summaryrefslogtreecommitdiff
path: root/lib/pleroma/web/pleroma_api/controllers/pleroma_api_controller.ex
diff options
context:
space:
mode:
Diffstat (limited to 'lib/pleroma/web/pleroma_api/controllers/pleroma_api_controller.ex')
-rw-r--r--lib/pleroma/web/pleroma_api/controllers/pleroma_api_controller.ex15
1 files changed, 15 insertions, 0 deletions
diff --git a/lib/pleroma/web/pleroma_api/controllers/pleroma_api_controller.ex b/lib/pleroma/web/pleroma_api/controllers/pleroma_api_controller.ex
index 8aee7d7c5..16c581a95 100644
--- a/lib/pleroma/web/pleroma_api/controllers/pleroma_api_controller.ex
+++ b/lib/pleroma/web/pleroma_api/controllers/pleroma_api_controller.ex
@@ -12,6 +12,7 @@ defmodule Pleroma.Web.PleromaAPI.PleromaAPIController do
alias Pleroma.Notification
alias Pleroma.Object
alias Pleroma.User
+ alias Pleroma.Plugs.OAuthScopesPlug
alias Pleroma.Web.ActivityPub.ActivityPub
alias Pleroma.Web.CommonAPI
alias Pleroma.Web.MastodonAPI.AccountView
@@ -19,6 +20,20 @@ defmodule Pleroma.Web.PleromaAPI.PleromaAPIController do
alias Pleroma.Web.MastodonAPI.NotificationView
alias Pleroma.Web.MastodonAPI.StatusView
+ plug(
+ OAuthScopesPlug,
+ %{scopes: ["read:statuses"]} when action in [:conversation, :conversation_statuses]
+ )
+
+ plug(
+ OAuthScopesPlug,
+ %{scopes: ["write:conversations"]} when action == :update_conversation
+ )
+
+ plug(OAuthScopesPlug, %{scopes: ["write:notifications"]} when action == :read_notification)
+
+ plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug)
+
def emoji_reactions_by(%{assigns: %{user: user}} = conn, %{"id" => activity_id}) do
with %Activity{} = activity <- Activity.get_by_id_with_object(activity_id),
%Object{data: %{"reactions" => emoji_reactions}} <- Object.normalize(activity) do
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-31 02:26:55 +0000