add: grant scopes for all community endpoints

crates/app/src/routes/api/v1/communities/posts.rs

@@ -8,6 +8,7 @@ use axum_extra::extract::CookieJar;
 use tetratto_core::model::{
     addr::RemoteAddr,
     communities::{Poll, PollVote, Post},
+    oauth,
     permissions::FinePermission,
     uploads::{MediaType, MediaUpload},
     ApiReturn, Error,
@@ -32,7 +33,7 @@ pub async fn create_request(
     JsonMultipart(images, req): JsonMultipart<CreatePost>,
 ) -> impl IntoResponse {
     let data = &(data.read().await).0;
-    let user = match get_user_from_token!(jar, data) {
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserCreatePosts) {
         Some(ua) => ua,
         None => return Json(Error::NotAllowed.into()),
     };
@@ -188,7 +189,7 @@ pub async fn create_repost_request(
     Json(req): Json<CreateRepost>,
 ) -> impl IntoResponse {
     let data = &(data.read().await).0;
-    let user = match get_user_from_token!(jar, data) {
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserCreatePosts) {
         Some(ua) => ua,
         None => return Json(Error::NotAllowed.into()),
     };
@@ -220,7 +221,7 @@ pub async fn delete_request(
     Path(id): Path<usize>,
 ) -> impl IntoResponse {
     let data = &(data.read().await).0;
-    let user = match get_user_from_token!(jar, data) {
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserDeletePosts) {
         Some(ua) => ua,
         None => return Json(Error::NotAllowed.into()),
     };
@@ -241,7 +242,7 @@ pub async fn purge_request(
     Path(id): Path<usize>,
 ) -> impl IntoResponse {
     let data = &(data.read().await).0;
-    let user = match get_user_from_token!(jar, data) {
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::ModPurgePosts) {
         Some(ua) => ua,
         None => return Json(Error::NotAllowed.into()),
     };
@@ -266,7 +267,7 @@ pub async fn restore_request(
     Path(id): Path<usize>,
 ) -> impl IntoResponse {
     let data = &(data.read().await).0;
-    let user = match get_user_from_token!(jar, data) {
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::ModDeletePosts) {
         Some(ua) => ua,
         None => return Json(Error::NotAllowed.into()),
     };
@@ -292,7 +293,7 @@ pub async fn update_content_request(
     Json(req): Json<UpdatePostContent>,
 ) -> impl IntoResponse {
     let data = &(data.read().await).0;
-    let user = match get_user_from_token!(jar, data) {
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserEditPosts) {
         Some(ua) => ua,
         None => return Json(Error::NotAllowed.into()),
     };
@@ -314,7 +315,7 @@ pub async fn update_context_request(
     Json(req): Json<UpdatePostContext>,
 ) -> impl IntoResponse {
     let data = &(data.read().await).0;
-    let user = match get_user_from_token!(jar, data) {
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserEditPosts) {
         Some(ua) => ua,
         None => return Json(Error::NotAllowed.into()),
     };
@@ -346,7 +347,7 @@ pub async fn vote_request(
     Json(req): Json<VoteInPoll>,
 ) -> impl IntoResponse {
     let data = &(data.read().await).0;
-    let user = match get_user_from_token!(jar, data) {
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserVote) {
         Some(ua) => ua,
         None => return Json(Error::NotAllowed.into()),
     };
@@ -394,7 +395,7 @@ pub async fn update_is_open_request(
     Json(req): Json<UpdatePostIsOpen>,
 ) -> impl IntoResponse {
     let data = &(data.read().await).0;
-    let user = match get_user_from_token!(jar, data) {
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserEditPosts) {
         Some(ua) => ua,
         None => return Json(Error::NotAllowed.into()),
     };