cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Disable redactions with write_api scope

Browse source 
Requires write_redactions scope to redact. Previously it was possible to redact with either write_redactions or write_api.
This commit is contained in:
Anton Khorev 2024-09-08 12:31:31 +03:00
parent 1fce0c00f1
commit 8b024f48c1
4 changed files with 13 additions and 52 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/abilities/api_capability.rb
View file

@ -27,7 +27,7 @@ class ApiCapability
if user.moderator?
can [:destroy, :restore], ChangesetComment if scope?(token, :write_api)
can :destroy, Note if scope?(token, :write_notes)
can :redact, [OldNode, OldWay, OldRelation] if user&.terms_agreed? && (scope?(token, :write_api) || scope?(token, :write_redactions))
can :redact, [OldNode, OldWay, OldRelation] if user&.terms_agreed? && scope?(token, :write_redactions)
end
end
end