X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/ae00fa84c8f981e909c61ab31b6115bb96e859cc..c4eda60e388c9d47d813ca2d5e84ee8380a283f2:/app/controllers/api_controller.rb diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb index 17c98fe8b..23f35a40e 100644 --- a/app/controllers/api_controller.rb +++ b/app/controllers/api_controller.rb @@ -65,9 +65,9 @@ class ApiController < ApplicationController def current_ability # Use capabilities from the oauth token if it exists and is a valid access token if doorkeeper_token&.accessible? - ApiAbility.new(nil).merge(ApiCapability.new(doorkeeper_token)) + ApiAbility.new(doorkeeper_token) else - ApiAbility.new(current_user) + ApiAbility.new(nil) end end @@ -170,4 +170,10 @@ class ApiController < ApplicationController raise OSM::APIRateLimitExceeded if new_changes > max_changes end + + def scope_enabled?(scope) + doorkeeper_token&.includes_scope?(scope) + end + + helper_method :scope_enabled? end