mirrors/gotosocial
1
0
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial.git synced 2025-10-30 18:12:26 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

[feature] Enforce OAuth token scopes (#3835)

Browse source 
* move tokenauth to apiutil

* enforce scopes

* docs

* update test models, remove deprecated "follow"

* file header

* tests

* tweak scope matcher

* simplify...

* fix tests

* log user out of settings panel in case of oauth error
This commit is contained in:
tobi 2025-02-26 13:04:55 +01:00 committed by GitHub
commit eb720241da
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
213 changed files with 1762 additions and 1082 deletions
Download patch file Download diff file Expand all files Collapse all files

2
internal/api/client/admin/reportsget_test.go
View file

@ -1149,7 +1149,7 @@ func (suite *ReportsGetTestSuite) TestReportsGetNotAdmin() {
testToken := suite.testTokens["local_account_1"]
testUser := suite.testUsers["local_account_1"]
reports, _, err := suite.getReports(testAccount, testToken, testUser, http.StatusForbidden, `{"error":"Forbidden: user 01F8MGVGPHQ2D3P3X0454H54Z5 not an admin"}`, nil, "", "", "", "", "", 20)
reports, _, err := suite.getReports(testAccount, testToken, testUser, http.StatusForbidden, `{"error":"Forbidden: token has insufficient scope permission"}`, nil, "", "", "", "", "", 20)
suite.NoError(err)
suite.Empty(reports)
}