ["admin:write:invites"]}],
       parameters: admin_api_params(),
       requestBody:
         request_body("Parameters", %Schema{
@@ -72,7 +72,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.InviteOperation do
       tags: ["Invites"],
       summary: "Revoke invite by token",
       operationId: "AdminAPI.InviteController.revoke",
-      security: [%{"oAuth" => ["write:invites"]}],
+      security: [%{"oAuth" => ["admin:write:invites"]}],
       parameters: admin_api_params(),
       requestBody:
         request_body(
@@ -99,7 +99,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.InviteOperation do
       tags: ["Invites"],
       summary: "Sends registration invite via email",
       operationId: "AdminAPI.InviteController.email",
-      security: [%{"oAuth" => ["write:invites"]}],
+      security: [%{"oAuth" => ["admin:write:invites"]}],
       parameters: admin_api_params(),
       requestBody:
         request_body(
diff --git a/lib/pleroma/web/api_spec/operations/admin/media_proxy_cache_operation.ex b/lib/pleroma/web/api_spec/operations/admin/media_proxy_cache_operation.ex
index 675504ee0..8f85ebf2d 100644
--- a/lib/pleroma/web/api_spec/operations/admin/media_proxy_cache_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/admin/media_proxy_cache_operation.ex
@@ -19,7 +19,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.MediaProxyCacheOperation do
       tags: ["MediaProxy cache"],
       summary: "Retrieve a list of banned MediaProxy URLs",
       operationId: "AdminAPI.MediaProxyCacheController.index",
-      security: [%{"oAuth" => ["read:media_proxy_caches"]}],
+      security: [%{"oAuth" => ["admin:read:media_proxy_caches"]}],
       parameters: [
         Operation.parameter(
           :query,
@@ -71,7 +71,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.MediaProxyCacheOperation do
       tags: ["MediaProxy cache"],
       summary: "Remove a banned MediaProxy URL",
       operationId: "AdminAPI.MediaProxyCacheController.delete",
-      security: [%{"oAuth" => ["write:media_proxy_caches"]}],
+      security: [%{"oAuth" => ["admin:write:media_proxy_caches"]}],
       parameters: admin_api_params(),
       requestBody:
         request_body(
@@ -97,7 +97,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.MediaProxyCacheOperation do
       tags: ["MediaProxy cache"],
       summary: "Purge a URL from MediaProxy cache and optionally ban it",
       operationId: "AdminAPI.MediaProxyCacheController.purge",
-      security: [%{"oAuth" => ["write:media_proxy_caches"]}],
+      security: [%{"oAuth" => ["admin:write:media_proxy_caches"]}],
       parameters: admin_api_params(),
       requestBody:
         request_body(
diff --git a/lib/pleroma/web/api_spec/operations/admin/o_auth_app_operation.ex b/lib/pleroma/web/api_spec/operations/admin/o_auth_app_operation.ex
index 2f3bee4f0..35b029b19 100644
--- a/lib/pleroma/web/api_spec/operations/admin/o_auth_app_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/admin/o_auth_app_operation.ex
@@ -19,7 +19,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.OAuthAppOperation do
       summary: "Retrieve a list of OAuth applications",
       tags: ["OAuth application managment"],
       operationId: "AdminAPI.OAuthAppController.index",
-      security: [%{"oAuth" => ["write"]}],
+      security: [%{"oAuth" => ["admin:write"]}],
       parameters: [
         Operation.parameter(:name, :query, %Schema{type: :string}, "App name"),
         Operation.parameter(:client_id, :query, %Schema{type: :string}, "Client ID"),
@@ -74,7 +74,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.OAuthAppOperation do
       operationId: "AdminAPI.OAuthAppController.create",
       requestBody: request_body("Parameters", create_request()),
       parameters: admin_api_params(),
-      security: [%{"oAuth" => ["write"]}],
+      security: [%{"oAuth" => ["admin:write"]}],
       responses: %{
         200 => Operation.response("App", "application/json", oauth_app()),
         400 => Operation.response("Bad Request", "application/json", ApiError)
@@ -88,7 +88,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.OAuthAppOperation do
       summary: "Update OAuth application",
       operationId: "AdminAPI.OAuthAppController.update",
       parameters: [id_param() | admin_api_params()],
-      security: [%{"oAuth" => ["write"]}],
+      security: [%{"oAuth" => ["admin:write"]}],
       requestBody: request_body("Parameters", update_request()),
       responses: %{
         200 => Operation.response("App", "application/json", oauth_app()),
@@ -106,7 +106,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.OAuthAppOperation do
       summary: "Delete OAuth application",
       operationId: "AdminAPI.OAuthAppController.delete",
       parameters: [id_param() | admin_api_params()],
-      security: [%{"oAuth" => ["write"]}],
+      security: [%{"oAuth" => ["admin:write"]}],
       responses: %{
         204 => no_content_response(),
         400 => no_content_response()
diff --git a/lib/pleroma/web/api_spec/operations/admin/relay_operation.ex b/lib/pleroma/web/api_spec/operations/admin/relay_operation.ex
index c47f18f0c..c55c84fee 100644
--- a/lib/pleroma/web/api_spec/operations/admin/relay_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/admin/relay_operation.ex
@@ -18,7 +18,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.RelayOperation do
       tags: ["Relays"],
       summary: "Retrieve a list of relays",
       operationId: "AdminAPI.RelayController.index",
-      security: [%{"oAuth" => ["read"]}],
+      security: [%{"oAuth" => ["admin:read"]}],
       parameters: admin_api_params(),
       responses: %{
         200 =>
@@ -40,7 +40,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.RelayOperation do
       tags: ["Relays"],
       summary: "Follow a relay",
       operationId: "AdminAPI.RelayController.follow",
-      security: [%{"oAuth" => ["write:follows"]}],
+      security: [%{"oAuth" => ["admin:write:follows"]}],
       parameters: admin_api_params(),
       requestBody: request_body("Parameters", relay_url()),
       responses: %{
@@ -54,7 +54,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.RelayOperation do
       tags: ["Relays"],
       summary: "Unfollow a relay",
       operationId: "AdminAPI.RelayController.unfollow",
-      security: [%{"oAuth" => ["write:follows"]}],
+      security: [%{"oAuth" => ["admin:write:follows"]}],
       parameters: admin_api_params(),
       requestBody: request_body("Parameters", relay_unfollow()),
       responses: %{
diff --git a/lib/pleroma/web/api_spec/operations/admin/report_operation.ex b/lib/pleroma/web/api_spec/operations/admin/report_operation.ex
index cfa892d29..3ea4af1e4 100644
--- a/lib/pleroma/web/api_spec/operations/admin/report_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/admin/report_operation.ex
@@ -22,7 +22,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ReportOperation do
       tags: ["Report managment"],
       summary: "Retrieve a list of reports",
       operationId: "AdminAPI.ReportController.index",
-      security: [%{"oAuth" => ["read:reports"]}],
+      security: [%{"oAuth" => ["admin:read:reports"]}],
       parameters: [
         Operation.parameter(
           :state,
@@ -73,7 +73,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ReportOperation do
       summary: "Retrieve a report",
       operationId: "AdminAPI.ReportController.show",
       parameters: [id_param() | admin_api_params()],
-      security: [%{"oAuth" => ["read:reports"]}],
+      security: [%{"oAuth" => ["admin:read:reports"]}],
       responses: %{
         200 => Operation.response("Report", "application/json", report()),
         404 => Operation.response("Not Found", "application/json", ApiError)
@@ -86,7 +86,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ReportOperation do
       tags: ["Report managment"],
       summary: "Change state of specified reports",
       operationId: "AdminAPI.ReportController.update",
-      security: [%{"oAuth" => ["write:reports"]}],
+      security: [%{"oAuth" => ["admin:write:reports"]}],
       parameters: admin_api_params(),
       requestBody: request_body("Parameters", update_request(), required: true),
       responses: %{
@@ -110,7 +110,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ReportOperation do
             content: %Schema{type: :string, description: "The message"}
           }
         }),
-      security: [%{"oAuth" => ["write:reports"]}],
+      security: [%{"oAuth" => ["admin:write:reports"]}],
       responses: %{
         204 => no_content_response(),
         404 => Operation.response("Not Found", "application/json", ApiError)
@@ -128,7 +128,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ReportOperation do
         Operation.parameter(:id, :path, :string, "Note ID")
         | admin_api_params()
       ],
-      security: [%{"oAuth" => ["write:reports"]}],
+      security: [%{"oAuth" => ["admin:write:reports"]}],
       responses: %{
         204 => no_content_response(),
         404 => Operation.response("Not Found", "application/json", ApiError)
diff --git a/lib/pleroma/web/api_spec/operations/admin/status_operation.ex b/lib/pleroma/web/api_spec/operations/admin/status_operation.ex
index bbfbd8f93..d25ab5247 100644
--- a/lib/pleroma/web/api_spec/operations/admin/status_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/admin/status_operation.ex
@@ -24,7 +24,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.StatusOperation do
       tags: ["Status administration"],
       operationId: "AdminAPI.StatusController.index",
       summary: "Get all statuses",
-      security: [%{"oAuth" => ["read:statuses"]}],
+      security: [%{"oAuth" => ["admin:read:statuses"]}],
       parameters: [
         Operation.parameter(
           :godmode,
@@ -74,7 +74,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.StatusOperation do
       summary: "Get status",
       operationId: "AdminAPI.StatusController.show",
       parameters: [id_param() | admin_api_params()],
-      security: [%{"oAuth" => ["read:statuses"]}],
+      security: [%{"oAuth" => ["admin:read:statuses"]}],
       responses: %{
         200 => Operation.response("Status", "application/json", status()),
         404 => Operation.response("Not Found", "application/json", ApiError)
@@ -88,7 +88,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.StatusOperation do
       summary: "Change the scope of a status",
       operationId: "AdminAPI.StatusController.update",
       parameters: [id_param() | admin_api_params()],
-      security: [%{"oAuth" => ["write:statuses"]}],
+      security: [%{"oAuth" => ["admin:write:statuses"]}],
       requestBody: request_body("Parameters", update_request(), required: true),
       responses: %{
         200 => Operation.response("Status", "application/json", Status),
@@ -103,7 +103,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.StatusOperation do
       summary: "Delete status",
       operationId: "AdminAPI.StatusController.delete",
       parameters: [id_param() | admin_api_params()],
-      security: [%{"oAuth" => ["write:statuses"]}],
+      security: [%{"oAuth" => ["admin:write:statuses"]}],
       responses: %{
         200 => empty_object_response(),
         404 => Operation.response("Not Found", "application/json", ApiError)
author	Haelwenn <contact+git.pleroma.social@hacktivis.me>	2021-02-17 22:31:11 +0000
committer	Haelwenn <contact+git.pleroma.social@hacktivis.me>	2021-02-17 22:31:11 +0000
commit	c0437d12440acb08f30a456fade657de735c19d8 (patch)
tree	36eb248552c51c1bd234966b65b2aa9a855772cd /lib/pleroma/web/api_spec/operations/admin
parent	679a2e799e464f044d7afceb4c9a650d2d3b2e2a (diff)
parent	2ab9499258ee4abe92dd89dfe8ebaf0a7dad7564 (diff)
download	pleroma-c0437d12440acb08f30a456fade657de735c19d8.tar.gz pleroma-c0437d12440acb08f30a456fade657de735c19d8.zip