diff --git a/src/Module/Api/Mastodon/Apps.php b/src/Module/Api/Mastodon/Apps.php index 30ea29ac30..582232642a 100644 --- a/src/Module/Api/Mastodon/Apps.php +++ b/src/Module/Api/Mastodon/Apps.php @@ -26,12 +26,17 @@ use Friendica\Database\DBA; use Friendica\DI; use Friendica\Module\BaseApi; use Friendica\Util\Network; +use Psr\Http\Message\ResponseInterface; /** * Apps class to register new OAuth clients */ class Apps extends BaseApi { + public function run(array $request = [], bool $scopecheck = true): ResponseInterface + { + return parent::run($request, false); + } /** * @throws \Friendica\Network\HTTPException\InternalServerErrorException */ diff --git a/src/Module/BaseApi.php b/src/Module/BaseApi.php index 233edeec8a..61f83130dd 100644 --- a/src/Module/BaseApi.php +++ b/src/Module/BaseApi.php @@ -79,19 +79,21 @@ class BaseApi extends BaseModule * * @throws HTTPException\ForbiddenException */ - public function run(array $request = []): ResponseInterface + public function run(array $request = [], bool $scopecheck = true): ResponseInterface { - switch ($this->server['REQUEST_METHOD'] ?? Router::GET) { - case Router::DELETE: - case Router::PATCH: - case Router::POST: - case Router::PUT: - self::checkAllowedScope(self::SCOPE_WRITE); - - if (!self::getCurrentUserID()) { - throw new HTTPException\ForbiddenException($this->t('Permission denied.')); - } - break; + if ($scopecheck) { + switch ($this->server['REQUEST_METHOD'] ?? Router::GET) { + case Router::DELETE: + case Router::PATCH: + case Router::POST: + case Router::PUT: + self::checkAllowedScope(self::SCOPE_WRITE); + + if (!self::getCurrentUserID()) { + throw new HTTPException\ForbiddenException($this->t('Permission denied.')); + } + break; + } } return parent::run($request);