From c99b89f780f9d561ac0fbc2acf61291006396071 Mon Sep 17 00:00:00 2001 From: Vyr Cossont Date: Mon, 13 Oct 2025 19:15:24 +0200 Subject: [feature] granular admin scopes for custom emojis (#4489) This PR adds admin equivalents of the `read:custom_emojis` OAuth scope: `admin:read:custom_emojis` and `admin:write:custom_emojis`. This is so tools which only touch emojis can run without other admin permissions. (`slurp emojis import` is one such tool.) I've also sorted the admin section of the scopes lists alphabetically like the non-admin section, and updated the Swagger test script to print the same command path that it actually runs. ## API compatibility Neither [Mastodon](https://docs.joinmastodon.org/api/oauth-scopes/) nor Akkoma nor Iceshrimp.NET has an equivalent scope, so there are no alternate scope names to worry about. Co-authored-by: tobi Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4489 Co-authored-by: Vyr Cossont Co-committed-by: Vyr Cossont --- internal/api/client/admin/emojicreate.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'internal/api/client/admin/emojicreate.go') diff --git a/internal/api/client/admin/emojicreate.go b/internal/api/client/admin/emojicreate.go index c2723042a..04f0602c0 100644 --- a/internal/api/client/admin/emojicreate.go +++ b/internal/api/client/admin/emojicreate.go @@ -75,7 +75,7 @@ import ( // // security: // - OAuth2 Bearer: -// - admin:write +// - admin:write:custom_emojis // // responses: // '200': @@ -99,7 +99,7 @@ import ( func (m *Module) EmojiCreatePOSTHandler(c *gin.Context) { authed, errWithCode := apiutil.TokenAuth(c, true, true, true, true, - apiutil.ScopeAdminWrite, + apiutil.ScopeAdminWriteCustomEmojis, ) if errWithCode != nil { apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) -- cgit v1.2.3