From 2d358c9df2752669b591678acfd804745527f09a Mon Sep 17 00:00:00 2001
From: Anton Khorev <tony29@yandex.ru>
Date: Wed, 17 Jan 2024 02:57:08 +0300
Subject: [PATCH 1/1] Remove unnecessary api abilities

---
 app/abilities/api_ability.rb | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

diff --git a/app/abilities/api_ability.rb b/app/abilities/api_ability.rb
index 4876380d0..0eae46f82 100644
--- a/app/abilities/api_ability.rb
+++ b/app/abilities/api_ability.rb
@@ -5,7 +5,6 @@ class ApiAbility
 
   def initialize(user)
     can :show, :capability
-    can :index, :change
     can :index, :map
     can :show, :permission
     can :show, :version
@@ -22,17 +21,9 @@ class ApiAbility
       can [:history, :version], OldWay
       can [:history, :version], OldRelation
       can [:show], UserBlock
-    end
-
-    if user&.active?
-      can :welcome, :site
-      can [:revoke, :authorize], :oauth
 
-      if Settings.status != "database_offline"
-        can [:index, :new, :create, :show, :edit, :update, :destroy], ClientApplication
-        can [:new, :create, :reply, :show, :inbox, :outbox, :mark, :destroy], Message
+      if user&.active?
         can [:comment, :close, :reopen], Note
-        can [:new, :create], Report
         can [:create, :show, :update, :destroy, :data], Trace
         can [:details, :gpx_files], User
         can [:index, :show, :update, :update_all, :destroy], UserPreference
-- 
2.39.5