aboutsummaryrefslogtreecommitdiff
path: root/app/controllers/api/v1
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/api/v1')
-rw-r--r--app/controllers/api/v1/accounts/credentials_controller.rb4
-rw-r--r--app/controllers/api/v1/accounts/follower_accounts_controller.rb2
-rw-r--r--app/controllers/api/v1/accounts/following_accounts_controller.rb2
-rw-r--r--app/controllers/api/v1/accounts/lists_controller.rb2
-rw-r--r--app/controllers/api/v1/accounts/relationships_controller.rb2
-rw-r--r--app/controllers/api/v1/accounts/search_controller.rb2
-rw-r--r--app/controllers/api/v1/accounts/statuses_controller.rb2
-rw-r--r--app/controllers/api/v1/accounts_controller.rb7
-rw-r--r--app/controllers/api/v1/blocks_controller.rb2
-rw-r--r--app/controllers/api/v1/domain_blocks_controller.rb3
-rw-r--r--app/controllers/api/v1/favourites_controller.rb2
-rw-r--r--app/controllers/api/v1/filters_controller.rb4
-rw-r--r--app/controllers/api/v1/follow_requests_controller.rb3
-rw-r--r--app/controllers/api/v1/follows_controller.rb2
-rw-r--r--app/controllers/api/v1/lists/accounts_controller.rb4
-rw-r--r--app/controllers/api/v1/lists_controller.rb4
-rw-r--r--app/controllers/api/v1/media_controller.rb2
-rw-r--r--app/controllers/api/v1/mutes_controller.rb2
-rw-r--r--app/controllers/api/v1/notifications_controller.rb3
-rw-r--r--app/controllers/api/v1/reports_controller.rb4
-rw-r--r--app/controllers/api/v1/search_controller.rb2
-rw-r--r--app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb7
-rw-r--r--app/controllers/api/v1/statuses/favourites_controller.rb2
-rw-r--r--app/controllers/api/v1/statuses/mutes_controller.rb2
-rw-r--r--app/controllers/api/v1/statuses/pins_controller.rb2
-rw-r--r--app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb7
-rw-r--r--app/controllers/api/v1/statuses/reblogs_controller.rb2
-rw-r--r--app/controllers/api/v1/statuses_controller.rb9
-rw-r--r--app/controllers/api/v1/timelines/direct_controller.rb2
-rw-r--r--app/controllers/api/v1/timelines/home_controller.rb2
-rw-r--r--app/controllers/api/v1/timelines/list_controller.rb2
31 files changed, 44 insertions, 53 deletions
diff --git a/app/controllers/api/v1/accounts/credentials_controller.rb b/app/controllers/api/v1/accounts/credentials_controller.rb
index 2d0737ee4..dcd41b35c 100644
--- a/app/controllers/api/v1/accounts/credentials_controller.rb
+++ b/app/controllers/api/v1/accounts/credentials_controller.rb
@@ -1,8 +1,8 @@
# frozen_string_literal: true
class Api::V1::Accounts::CredentialsController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }, except: [:update]
- before_action -> { doorkeeper_authorize! :write }, only: [:update]
+ before_action -> { doorkeeper_authorize! :read, :'read:accounts' }, except: [:update]
+ before_action -> { doorkeeper_authorize! :write, :'write:accounts' }, only: [:update]
before_action :require_user!
def show
diff --git a/app/controllers/api/v1/accounts/follower_accounts_controller.rb b/app/controllers/api/v1/accounts/follower_accounts_controller.rb
index 4578cf6ca..daa35769e 100644
--- a/app/controllers/api/v1/accounts/follower_accounts_controller.rb
+++ b/app/controllers/api/v1/accounts/follower_accounts_controller.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::Accounts::FollowerAccountsController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }
+ before_action -> { doorkeeper_authorize! :read, :'read:accounts' }
before_action :set_account
after_action :insert_pagination_headers
diff --git a/app/controllers/api/v1/accounts/following_accounts_controller.rb b/app/controllers/api/v1/accounts/following_accounts_controller.rb
index ce2bbda85..6be97b87e 100644
--- a/app/controllers/api/v1/accounts/following_accounts_controller.rb
+++ b/app/controllers/api/v1/accounts/following_accounts_controller.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::Accounts::FollowingAccountsController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }
+ before_action -> { doorkeeper_authorize! :read, :'read:accounts' }
before_action :set_account
after_action :insert_pagination_headers
diff --git a/app/controllers/api/v1/accounts/lists_controller.rb b/app/controllers/api/v1/accounts/lists_controller.rb
index a7ba89ce2..72392453c 100644
--- a/app/controllers/api/v1/accounts/lists_controller.rb
+++ b/app/controllers/api/v1/accounts/lists_controller.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::Accounts::ListsController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }
+ before_action -> { doorkeeper_authorize! :read, :'read:lists' }
before_action :require_user!
before_action :set_account
diff --git a/app/controllers/api/v1/accounts/relationships_controller.rb b/app/controllers/api/v1/accounts/relationships_controller.rb
index 70236d1a8..ab8a0461f 100644
--- a/app/controllers/api/v1/accounts/relationships_controller.rb
+++ b/app/controllers/api/v1/accounts/relationships_controller.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::Accounts::RelationshipsController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }
+ before_action -> { doorkeeper_authorize! :read, :'read:follows' }
before_action :require_user!
respond_to :json
diff --git a/app/controllers/api/v1/accounts/search_controller.rb b/app/controllers/api/v1/accounts/search_controller.rb
index 7649da433..91c9f1547 100644
--- a/app/controllers/api/v1/accounts/search_controller.rb
+++ b/app/controllers/api/v1/accounts/search_controller.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::Accounts::SearchController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }
+ before_action -> { doorkeeper_authorize! :read, :'read:accounts' }
before_action :require_user!
respond_to :json
diff --git a/app/controllers/api/v1/accounts/statuses_controller.rb b/app/controllers/api/v1/accounts/statuses_controller.rb
index c40155cb5..06fa6c762 100644
--- a/app/controllers/api/v1/accounts/statuses_controller.rb
+++ b/app/controllers/api/v1/accounts/statuses_controller.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::Accounts::StatusesController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }
+ before_action -> { doorkeeper_authorize! :read, :'read:statuses' }
before_action :set_account
after_action :insert_pagination_headers
diff --git a/app/controllers/api/v1/accounts_controller.rb b/app/controllers/api/v1/accounts_controller.rb
index b7133ca8e..1d5372a8c 100644
--- a/app/controllers/api/v1/accounts_controller.rb
+++ b/app/controllers/api/v1/accounts_controller.rb
@@ -1,8 +1,11 @@
# frozen_string_literal: true
class Api::V1::AccountsController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }, except: [:follow, :unfollow, :block, :unblock, :mute, :unmute]
- before_action -> { doorkeeper_authorize! :follow }, only: [:follow, :unfollow, :block, :unblock, :mute, :unmute]
+ before_action -> { authorize_if_got_token! :read, :'read:accounts' }, except: [:follow, :unfollow, :block, :unblock, :mute, :unmute]
+ before_action -> { doorkeeper_authorize! :follow, :'write:follows' }, only: [:follow, :unfollow]
+ before_action -> { doorkeeper_authorize! :follow, :'write:mutes' }, only: [:mute, :unmute]
+ before_action -> { doorkeeper_authorize! :follow, :'write:blocks' }, only: [:block, :unblock]
+
before_action :require_user!, except: [:show]
before_action :set_account
before_action :check_account_suspension, only: [:show]
diff --git a/app/controllers/api/v1/blocks_controller.rb b/app/controllers/api/v1/blocks_controller.rb
index a39701340..99c53d59a 100644
--- a/app/controllers/api/v1/blocks_controller.rb
+++ b/app/controllers/api/v1/blocks_controller.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::BlocksController < Api::BaseController
- before_action -> { doorkeeper_authorize! :follow }
+ before_action -> { doorkeeper_authorize! :follow, :'read:blocks' }
before_action :require_user!
after_action :insert_pagination_headers
diff --git a/app/controllers/api/v1/domain_blocks_controller.rb b/app/controllers/api/v1/domain_blocks_controller.rb
index e55d622c3..af9e7a20f 100644
--- a/app/controllers/api/v1/domain_blocks_controller.rb
+++ b/app/controllers/api/v1/domain_blocks_controller.rb
@@ -3,7 +3,8 @@
class Api::V1::DomainBlocksController < Api::BaseController
BLOCK_LIMIT = 100
- before_action -> { doorkeeper_authorize! :follow }
+ before_action -> { doorkeeper_authorize! :follow, :'read:blocks' }, only: :show
+ before_action -> { doorkeeper_authorize! :follow, :'write:blocks' }, except: :show
before_action :require_user!
after_action :insert_pagination_headers, only: :show
diff --git a/app/controllers/api/v1/favourites_controller.rb b/app/controllers/api/v1/favourites_controller.rb
index b4265ed34..ab5204355 100644
--- a/app/controllers/api/v1/favourites_controller.rb
+++ b/app/controllers/api/v1/favourites_controller.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::FavouritesController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }
+ before_action -> { doorkeeper_authorize! :read, :'read:favourites' }
before_action :require_user!
after_action :insert_pagination_headers
diff --git a/app/controllers/api/v1/filters_controller.rb b/app/controllers/api/v1/filters_controller.rb
index c89722b85..02efd323b 100644
--- a/app/controllers/api/v1/filters_controller.rb
+++ b/app/controllers/api/v1/filters_controller.rb
@@ -1,8 +1,8 @@
# frozen_string_literal: true
class Api::V1::FiltersController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }, only: [:index, :show]
- before_action -> { doorkeeper_authorize! :write }, except: [:index, :show]
+ before_action -> { doorkeeper_authorize! :read, :'read:filters' }, only: [:index, :show]
+ before_action -> { doorkeeper_authorize! :write, :'write:filters' }, except: [:index, :show]
before_action :require_user!
before_action :set_filters, only: :index
before_action :set_filter, only: [:show, :update, :destroy]
diff --git a/app/controllers/api/v1/follow_requests_controller.rb b/app/controllers/api/v1/follow_requests_controller.rb
index d5c7c565a..313fe2f81 100644
--- a/app/controllers/api/v1/follow_requests_controller.rb
+++ b/app/controllers/api/v1/follow_requests_controller.rb
@@ -1,7 +1,8 @@
# frozen_string_literal: true
class Api::V1::FollowRequestsController < Api::BaseController
- before_action -> { doorkeeper_authorize! :follow }
+ before_action -> { doorkeeper_authorize! :follow, :'read:follows' }, only: :index
+ before_action -> { doorkeeper_authorize! :follow, :'write:follows' }, except: :index
before_action :require_user!
after_action :insert_pagination_headers, only: :index
diff --git a/app/controllers/api/v1/follows_controller.rb b/app/controllers/api/v1/follows_controller.rb
index 5a2b2f32f..5420c0533 100644
--- a/app/controllers/api/v1/follows_controller.rb
+++ b/app/controllers/api/v1/follows_controller.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::FollowsController < Api::BaseController
- before_action -> { doorkeeper_authorize! :follow }
+ before_action -> { doorkeeper_authorize! :follow, :'write:follows' }
before_action :require_user!
respond_to :json
diff --git a/app/controllers/api/v1/lists/accounts_controller.rb b/app/controllers/api/v1/lists/accounts_controller.rb
index f2bded851..19de56732 100644
--- a/app/controllers/api/v1/lists/accounts_controller.rb
+++ b/app/controllers/api/v1/lists/accounts_controller.rb
@@ -1,8 +1,8 @@
# frozen_string_literal: true
class Api::V1::Lists::AccountsController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }, only: [:show]
- before_action -> { doorkeeper_authorize! :write }, except: [:show]
+ before_action -> { doorkeeper_authorize! :read, :'read:lists' }, only: [:show]
+ before_action -> { doorkeeper_authorize! :write, :'write:lists' }, except: [:show]
before_action :require_user!
before_action :set_list
diff --git a/app/controllers/api/v1/lists_controller.rb b/app/controllers/api/v1/lists_controller.rb
index 180a91d81..b42b8b971 100644
--- a/app/controllers/api/v1/lists_controller.rb
+++ b/app/controllers/api/v1/lists_controller.rb
@@ -1,8 +1,8 @@
# frozen_string_literal: true
class Api::V1::ListsController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }, only: [:index, :show]
- before_action -> { doorkeeper_authorize! :write }, except: [:index, :show]
+ before_action -> { doorkeeper_authorize! :read, :'read:lists' }, only: [:index, :show]
+ before_action -> { doorkeeper_authorize! :write, :'write:lists' }, except: [:index, :show]
before_action :require_user!
before_action :set_list, except: [:index, :create]
diff --git a/app/controllers/api/v1/media_controller.rb b/app/controllers/api/v1/media_controller.rb
index d4e6337e7..aaa93b615 100644
--- a/app/controllers/api/v1/media_controller.rb
+++ b/app/controllers/api/v1/media_controller.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::MediaController < Api::BaseController
- before_action -> { doorkeeper_authorize! :write }
+ before_action -> { doorkeeper_authorize! :write, :'write:media' }
before_action :require_user!
include ObfuscateFilename
diff --git a/app/controllers/api/v1/mutes_controller.rb b/app/controllers/api/v1/mutes_controller.rb
index c457408ba..faa7d16cd 100644
--- a/app/controllers/api/v1/mutes_controller.rb
+++ b/app/controllers/api/v1/mutes_controller.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::MutesController < Api::BaseController
- before_action -> { doorkeeper_authorize! :follow }
+ before_action -> { doorkeeper_authorize! :follow, :'read:mutes' }
before_action :require_user!
after_action :insert_pagination_headers
diff --git a/app/controllers/api/v1/notifications_controller.rb b/app/controllers/api/v1/notifications_controller.rb
index ebbe0b292..593c8f9a9 100644
--- a/app/controllers/api/v1/notifications_controller.rb
+++ b/app/controllers/api/v1/notifications_controller.rb
@@ -1,7 +1,8 @@
# frozen_string_literal: true
class Api::V1::NotificationsController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }
+ before_action -> { doorkeeper_authorize! :read, :'read:notifications' }, except: [:clear, :dismiss]
+ before_action -> { doorkeeper_authorize! :write, :'write:notifications' }, only: [:clear, :dismiss]
before_action :require_user!
after_action :insert_pagination_headers, only: :index
diff --git a/app/controllers/api/v1/reports_controller.rb b/app/controllers/api/v1/reports_controller.rb
index f5095e073..a954101cb 100644
--- a/app/controllers/api/v1/reports_controller.rb
+++ b/app/controllers/api/v1/reports_controller.rb
@@ -1,8 +1,8 @@
# frozen_string_literal: true
class Api::V1::ReportsController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }, except: [:create]
- before_action -> { doorkeeper_authorize! :write }, only: [:create]
+ before_action -> { doorkeeper_authorize! :read, :'read:reports' }, except: [:create]
+ before_action -> { doorkeeper_authorize! :write, :'write:reports' }, only: [:create]
before_action :require_user!
respond_to :json
diff --git a/app/controllers/api/v1/search_controller.rb b/app/controllers/api/v1/search_controller.rb
index 05754d0f2..dc1a37599 100644
--- a/app/controllers/api/v1/search_controller.rb
+++ b/app/controllers/api/v1/search_controller.rb
@@ -5,7 +5,7 @@ class Api::V1::SearchController < Api::BaseController
RESULTS_LIMIT = 5
- before_action -> { doorkeeper_authorize! :read }
+ before_action -> { doorkeeper_authorize! :read, :'read:search' }
before_action :require_user!
respond_to :json
diff --git a/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb b/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb
index 3fe304153..8f4070bc7 100644
--- a/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb
+++ b/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb
@@ -3,7 +3,7 @@
class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController
include Authorization
- before_action :authorize_if_got_token
+ before_action -> { authorize_if_got_token! :read, :'read:accounts' }
before_action :set_status
after_action :insert_pagination_headers
@@ -71,11 +71,6 @@ class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController
raise ActiveRecord::RecordNotFound
end
- def authorize_if_got_token
- request_token = Doorkeeper::OAuth::Token.from_request(request, *Doorkeeper.configuration.access_token_methods)
- doorkeeper_authorize! :read if request_token
- end
-
def pagination_params(core_params)
params.slice(:limit).permit(:limit).merge(core_params)
end
diff --git a/app/controllers/api/v1/statuses/favourites_controller.rb b/app/controllers/api/v1/statuses/favourites_controller.rb
index 35f8a48cd..cceee9060 100644
--- a/app/controllers/api/v1/statuses/favourites_controller.rb
+++ b/app/controllers/api/v1/statuses/favourites_controller.rb
@@ -3,7 +3,7 @@
class Api::V1::Statuses::FavouritesController < Api::BaseController
include Authorization
- before_action -> { doorkeeper_authorize! :write }
+ before_action -> { doorkeeper_authorize! :write, :'write:favourites' }
before_action :require_user!
respond_to :json
diff --git a/app/controllers/api/v1/statuses/mutes_controller.rb b/app/controllers/api/v1/statuses/mutes_controller.rb
index a4bf0acdd..b02469b4f 100644
--- a/app/controllers/api/v1/statuses/mutes_controller.rb
+++ b/app/controllers/api/v1/statuses/mutes_controller.rb
@@ -3,7 +3,7 @@
class Api::V1::Statuses::MutesController < Api::BaseController
include Authorization
- before_action -> { doorkeeper_authorize! :write }
+ before_action -> { doorkeeper_authorize! :write, :'write:mutes' }
before_action :require_user!
before_action :set_status
before_action :set_conversation
diff --git a/app/controllers/api/v1/statuses/pins_controller.rb b/app/controllers/api/v1/statuses/pins_controller.rb
index 54f8be667..4118a8ce4 100644
--- a/app/controllers/api/v1/statuses/pins_controller.rb
+++ b/app/controllers/api/v1/statuses/pins_controller.rb
@@ -3,7 +3,7 @@
class Api::V1::Statuses::PinsController < Api::BaseController
include Authorization
- before_action -> { doorkeeper_authorize! :write }
+ before_action -> { doorkeeper_authorize! :write, :'write:accounts' }
before_action :require_user!
before_action :set_status
diff --git a/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb b/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb
index b065db2c7..93b83ce48 100644
--- a/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb
+++ b/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb
@@ -3,7 +3,7 @@
class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController
include Authorization
- before_action :authorize_if_got_token
+ before_action -> { authorize_if_got_token! :read, :'read:accounts' }
before_action :set_status
after_action :insert_pagination_headers
@@ -68,11 +68,6 @@ class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController
raise ActiveRecord::RecordNotFound
end
- def authorize_if_got_token
- request_token = Doorkeeper::OAuth::Token.from_request(request, *Doorkeeper.configuration.access_token_methods)
- doorkeeper_authorize! :read if request_token
- end
-
def pagination_params(core_params)
params.slice(:limit).permit(:limit).merge(core_params)
end
diff --git a/app/controllers/api/v1/statuses/reblogs_controller.rb b/app/controllers/api/v1/statuses/reblogs_controller.rb
index 634af474f..04847a6b7 100644
--- a/app/controllers/api/v1/statuses/reblogs_controller.rb
+++ b/app/controllers/api/v1/statuses/reblogs_controller.rb
@@ -3,7 +3,7 @@
class Api::V1::Statuses::ReblogsController < Api::BaseController
include Authorization
- before_action -> { doorkeeper_authorize! :write }
+ before_action -> { doorkeeper_authorize! :write, :'write:statuses' }
before_action :require_user!
respond_to :json
diff --git a/app/controllers/api/v1/statuses_controller.rb b/app/controllers/api/v1/statuses_controller.rb
index 289d91045..c6925d462 100644
--- a/app/controllers/api/v1/statuses_controller.rb
+++ b/app/controllers/api/v1/statuses_controller.rb
@@ -3,8 +3,8 @@
class Api::V1::StatusesController < Api::BaseController
include Authorization
- before_action :authorize_if_got_token, except: [:create, :destroy]
- before_action -> { doorkeeper_authorize! :write }, only: [:create, :destroy]
+ before_action -> { authorize_if_got_token! :read, :'read:statuses' }, except: [:create, :destroy]
+ before_action -> { doorkeeper_authorize! :write, :'write:statuses' }, only: [:create, :destroy]
before_action :require_user!, except: [:show, :context, :card]
before_action :set_status, only: [:show, :context, :card]
@@ -84,9 +84,4 @@ class Api::V1::StatusesController < Api::BaseController
def pagination_params(core_params)
params.slice(:limit).permit(:limit).merge(core_params)
end
-
- def authorize_if_got_token
- request_token = Doorkeeper::OAuth::Token.from_request(request, *Doorkeeper.configuration.access_token_methods)
- doorkeeper_authorize! :read if request_token
- end
end
diff --git a/app/controllers/api/v1/timelines/direct_controller.rb b/app/controllers/api/v1/timelines/direct_controller.rb
index ef64078be..d8a76d153 100644
--- a/app/controllers/api/v1/timelines/direct_controller.rb
+++ b/app/controllers/api/v1/timelines/direct_controller.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::Timelines::DirectController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }, only: [:show]
+ before_action -> { doorkeeper_authorize! :read, :'read:statuses' }, only: [:show]
before_action :require_user!, only: [:show]
after_action :insert_pagination_headers, unless: -> { @statuses.empty? }
diff --git a/app/controllers/api/v1/timelines/home_controller.rb b/app/controllers/api/v1/timelines/home_controller.rb
index cde4e8420..4412aaaa3 100644
--- a/app/controllers/api/v1/timelines/home_controller.rb
+++ b/app/controllers/api/v1/timelines/home_controller.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::Timelines::HomeController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }, only: [:show]
+ before_action -> { doorkeeper_authorize! :read, :'read:statuses' }, only: [:show]
before_action :require_user!, only: [:show]
after_action :insert_pagination_headers, unless: -> { @statuses.empty? }
diff --git a/app/controllers/api/v1/timelines/list_controller.rb b/app/controllers/api/v1/timelines/list_controller.rb
index 06d596c08..cfc5f3b5e 100644
--- a/app/controllers/api/v1/timelines/list_controller.rb
+++ b/app/controllers/api/v1/timelines/list_controller.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::Timelines::ListController < Api::BaseController
- before_action -> { doorkeeper_authorize! :read }
+ before_action -> { doorkeeper_authorize! :read, :'read:lists' }
before_action :require_user!
before_action :set_list
before_action :set_statuses
generated by cgit v1.2.3-70-g09d2 (git 2.50.0) at 2025-08-09 13:51:40 +0000