summaryrefslogtreecommitdiff
path: root/internal/api/util/scopes.go
AgeCommit message (Collapse)AuthorFiles
2025-10-17[feature] granular admin scopes for custom emojis (#4489)Libravatar Vyr Cossont1
This PR adds admin equivalents of the `read:custom_emojis` OAuth scope: `admin:read:custom_emojis` and `admin:write:custom_emojis`. This is so tools which only touch emojis can run without other admin permissions. (`slurp emojis import` is one such tool.) I've also sorted the admin section of the scopes lists alphabetically like the non-admin section, and updated the Swagger test script to print the same command path that it actually runs. ## API compatibility Neither [Mastodon](https://docs.joinmastodon.org/api/oauth-scopes/) nor Akkoma nor Iceshrimp.NET has an equivalent scope, so there are no alternate scope names to worry about. Co-authored-by: tobi <tobi.smethurst@protonmail.com> Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4489 Co-authored-by: Vyr Cossont <vyr@noreply.codeberg.org> Co-committed-by: Vyr Cossont <vyr@noreply.codeberg.org>
2025-06-03[feature] Add config option to expose custom emojis without auth (#4233)Libravatar tobi1
# Description > If this is a code change, please include a summary of what you've coded, and link to the issue(s) it closes/implements. > > If this is a documentation change, please briefly describe what you've changed and why. Does as it says on the tin! Should make things a bit easier for clients that don't provide an access token to the custom emojis endpoint. Closes https://codeberg.org/superseriousbusiness/gotosocial/issues/2430 ## Checklist Please put an x inside each checkbox to indicate that you've read and followed it: `[ ]` -> `[x]` If this is a documentation change, only the first checkbox must be filled (you can delete the others if you want). - [x] I/we have read the [GoToSocial contribution guidelines](https://codeberg.org/superseriousbusiness/gotosocial/src/branch/main/CONTRIBUTING.md). - [x] I/we have discussed the proposed changes already, either in an issue on the repository, or in the Matrix chat. - [x] I/we have not leveraged AI to create the proposed changes. - [x] I/we have performed a self-review of added code. - [x] I/we have written code that is legible and maintainable by others. - [x] I/we have commented the added code, particularly in hard-to-understand areas. - [x] I/we have made any necessary changes to documentation. - [ ] I/we have added tests that cover new code. - [x] I/we have run tests and they pass locally with the changes. - [x] I/we have run `go fmt ./...` and `golangci-lint run`. Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4233 Reviewed-by: Daenney <daenney@noreply.codeberg.org> Co-authored-by: tobi <tobi.smethurst@protonmail.com> Co-committed-by: tobi <tobi.smethurst@protonmail.com>
2025-03-17[feature] Application creation + management via API + settings panel (#3906)Libravatar tobi1
* [feature] Application creation + management via API + settings panel * fix docs links * add errnorows test * use known application as shorter * add comment about side effects
2025-03-03[feature] Refactor tokens, allow multiple app redirect_uris (#3849)Libravatar tobi1
* [feature] Refactor tokens, allow multiple app redirect_uris * move + tweak handlers a bit * return error for unset oauth2.ClientStore funcs * wrap UpdateToken with cache * panic handling * cheeky little time optimization * unlock on error
2025-02-26[feature] Enforce OAuth token scopes (#3835)Libravatar tobi1
* move tokenauth to apiutil * enforce scopes * docs * update test models, remove deprecated "follow" * file header * tests * tweak scope matcher * simplify... * fix tests * log user out of settings panel in case of oauth error
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-07 03:26:09 +0000