The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
+## Unreleased
+
+### Changed
+- **Breaking**: `/api/v1/pleroma/backups` endpoints now requires `read:backups` scope instead of `read:accounts`
+
## 2022.09
### Added
},
"soapbox-fe" => %{
"name" => "soapbox-fe",
- "git" => "https://gitlab.com/soapbox-pub/soapbox-fe",
+ "git" => "https://gitlab.com/soapbox-pub/soapbox",
"build_url" =>
- "https://gitlab.com/soapbox-pub/soapbox-fe/-/jobs/artifacts/${ref}/download?job=build-production",
+ "https://gitlab.com/soapbox-pub/soapbox/-/jobs/artifacts/${ref}/download?job=build-production",
"ref" => "v2.0.0",
"build_dir" => "static"
},
%Operation{
tags: ["Backups"],
summary: "List backups",
- security: [%{"oAuth" => ["read:account"]}],
+ security: [%{"oAuth" => ["read:backups"]}],
operationId: "PleromaAPI.BackupController.index",
responses: %{
200 =>
%Operation{
tags: ["Backups"],
summary: "Create a backup",
- security: [%{"oAuth" => ["read:account"]}],
+ security: [%{"oAuth" => ["read:backups"]}],
operationId: "PleromaAPI.BackupController.create",
responses: %{
200 =>
alias Pleroma.Web.Plugs.OAuthScopesPlug
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
- plug(OAuthScopesPlug, %{scopes: ["read:accounts"]} when action in [:index, :create])
+ plug(OAuthScopesPlug, %{scopes: ["read:backups"]} when action in [:index, :create])
plug(Pleroma.Web.ApiSpec.CastAndValidate)
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.PleromaBackupOperation
setup do
clear_config([Pleroma.Upload, :uploader])
clear_config([Backup, :limit_days])
- oauth_access(["read:accounts"])
+ oauth_access(["read:backups"])
end
test "GET /api/v1/pleroma/backups", %{user: user, conn: conn} do
test "Backup without email address" do
user = Pleroma.Factory.insert(:user, email: nil)
- %{conn: conn} = oauth_access(["read:accounts"], user: user)
+ %{conn: conn} = oauth_access(["read:backups"], user: user)
assert is_nil(user.email)