From e6f9504dd607c0687c60812ae02adaaaaf5bb07a Mon Sep 17 00:00:00 2001 From: Martin Brennan Date: Tue, 6 Dec 2022 08:56:03 +1000 Subject: [PATCH] FEATURE: Allow user_status scope for UserApiKey (#19296) Follow-up to 6357a3ce337bdf59c7a6a0f362897a46ffbd6304 where we allowed a general API key scope for user status GET/PUT/DELETE, this commit allows the same for the UserApiKey system. --- app/models/user_api_key_scope.rb | 8 ++++++-- config/locales/server.en.yml | 1 + 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/app/models/user_api_key_scope.rb b/app/models/user_api_key_scope.rb index 6b54d3ca65c..d2f0c408a36 100644 --- a/app/models/user_api_key_scope.rb +++ b/app/models/user_api_key_scope.rb @@ -16,7 +16,12 @@ class UserApiKeyScope < ActiveRecord::Base RouteMatcher.new(methods: :get, actions: 'session#current'), RouteMatcher.new(methods: :get, actions: 'users#topic_tracking_state') ], - bookmarks_calendar: [ RouteMatcher.new(methods: :get, actions: 'users#bookmarks', formats: :ics, params: %i[username]) ] + bookmarks_calendar: [ RouteMatcher.new(methods: :get, actions: 'users#bookmarks', formats: :ics, params: %i[username]) ], + user_status: [ + RouteMatcher.new(methods: :get, actions: 'user_status#get'), + RouteMatcher.new(methods: :put, actions: 'user_status#set'), + RouteMatcher.new(methods: :delete, actions: 'user_status#clear') + ] } def self.all_scopes @@ -36,7 +41,6 @@ class UserApiKeyScope < ActiveRecord::Base def matchers @matchers ||= Array(self.class.all_scopes[name.to_sym]) end - end # == Schema Information diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml index f87e4ee5eef..b57fb47134d 100644 --- a/config/locales/server.en.yml +++ b/config/locales/server.en.yml @@ -1089,6 +1089,7 @@ en: write: "Write all" one_time_password: "Create a one-time login token" bookmarks_calendar: "Read bookmark reminders" + user_status: "Read and update user status" invalid_public_key: "Sorry, the public key is invalid." invalid_auth_redirect: "Sorry, this auth_redirect host is not allowed." invalid_token: "Missing, invalid or expired token."