aiden
/
mastodon
mirror of https://github.com/mastodon/mastodon
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
gh-readonly-queue/main/pr-36652-8e4c9cf933dfff4847ba2add6c4f87c79026dea5
renovate/opentelemetry-ruby-(non-major)
gh-readonly-queue/main/pr-36668-cf87da25add5fa9c7771cd5bbcac316d5180b96c
gh-readonly-queue/main/pr-36657-966aaaaf56cd55d311bc5968a1654f6621fbe8df
gh-readonly-queue/main/pr-36699-5b880a20468b47c600d61f3497fe6b4e4edc2440
main
redesign/link-paste-quote-placeholder
renovate/reduxjs-toolkit-2.x-lockfile
renovate/sidekiq-8.x-lockfile
new-coc
fix/quote-post-privacy
renovate/dotenv-17.x
renovate/shoulda-matchers-7.x-lockfile
refactor/media-modal
stable-4.5
renovate/net-http-0.x
dion/implement-css-theme-tokens-as-theme
dion/implement-css-theme-tokens
renovate/aws-sdk-s3-1.x-lockfile
renovate/major-react-monorepo
dion/add-fetch-all-alert-placeholder
fixes/rename-feed-setting-values
renovate/pino-10.x
stable-4.4
renovate/pino-http-11.x
fixes/allow-quote-empty-text
renovate/eslint-plugin-jsdoc-60.x
stable-4.2
stable-4.3
fixes/apply-filters-to-search-results
feat/donation-modal
feature-link-rel-nopreview
revert-context
feat/thunk-conditional-dispatch
refactor/tanstack-router
fixes/httplog-debug
features/extend-quote-edit-notification
refactor/combine-action-bars
backports/4.4-reserved-usernames
refactor/compose-state
dion/fix-duplicated-scroll-context-logic
feature-preview-fep-b2b8
fixes/cancel-follow-request
feature-thread-pagination
fixes/pending-hashtags-count
hacks/mailer-cutoff
features/ruby-vite-name-lookup
feature-avatar-color-extraction
feature-starter-packs
investigations/e2e-failures
dion/add-mutual-info-to-hover-card
feature-quotes-web
fix-accidental-new-tab-on-scroll
stable-4.1
remove-rails-delegate
debug/ghost-followers-synchronization
feature-streaming-profile
fixes/account-note
fixes/recheck-suspensions
feat/fasp_trends
updates/vips
features/split-in-app-notif
refactor/modal-stack
tests/media-description-modal
fixes/out-of-order-private-posts
fixes/thread-resolve-worker-skip_fetching
replace-oj-with-json
refactor-status-content-typescript
fixes/embed-requestAnimationFrame
features/lock-icon-on-hover-card
feature-admin-report-forward
feature-reports-batch-actions
fix-admin-dashboard-slow
fix-future-date-trend
redesign/content-warning-filters-4.3
fixes/filtered-follows
remove/trendable-provider-attribution
activitypub/summary-over-name
build-stable-nightly
fixes/notification-excerpt-paragraph
fixes/mastodon-setup-task-redis
fixes/regexp-timeout-optional
fixes/small-otp-secret-length-4.1
fixes/small-otp-secret-length-4.2
fixes/dashboard-quick-access-overflow
fixes/middle-column-size
fix-context-socialweb-miscellany
fixes/detect-missing-indexes2
cleanup/simplify-css
feature-post-layout
features/media-description-in-embedded-status
design/notifications-grid
fix-lookup-domain
flaky-conversations-test
fixes/crash-orphaned-notification
fixes/report-links
features/filtered-dismiss-accept-all
feat/clean-up-notifications
fixes/everyone-role-n+1
redesign/notification-request
experimental/notification-groups-api-shape
spike/resolve-urls-on-click
cleanup/drop-atomuri
fixes/dismissing-notification-requests-dismisses-too-much
revert-system-check
feature-redirect
fix-unusable-hashtag
tests/flaky-tests-performance-logs
feature-grouped-notifications-ui
fix-mute-buttons
features/local-preview-cards-2nd-take
fix-conversations-background
revert-severed-relationships-feature
features/local-preview-cards
stable-3.5
stable-4.0
stable-3.4
releases/v3.5.17
releases/v4.1.13
releases/v4.2.5
version/v4.3.0-alpha.1
fix/build-env
feature-color-scheme
revert/follow-back-mutual
gh-readonly-queue/main/pr-28626-1ad908e0c08c236389967d86b4f238f428de9fef
fixes/per-user-authorized-fetch
fixes/import-many-follows-overlap
fix-web-thread-sort
test-new-container-build
fixes/24px-icons
features/registration-invite-api
fixes/service-worker-caching
fixes/account-refresh-link-verification
feature-like
tests/introduce-error
fixes/lint-fix
fixes/object-has-own-polyfill
fixes/audio-passthrough
fixes/audit-log-external-confirmation
features/banners
refactor/search-query-parser
remove-profile-directory
redesign/notification-settings
feature-separate-hashtags
fixes/self-destruct-throttle
fixes/subdomain-block-4.1.6
redesign/hashtag-column-follow-button
feature-trend-highlights
revert-23460-fixes/activitypub-hashtag
pg15
prevent-unauthenticated-access-tag-timeline
support-rich-oembed
fix-caniuselite-lockfile
track_unsalvageable_errors
add-publish-button-text-site-setting
nolan/button-a11y
i18n/manage-translations
deps/shakapacker
rubocop-fixes
react18
stable-3.3
stable-3.2
stable-3.1
stable-3.0
stable-2.9
stable-2.8
stable-2.7
stable-2.5
stable-2.6
stable-2.4
v0.1.2
v0.1.1
v0.1.0
v0.6
v0.7
v0.8
v0.9
v0.9.9
v1.0
v1.1
v1.1.1
v1.1.2
v1.2
v1.2.1
v1.2.2
v1.3
v1.3.1
v1.3.2
v1.3.3
v1.4.1
v1.4.2
v1.4.3
v1.4.4
v1.4.5
v1.4.6
v1.4.7
v1.4rc1
v1.4rc2
v1.4rc3
v1.4rc4
v1.4rc5
v1.4rc6
v1.5.0
v1.5.0rc1
v1.5.0rc2
v1.5.0rc3
v1.5.1
v1.6.0
v1.6.0rc1
v1.6.0rc2
v1.6.0rc3
v1.6.0rc4
v1.6.0rc5
v1.6.1
v2.0.0
v2.0.0rc1
v2.0.0rc2
v2.0.0rc3
v2.0.0rc4
v2.1.0
v2.1.0rc1
v2.1.0rc2
v2.1.0rc3
v2.1.0rc4
v2.1.0rc5
v2.1.0rc6
v2.1.1
v2.1.2
v2.1.3
v2.2.0
v2.2.0rc1
v2.2.0rc2
v2.3.0
v2.3.0rc1
v2.3.0rc2
v2.3.0rc3
v2.3.1
v2.3.1rc1
v2.3.1rc2
v2.3.1rc3
v2.3.2
v2.3.2rc1
v2.3.2rc2
v2.3.2rc3
v2.3.2rc4
v2.3.2rc5
v2.3.3
v2.4.0
v2.4.0rc1
v2.4.0rc2
v2.4.0rc3
v2.4.0rc4
v2.4.0rc5
v2.4.1
v2.4.1rc1
v2.4.1rc2
v2.4.1rc3
v2.4.1rc4
v2.4.2
v2.4.2rc1
v2.4.2rc2
v2.4.2rc3
v2.4.3
v2.4.3rc1
v2.4.3rc2
v2.4.3rc3
v2.4.4
v2.4.5
v2.5.0
v2.5.0rc1
v2.5.0rc2
v2.5.1
v2.5.2
v2.6.0
v2.6.0rc1
v2.6.0rc2
v2.6.0rc3
v2.6.0rc4
v2.6.1
v2.6.2
v2.6.3
v2.6.4
v2.6.5
v2.7.0
v2.7.0rc1
v2.7.0rc2
v2.7.0rc3
v2.7.1
v2.7.2
v2.7.3
v2.7.4
v2.8.0
v2.8.0rc1
v2.8.0rc2
v2.8.0rc3
v2.8.1
v2.8.2
v2.8.3
v2.8.4
v2.9.0
v2.9.0rc1
v2.9.0rc2
v2.9.1
v2.9.2
v2.9.3
v2.9.4
v3.0.0
v3.0.0rc1
v3.0.0rc2
v3.0.0rc3
v3.0.1
v3.0.2
v3.1.0
v3.1.0rc1
v3.1.0rc2
v3.1.1
v3.1.2
v3.1.3
v3.1.4
v3.1.5
v3.2.0
v3.2.0rc1
v3.2.0rc2
v3.2.1
v3.2.2
v3.3.0
v3.3.0rc1
v3.3.0rc2
v3.3.0rc3
v3.3.1
v3.3.2
v3.3.3
v3.4.0
v3.4.0rc1
v3.4.0rc2
v3.4.1
v3.4.10
v3.4.2
v3.4.3
v3.4.4
v3.4.5
v3.4.6
v3.4.7
v3.4.8
v3.4.9
v3.5.0
v3.5.0rc1
v3.5.0rc2
v3.5.0rc3
v3.5.1
v3.5.10
v3.5.11
v3.5.12
v3.5.13
v3.5.14
v3.5.15
v3.5.16
v3.5.17
v3.5.18
v3.5.19
v3.5.2
v3.5.3
v3.5.4
v3.5.5
v3.5.6
v3.5.7
v3.5.8
v3.5.9
v4.0.0
v4.0.0rc1
v4.0.0rc2
v4.0.0rc3
v4.0.0rc4
v4.0.1
v4.0.10
v4.0.11
v4.0.12
v4.0.13
v4.0.14
v4.0.15
v4.0.2
v4.0.3
v4.0.4
v4.0.5
v4.0.6
v4.0.7
v4.0.8
v4.0.9
v4.1.0
v4.1.0rc1
v4.1.0rc2
v4.1.0rc3
v4.1.1
v4.1.10
v4.1.11
v4.1.12
v4.1.13
v4.1.14
v4.1.15
v4.1.16
v4.1.17
v4.1.18
v4.1.19
v4.1.2
v4.1.20
v4.1.21
v4.1.22
v4.1.23
v4.1.24
v4.1.25
v4.1.3
v4.1.4
v4.1.5
v4.1.6
v4.1.7
v4.1.8
v4.1.9
v4.2.0
v4.2.0-beta1
v4.2.0-beta2
v4.2.0-beta3
v4.2.0-rc1
v4.2.0-rc2
v4.2.1
v4.2.10
v4.2.11
v4.2.12
v4.2.13
v4.2.14
v4.2.15
v4.2.16
v4.2.17
v4.2.18
v4.2.19
v4.2.2
v4.2.20
v4.2.21
v4.2.22
v4.2.23
v4.2.24
v4.2.25
v4.2.26
v4.2.27
v4.2.3
v4.2.4
v4.2.5
v4.2.6
v4.2.7
v4.2.8
v4.2.9
v4.3.0
v4.3.0-beta.1
v4.3.0-beta.2
v4.3.0-rc.1
v4.3.1
v4.3.10
v4.3.11
v4.3.12
v4.3.13
v4.3.14
v4.3.2
v4.3.3
v4.3.4
v4.3.5
v4.3.6
v4.3.7
v4.3.8
v4.3.9
v4.4.0
v4.4.0-beta.1
v4.4.0-beta.2
v4.4.0-rc.1
v4.4.1
v4.4.2
v4.4.3
v4.4.4
v4.4.5
v4.4.6
v4.4.7
v4.4.8
v4.5.0-beta.1
v4.5.0-beta.2
v4.5.0-rc.1
v4.5.0-rc.2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6e4c1e172b'
${ noResults }
mastodon/spec/requests/disabled_oauth_endpoints_sp...

84 lines
2.1 KiB
Ruby
Raw Normal View History Unescape Escape

Disable administrative doorkeeper routes (#29187)
2 years ago
# frozen_string_literal: true
require 'rails_helper'
describe 'Disabled OAuth routes' do
# These routes are disabled via the doorkeeper configuration for
# `admin_authenticator`, as these routes should only be accessible by server
# administrators. For now, these routes are not properly designed and
# integrated into Mastodon, so we're disabling them completely
describe 'GET /oauth/applications' do
it 'returns 403 forbidden' do
get oauth_applications_path
expect(response).to have_http_status(403)
end
end
describe 'POST /oauth/applications' do
it 'returns 403 forbidden' do
post oauth_applications_path
expect(response).to have_http_status(403)
end
end
describe 'GET /oauth/applications/new' do
it 'returns 403 forbidden' do
get new_oauth_application_path
expect(response).to have_http_status(403)
end
end
describe 'GET /oauth/applications/:id' do
let(:application) { Fabricate(:application, scopes: 'read') }
it 'returns 403 forbidden' do
get oauth_application_path(application)
expect(response).to have_http_status(403)
end
end
describe 'PATCH /oauth/applications/:id' do
let(:application) { Fabricate(:application, scopes: 'read') }
it 'returns 403 forbidden' do
patch oauth_application_path(application)
expect(response).to have_http_status(403)
end
end
describe 'PUT /oauth/applications/:id' do
let(:application) { Fabricate(:application, scopes: 'read') }
it 'returns 403 forbidden' do
put oauth_application_path(application)
expect(response).to have_http_status(403)
end
end
describe 'DELETE /oauth/applications/:id' do
let(:application) { Fabricate(:application, scopes: 'read') }
it 'returns 403 forbidden' do
delete oauth_application_path(application)
expect(response).to have_http_status(403)
end
end
describe 'GET /oauth/applications/:id/edit' do
let(:application) { Fabricate(:application, scopes: 'read') }
it 'returns 403 forbidden' do
get edit_oauth_application_path(application)
expect(response).to have_http_status(403)
end
end
end