]> git.openstreetmap.org Git - rails.git/blobdiff - app/controllers/api_controller.rb
projects / rails.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Pass scopes instead of token to ApiAbility
[rails.git] / app / controllers / api_controller.rb
diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb
index 27f262d00341aa8cabfcf7e5d54e6c11f0541c95..86924d55d0e5a3a64cec9c385ab292604679d200 100644 (file)
--- a/app/controllers/api_controller.rb
+++ b/app/controllers/api_controller.rb
@@ -66,9 +66,10 @@ class ApiController < ApplicationController
     # Use capabilities from the oauth token if it exists and is a valid access token
     if doorkeeper_token&.accessible?
       user = User.find(doorkeeper_token.resource_owner_id)
-      ApiAbility.new(user, doorkeeper_token)
+      scopes = Set.new doorkeeper_token.scopes
+      ApiAbility.new(user, scopes)
     else
-      ApiAbility.new(nil, nil)
+      ApiAbility.new(nil, Set.new)
     end
   end
 
The OpenStreetMap web site