FEATURE: Allow user_status scope for UserApiKey (#19296)

Follow-up to 6357a3ce337bdf59c7a6a0f362897a46ffbd6304 where we allowed a general API key scope for user status GET/PUT/DELETE, this commit allows the same for the UserApiKey system.
2025-04-26 20:44:28 +08:00 · 2022-12-06 08:56:03 +10:00 · 2022-12-06 08:56:03 +10:00 · e6f9504dd6
commit e6f9504dd6
parent 22a55ef0ce
2 changed files with 7 additions and 2 deletions
--- a/app/models/user_api_key_scope.rb
+++ b/app/models/user_api_key_scope.rb
@ -16,7 +16,12 @@ class UserApiKeyScope < ActiveRecord::Base
      RouteMatcher.new(methods: :get, actions: 'session#current'),
      RouteMatcher.new(methods: :get, actions: 'users#topic_tracking_state')
    ],
-    bookmarks_calendar: [ RouteMatcher.new(methods: :get, actions: 'users#bookmarks', formats: :ics, params: %i[username]) ]
+    bookmarks_calendar: [ RouteMatcher.new(methods: :get, actions: 'users#bookmarks', formats: :ics, params: %i[username]) ],
    user_status: [
      RouteMatcher.new(methods: :get, actions: 'user_status#get'),
      RouteMatcher.new(methods: :put, actions: 'user_status#set'),
      RouteMatcher.new(methods: :delete, actions: 'user_status#clear')
    ]
  }
  def self.all_scopes
@ -36,7 +41,6 @@ class UserApiKeyScope < ActiveRecord::Base
  def matchers
    @matchers ||= Array(self.class.all_scopes[name.to_sym])
  end
 end
 # == Schema Information
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@ -1089,6 +1089,7 @@ en:
      write: "Write all"
      one_time_password: "Create a one-time login token"
      bookmarks_calendar: "Read bookmark reminders"
      user_status: "Read and update user status"
    invalid_public_key: "Sorry, the public key is invalid."
    invalid_auth_redirect: "Sorry, this auth_redirect host is not allowed."
    invalid_token: "Missing, invalid or expired token."