diff options
| author | Ilja <ilja@ilja.space> | 2022-05-26 12:49:09 +0200 |
|---|---|---|
| committer | Ilja <ilja@ilja.space> | 2022-06-21 12:10:27 +0200 |
| commit | 9f6c36475914bfd1b8c02035341765b4d1bd4395 (patch) | |
| tree | 4f2d7043a1940c8d3b5d546c61b72ec931385daf /lib | |
| parent | 5b19543f0afaaad7f8fc302946547ae5c18e8bb3 (diff) | |
| download | pleroma-9f6c36475914bfd1b8c02035341765b4d1bd4395.tar.gz pleroma-9f6c36475914bfd1b8c02035341765b4d1bd4395.zip | |
Add privilege :user_deletion
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/pleroma/web/router.ex | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index ceb6c3cfd..5012fbf9a 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -109,6 +109,11 @@ defmodule Pleroma.Web.Router do plug(Pleroma.Web.Plugs.UserIsAdminPlug) end + pipeline :require_privileged_role_user_deletion do + plug(:admin_api) + plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :user_deletion) + end + pipeline :pleroma_html do plug(:browser) plug(:authenticate) @@ -231,11 +236,16 @@ defmodule Pleroma.Web.Router do post("/backups", AdminAPIController, :create_backup) end - # AdminAPI: admins and mods (staff) can perform these actions (if enabled by config) + # AdminAPI: admins and mods (staff) can perform these actions (if privileged by role) scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do - pipe_through([:admin_api, :require_privileged_staff]) + pipe_through([:admin_api, :require_privileged_role_user_deletion]) delete("/users", UserController, :delete) + end + + # AdminAPI: admins and mods (staff) can perform these actions (if enabled by config) + scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do + pipe_through([:admin_api, :require_privileged_staff]) get("/users/:nickname/password_reset", AdminAPIController, :get_password_reset) patch("/users/:nickname/credentials", AdminAPIController, :update_user_credentials) |