+ plug(
+ OAuthScopesPlug,
+ %{fallback: :proceed_unauthenticated, scopes: ["read:accounts"]}
+ when action == :show
+ )
+
+ plug(
+ OAuthScopesPlug,
+ %{scopes: ["read:accounts"]}
+ when action in [:endorsements, :verify_credentials, :followers, :following]
+ )
+
+ plug(OAuthScopesPlug, %{scopes: ["write:accounts"]} when action == :update_credentials)
+
+ plug(OAuthScopesPlug, %{scopes: ["read:lists"]} when action == :lists)
+
+ plug(
+ OAuthScopesPlug,
+ %{scopes: ["follow", "read:blocks"]} when action == :blocks
+ )
+
+ plug(
+ OAuthScopesPlug,
+ %{scopes: ["follow", "write:blocks"]} when action in [:block, :unblock]
+ )
+
+ plug(OAuthScopesPlug, %{scopes: ["read:follows"]} when action == :relationships)
+
+ # Note: :follows (POST /api/v1/follows) is the same as :follow, consider removing :follows
+ plug(
+ OAuthScopesPlug,
+ %{scopes: ["follow", "write:follows"]} when action in [:follows, :follow, :unfollow]
+ )
+
+ plug(OAuthScopesPlug, %{scopes: ["follow", "read:mutes"]} when action == :mutes)
+
+ plug(OAuthScopesPlug, %{scopes: ["follow", "write:mutes"]} when action in [:mute, :unmute])
+
+ plug(
+ Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
+ when action != :create
+ )
+