add: grant scopes for all community endpoints

crates/app/src/routes/api/v1/communities/emojis.rs

@@ -9,6 +9,7 @@ use crate::{
 use axum::{body::Body, extract::Path, response::IntoResponse, Extension, Json};
 use axum_extra::extract::CookieJar;
 use tetratto_core::model::{
+    oauth,
     uploads::{CustomEmoji, MediaType, MediaUpload},
     ApiReturn, Error,
 };
@@ -88,7 +89,7 @@ pub async fn create_request(
     img: Image,
 ) -> impl IntoResponse {
     let data = &(data.read().await).0;
-    let user = match get_user_from_token!(jar, data) {
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityCreateEmojis) {
         Some(ua) => ua,
         None => return Json(Error::NotAllowed.into()),
     };
@@ -174,7 +175,7 @@ pub async fn update_name_request(
     Json(req): Json<UpdateEmojiName>,
 ) -> impl IntoResponse {
     let data = &(data.read().await).0;
-    let user = match get_user_from_token!(jar, data) {
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityManageEmojis) {
         Some(ua) => ua,
         None => return Json(Error::NotAllowed.into()),
     };
@@ -195,7 +196,7 @@ pub async fn delete_request(
     Path(id): Path<usize>,
 ) -> impl IntoResponse {
     let data = &(data.read().await).0;
-    let user = match get_user_from_token!(jar, data) {
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityManageEmojis) {
         Some(ua) => ua,
         None => return Json(Error::NotAllowed.into()),
     };
@@ -215,7 +216,7 @@ pub async fn get_my_request(
     Extension(data): Extension<State>,
 ) -> impl IntoResponse {
     let data = &(data.read().await).0;
-    let user = match get_user_from_token!(jar, data) {
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadEmojis) {
         Some(ua) => ua,
         None => return Json(Error::NotAllowed.into()),
     };