From 70c23f11a9c9a414c3de729522044a967d1de127 Mon Sep 17 00:00:00 2001
From: Blake Erickson <o.blakeerickson@gmail.com>
Date: Thu, 14 Mar 2024 15:24:54 -0600
Subject: [PATCH] DEV: Add API scopes for post revisions (#26183)

This commit adds API scopes for reading, modifying, and deleting post
revisions.
---
 app/models/api_key_scope.rb                | 14 ++++++++++++++
 config/locales/client.en.yml               |  4 ++++
 spec/requests/admin/api_controller_spec.rb |  7 +++++++
 3 files changed, 25 insertions(+)

diff --git a/app/models/api_key_scope.rb b/app/models/api_key_scope.rb
index 59d2afad428..07772aebd58 100644
--- a/app/models/api_key_scope.rb
+++ b/app/models/api_key_scope.rb
@@ -71,6 +71,20 @@ class ApiKeyScope < ActiveRecord::Base
             actions: %w[posts#latest],
           },
         },
+        revisions: {
+          read: {
+            actions: %w[posts#latest_revision posts#revisions],
+            params: %i[post_id],
+          },
+          modify: {
+            actions: %w[posts#hide_revision posts#show_revision posts#revert],
+            params: %i[post_id],
+          },
+          permanently_delete: {
+            actions: %w[posts#permanently_delete_revisions],
+            params: %i[post_id],
+          },
+        },
         tags: {
           list: {
             actions: %w[tags#index],
diff --git a/config/locales/client.en.yml b/config/locales/client.en.yml
index e52881378dc..f4c5e5313c8 100644
--- a/config/locales/client.en.yml
+++ b/config/locales/client.en.yml
@@ -5063,6 +5063,10 @@ en:
               delete: Delete a post.
               recover: Recover a post.
               list: List latest posts and private posts. RSS is also supported.
+            revisions:
+              read: "Get the latest or a specific revision."
+              modify: "Hide, show, or revert revisions."
+              permanently_delete: "Permanently delete a revision."
             tags:
               list: List tags.
             tag_groups:
diff --git a/spec/requests/admin/api_controller_spec.rb b/spec/requests/admin/api_controller_spec.rb
index 9a1db21764b..35364bebe2f 100644
--- a/spec/requests/admin/api_controller_spec.rb
+++ b/spec/requests/admin/api_controller_spec.rb
@@ -450,6 +450,7 @@ RSpec.describe Admin::ApiController do
           "users",
           "email",
           "posts",
+          "revisions",
           "tags",
           "tag_groups",
           "uploads",
@@ -491,6 +492,12 @@ RSpec.describe Admin::ApiController do
           scopes["posts"].any? { |h| h["urls"].include?("/posts/:post_id/recover (PUT)") },
         ).to be_truthy
 
+        expect(
+          scopes["revisions"].any? do |h|
+            h["urls"].include?("/posts/:post_id/revisions/permanently_delete (DELETE)")
+          end,
+        ).to be_truthy
+
         expect(scopes["users"].find { _1["key"] == "update" }["urls"]).to contain_exactly(
           "/users/:username (PUT)",
           "/users/:username/preferences/badge_title (PUT)",