Allow unauthenticated REST API access to GET /api/v1/accounts/:id/statuses (#9573)

Fix #7087

The same data is available over the ActivityPub outbox, RSS, and Atom, so
there is little benefit to keeping it limited in this method.
master
Eugen Rochko 6 years ago committed by GitHub
parent 8389b496ba
commit 108b2139cd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 2
      app/controllers/api/v1/accounts/statuses_controller.rb

@ -1,7 +1,7 @@
# frozen_string_literal: true # frozen_string_literal: true
class Api::V1::Accounts::StatusesController < Api::BaseController class Api::V1::Accounts::StatusesController < Api::BaseController
before_action -> { doorkeeper_authorize! :read, :'read:statuses' } before_action -> { authorize_if_got_token! :read, :'read:statuses' }
before_action :set_account before_action :set_account
after_action :insert_pagination_headers after_action :insert_pagination_headers

Loading…
Cancel
Save