diff options
| author | Ilja <ilja@ilja.space> | 2022-05-26 14:21:14 +0200 |
|---|---|---|
| committer | Ilja <ilja@ilja.space> | 2022-06-21 12:10:27 +0200 |
| commit | b1ff5241c21dac58ec1f9171de26772debfdb283 (patch) | |
| tree | f7ab3bde6bbd12ec8d29c4c113c02d49c6f7a573 /lib | |
| parent | 8a9144ca8b8e17df509dc8ac3934656b7dac8d77 (diff) | |
| download | pleroma-b1ff5241c21dac58ec1f9171de26772debfdb283.tar.gz pleroma-b1ff5241c21dac58ec1f9171de26772debfdb283.zip | |
Add priviledges for :statuses_read
This was the last in :require_privileged_staff. I'll remove that in the next commit
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/pleroma/web/router.ex | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 24928ffb5..4696b4007 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -119,6 +119,11 @@ defmodule Pleroma.Web.Router do plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :user_credentials) end + pipeline :require_privileged_role_statuses_read do + plug(:admin_api) + plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :statuses_read) + end + pipeline :pleroma_html do plug(:browser) plug(:authenticate) @@ -242,22 +247,22 @@ defmodule Pleroma.Web.Router do # AdminAPI: admins and mods (staff) can perform these actions (if privileged by role) scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do - pipe_through([:admin_api, :require_privileged_role_user_deletion]) + pipe_through(:require_privileged_role_user_deletion) delete("/users", UserController, :delete) end # AdminAPI: admins and mods (staff) can perform these actions (if privileged by role) scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do - pipe_through([:admin_api, :require_privileged_role_user_credentials]) + pipe_through(:require_privileged_role_user_credentials) get("/users/:nickname/password_reset", AdminAPIController, :get_password_reset) patch("/users/:nickname/credentials", AdminAPIController, :update_user_credentials) end - # AdminAPI: admins and mods (staff) can perform these actions (if enabled by config) + # AdminAPI: admins and mods (staff) can perform these actions (if privileged by role) scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do - pipe_through([:admin_api, :require_privileged_staff]) + pipe_through(:require_privileged_role_statuses_read) get("/users/:nickname/statuses", AdminAPIController, :list_user_statuses) get("/users/:nickname/chats", AdminAPIController, :list_user_chats) @@ -268,6 +273,11 @@ defmodule Pleroma.Web.Router do get("/chats/:id/messages", ChatController, :messages) end + # AdminAPI: admins and mods (staff) can perform these actions (if enabled by config) + scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do + pipe_through([:admin_api, :require_privileged_staff]) + end + # AdminAPI: admins and mods (staff) can perform these actions scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do pipe_through(:admin_api) |