mirror of
https://github.com/superseriousbusiness/gotosocial
synced 2025-06-05 21:59:39 +02:00
[feature] Enforce OAuth token scopes (#3835)
* move tokenauth to apiutil * enforce scopes * docs * update test models, remove deprecated "follow" * file header * tests * tweak scope matcher * simplify... * fix tests * log user out of settings panel in case of oauth error
This commit is contained in:
@ -32,32 +32,44 @@
|
||||
// tokenUrl: https://example.org/oauth/token
|
||||
// scopes:
|
||||
// read: grants read access to everything
|
||||
// read:accounts: grants read access to accounts
|
||||
// read:blocks: grant read access to blocks
|
||||
// read:custom_emojis: grant read access to custom_emojis
|
||||
// read:favourites: grant read access to favourites
|
||||
// read:filters: grant read access to filters
|
||||
// read:follows: grant read access to follows
|
||||
// read:lists: grant read access to lists
|
||||
// read:media: grant read access to media
|
||||
// read:mutes: grant read access to mutes
|
||||
// read:search: grant read access to searches
|
||||
// read:statuses: grants read access to statuses
|
||||
// read:streaming: grants read access to streaming api
|
||||
// read:user: grants read access to user-level info
|
||||
// read:notifications: grants read access to notifications
|
||||
// write: grants write access to everything
|
||||
// push: grants read/write access to push
|
||||
// profile: grants read access to verify_credentials
|
||||
// read:accounts: grants read access to accounts
|
||||
// write:accounts: grants write access to accounts
|
||||
// read:blocks: grants read access to blocks
|
||||
// write:blocks: grants write access to blocks
|
||||
// read:bookmarks: grants read access to bookmarks
|
||||
// write:bookmarks: grants write access to bookmarks
|
||||
// write:conversations: grants write access to conversations
|
||||
// read:favourites: grants read access to accounts
|
||||
// write:favourites: grants write access to favourites
|
||||
// read:filters: grants read access to filters
|
||||
// write:filters: grants write access to filters
|
||||
// read:follows: grants read access to follows
|
||||
// write:follows: grants write access to follows
|
||||
// read:lists: grants read access to lists
|
||||
// write:lists: grants write access to lists
|
||||
// write:media: grants write access to media
|
||||
// read:mutes: grants read access to mutes
|
||||
// write:mutes: grants write access to mutes
|
||||
// read:notifications: grants read access to notifications
|
||||
// write:notifications: grants write access to notifications
|
||||
// write:reports: grants write access to reports
|
||||
// read:search: grants read access to search
|
||||
// read:statuses: grants read access to statuses
|
||||
// write:statuses: grants write access to statuses
|
||||
// write:user: grants write access to user-level info
|
||||
// admin: grants admin access to everything
|
||||
// admin:accounts: grants admin access to accounts
|
||||
// admin:read: grants admin read access to everything
|
||||
// admin:write: grants admin write access to everything
|
||||
// admin:read:accounts: grants admin read access to accounts
|
||||
// admin:write:accounts: grants write read access to accounts
|
||||
// admin:read:reports: grants admin read access to reports
|
||||
// admin:write:reports: grants admin write access to reports
|
||||
// admin:read:domain_allows: grants admin read access to domain_allows
|
||||
// admin:write:domain_allows: grants admin write access to domain_allows
|
||||
// admin:read:domain_blocks: grants admin read access to domain_blocks
|
||||
// admin:write:domain_blocks: grants write read access to domain_blocks
|
||||
// OAuth2 Application:
|
||||
// type: oauth2
|
||||
// flow: application
|
||||
|
Reference in New Issue
Block a user