Allow unauthenticated REST API access to GET /api/v1/accounts/:id/statuses ()

Fix 

The same data is available over the ActivityPub outbox, RSS, and Atom, so
there is little benefit to keeping it limited in this method.
This commit is contained in:
Eugen Rochko 2018-12-20 01:30:43 +01:00 committed by GitHub
parent 8389b496ba
commit 108b2139cd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::Accounts::StatusesController < Api::BaseController
before_action -> { doorkeeper_authorize! :read, :'read:statuses' }
before_action -> { authorize_if_got_token! :read, :'read:statuses' }
before_action :set_account
after_action :insert_pagination_headers