Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into remake-remodel-dms

[akkoma] / lib / pleroma / web / pleroma_api / controllers / chat_controller.ex

diff --git a/lib/pleroma/web/pleroma_api/controllers/chat_controller.ex b/lib/pleroma/web/pleroma_api/controllers/chat_controller.ex
index 8cf8d82e4595ef2ce0f0c6a74607be4fda3cb894..9d8b9b3cfb0c8cd22aeb5fcdbe3fdac861901ee8 100644 (file)
--- a/lib/pleroma/web/pleroma_api/controllers/chat_controller.ex
+++ b/lib/pleroma/web/pleroma_api/controllers/chat_controller.ex
@@ -6,20 +6,29 @@ defmodule Pleroma.Web.PleromaAPI.ChatController do
 
   alias Pleroma.Chat
   alias Pleroma.Object
+  alias Pleroma.Pagination
+  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.Repo
   alias Pleroma.User
   alias Pleroma.Web.CommonAPI
-  alias Pleroma.Web.PleromaAPI.ChatView
   alias Pleroma.Web.PleromaAPI.ChatMessageView
-  alias Pleroma.Pagination
+  alias Pleroma.Web.PleromaAPI.ChatView
 
   import Ecto.Query
 
   # TODO
-  # - Oauth stuff
-  # - Views / Representers
   # - Error handling
 
+  plug(
+    OAuthScopesPlug,
+    %{scopes: ["write:statuses"]} when action in [:post_chat_message, :create]
+  )
+
+  plug(
+    OAuthScopesPlug,
+    %{scopes: ["read:statuses"]} when action in [:messages, :index]
+  )
+
   defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.ChatOperation
 
   def post_chat_message(%{assigns: %{user: %{id: user_id} = user}} = conn, %{
@@ -62,6 +71,11 @@ defmodule Pleroma.Web.PleromaAPI.ChatController do
       conn
       |> put_view(ChatMessageView)
       |> render("index.json", for: user, objects: messages, chat: chat)
+    else
+      _ ->
+        conn
+        |> put_status(:not_found)
+        |> json(%{error: "not found"})
     end
   end