Merge branch 'develop' into fix/disable-rate-limiter-for-socket-localhost

2020-01-30 22:16:55 +03:00 · 2020-01-30 22:16:55 +03:00 · 5b62acf6e9
commit 5b62acf6e9
parent 45180d4c60 946de2299c
781 changed files with 13028 additions and 6250 deletions
--- a/lib/pleroma/plugs/oauth_scopes_plug.ex
+++ b/lib/pleroma/plugs/oauth_scopes_plug.ex
@ -18,16 +18,13 @@ defmodule Pleroma.Plugs.OAuthScopesPlug do
    token = assigns[:token]

    scopes = transform_scopes(scopes, options)
-    matched_scopes = token && filter_descendants(scopes, token.scopes)
+    matched_scopes = (token && filter_descendants(scopes, token.scopes)) || []

    cond do
-      is_nil(token) ->
-        maybe_perform_instance_privacy_check(conn, options)
-
-      op == :| && Enum.any?(matched_scopes) ->
+      token && op == :| && Enum.any?(matched_scopes) ->
        conn

-      op == :& && matched_scopes == scopes ->
+      token && op == :& && matched_scopes == scopes ->
        conn

      options[:fallback] == :proceed_unauthenticated ->
--- a/lib/pleroma/plugs/user_enabled_plug.ex
+++ b/lib/pleroma/plugs/user_enabled_plug.ex
@ -11,11 +11,9 @@ defmodule Pleroma.Plugs.UserEnabledPlug do
  end

  def call(%{assigns: %{user: %User{} = user}} = conn, _) do
-    if User.auth_active?(user) do
-      conn
-    else
-      conn
-      |> assign(:user, nil)
+    case User.account_status(user) do
+      :active -> conn
+      _ -> assign(conn, :user, nil)
    end
  end

--- a/lib/pleroma/plugs/user_is_admin_plug.ex
+++ b/lib/pleroma/plugs/user_is_admin_plug.ex
@ -23,6 +23,7 @@ defmodule Pleroma.Plugs.UserIsAdminPlug do
      token && OAuth.Scopes.contains_admin_scopes?(token.scopes) ->
        # Note: checking for _any_ admin scope presence, not necessarily fitting requested action.
        #   Thus, controller must explicitly invoke OAuthScopesPlug to verify scope requirements.
+        #   Admin might opt out of admin scope for some apps to block any admin actions from them.
        conn

      true ->