[#1478] OAuth admin tweaks: enforced OAuth admin scopes usage by default, migrated existing OAuth records. Adjusted tests.

author: Ivan Tashkinov <ivantashkinov@gmail.com> 2020-01-10 10:52:21 +0300
committer: Ivan Tashkinov <ivantashkinov@gmail.com> 2020-01-10 10:52:21 +0300
commit: 6c94b7498b889ffe13691123c94bbe5440786852 (patch)
tree: db72054fd2c820597c4ad9c90e225f7d4433b404 /priv
parent: e8b0c7689a21e9cc83bc0907771662db702db709 (diff)
download: pleroma-6c94b7498b889ffe13691123c94bbe5440786852.tar.gz
pleroma-6c94b7498b889ffe13691123c94bbe5440786852.zip
1 files changed, 17 insertions, 0 deletions
diff --git a/priv/repo/migrations/20191220174645_add_scopes_to_pleroma_feo_auth_records.exs b/priv/repo/migrations/20191220174645_add_scopes_to_pleroma_feo_auth_records.exs
new file mode 100644
index 000000000..6b160ad16
--- /dev/null
+++ b/priv/repo/migrations/20191220174645_add_scopes_to_pleroma_feo_auth_records.exs
@@ -0,0 +1,17 @@
+defmodule Pleroma.Repo.Migrations.AddScopesToPleromaFEOAuthRecords do
+  use Ecto.Migration
+
+  def up do
+    update_scopes_clause = "SET scopes = '{read,write,follow,push,admin}'"
+    apps_where = "WHERE apps.client_name like 'PleromaFE_%' or apps.client_name like 'AdminFE_%'"
+    app_id_subquery_where = "WHERE app_id IN (SELECT apps.id FROM apps #{apps_where})"
+
+    execute("UPDATE apps #{update_scopes_clause} #{apps_where}")
+
+    for table <- ["oauth_authorizations", "oauth_tokens"] do
+      execute("UPDATE #{table} #{update_scopes_clause} #{app_id_subquery_where}")
+    end
+  end
+
+  def down, do: :noop
+end
author	Ivan Tashkinov <ivantashkinov@gmail.com>	2020-01-10 10:52:21 +0300
committer	Ivan Tashkinov <ivantashkinov@gmail.com>	2020-01-10 10:52:21 +0300
commit	6c94b7498b889ffe13691123c94bbe5440786852 (patch)
tree	db72054fd2c820597c4ad9c90e225f7d4433b404 /priv
parent	e8b0c7689a21e9cc83bc0907771662db702db709 (diff)
download	pleroma-6c94b7498b889ffe13691123c94bbe5440786852.tar.gz pleroma-6c94b7498b889ffe13691123c94bbe5440786852.zip