diff options
Diffstat (limited to 'internal/api/client/instance')
| -rw-r--r-- | internal/api/client/instance/instancepatch.go | 12 | ||||
| -rw-r--r-- | internal/api/client/instance/instancepatch_test.go | 2 | ||||
| -rw-r--r-- | internal/api/client/instance/instancepeersget.go | 12 |
3 files changed, 16 insertions, 10 deletions
diff --git a/internal/api/client/instance/instancepatch.go b/internal/api/client/instance/instancepatch.go index 5085399eb..67856100d 100644 --- a/internal/api/client/instance/instancepatch.go +++ b/internal/api/client/instance/instancepatch.go @@ -27,7 +27,6 @@ import ( apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util" "github.com/superseriousbusiness/gotosocial/internal/config" "github.com/superseriousbusiness/gotosocial/internal/gtserror" - "github.com/superseriousbusiness/gotosocial/internal/oauth" ) // InstanceUpdatePATCHHandler swagger:operation PATCH /api/v1/instance instanceUpdate @@ -107,7 +106,7 @@ import ( // // security: // - OAuth2 Bearer: -// - admin +// - admin:write // // responses: // '200': @@ -127,9 +126,12 @@ import ( // '500': // description: internal server error func (m *Module) InstanceUpdatePATCHHandler(c *gin.Context) { - authed, err := oauth.Authed(c, true, true, true, true) - if err != nil { - apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1) + authed, errWithCode := apiutil.TokenAuth(c, + true, true, true, true, + apiutil.ScopeAdminWrite, + ) + if errWithCode != nil { + apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) return } diff --git a/internal/api/client/instance/instancepatch_test.go b/internal/api/client/instance/instancepatch_test.go index 53df20b6b..a63ca9e11 100644 --- a/internal/api/client/instance/instancepatch_test.go +++ b/internal/api/client/instance/instancepatch_test.go @@ -544,7 +544,7 @@ func (suite *InstancePatchTestSuite) TestInstancePatch5() { b, err := io.ReadAll(result.Body) suite.NoError(err) - suite.Equal(`{"error":"Forbidden: user is not an admin so cannot update instance settings"}`, string(b)) + suite.Equal(`{"error":"Forbidden: token has insufficient scope permission"}`, string(b)) } func (suite *InstancePatchTestSuite) TestInstancePatch6() { diff --git a/internal/api/client/instance/instancepeersget.go b/internal/api/client/instance/instancepeersget.go index c278c0674..0b32a87e9 100644 --- a/internal/api/client/instance/instancepeersget.go +++ b/internal/api/client/instance/instancepeersget.go @@ -25,7 +25,6 @@ import ( apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util" "github.com/superseriousbusiness/gotosocial/internal/config" "github.com/superseriousbusiness/gotosocial/internal/gtserror" - "github.com/superseriousbusiness/gotosocial/internal/oauth" "github.com/gin-gonic/gin" ) @@ -59,6 +58,9 @@ import ( // required: false // default: "open" // +// security: +// - OAuth2 Bearer: [] +// // responses: // '200': // description: >- @@ -99,9 +101,11 @@ import ( // '500': // description: internal server error func (m *Module) InstancePeersGETHandler(c *gin.Context) { - authed, err := oauth.Authed(c, false, false, false, false) - if err != nil { - apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1) + authed, errWithCode := apiutil.TokenAuth(c, + false, false, false, false, + ) + if errWithCode != nil { + apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) return } |