X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fmastodon_api%2Fcontrollers%2Fapp_controller.ex;h=d2a35dce21c73827a78a9096f08f3c1caa795767;hb=2e59cdd80f3e3d14c59aeba1fde2f8f9b8305e1f;hp=dd3b39c7789db7bc8fb3be29f046568edb4ad7a9;hpb=e7b1f0f5f4d9bb6f7eb384785bd2b0823059e086;p=akkoma diff --git a/lib/pleroma/web/mastodon_api/controllers/app_controller.ex b/lib/pleroma/web/mastodon_api/controllers/app_controller.ex index dd3b39c77..d2a35dce2 100644 --- a/lib/pleroma/web/mastodon_api/controllers/app_controller.ex +++ b/lib/pleroma/web/mastodon_api/controllers/app_controller.ex @@ -10,20 +10,18 @@ defmodule Pleroma.Web.MastodonAPI.AppController do use Pleroma.Web, :controller + alias Pleroma.Maps alias Pleroma.Repo + alias Pleroma.User alias Pleroma.Web.OAuth.App alias Pleroma.Web.OAuth.Scopes alias Pleroma.Web.OAuth.Token - alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug - alias Pleroma.Web.Plugs.OAuthScopesPlug + + require Logger action_fallback(Pleroma.Web.MastodonAPI.FallbackController) - plug( - :skip_plug, - [OAuthScopesPlug, EnsurePublicOrAuthenticatedPlug] - when action in [:create, :verify_credentials] - ) + plug(:skip_auth when action in [:create, :verify_credentials]) plug(Pleroma.Web.ApiSpec.CastAndValidate) @@ -32,13 +30,21 @@ defmodule Pleroma.Web.MastodonAPI.AppController do defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.AppOperation @doc "POST /api/v1/apps" - def create(%{body_params: params} = conn, _params) do + def create(%{assigns: %{user: user}, body_params: params} = conn, _params) do scopes = Scopes.fetch_scopes(params, ["read"]) + user_id = + with %User{id: id} <- user do + id + else + _ -> nil + end + app_attrs = params |> Map.take([:client_name, :redirect_uris, :website]) |> Map.put(:scopes, scopes) + |> Maps.put_if_present(:user_id, user_id) with cs <- App.register_changeset(%App{}, app_attrs), false <- cs.changes[:client_name] == @local_mastodon_name,