summaryrefslogtreecommitdiff
path: root/internal/api
diff options
context:
space:
mode:
Diffstat (limited to 'internal/api')
-rw-r--r--internal/api/client/customemojis/customemojisget.go22
-rw-r--r--internal/api/util/scopes.go2
2 files changed, 17 insertions, 7 deletions
diff --git a/internal/api/client/customemojis/customemojisget.go b/internal/api/client/customemojis/customemojisget.go
index c63445aef..9aa878274 100644
--- a/internal/api/client/customemojis/customemojisget.go
+++ b/internal/api/client/customemojis/customemojisget.go
@@ -21,6 +21,7 @@ import (
"net/http"
apiutil "code.superseriousbusiness.org/gotosocial/internal/api/util"
+ "code.superseriousbusiness.org/gotosocial/internal/config"
"code.superseriousbusiness.org/gotosocial/internal/gtserror"
"github.com/gin-gonic/gin"
)
@@ -29,6 +30,8 @@ import (
//
// Get an array of custom emojis available on the instance.
//
+// If the instance config setting `instance-expose-custom-emojis` is `true` then authentication is not required.
+//
// ---
// tags:
// - custom_emojis
@@ -37,7 +40,8 @@ import (
// - application/json
//
// security:
-// - OAuth2 Bearer: []
+// - OAuth2 Bearer:
+// - read:custom_emojis
//
// responses:
// '200':
@@ -53,12 +57,16 @@ import (
// '500':
// description: internal server error
func (m *Module) CustomEmojisGETHandler(c *gin.Context) {
- _, errWithCode := apiutil.TokenAuth(c,
- true, true, true, true,
- )
- if errWithCode != nil {
- apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
- return
+ // If custom emojis are not exposed to unauthed
+ // callers, fail if a token was not provided.
+ if !config.GetInstanceExposeCustomEmojis() {
+ if _, errWithCode := apiutil.TokenAuth(c,
+ true, true, true, true,
+ apiutil.ScopeReadCustomEmojis,
+ ); errWithCode != nil {
+ apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
+ return
+ }
}
if _, err := apiutil.NegotiateAccept(c, apiutil.JSONAcceptHeaders...); err != nil {
diff --git a/internal/api/util/scopes.go b/internal/api/util/scopes.go
index 594a46ecd..492fa9dad 100644
--- a/internal/api/util/scopes.go
+++ b/internal/api/util/scopes.go
@@ -31,6 +31,7 @@ const (
scopeBlocks = "blocks"
scopeBookmarks = "bookmarks"
scopeConversations = "conversations"
+ scopeCustomEmojis = "custom_emojis"
scopeDomainAllows = "domain_allows"
scopeDomainBlocks = "domain_blocks"
scopeFavourites = "favourites"
@@ -65,6 +66,7 @@ const (
ScopeReadBookmarks Scope = ScopeRead + ":" + scopeBookmarks
ScopeWriteBookmarks Scope = ScopeWrite + ":" + scopeBookmarks
ScopeWriteConversations Scope = ScopeWrite + ":" + scopeConversations
+ ScopeReadCustomEmojis Scope = ScopeRead + ":" + scopeCustomEmojis
ScopeReadFavourites Scope = ScopeRead + ":" + scopeFavourites
ScopeWriteFavourites Scope = ScopeWrite + ":" + scopeFavourites
ScopeReadFilters Scope = ScopeRead + ":" + scopeFilters
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-02 21:16:55 +0000