X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fadmin_api%2Fadmin_api_controller.ex;h=d5230f9aa5cbb7d3d2744e25c83444803908c55e;hb=503d966e9f7d4c41a1bfbd215b375443a858564a;hp=7572a6b658a1c6c3314fc403f777e15aee7f4821;hpb=89e93fb33f6295428dd84a50c9ca44e26bd169c3;p=akkoma

diff --git a/lib/pleroma/web/admin_api/admin_api_controller.ex b/lib/pleroma/web/admin_api/admin_api_controller.ex
index 7572a6b65..d5230f9aa 100644
--- a/lib/pleroma/web/admin_api/admin_api_controller.ex
+++ b/lib/pleroma/web/admin_api/admin_api_controller.ex
@@ -36,19 +36,14 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
   plug(
     OAuthScopesPlug,
     %{scopes: ["read:accounts"], admin: true}
-    when action in [:list_users, :user_show, :right_get, :invites]
+    when action in [:list_users, :user_show, :right_get]
   )
 
   plug(
     OAuthScopesPlug,
     %{scopes: ["write:accounts"], admin: true}
     when action in [
-           :get_invite_token,
-           :revoke_invite,
-           :email_invite,
            :get_password_reset,
-           :user_follow,
-           :user_unfollow,
            :user_delete,
            :users_create,
            :user_toggle_activation,
@@ -61,6 +56,20 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
          ]
   )
 
+  plug(OAuthScopesPlug, %{scopes: ["read:invites"], admin: true} when action == :invites)
+
+  plug(
+    OAuthScopesPlug,
+    %{scopes: ["write:invites"], admin: true}
+    when action in [:create_invite_token, :revoke_invite, :email_invite]
+  )
+
+  plug(
+    OAuthScopesPlug,
+    %{scopes: ["write:follows"], admin: true}
+    when action in [:user_follow, :user_unfollow, :relay_follow, :relay_unfollow]
+  )
+
   plug(
     OAuthScopesPlug,
     %{scopes: ["read:reports"], admin: true}
@@ -70,7 +79,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
   plug(
     OAuthScopesPlug,
     %{scopes: ["write:reports"], admin: true}
-    when action in [:report_update_state, :report_respond]
+    when action in [:reports_update]
   )
 
   plug(
@@ -94,7 +103,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
   plug(
     OAuthScopesPlug,
     %{scopes: ["write"], admin: true}
-    when action in [:relay_follow, :relay_unfollow, :config_update]
+    when action == :config_update
   )
 
   action_fallback(:errors)
@@ -632,7 +641,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
   def force_password_reset(%{assigns: %{user: admin}} = conn, %{"nicknames" => nicknames}) do
     users = nicknames |> Enum.map(&User.get_cached_by_nickname/1)
 
-    Enum.map(users, &User.force_password_reset_async/1)
+    Enum.each(users, &User.force_password_reset_async/1)
 
     ModerationLog.insert_log(%{
       actor: admin,
@@ -826,18 +835,28 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
       else
         merged =
           Pleroma.Config.Holder.config()
-          |> DeepMerge.deep_merge(configs)
+          |> ConfigDB.merge(configs)
           |> Enum.map(fn {group, values} ->
             Enum.map(values, fn {key, value} ->
               db =
                 if configs[group][key] do
-                  ConfigDB.get_db_keys(value, key)
+                  ConfigDB.get_db_keys(configs[group][key], key)
+                end
+
+              db_value = configs[group][key]
+
+              merged_value =
+                if !is_nil(db_value) and Keyword.keyword?(db_value) and
+                     ConfigDB.sub_key_full_update?(group, key, Keyword.keys(db_value)) do
+                  ConfigDB.deep_merge(group, key, value, db_value)
+                else
+                  value
                 end
 
               setting = %{
                 group: ConfigDB.convert(group),
                 key: ConfigDB.convert(key),
-                value: ConfigDB.convert(value)
+                value: ConfigDB.convert(merged_value)
               }
 
               if db, do: Map.put(setting, :db, db), else: setting