domi/forgejo-domi
1
0
Fork 0
forked from forgejo/forgejo
Code Pull requests Activity

[GITEA] do not enforce misc scope tokens for public API endpoints

Browse source 
(cherry picked from commit e353d1c4b7)
This commit is contained in:
Loïc Dachary 2023-07-23 21:52:33 +02:00
parent f255e50903
commit 666f43fb64
No known key found for this signature in database
GPG key ID: 992D23B392F9E4F2
3 changed files with 13 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

3
routers/api/v1/api.go
View file

@ -757,7 +757,6 @@ func Routes(ctx gocontext.Context) *web.Route {
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryActivityPub))
}
// Misc (requires 'misc' scope)
m.Group("", func() {
m.Get("/version", misc.Version)
m.Get("/signing-key.gpg", misc.SigningKey)
@ -777,7 +776,7 @@ func Routes(ctx gocontext.Context) *web.Route {
m.Get("/attachment", settings.GetGeneralAttachmentSettings)
m.Get("/repository", settings.GetGeneralRepoSettings)
})
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryMisc))
})
// Notifications (requires 'notifications' scope)
m.Group("/notifications", func() {