finn/forgejo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Remove "misc" scope check from public API endpoints (#26134)

Browse source 
Fix #26035
This commit is contained in:
wxiaoguang 2023-07-26 10:53:31 +08:00 committed by GitHub
parent 9ed3700ad2
commit 915cdf8f87
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 33 additions and 63 deletions
Download patch file Download diff file Expand all files Collapse all files

4
routers/api/v1/api.go
View file

@ -751,7 +751,7 @@ func Routes() *web.Route {
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryActivityPub))
}
// Misc (requires 'misc' scope)
// Misc (public accessible)
m.Group("", func() {
m.Get("/version", misc.Version)
m.Get("/signing-key.gpg", misc.SigningKey)
@ -771,7 +771,7 @@ func Routes() *web.Route {
m.Get("/attachment", settings.GetGeneralAttachmentSettings)
m.Get("/repository", settings.GetGeneralRepoSettings)
})
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryMisc))
})
// Notifications (requires 'notifications' scope)
m.Group("/notifications", func() {