mirrors/gotosocial
1
0
Fork 1
mirror of https://github.com/superseriousbusiness/gotosocial.git synced 2025-03-01 16:20:59 +00:00
Code Issues Projects Releases Packages Wiki Activity

[feature] Enforce OAuth token scopes (#3835)

Browse source 
* move tokenauth to apiutil

* enforce scopes

* docs

* update test models, remove deprecated "follow"

* file header

* tests

* tweak scope matcher

* simplify...

* fix tests

* log user out of settings panel in case of oauth error
This commit is contained in:
tobi 2025-02-26 13:04:55 +01:00 committed by GitHub
parent f734a94c1c
commit eb720241da
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
213 changed files with 1762 additions and 1082 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

192
docs/api/swagger.yaml
View file

@ -4331,7 +4331,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- read:accounts
- read:statuses
summary: See statuses posted by the requested account.
tags:
- accounts
@ -5004,7 +5004,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read:accounts
summary: View + page through known accounts according to given filters.
tags:
- admin
@ -5038,7 +5038,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read:accounts
summary: View one account.
tags:
- admin
@ -5083,7 +5083,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write:accounts
summary: Perform an admin action on an account.
tags:
- admin
@ -5117,7 +5117,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write:accounts
summary: Approve pending account.
tags:
- admin
@ -5163,7 +5163,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write:accounts
summary: Reject pending account.
tags:
- admin
@ -5241,6 +5241,9 @@ paths:
description: not acceptable
"500":
description: internal server error
security:
- OAuth2 Bearer:
- admin:read
summary: View local and remote emojis available to / known by this instance.
tags:
- admin
@ -5287,7 +5290,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Upload and create a new instance emoji.
tags:
- admin
@ -5327,7 +5330,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Delete a **local** emoji with the given ID from the instance.
tags:
- admin
@ -5358,6 +5361,9 @@ paths:
description: not acceptable
"500":
description: internal server error
security:
- OAuth2 Bearer:
- admin:read
summary: Get the admin view of a single emoji.
tags:
- admin
@ -5429,7 +5435,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Perform admin action on a local or remote emoji known to this instance.
tags:
- admin
@ -5457,6 +5463,9 @@ paths:
description: not acceptable
"500":
description: internal server error
security:
- OAuth2 Bearer:
- admin:read
summary: Get a list of existing emoji categories.
tags:
- admin
@ -5489,7 +5498,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Perform a GET to the specified ActivityPub URL and return detailed debugging information.
tags:
- debug
@ -5514,7 +5523,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Sweep/clear all in-memory caches.
tags:
- debug
@ -5549,7 +5558,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read:domain_allows
summary: View all domain allows currently in place.
tags:
- admin
@ -5612,7 +5621,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write:domain_allows
summary: Create one or more domain allows, from a string or a file.
tags:
- admin
@ -5648,7 +5657,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write:domain_allows
summary: Delete domain allow with the given ID.
tags:
- admin
@ -5681,7 +5690,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read:domain_allows
summary: View domain allow with the given ID.
tags:
- admin
@ -5716,7 +5725,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read:domain_blocks
summary: View all domain blocks currently in place.
tags:
- admin
@ -5779,7 +5788,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write:domain_blocks
summary: Create one or more domain blocks, from a string or a file.
tags:
- admin
@ -5815,7 +5824,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write:domain_blocks
summary: Delete domain block with the given ID.
tags:
- admin
@ -5848,7 +5857,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read:domain_blocks
summary: View domain block with the given ID.
tags:
- admin
@ -5900,7 +5909,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Force expiry of cached public keys for all accounts on the given domain stored in your database.
tags:
- admin
@ -5976,7 +5985,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read
summary: View domain permission drafts.
tags:
- admin
@ -6027,7 +6036,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Create a domain permission draft with the given parameters.
tags:
- admin
@ -6059,7 +6068,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read
summary: Get domain permission draft with the given ID.
tags:
- admin
@ -6101,7 +6110,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Accept a domain permission draft, turning it into an enforced domain permission.
tags:
- admin
@ -6143,7 +6152,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Remove a domain permission draft, optionally ignoring all future drafts targeting the given domain.
tags:
- admin
@ -6211,7 +6220,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read
summary: View domain permission excludes.
tags:
- admin
@ -6254,7 +6263,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Create a domain permission exclude with the given parameters.
tags:
- admin
@ -6288,7 +6297,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Remove a domain permission exclude.
tags:
- admin
@ -6319,7 +6328,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read
summary: Get domain permission exclude with the given ID.
tags:
- admin
@ -6387,7 +6396,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read
summary: View domain permission subscriptions.
tags:
- admin
@ -6462,7 +6471,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Create a domain permission subscription with the given parameters.
tags:
- admin
@ -6535,7 +6544,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Update a domain permission subscription with the given parameters.
tags:
- admin
@ -6567,7 +6576,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read
summary: Get domain permission subscription with the given ID.
tags:
- admin
@ -6611,7 +6620,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Remove a domain permission subscription.
tags:
- admin
@ -6651,7 +6660,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Test one domain permission subscription by making your instance fetch and parse it *without creating permissions*.
tags:
- admin
@ -6688,7 +6697,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read
summary: View all domain permission subscriptions of the given permission type, in priority order (highest to lowest).
tags:
- admin
@ -6733,7 +6742,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Send a generic test email to a specified email address.
tags:
- admin
@ -6802,7 +6811,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Create new "allow" HTTP request header filter.
tags:
- admin
@ -6830,7 +6839,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Delete the "allow" header filter with the given ID.
tags:
- admin
@ -6859,7 +6868,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read
summary: Get "allow" header filter with the given ID.
tags:
- admin
@ -6928,7 +6937,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Create new "block" HTTP request header filter.
tags:
- admin
@ -6956,7 +6965,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Delete the "block" header filter with the given ID.
tags:
- admin
@ -6985,7 +6994,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read
summary: Get "block" header filter with the given ID.
tags:
- admin
@ -7014,7 +7023,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read
summary: View instance rules, with IDs.
tags:
- admin
@ -7050,7 +7059,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Create a new instance rule.
tags:
- admin
@ -7086,7 +7095,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Delete an existing instance rule.
tags:
- admin
@ -7117,7 +7126,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read
summary: View instance rule with the given id.
tags:
- admin
@ -7159,7 +7168,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Update an existing instance rule.
tags:
- admin
@ -7199,7 +7208,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Clean up remote media older than the specified number of days.
tags:
- admin
@ -7233,7 +7242,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Refetch media specified in the database but missing from storage.
tags:
- admin
@ -7307,7 +7316,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read:reports
summary: View user moderation reports.
tags:
- admin
@ -7339,7 +7348,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read:reports
summary: View user moderation report with the given id.
tags:
- admin
@ -7381,7 +7390,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write:reports
summary: Mark a report as resolved.
tags:
- admin
@ -7408,8 +7417,7 @@ paths:
"500":
description: internal server error
security:
- OAuth2 Bearer:
- read:announcements
- OAuth2 Bearer: []
summary: Get an array of currently active announcements.
tags:
- announcements
@ -7723,8 +7731,7 @@ paths:
"500":
description: internal server error
security:
- OAuth2 Bearer:
- read:custom_emojis
- OAuth2 Bearer: []
summary: Get an array of custom emojis available on the instance.
tags:
- custom_emojis
@ -7764,7 +7771,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- read:follows
- read:accounts
summary: Export a CSV file of accounts that follow you.
tags:
- import-export
@ -7846,7 +7853,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- read:account
- read:accounts
summary: Returns informational stats on the number of items that can be exported for requesting account.
tags:
- import-export
@ -8423,7 +8430,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- write:accounts
- write
summary: Upload some CSV-formatted data to your account.
tags:
- import-export
@ -8517,7 +8524,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:write
summary: Update your instance information and/or upload a new avatar/header for the instance.
tags:
- instance
@ -8569,6 +8576,8 @@ paths:
description: not acceptable
"500":
description: internal server error
security:
- OAuth2 Bearer: []
tags:
- instance
/api/v1/instance/rules:
@ -9643,7 +9652,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- read:notifications
- write:notifications
summary: Clear/delete all notifications for currently authorized user.
tags:
- notifications
@ -10158,7 +10167,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- read:reports
- read:accounts
summary: See reports created by the requesting account.
tags:
- reports
@ -10270,7 +10279,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- read:reports
- read:accounts
summary: Get one report with the given id.
tags:
- reports
@ -10677,7 +10686,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- write:statuses
- write:bookmarks
summary: Bookmark status with the given ID.
tags:
- statuses
@ -11035,7 +11044,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- write:statuses
- write:bookmarks
summary: Unbookmark status with the given ID.
tags:
- statuses
@ -11069,7 +11078,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- write:statuses
- write:favourites
summary: Unstar/unlike/unfavourite the given status.
tags:
- statuses
@ -11313,8 +11322,7 @@ paths:
"500":
description: internal server error
security:
- OAuth2 Bearer:
- read:follows
- OAuth2 Bearer: []
summary: Get details for a hashtag, including whether you currently follow it.
tags:
- tags
@ -11642,7 +11650,7 @@ paths:
description: internal error
security:
- OAuth2 Bearer:
- read:user
- read:accounts
summary: Get your own user model.
tags:
- user
@ -11687,7 +11695,7 @@ paths:
description: internal error
security:
- OAuth2 Bearer:
- write:user
- write:accounts
summary: Request changing the email address of authenticated user.
tags:
- user
@ -11736,7 +11744,7 @@ paths:
description: internal error
security:
- OAuth2 Bearer:
- write:user
- write:accounts
summary: Change the password of authenticated user.
tags:
- user
@ -11837,7 +11845,7 @@ paths:
description: internal server error
security:
- OAuth2 Bearer:
- admin
- admin:read:accounts
summary: View + page through known accounts according to given filters.
tags:
- admin
@ -12724,32 +12732,44 @@ securityDefinitions:
flow: accessCode
scopes:
admin: grants admin access to everything
admin:accounts: grants admin access to accounts
admin:read: grants admin read access to everything
admin:read:accounts: grants admin read access to accounts
admin:read:domain_allows: grants admin read access to domain_allows
admin:read:domain_blocks: grants admin read access to domain_blocks
admin:read:reports: grants admin read access to reports
admin:write: grants admin write access to everything
admin:write:accounts: grants write read access to accounts
admin:write:domain_allows: grants admin write access to domain_allows
admin:write:domain_blocks: grants write read access to domain_blocks
admin:write:reports: grants admin write access to reports
profile: grants read access to verify_credentials
push: grants read/write access to push
read: grants read access to everything
read:accounts: grants read access to accounts
read:blocks: grant read access to blocks
read:custom_emojis: grant read access to custom_emojis
read:favourites: grant read access to favourites
read:filters: grant read access to filters
read:follows: grant read access to follows
read:lists: grant read access to lists
read:media: grant read access to media
read:mutes: grant read access to mutes
read:blocks: grants read access to blocks
read:bookmarks: grants read access to bookmarks
read:favourites: grants read access to accounts
read:filters: grants read access to filters
read:follows: grants read access to follows
read:lists: grants read access to lists
read:mutes: grants read access to mutes
read:notifications: grants read access to notifications
read:search: grant read access to searches
read:search: grants read access to search
read:statuses: grants read access to statuses
read:streaming: grants read access to streaming api
read:user: grants read access to user-level info
write: grants write access to everything
write:accounts: grants write access to accounts
write:blocks: grants write access to blocks
write:bookmarks: grants write access to bookmarks
write:conversations: grants write access to conversations
write:favourites: grants write access to favourites
write:filters: grants write access to filters
write:follows: grants write access to follows
write:lists: grants write access to lists
write:media: grants write access to media
write:mutes: grants write access to mutes
write:notifications: grants write access to notifications
write:reports: grants write access to reports
write:statuses: grants write access to statuses
write:user: grants write access to user-level info
tokenUrl: https://example.org/oauth/token
type: oauth2
swagger: "2.0"

44
docs/swagger.go
View file

@ -32,32 +32,44 @@
// tokenUrl: https://example.org/oauth/token
// scopes:
// read: grants read access to everything
// read:accounts: grants read access to accounts
// read:blocks: grant read access to blocks
// read:custom_emojis: grant read access to custom_emojis
// read:favourites: grant read access to favourites
// read:filters: grant read access to filters
// read:follows: grant read access to follows
// read:lists: grant read access to lists
// read:media: grant read access to media
// read:mutes: grant read access to mutes
// read:search: grant read access to searches
// read:statuses: grants read access to statuses
// read:streaming: grants read access to streaming api
// read:user: grants read access to user-level info
// read:notifications: grants read access to notifications
// write: grants write access to everything
// push: grants read/write access to push
// profile: grants read access to verify_credentials
// read:accounts: grants read access to accounts
// write:accounts: grants write access to accounts
// read:blocks: grants read access to blocks
// write:blocks: grants write access to blocks
// read:bookmarks: grants read access to bookmarks
// write:bookmarks: grants write access to bookmarks
// write:conversations: grants write access to conversations
// read:favourites: grants read access to accounts
// write:favourites: grants write access to favourites
// read:filters: grants read access to filters
// write:filters: grants write access to filters
// read:follows: grants read access to follows
// write:follows: grants write access to follows
// read:lists: grants read access to lists
// write:lists: grants write access to lists
// write:media: grants write access to media
// read:mutes: grants read access to mutes
// write:mutes: grants write access to mutes
// read:notifications: grants read access to notifications
// write:notifications: grants write access to notifications
// write:reports: grants write access to reports
// read:search: grants read access to search
// read:statuses: grants read access to statuses
// write:statuses: grants write access to statuses
// write:user: grants write access to user-level info
// admin: grants admin access to everything
// admin:accounts: grants admin access to accounts
// admin:read: grants admin read access to everything
// admin:write: grants admin write access to everything
// admin:read:accounts: grants admin read access to accounts
// admin:write:accounts: grants write read access to accounts
// admin:read:reports: grants admin read access to reports
// admin:write:reports: grants admin write access to reports
// admin:read:domain_allows: grants admin read access to domain_allows
// admin:write:domain_allows: grants admin write access to domain_allows
// admin:read:domain_blocks: grants admin read access to domain_blocks
// admin:write:domain_blocks: grants write read access to domain_blocks
// OAuth2 Application:
// type: oauth2
// flow: application

10
internal/api/client/accounts/accountalias.go
View file

@ -24,7 +24,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountAliasPOSTHandler swagger:operation POST /api/v1/accounts/alias accountAlias
@ -77,9 +76,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountAliasPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeWriteAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/accountcreate.go
View file

@ -26,7 +26,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/validate"
)
@ -74,9 +73,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountCreatePOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, false, false)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, false,
apiutil.ScopeWriteAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/accounts/accountdelete.go
View file

@ -25,7 +25,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"golang.org/x/crypto/bcrypt"
)
@ -66,9 +65,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountDeletePOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeWriteAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
@ -80,7 +82,7 @@ func (m *Module) AccountDeletePOSTHandler(c *gin.Context) {
// Self account delete requires password to ensure it's for real.
if form.Password == "" {
err = errors.New("no password provided in account delete request")
err := errors.New("no password provided in account delete request")
apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/accountget.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountGETHandler swagger:operation GET /api/v1/accounts/{id} accountGet
@ -66,9 +65,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/accountmove.go
View file

@ -24,7 +24,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountMovePOSTHandler swagger:operation POST /api/v1/accounts/move accountMove
@ -74,9 +73,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountMovePOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeWriteAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/accountupdate.go
View file

@ -30,7 +30,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountUpdateCredentialsPATCHHandler swagger:operation PATCH /api/v1/accounts/update_credentials accountUpdate
@ -236,9 +235,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountUpdateCredentialsPATCHHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeWriteAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

11
internal/api/client/accounts/accountverify.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountVerifyGETHandler swagger:operation GET /api/v1/accounts/verify_credentials accountVerify
@ -56,9 +55,13 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountVerifyGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeProfile,
apiutil.ScopeReadAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/block.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountBlockPOSTHandler swagger:operation POST /api/v1/accounts/{id}/block accountBlock
@ -66,9 +65,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountBlockPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeWriteBlocks,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/featuredtags.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountFeaturedTagsGETHandler swagger:operation GET /api/v1/accounts/{id}/featured_tags accountsFeaturedTags
@ -68,9 +67,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountFeaturedTagsGETHandler(c *gin.Context) {
_, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
_, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/follow.go
View file

@ -25,7 +25,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountFollowPOSTHandler swagger:operation POST /api/v1/accounts/{id}/follow accountFollow
@ -91,9 +90,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountFollowPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeWriteFollows,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/followers.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/paging"
)
@ -119,9 +118,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountFollowersGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/following.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/paging"
)
@ -119,9 +118,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountFollowingGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/lists.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountListsGETHandler swagger:operation GET /api/v1/accounts/{id}/lists accountLists
@ -69,9 +68,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountListsGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadLists,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/lookup.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountLookupGETHandler swagger:operation GET /api/v1/accounts/lookup accountLookupGet
@ -66,9 +65,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountLookupGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/mute.go
View file

@ -25,7 +25,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/util"
)
@ -86,9 +85,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountMutePOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeWriteMutes,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/note.go
View file

@ -24,7 +24,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountNotePOSTHandler swagger:operation POST /api/v1/accounts/{id}/note accountNote
@ -75,9 +74,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountNotePOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeWriteAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/profile.go
View file

@ -26,7 +26,6 @@ import (
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountAvatarDELETEHandler swagger:operation DELETE /api/v1/profile/avatar accountAvatarDelete
@ -102,9 +101,12 @@ func (m *Module) AccountHeaderDELETEHandler(c *gin.Context) {
// accountDeleteProfileAttachment checks that an authenticated account is present and allowed to alter itself,
// runs an attachment deletion processor method, and returns the updated account.
func (m *Module) accountDeleteProfileAttachment(c *gin.Context, processDelete func(context.Context, *gtsmodel.Account) (*apimodel.Account, gtserror.WithCode)) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeWriteAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/accounts/relationships.go
View file

@ -25,7 +25,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountRelationshipsGETHandler swagger:operation GET /api/v1/accounts/relationships accountRelationships
@ -73,9 +72,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountRelationshipsGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
@ -89,7 +91,7 @@ func (m *Module) AccountRelationshipsGETHandler(c *gin.Context) {
// check fallback -- let's be generous and see if maybe it's just set as 'id'?
id := c.Query("id")
if id == "" {
err = errors.New("no account id(s) specified in query")
err := errors.New("no account id(s) specified in query")
apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/search.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountSearchGETHandler swagger:operation GET /api/v1/accounts/search accountSearchGet
@ -107,9 +106,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountSearchGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/accounts/statuses.go
View file

@ -26,7 +26,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountStatusesGETHandler swagger:operation GET /api/v1/accounts/{id}/statuses accountStatuses
@ -109,7 +108,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - read:accounts
// - read:statuses
//
// responses:
// '200':
@ -134,9 +133,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountStatusesGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadStatuses,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/themesget.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountThemesGETHandler swagger:operation GET /api/v1/accounts/themes accountThemes
@ -60,9 +59,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountThemesGETHandler(c *gin.Context) {
_, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
_, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

7
internal/api/client/accounts/unblock.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountUnblockPOSTHandler swagger:operation POST /api/v1/accounts/{id}/unblock accountUnblock
@ -67,9 +66,9 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountUnblockPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c, true, true, true, true)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/unfollow.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountUnfollowPOSTHandler swagger:operation POST /api/v1/accounts/{id}/unfollow accountUnfollow
@ -67,9 +66,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountUnfollowPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeWriteFollows,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/accounts/unmute.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountUnmutePOSTHandler swagger:operation POST /api/v1/accounts/{id}/unmute accountUnmute
@ -69,9 +68,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountUnmutePOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeWriteMutes,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/accountaction.go
View file

@ -26,7 +26,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountActionPOSTHandler swagger:operation POST /api/v1/admin/accounts/{id}/action adminAccountAction
@ -64,7 +63,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write:accounts
//
// responses:
// '200':
@ -87,9 +86,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountActionPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWriteAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/accountapprove.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountApprovePOSTHandler swagger:operation POST /api/v1/admin/accounts/{id}/approve adminAccountApprove
@ -48,7 +47,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write:accounts
//
// responses:
// '200':
@ -68,9 +67,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountApprovePOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWriteAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/accountget.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountGETHandler swagger:operation GET /api/v1/admin/accounts/{id} adminAccountGet
@ -48,7 +47,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read:accounts
//
// responses:
// '200':
@ -68,9 +67,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminReadAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/accountreject.go
View file

@ -25,7 +25,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AccountRejectPOSTHandler swagger:operation POST /api/v1/admin/accounts/{id}/reject adminAccountReject
@ -70,7 +69,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write:accounts
//
// responses:
// '200':
@ -90,9 +89,12 @@ import (
// '500':
// description: internal server error
func (m *Module) AccountRejectPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWriteAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/accountsgetv1.go
View file

@ -148,7 +148,7 @@
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read:accounts
//
// responses:
// '200':
@ -182,14 +182,16 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/paging"
)
func (m *Module) AccountsGETV1Handler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminReadAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/accountsgetv2.go
View file

@ -121,7 +121,7 @@
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read:accounts
//
// responses:
// '200':
@ -155,14 +155,16 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/paging"
)
func (m *Module) AccountsGETV2Handler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminReadAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

4
internal/api/client/admin/debug_off.go
View file

@ -55,7 +55,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -89,7 +89,7 @@ func (m *Module) DebugAPUrlHandler(c *gin.Context) {}
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':

19
internal/api/client/admin/debug_on.go
View file

@ -27,13 +27,15 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
func (m *Module) DebugAPUrlHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
@ -58,9 +60,12 @@ func (m *Module) DebugAPUrlHandler(c *gin.Context) {
}
func (m *Module) DebugClearCachesHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

2
internal/api/client/admin/domainallowcreate.go
View file

@ -93,7 +93,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write:domain_allows
//
// responses:
// '200':

2
internal/api/client/admin/domainallowdelete.go
View file

@ -43,7 +43,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write:domain_allows
//
// responses:
// '200':

2
internal/api/client/admin/domainallowget.go
View file

@ -43,7 +43,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read:domain_allows
//
// responses:
// '200':

2
internal/api/client/admin/domainallowsget.go
View file

@ -47,7 +47,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read:domain_allows
//
// responses:
// '200':

2
internal/api/client/admin/domainblockcreate.go
View file

@ -93,7 +93,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write:domain_blocks
//
// responses:
// '200':

2
internal/api/client/admin/domainblockdelete.go
View file

@ -43,7 +43,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write:domain_blocks
//
// responses:
// '200':

2
internal/api/client/admin/domainblockget.go
View file

@ -43,7 +43,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read:domain_blocks
//
// responses:
// '200':

2
internal/api/client/admin/domainblocksget.go
View file

@ -47,7 +47,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read:domain_blocks
//
// responses:
// '200':

12
internal/api/client/admin/domainkeysexpire.go
View file

@ -28,7 +28,6 @@ import (
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/config"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// DomainKeysExpirePOSTHandler swagger:operation POST /api/v1/admin/domain_keys_expire domainKeysExpire
@ -68,7 +67,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '202':
@ -95,9 +94,12 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainKeysExpirePOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

70
internal/api/client/admin/domainpermission.go
View file

@ -29,7 +29,6 @@ import (
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
type singleDomainPermCreate func(
@ -63,9 +62,20 @@ func (m *Module) createDomainPermissions(
single singleDomainPermCreate,
multi multiDomainPermCreate,
) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
// Scope differs based on permType.
var requireScope apiutil.Scope
if permType == gtsmodel.DomainPermissionBlock {
requireScope = apiutil.ScopeAdminWriteDomainBlocks
} else {
requireScope = apiutil.ScopeAdminWriteDomainAllows
}
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
requireScope,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
@ -98,6 +108,7 @@ func (m *Module) createDomainPermissions(
return
}
var err error
if importing && form.Domains.Size == 0 {
err = errors.New("import was specified but list of domains is empty")
} else if !importing && form.Domain == "" {
@ -171,9 +182,20 @@ func (m *Module) deleteDomainPermission(
c *gin.Context,
permType gtsmodel.DomainPermissionType, // block/allow
) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
// Scope differs based on permType.
var requireScope apiutil.Scope
if permType == gtsmodel.DomainPermissionBlock {
requireScope = apiutil.ScopeAdminWriteDomainBlocks
} else {
requireScope = apiutil.ScopeAdminWriteDomainAllows
}
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
requireScope,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
@ -218,9 +240,20 @@ func (m *Module) getDomainPermission(
c *gin.Context,
permType gtsmodel.DomainPermissionType,
) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
// Scope differs based on permType.
var requireScope apiutil.Scope
if permType == gtsmodel.DomainPermissionBlock {
requireScope = apiutil.ScopeAdminReadDomainBlocks
} else {
requireScope = apiutil.ScopeAdminReadDomainAllows
}
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
requireScope,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
@ -266,9 +299,20 @@ func (m *Module) getDomainPermissions(
c *gin.Context,
permType gtsmodel.DomainPermissionType,
) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
// Scope differs based on permType.
var requireScope apiutil.Scope
if permType == gtsmodel.DomainPermissionBlock {
requireScope = apiutil.ScopeAdminReadDomainBlocks
} else {
requireScope = apiutil.ScopeAdminReadDomainAllows
}
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
requireScope,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

9
internal/api/client/admin/domainpermissiondraftaccept.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// DomainPermissionDraftAcceptPOSTHandler swagger:operation POST /api/v1/admin/domain_permission_drafts/{id}/accept domainPermissionDraftAccept
@ -61,7 +60,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -81,9 +80,9 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainPermissionDraftAcceptPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c, true, true, true, true)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/domainpermissiondraftcreate.go
View file

@ -26,7 +26,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// DomainPermissionDraftsPOSTHandler swagger:operation POST /api/v1/admin/domain_permission_drafts domainPermissionDraftCreate
@ -79,7 +78,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -99,9 +98,12 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainPermissionDraftsPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/domainpermissiondraftget.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// DomainPermissionDraftGETHandler swagger:operation GET /api/v1/admin/domain_permission_drafts/{id} domainPermissionDraftGet
@ -48,7 +47,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read
//
// responses:
// '200':
@ -66,9 +65,12 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainPermissionDraftGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminRead,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/domainpermissiondraftremove.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// DomainPermissionDraftRemovePOSTHandler swagger:operation POST /api/v1/admin/domain_permission_drafts/{id}/remove domainPermissionDraftRemove
@ -61,7 +60,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -81,9 +80,12 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainPermissionDraftRemovePOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/domainpermissiondraftsget.go
View file

@ -26,7 +26,6 @@ import (
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/paging"
)
@ -99,7 +98,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read
//
// responses:
// '200':
@ -125,9 +124,12 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainPermissionDraftsGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminRead,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/domainpermissionexcludecreate.go
View file

@ -25,7 +25,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// DomainPermissionExcludesPOSTHandler swagger:operation POST /api/v1/admin/domain_permission_excludes domainPermissionExcludeCreate
@ -62,7 +61,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -82,9 +81,12 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainPermissionExcludesPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/domainpermissionexcludeget.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// DomainPermissionExcludeGETHandler swagger:operation GET /api/v1/admin/domain_permission_excludes/{id} domainPermissionExcludeGet
@ -48,7 +47,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read
//
// responses:
// '200':
@ -66,9 +65,12 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainPermissionExcludeGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminRead,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/domainpermissionexcluderemove.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// DomainPermissionExcludeDELETEHandler swagger:operation DELETE /api/v1/admin/domain_permission_excludes/{id} domainPermissionExcludeDelete
@ -48,7 +47,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -68,9 +67,12 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainPermissionExcludeDELETEHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/domainpermissionexcludesget.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/paging"
)
@ -87,7 +86,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read
//
// responses:
// '200':
@ -113,9 +112,12 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainPermissionExcludesGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminRead,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/domainpermissionsubscriptioncreate.go
View file

@ -27,7 +27,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/util"
)
@ -125,7 +124,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -145,9 +144,12 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainPermissionSubscriptionPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/domainpermissionsubscriptionget.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// DomainPermissionSubscriptionGETHandler swagger:operation GET /api/v1/admin/domain_permission_subscriptions/{id} domainPermissionSubscriptionGet
@ -48,7 +47,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read
//
// responses:
// '200':
@ -66,9 +65,12 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainPermissionSubscriptionGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminRead,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/domainpermissionsubscriptionremove.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/util"
)
@ -68,7 +67,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -88,9 +87,12 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainPermissionSubscriptionRemovePOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/domainpermissionsubscriptionsget.go
View file

@ -26,7 +26,6 @@ import (
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/paging"
)
@ -89,7 +88,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read
//
// responses:
// '200':
@ -115,9 +114,12 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainPermissionSubscriptionsGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminRead,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/domainpermissionsubscriptionspreviewget.go
View file

@ -26,7 +26,6 @@ import (
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// DomainPermissionSubscriptionsPreviewGETHandler swagger:operation GET /api/v1/admin/domain_permission_subscriptions/preview domainPermissionSubscriptionsPreviewGet
@ -52,7 +51,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read
//
// responses:
// '200':
@ -74,9 +73,12 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainPermissionSubscriptionsPreviewGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminRead,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/domainpermissionsubscriptiontest.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// DomainPermissionSubscriptionTestPOSTHandler swagger:operation POST /api/v1/admin/domain_permission_subscriptions/{id}/test domainPermissionSubscriptionTest
@ -52,7 +51,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -76,9 +75,12 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainPermissionSubscriptionTestPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/domainpermissionsubscriptionupdate.go
View file

@ -28,7 +28,6 @@ import (
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/util"
)
@ -121,7 +120,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -141,9 +140,12 @@ import (
// '500':
// description: internal server error
func (m *Module) DomainPermissionSubscriptionPATCHHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

14
internal/api/client/admin/emailtest.go
View file

@ -26,7 +26,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// EmailTestPostHandler swagger:operation POST /api/v1/admin/email/test testEmailSend
@ -63,7 +62,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '202':
@ -87,9 +86,12 @@ import (
// '500':
// description: internal server error
func (m *Module) EmailTestPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
@ -121,7 +123,7 @@ func (m *Module) EmailTestPOSTHandler(c *gin.Context) {
return
}
errWithCode := m.processor.Admin().EmailTest(
errWithCode = m.processor.Admin().EmailTest(
c.Request.Context(),
authed.Account,
email.Address,

14
internal/api/client/admin/emojicategoriesget.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// EmojiCategoriesGETHandler swagger:operation GET /api/v1/admin/custom_emojis/categories emojiCategoriesGet
@ -38,6 +37,10 @@ import (
// produces:
// - application/json
//
// security:
// - OAuth2 Bearer:
// - admin:read
//
// responses:
// '200':
// description: Array of existing emoji categories.
@ -58,9 +61,12 @@ import (
// '500':
// description: internal server error
func (m *Module) EmojiCategoriesGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminRead,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/emojicreate.go
View file

@ -27,7 +27,6 @@ import (
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/config"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/validate"
)
@ -76,7 +75,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -98,9 +97,12 @@ import (
// '500':
// description: internal server error
func (m *Module) EmojiCreatePOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/emojidelete.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// EmojiDELETEHandler swagger:operation DELETE /api/v1/admin/custom_emojis/{id} emojiDelete
@ -54,7 +53,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -74,9 +73,12 @@ import (
// '500':
// description: internal server error
func (m *Module) EmojiDELETEHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

14
internal/api/client/admin/emojiget.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// EmojiGETHandler swagger:operation GET /api/v1/admin/custom_emojis/{id} emojiGet
@ -46,6 +45,10 @@ import (
// in: path
// required: true
//
// security:
// - OAuth2 Bearer:
// - admin:read
//
// responses:
// '200':
// description: A single emoji.
@ -64,9 +67,12 @@ import (
// '500':
// description: internal server error
func (m *Module) EmojiGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminRead,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

14
internal/api/client/admin/emojisget.go
View file

@ -27,7 +27,6 @@ import (
"github.com/superseriousbusiness/gotosocial/internal/config"
"github.com/superseriousbusiness/gotosocial/internal/db"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// EmojisGETHandler swagger:operation GET /api/v1/admin/custom_emojis emojisGet
@ -99,6 +98,10 @@ import (
// Emoji with the given `[shortcode]@[domain]` will not be included in the result set.
// in: query
//
// security:
// - OAuth2 Bearer:
// - admin:read
//
// responses:
// '200':
// headers:
@ -123,9 +126,12 @@ import (
// '500':
// description: internal server error
func (m *Module) EmojisGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminRead,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/emojiupdate.go
View file

@ -28,7 +28,6 @@ import (
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/config"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/validate"
)
@ -105,7 +104,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -125,9 +124,12 @@ import (
// '500':
// description: internal server error
func (m *Module) EmojiPATCHHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

33
internal/api/client/admin/headerfilter.go
View file

@ -27,14 +27,15 @@ import (
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// getHeaderFilter is a gin handler function that returns details of an HTTP header filter with provided ID, using given get function.
func (m *Module) getHeaderFilter(c *gin.Context, get func(context.Context, string) (*apimodel.HeaderFilter, gtserror.WithCode)) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
errWithCode := gtserror.NewErrorUnauthorized(err, err.Error())
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminRead,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
@ -69,9 +70,11 @@ func (m *Module) getHeaderFilter(c *gin.Context, get func(context.Context, strin
// getHeaderFilters is a gin handler function that returns details of all HTTP header filters using given get function.
func (m *Module) getHeaderFilters(c *gin.Context, get func(context.Context) ([]*apimodel.HeaderFilter, gtserror.WithCode)) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
errWithCode := gtserror.NewErrorUnauthorized(err, err.Error())
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminRead,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
@ -100,9 +103,11 @@ func (m *Module) getHeaderFilters(c *gin.Context, get func(context.Context) ([]*
// createHeaderFilter is a gin handler function that creates a HTTP header filter entry using provided form data, passing to given create function.
func (m *Module) createHeaderFilter(c *gin.Context, create func(context.Context, *gtsmodel.Account, *apimodel.HeaderFilterRequest) (*apimodel.HeaderFilter, gtserror.WithCode)) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
errWithCode := gtserror.NewErrorUnauthorized(err, err.Error())
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
@ -148,9 +153,11 @@ func (m *Module) createHeaderFilter(c *gin.Context, create func(context.Context,
// deleteHeaderFilter is a gin handler function that deletes an HTTP header filter with provided ID, using given delete function.
func (m *Module) deleteHeaderFilter(c *gin.Context, delete func(context.Context, string) gtserror.WithCode) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
errWithCode := gtserror.NewErrorUnauthorized(err, err.Error())
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

4
internal/api/client/admin/headerfilter_create.go
View file

@ -42,7 +42,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -82,7 +82,7 @@ func (m *Module) HeaderFilterAllowPOST(c *gin.Context) {
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':

4
internal/api/client/admin/headerfilter_delete.go
View file

@ -39,7 +39,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '202':
@ -76,7 +76,7 @@ func (m *Module) HeaderFilterAllowDELETE(c *gin.Context) {
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '202':

4
internal/api/client/admin/headerfilter_get.go
View file

@ -37,7 +37,7 @@ import "github.com/gin-gonic/gin"
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read
//
// responses:
// '200':
@ -76,7 +76,7 @@ func (m *Module) HeaderFilterAllowGET(c *gin.Context) {
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read
//
// responses:
// '200':

12
internal/api/client/admin/mediacleanup.go
View file

@ -26,7 +26,6 @@ import (
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/config"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// MediaCleanupPOSTHandler swagger:operation POST /api/v1/admin/media_cleanup mediaCleanup
@ -49,7 +48,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -69,9 +68,12 @@ import (
// '500':
// description: internal server error
func (m *Module) MediaCleanupPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/mediarefetch.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// MediaRefetchPOSTHandler swagger:operation POST /api/v1/admin/media_refetch mediaRefetch
@ -42,7 +41,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// parameters:
// -
@ -71,9 +70,12 @@ import (
// '500':
// description: internal server error
func (m *Module) MediaRefetchPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/reportget.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// ReportGETHandler swagger:operation GET /api/v1/admin/reports/{id} adminReportGet
@ -48,7 +47,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read:reports
//
// responses:
// '200':
@ -67,9 +66,12 @@ import (
// '500':
// description: internal server error
func (m *Module) ReportGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminReadReports,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/reportresolve.go
View file

@ -25,7 +25,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// ReportResolvePOSTHandler swagger:operation POST /api/v1/admin/reports/{id}/resolve adminReportResolve
@ -65,7 +64,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write:reports
//
// responses:
// '200':
@ -84,9 +83,12 @@ import (
// '500':
// description: internal server error
func (m *Module) ReportResolvePOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWriteReports,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/reportsget.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/paging"
)
@ -100,7 +99,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read:reports
//
// responses:
// '200':
@ -125,9 +124,12 @@ import (
// '500':
// description: internal server error
func (m *Module) ReportsGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminReadReports,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

2
internal/api/client/admin/reportsget_test.go
View file

@ -1149,7 +1149,7 @@ func (suite *ReportsGetTestSuite) TestReportsGetNotAdmin() {
testToken := suite.testTokens["local_account_1"]
testUser := suite.testUsers["local_account_1"]
reports, _, err := suite.getReports(testAccount, testToken, testUser, http.StatusForbidden, `{"error":"Forbidden: user 01F8MGVGPHQ2D3P3X0454H54Z5 not an admin"}`, nil, "", "", "", "", "", 20)
reports, _, err := suite.getReports(testAccount, testToken, testUser, http.StatusForbidden, `{"error":"Forbidden: token has insufficient scope permission"}`, nil, "", "", "", "", "", 20)
suite.NoError(err)
suite.Empty(reports)
}

12
internal/api/client/admin/rulecreate.go
View file

@ -26,7 +26,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// RulePOSTHandler swagger:operation POST /api/v1/admin/instance/rules ruleCreate
@ -45,7 +44,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -65,9 +64,12 @@ import (
// '500':
// description: internal server error
func (m *Module) RulePOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/ruledelete.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// RuleDELETEHandler swagger:operation DELETE /api/v1/admin/instance/rules/{id} ruleDelete
@ -52,7 +51,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -72,9 +71,12 @@ import (
// '500':
// description: internal server error
func (m *Module) RuleDELETEHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/ruleget.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// RuleGETHandler swagger:operation GET /api/v1/admin/instance/rules/{id} adminRuleGet
@ -48,7 +47,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read
//
// responses:
// '200':
@ -67,9 +66,12 @@ import (
// '500':
// description: internal server error
func (m *Module) RuleGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminRead,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/rulesget.go
View file

@ -24,7 +24,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// RulesGETHandler swagger:operation GET /api/v1/admin/instance/rules adminsRuleGet
@ -44,7 +43,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:read
//
// responses:
// '200':
@ -64,9 +63,12 @@ import (
// '500':
// description: internal server error
func (m *Module) RulesGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminRead,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/admin/ruleupdate.go
View file

@ -25,7 +25,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// RulePATCHHandler swagger:operation PATCH /api/v1/admin/instance/rules/{id} ruleUpdate
@ -44,7 +43,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - admin
// - admin:write
//
// responses:
// '200':
@ -64,9 +63,12 @@ import (
// '500':
// description: internal server error
func (m *Module) RulePATCHHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeAdminWrite,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/announcements/announcementsget.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// AnnouncementsGETHandler swagger:operation GET /api/v1/announcements announcementsGet
@ -40,8 +39,7 @@ import (
// - application/json
//
// security:
// - OAuth2 Bearer:
// - read:announcements
// - OAuth2 Bearer: []
//
// responses:
// '200':
@ -59,9 +57,11 @@ import (
// '500':
// description: internal server error
func (m *Module) AnnouncementsGETHandler(c *gin.Context) {
_, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
_, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

9
internal/api/client/apps/appcreate.go
View file

@ -25,7 +25,6 @@ import (
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// these consts are used to ensure users can't spam huge entries into our database
@ -74,9 +73,11 @@ const (
// '500':
// description: internal server error
func (m *Module) AppsPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, false, false, false, false)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
false, false, false, false,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/blocks/blocksget.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/paging"
)
@ -107,9 +106,12 @@ import (
// '500':
// description: internal server error
func (m *Module) BlocksGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadBlocks,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/bookmarks/bookmarksget.go
View file

@ -25,7 +25,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
const (
@ -93,9 +92,12 @@ const (
// '500':
// description: internal server error
func (m *Module) BookmarksGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadBookmarks,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/conversations/conversationdelete.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// ConversationDELETEHandler swagger:operation DELETE /api/v1/conversations/{id} conversationDelete
@ -66,9 +65,12 @@ import (
// '500':
// description: internal server error
func (m *Module) ConversationDELETEHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeWriteConversations,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/conversations/conversationread.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// ConversationReadPOSTHandler swagger:operation POST /api/v1/conversation/{id}/read conversationRead
@ -68,9 +67,12 @@ import (
// '500':
// description: internal server error
func (m *Module) ConversationReadPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeWriteConversations,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/conversations/conversationsget.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/paging"
)
@ -107,9 +106,12 @@ import (
// '500':
// description: internal server error
func (m *Module) ConversationsGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadStatuses,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

11
internal/api/client/customemojis/customemojisget.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// CustomEmojisGETHandler swagger:operation GET /api/v1/custom_emojis customEmojisGet
@ -38,8 +37,7 @@ import (
// - application/json
//
// security:
// - OAuth2 Bearer:
// - read:custom_emojis
// - OAuth2 Bearer: []
//
// responses:
// '200':
@ -55,8 +53,11 @@ import (
// '500':
// description: internal server error
func (m *Module) CustomEmojisGETHandler(c *gin.Context) {
if _, err := oauth.Authed(c, true, true, true, true); err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
_, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/exports/blocks.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// ExportBlocksGETHandler swagger:operation GET /api/v1/exports/blocks.csv exportBlocks
@ -52,9 +51,12 @@ import (
// '500':
// description: internal server error
func (m *Module) ExportBlocksGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadBlocks,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/exports/followers.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// ExportFollowersGETHandler swagger:operation GET /api/v1/exports/followers.csv exportFollowers
@ -39,7 +38,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - read:follows
// - read:accounts
//
// responses:
// '200':
@ -52,9 +51,12 @@ import (
// '500':
// description: internal server error
func (m *Module) ExportFollowersGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/exports/following.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// ExportFollowingGETHandler swagger:operation GET /api/v1/exports/following.csv exportFollowing
@ -52,9 +51,12 @@ import (
// '500':
// description: internal server error
func (m *Module) ExportFollowingGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadFollows,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/exports/lists.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// ExportListsGETHandler swagger:operation GET /api/v1/exports/lists.csv exportLists
@ -52,9 +51,12 @@ import (
// '500':
// description: internal server error
func (m *Module) ExportListsGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadLists,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/exports/mutes.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// ExportMutesGETHandler swagger:operation GET /api/v1/exports/mutes.csv exportMutes
@ -52,9 +51,12 @@ import (
// '500':
// description: internal server error
func (m *Module) ExportMutesGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadMutes,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

12
internal/api/client/exports/stats.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// ExportStatsGETHandler swagger:operation GET /api/v1/exports/stats exportStats
@ -39,7 +38,7 @@ import (
//
// security:
// - OAuth2 Bearer:
// - read:account
// - read:accounts
//
// responses:
// '200':
@ -53,9 +52,12 @@ import (
// '500':
// description: internal server error
func (m *Module) ExportStatsGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/favourites/favouritesget.go
View file

@ -25,7 +25,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// FavouritesGETHandler swagger:operation GET /api/v1/favourites favouritesGet
@ -93,9 +92,12 @@ import (
// '500':
// description: internal server error
func (m *Module) FavouritesGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadFavourites,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/featuredtags/get.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// FeaturedTagsGETHandler swagger:operation GET /api/v1/featured_tags getFeaturedTags
@ -60,9 +59,12 @@ import (
// '500':
// description: internal server error
func (m *Module) FeaturedTagsGETHandler(c *gin.Context) {
_, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
_, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadAccounts,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/filters/v1/filterdelete.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// FilterDELETEHandler swagger:operation DELETE /api/v1/filters/{id} filterV1Delete
@ -63,9 +62,12 @@ import (
// '500':
// description: internal server error
func (m *Module) FilterDELETEHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeWriteFilters,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

10
internal/api/client/filters/v1/filterget.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// FilterGETHandler swagger:operation GET /api/v1/filters/{id} filterV1Get
@ -66,9 +65,12 @@ import (
// '500':
// description: internal server error
func (m *Module) FilterGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadFilters,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}

Some files were not shown because too many files have changed in this diff Show more