From c99b89f780f9d561ac0fbc2acf61291006396071 Mon Sep 17 00:00:00 2001
From: Vyr Cossont <vyr@noreply.codeberg.org>
Date: Mon, 13 Oct 2025 19:15:24 +0200
Subject: [feature] granular admin scopes for custom emojis (#4489)

This PR adds admin equivalents of the `read:custom_emojis` OAuth scope: `admin:read:custom_emojis` and `admin:write:custom_emojis`.

This is so tools which only touch emojis can run without other admin permissions. (`slurp emojis import` is one such tool.)

I've also sorted the admin section of the scopes lists alphabetically like the non-admin section, and updated the Swagger test script to print the same command path that it actually runs.

## API compatibility

Neither [Mastodon](https://docs.joinmastodon.org/api/oauth-scopes/) nor Akkoma nor Iceshrimp.NET has an equivalent scope, so there are no alternate scope names to worry about.

Co-authored-by: tobi <tobi.smethurst@protonmail.com>
Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4489
Co-authored-by: Vyr Cossont <vyr@noreply.codeberg.org>
Co-committed-by: Vyr Cossont <vyr@noreply.codeberg.org>
---
 internal/api/client/admin/emojicategoriesget.go | 4 ++--
 internal/api/client/admin/emojicreate.go        | 4 ++--
 internal/api/client/admin/emojidelete.go        | 4 ++--
 internal/api/client/admin/emojiget.go           | 4 ++--
 internal/api/client/admin/emojisget.go          | 4 ++--
 internal/api/client/admin/emojiupdate.go        | 4 ++--
 internal/api/util/scopes.go                     | 6 ++++--
 7 files changed, 16 insertions(+), 14 deletions(-)

(limited to 'internal/api')

diff --git a/internal/api/client/admin/emojicategoriesget.go b/internal/api/client/admin/emojicategoriesget.go
index 37d6f12f3..c2a8cbabb 100644
--- a/internal/api/client/admin/emojicategoriesget.go
+++ b/internal/api/client/admin/emojicategoriesget.go
@@ -39,7 +39,7 @@ import (
 //
 //	security:
 //	- OAuth2 Bearer:
-//		- admin:read
+//		- admin:read:custom_emojis
 //
 //	responses:
 //		'200':
@@ -63,7 +63,7 @@ import (
 func (m *Module) EmojiCategoriesGETHandler(c *gin.Context) {
 	authed, errWithCode := apiutil.TokenAuth(c,
 		true, true, true, true,
-		apiutil.ScopeAdminRead,
+		apiutil.ScopeAdminReadCustomEmojis,
 	)
 	if errWithCode != nil {
 		apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
diff --git a/internal/api/client/admin/emojicreate.go b/internal/api/client/admin/emojicreate.go
index c2723042a..04f0602c0 100644
--- a/internal/api/client/admin/emojicreate.go
+++ b/internal/api/client/admin/emojicreate.go
@@ -75,7 +75,7 @@ import (
 //
 //	security:
 //	- OAuth2 Bearer:
-//		- admin:write
+//		- admin:write:custom_emojis
 //
 //	responses:
 //		'200':
@@ -99,7 +99,7 @@ import (
 func (m *Module) EmojiCreatePOSTHandler(c *gin.Context) {
 	authed, errWithCode := apiutil.TokenAuth(c,
 		true, true, true, true,
-		apiutil.ScopeAdminWrite,
+		apiutil.ScopeAdminWriteCustomEmojis,
 	)
 	if errWithCode != nil {
 		apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
diff --git a/internal/api/client/admin/emojidelete.go b/internal/api/client/admin/emojidelete.go
index 7809608e3..83c49a92a 100644
--- a/internal/api/client/admin/emojidelete.go
+++ b/internal/api/client/admin/emojidelete.go
@@ -53,7 +53,7 @@ import (
 //
 //	security:
 //	- OAuth2 Bearer:
-//		- admin:write
+//		- admin:write:custom_emojis
 //
 //	responses:
 //		'200':
@@ -75,7 +75,7 @@ import (
 func (m *Module) EmojiDELETEHandler(c *gin.Context) {
 	authed, errWithCode := apiutil.TokenAuth(c,
 		true, true, true, true,
-		apiutil.ScopeAdminWrite,
+		apiutil.ScopeAdminWriteCustomEmojis,
 	)
 	if errWithCode != nil {
 		apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
diff --git a/internal/api/client/admin/emojiget.go b/internal/api/client/admin/emojiget.go
index 5abed2aaa..1ae7eb9e9 100644
--- a/internal/api/client/admin/emojiget.go
+++ b/internal/api/client/admin/emojiget.go
@@ -47,7 +47,7 @@ import (
 //
 //	security:
 //	- OAuth2 Bearer:
-//		- admin:read
+//		- admin:read:custom_emojis
 //
 //	responses:
 //		'200':
@@ -69,7 +69,7 @@ import (
 func (m *Module) EmojiGETHandler(c *gin.Context) {
 	authed, errWithCode := apiutil.TokenAuth(c,
 		true, true, true, true,
-		apiutil.ScopeAdminRead,
+		apiutil.ScopeAdminReadCustomEmojis,
 	)
 	if errWithCode != nil {
 		apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
diff --git a/internal/api/client/admin/emojisget.go b/internal/api/client/admin/emojisget.go
index d9cf508ce..4dbbd7f53 100644
--- a/internal/api/client/admin/emojisget.go
+++ b/internal/api/client/admin/emojisget.go
@@ -100,7 +100,7 @@ import (
 //
 //	security:
 //	- OAuth2 Bearer:
-//		- admin:read
+//		- admin:read:custom_emojis
 //
 //	responses:
 //		'200':
@@ -128,7 +128,7 @@ import (
 func (m *Module) EmojisGETHandler(c *gin.Context) {
 	authed, errWithCode := apiutil.TokenAuth(c,
 		true, true, true, true,
-		apiutil.ScopeAdminRead,
+		apiutil.ScopeAdminReadCustomEmojis,
 	)
 	if errWithCode != nil {
 		apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
diff --git a/internal/api/client/admin/emojiupdate.go b/internal/api/client/admin/emojiupdate.go
index 807f24844..d1576a15d 100644
--- a/internal/api/client/admin/emojiupdate.go
+++ b/internal/api/client/admin/emojiupdate.go
@@ -104,7 +104,7 @@ import (
 //
 //	security:
 //	- OAuth2 Bearer:
-//		- admin:write
+//		- admin:write:custom_emojis
 //
 //	responses:
 //		'200':
@@ -126,7 +126,7 @@ import (
 func (m *Module) EmojiPATCHHandler(c *gin.Context) {
 	authed, errWithCode := apiutil.TokenAuth(c,
 		true, true, true, true,
-		apiutil.ScopeAdminWrite,
+		apiutil.ScopeAdminWriteCustomEmojis,
 	)
 	if errWithCode != nil {
 		apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
diff --git a/internal/api/util/scopes.go b/internal/api/util/scopes.go
index 492fa9dad..13e547286 100644
--- a/internal/api/util/scopes.go
+++ b/internal/api/util/scopes.go
@@ -86,12 +86,14 @@ const (
 	ScopeWriteStatuses          Scope = ScopeWrite + ":" + scopeStatuses
 	ScopeAdminReadAccounts      Scope = ScopeAdminRead + ":" + scopeAccounts
 	ScopeAdminWriteAccounts     Scope = ScopeAdminWrite + ":" + scopeAccounts
-	ScopeAdminReadReports       Scope = ScopeAdminRead + ":" + scopeReports
-	ScopeAdminWriteReports      Scope = ScopeAdminWrite + ":" + scopeReports
+	ScopeAdminReadCustomEmojis  Scope = ScopeAdminRead + ":" + scopeCustomEmojis
+	ScopeAdminWriteCustomEmojis Scope = ScopeAdminWrite + ":" + scopeCustomEmojis
 	ScopeAdminReadDomainAllows  Scope = ScopeAdminRead + ":" + scopeDomainAllows
 	ScopeAdminWriteDomainAllows Scope = ScopeAdminWrite + ":" + scopeDomainAllows
 	ScopeAdminReadDomainBlocks  Scope = ScopeAdminRead + ":" + scopeDomainBlocks
 	ScopeAdminWriteDomainBlocks Scope = ScopeAdminWrite + ":" + scopeDomainBlocks
+	ScopeAdminReadReports       Scope = ScopeAdminRead + ":" + scopeReports
+	ScopeAdminWriteReports      Scope = ScopeAdminWrite + ":" + scopeReports
 )
 
 // Permits returns true if the
-- 
cgit v1.2.3