Merge branch 'develop' into '1427-oauth-admin-scopes'

[akkoma] / lib / pleroma / plugs / oauth_scopes_plug.ex

diff --git a/lib/pleroma/plugs/oauth_scopes_plug.ex b/lib/pleroma/plugs/oauth_scopes_plug.ex
index e0d61c4ebebef059954a334b57c08f367bce2918..3201fb399820cf2f43158f020b9b8f3d52794dad 100644 (file)
--- a/lib/pleroma/plugs/oauth_scopes_plug.ex
+++ b/lib/pleroma/plugs/oauth_scopes_plug.ex
@@ -6,6 +6,7 @@ defmodule Pleroma.Plugs.OAuthScopesPlug do
   import Plug.Conn
   import Pleroma.Web.Gettext
 
+  alias Pleroma.Config
   alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
 
   @behaviour Plug
@@ -15,6 +16,14 @@ defmodule Pleroma.Plugs.OAuthScopesPlug do
   def call(%Plug.Conn{assigns: assigns} = conn, %{scopes: scopes} = options) do
     op = options[:op] || :|
     token = assigns[:token]
+
+    scopes =
+      if options[:admin] do
+        Config.oauth_admin_scopes(scopes)
+      else
+        scopes
+      end
+
     matched_scopes = token && filter_descendants(scopes, token.scopes)
 
     cond do
@@ -61,9 +70,10 @@ defmodule Pleroma.Plugs.OAuthScopesPlug do
   end
 
   defp maybe_perform_instance_privacy_check(%Plug.Conn{} = conn, options) do
-    case options[:skip_instance_privacy_check] do
-      true -> conn
-      _ -> EnsurePublicOrAuthenticatedPlug.call(conn, [])
+    if options[:skip_instance_privacy_check] do
+      conn
+    else
+      EnsurePublicOrAuthenticatedPlug.call(conn, [])
     end
   end
 end