Merge pull request 'Move remote user interaction changelog entry to correct version...
authorfloatingghost <hannah@coffee-and-dreams.uk>
Mon, 19 Sep 2022 17:33:32 +0000 (17:33 +0000)
committerfloatingghost <hannah@coffee-and-dreams.uk>
Mon, 19 Sep 2022 17:33:32 +0000 (17:33 +0000)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/219

CHANGELOG.md
config/config.exs
lib/pleroma/web/api_spec/operations/pleroma_backup_operation.ex
lib/pleroma/web/pleroma_api/controllers/backup_controller.ex
test/pleroma/web/pleroma_api/controllers/backup_controller_test.exs

index 73093bc548e858b1cbdf987292d72dc40de58944..be95ceb3c56737b564d624a687fc196b01c1504d 100644 (file)
@@ -4,6 +4,11 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
+## Unreleased
+
+### Changed
+- **Breaking**: `/api/v1/pleroma/backups` endpoints now requires `read:backups` scope instead of `read:accounts`
+
 ## 2022.09
 
 ### Added
index 8e0b751a0bcad435c4afc7fc77fad11d610a9a5d..7fbfb9ad29ca94d7648c9006ec47baf5e3b49fdc 100644 (file)
@@ -753,9 +753,9 @@ config :pleroma, :frontends,
     },
     "soapbox-fe" => %{
       "name" => "soapbox-fe",
-      "git" => "https://gitlab.com/soapbox-pub/soapbox-fe",
+      "git" => "https://gitlab.com/soapbox-pub/soapbox",
       "build_url" =>
-        "https://gitlab.com/soapbox-pub/soapbox-fe/-/jobs/artifacts/${ref}/download?job=build-production",
+        "https://gitlab.com/soapbox-pub/soapbox/-/jobs/artifacts/${ref}/download?job=build-production",
       "ref" => "v2.0.0",
       "build_dir" => "static"
     },
index c78e9780f7ee3bd1afe246aee251ad210d0d3c2c..9af556736c544d426348c7590f7854bdb1fad1f4 100644 (file)
@@ -16,7 +16,7 @@ defmodule Pleroma.Web.ApiSpec.PleromaBackupOperation do
     %Operation{
       tags: ["Backups"],
       summary: "List backups",
-      security: [%{"oAuth" => ["read:account"]}],
+      security: [%{"oAuth" => ["read:backups"]}],
       operationId: "PleromaAPI.BackupController.index",
       responses: %{
         200 =>
@@ -37,7 +37,7 @@ defmodule Pleroma.Web.ApiSpec.PleromaBackupOperation do
     %Operation{
       tags: ["Backups"],
       summary: "Create a backup",
-      security: [%{"oAuth" => ["read:account"]}],
+      security: [%{"oAuth" => ["read:backups"]}],
       operationId: "PleromaAPI.BackupController.create",
       responses: %{
         200 =>
index fc5d16771fa0e122c46880db1258fa03e043e921..88f38a9118a541fb9b6dbf735d4f7dd8f43f4ea6 100644 (file)
@@ -9,7 +9,7 @@ defmodule Pleroma.Web.PleromaAPI.BackupController do
   alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
-  plug(OAuthScopesPlug, %{scopes: ["read:accounts"]} when action in [:index, :create])
+  plug(OAuthScopesPlug, %{scopes: ["read:backups"]} when action in [:index, :create])
   plug(Pleroma.Web.ApiSpec.CastAndValidate)
 
   defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.PleromaBackupOperation
index ba17636daf0905477b82f1fd4233708764fa577a..2c7264016a55e24c7d2611d68e657d5cb0d1436c 100644 (file)
@@ -11,7 +11,7 @@ defmodule Pleroma.Web.PleromaAPI.BackupControllerTest do
   setup do
     clear_config([Pleroma.Upload, :uploader])
     clear_config([Backup, :limit_days])
-    oauth_access(["read:accounts"])
+    oauth_access(["read:backups"])
   end
 
   test "GET /api/v1/pleroma/backups", %{user: user, conn: conn} do
@@ -85,7 +85,7 @@ defmodule Pleroma.Web.PleromaAPI.BackupControllerTest do
 
   test "Backup without email address" do
     user = Pleroma.Factory.insert(:user, email: nil)
-    %{conn: conn} = oauth_access(["read:accounts"], user: user)
+    %{conn: conn} = oauth_access(["read:backups"], user: user)
 
     assert is_nil(user.email)