hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add priviledges for :statuses_read

Browse source 
This was the last in :require_privileged_staff. I'll remove that in the next commit
This commit is contained in:
Ilja 2022-05-26 14:21:14 +02:00
commit b1ff5241c2
4 changed files with 75 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

18
lib/pleroma/web/router.ex
View file

@ -119,6 +119,11 @@ defmodule Pleroma.Web.Router do
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :user_credentials)
end
pipeline :require_privileged_role_statuses_read do
plug(:admin_api)
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :statuses_read)
end
pipeline :pleroma_html do
plug(:browser)
plug(:authenticate)
@ -242,22 +247,22 @@ defmodule Pleroma.Web.Router do
# AdminAPI: admins and mods (staff) can perform these actions (if privileged by role)
scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do
pipe_through([:admin_api, :require_privileged_role_user_deletion])
pipe_through(:require_privileged_role_user_deletion)
delete("/users", UserController, :delete)
end
# AdminAPI: admins and mods (staff) can perform these actions (if privileged by role)
scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do
pipe_through([:admin_api, :require_privileged_role_user_credentials])
pipe_through(:require_privileged_role_user_credentials)
get("/users/:nickname/password_reset", AdminAPIController, :get_password_reset)
patch("/users/:nickname/credentials", AdminAPIController, :update_user_credentials)
end
# AdminAPI: admins and mods (staff) can perform these actions (if enabled by config)
# AdminAPI: admins and mods (staff) can perform these actions (if privileged by role)
scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do
pipe_through([:admin_api, :require_privileged_staff])
pipe_through(:require_privileged_role_statuses_read)
get("/users/:nickname/statuses", AdminAPIController, :list_user_statuses)
get("/users/:nickname/chats", AdminAPIController, :list_user_chats)
@ -268,6 +273,11 @@ defmodule Pleroma.Web.Router do
get("/chats/:id/messages", ChatController, :messages)
end
# AdminAPI: admins and mods (staff) can perform these actions (if enabled by config)
scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do
pipe_through([:admin_api, :require_privileged_staff])
end
# AdminAPI: admins and mods (staff) can perform these actions
scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do
pipe_through(:admin_api)