X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Ftests%2Fauth_test_controller.ex;h=76514948b7f8bd2dc3853780f209818317fb66b9;hb=34e11cef471f4354cc12fce0221ef1ac94c76761;hp=320df7e5ad43efcf119124a5dbd1b75db85bc489;hpb=011525a3d1260ec6814c36bb08feb4cbd3116d4a;p=akkoma
diff --git a/lib/pleroma/tests/auth_test_controller.ex b/lib/pleroma/tests/auth_test_controller.ex
index 320df7e5a..76514948b 100644
--- a/lib/pleroma/tests/auth_test_controller.ex
+++ b/lib/pleroma/tests/auth_test_controller.ex
@@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors
+# Copyright © 2017-2021 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
# A test controller reachable only in :test env.
@@ -8,9 +8,8 @@ defmodule Pleroma.Tests.AuthTestController do
use Pleroma.Web, :controller
- alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
- alias Pleroma.Web.Plugs.OAuthScopesPlug
alias Pleroma.User
+ alias Pleroma.Web.Plugs.OAuthScopesPlug
# Serves only with proper OAuth token (:api and :authenticated_api)
# Skipping EnsurePublicOrAuthenticatedPlug has no effect in this case
@@ -47,10 +46,7 @@ defmodule Pleroma.Tests.AuthTestController do
# Via :authenticated_api, serves if token is present and has requested scopes
#
# Suggested use: as :fallback_oauth_check but open with nil :user for :api on private instances
- plug(
- :skip_plug,
- EnsurePublicOrAuthenticatedPlug when action == :fallback_oauth_skip_publicity_check
- )
+ plug(:skip_public_check when action == :fallback_oauth_skip_publicity_check)
plug(
OAuthScopesPlug,
@@ -62,11 +58,7 @@ defmodule Pleroma.Tests.AuthTestController do
# Via :authenticated_api, serves if :user is set (regardless of token presence and its scopes)
#
# Suggested use: making an :api endpoint always accessible (e.g. email confirmation endpoint)
- plug(
- :skip_plug,
- [OAuthScopesPlug, EnsurePublicOrAuthenticatedPlug]
- when action == :skip_oauth_skip_publicity_check
- )
+ plug(:skip_auth when action == :skip_oauth_skip_publicity_check)
# Via :authenticated_api, always fails with 403 (endpoint is insecure)
# Via :api, drops :user if present and serves if public (private instance rejects on no user)