Browse Source

Add auth documentation

Chocobozzz 2 years ago
parent
commit
94ff4c2335
No account linked to committer's email address

+ 2
- 0
server/controllers/api/users.ts View File

@@ -88,6 +88,8 @@ usersRouter.get('/',
88 88
 )
89 89
 
90 90
 usersRouter.get('/:id',
91
+  authenticate,
92
+  ensureUserHasRight(UserRight.MANAGE_USERS),
91 93
   asyncMiddleware(usersGetValidator),
92 94
   getUser
93 95
 )

+ 20
- 0
server/tests/api/check-params/users.ts View File

@@ -308,6 +308,26 @@ describe('Test users API validators', function () {
308 308
     })
309 309
   })
310 310
 
311
+  describe('When getting a user', function () {
312
+    before(async function () {
313
+      const res = await getUsersList(server.url, server.accessToken)
314
+
315
+      userId = res.body.data[1].id
316
+    })
317
+
318
+    it('Should fail with an non authenticated user', async function () {
319
+      await makeGetRequest({ url: server.url, path: path + userId, token: 'super token', statusCodeExpected: 401 })
320
+    })
321
+
322
+    it('Should fail with a non admin user', async function () {
323
+      await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 403 })
324
+    })
325
+
326
+    it('Should succeed with the correct params', async function () {
327
+      await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: 200 })
328
+    })
329
+  })
330
+
311 331
   describe('When updating a user', function () {
312 332
 
313 333
     before(async function () {

+ 676
- 0
support/doc/api/html/index.html View File

@@ -19,6 +19,7 @@
19 19
         <nav id="nav" role="navigation">
20 20
           <h5>Topics</h5>
21 21
           <a href="#introduction">Introduction</a>
22
+          <a href="#authentication">Authentication</a>
22 23
           <h5>Operations</h5>
23 24
           <section>
24 25
             <a href="#tag-Accounts">Accounts</a>
@@ -279,6 +280,43 @@
279 280
               </div>
280 281
             </div>
281 282
           </div>
283
+          <!-- <h1 id="security" data-traverse-target="security">Security</h1> -->
284
+          <h1 id="authentication" data-traverse-target="authentication">Authentication</h1>
285
+          <div id="security-definition-OAuth2" class="panel">
286
+            <div class="doc-row">
287
+              <div class="doc-copy">
288
+                <h3 class="security-definition-title">
289
+                  <span class="security-name">OAuth2</span>
290
+                  <span class="swagger-security-definition-oauth2"></span>
291
+                </h3>
292
+                <section class="security-definition-description">
293
+                  <p>In the header:
294
+                    <em>Authorization: Bearer mytoken</em>
295
+                  </p>
296
+                </section>
297
+                <section class="swagger-security-definition-properties">
298
+                  <div class="prop-row security-definition-property">
299
+                    <div class="prop-name">
300
+                      <div class="prop-title security-definition-property-name">type</div>
301
+                    </div>
302
+                    <div class="prop-value security-definition-property-type"> oauth2 </div>
303
+                  </div>
304
+                  <div class="prop-row security-definition-property">
305
+                    <div class="prop-name">
306
+                      <div class="prop-title security-definition-property-name">flow</div>
307
+                    </div>
308
+                    <div class="prop-value security-definition-property-type"> password </div>
309
+                  </div>
310
+                  <div class="prop-row security-definition-property">
311
+                    <div class="prop-name">
312
+                      <div class="prop-title security-definition-property-name">tokenUrl</div>
313
+                    </div>
314
+                    <div class="prop-value security-definition-property-type"> https://peertube.example.com/api/v1/users/token </div>
315
+                  </div>
316
+                </section>
317
+              </div>
318
+            </div>
319
+          </div>
282 320
           <h1 id="tag-Accounts" class="swagger-summary-tag" data-traverse-target="tag-Accounts">Accounts</h1>
283 321
           <div id="operation--accounts--id--get" class="operation panel" data-traverse-target="operation--accounts--id--get">
284 322
             <!-- <section class="operation-tags row"> -->
@@ -697,6 +735,28 @@
697 735
                 </section>
698 736
               </div>
699 737
             </div>
738
+            <div class="doc-row">
739
+              <div class="doc-copy">
740
+                <section class="swagger-request-security">
741
+                  <table class="table">
742
+                    <thead>
743
+                      <tr>
744
+                        <th class="swagger-request-security-schema"></th>
745
+                        <th class="swagger-request-security-scopes"></th>
746
+                      </tr>
747
+                    </thead>
748
+                    <tbody>
749
+                      <tr>
750
+                        <td>
751
+                          <a href="#security-definition-OAuth2">OAuth2</a>
752
+                        </td>
753
+                        <td> </td>
754
+                      </tr>
755
+                    </tbody>
756
+                  </table>
757
+                </section>
758
+              </div>
759
+            </div>
700 760
           </div>
701 761
           <h1 id="tag-ServerFollowing" class="swagger-summary-tag" data-traverse-target="tag-ServerFollowing">ServerFollowing</h1>
702 762
           <div id="operation--server-following--host--delete" class="operation panel" data-traverse-target="operation--server-following--host--delete">
@@ -754,6 +814,28 @@
754 814
                 </h5>
755 815
               </div>
756 816
             </div>
817
+            <div class="doc-row">
818
+              <div class="doc-copy">
819
+                <section class="swagger-request-security">
820
+                  <table class="table">
821
+                    <thead>
822
+                      <tr>
823
+                        <th class="swagger-request-security-schema"></th>
824
+                        <th class="swagger-request-security-scopes"></th>
825
+                      </tr>
826
+                    </thead>
827
+                    <tbody>
828
+                      <tr>
829
+                        <td>
830
+                          <a href="#security-definition-OAuth2">OAuth2</a>
831
+                        </td>
832
+                        <td> </td>
833
+                      </tr>
834
+                    </tbody>
835
+                  </table>
836
+                </section>
837
+              </div>
838
+            </div>
757 839
           </div>
758 840
           <div id="operation--server-followers-get" class="operation panel" data-traverse-target="operation--server-followers-get">
759 841
             <!-- <section class="operation-tags row"> -->
@@ -1150,6 +1232,28 @@
1150 1232
                 </h5>
1151 1233
               </div>
1152 1234
             </div>
1235
+            <div class="doc-row">
1236
+              <div class="doc-copy">
1237
+                <section class="swagger-request-security">
1238
+                  <table class="table">
1239
+                    <thead>
1240
+                      <tr>
1241
+                        <th class="swagger-request-security-schema"></th>
1242
+                        <th class="swagger-request-security-scopes"></th>
1243
+                      </tr>
1244
+                    </thead>
1245
+                    <tbody>
1246
+                      <tr>
1247
+                        <td>
1248
+                          <a href="#security-definition-OAuth2">OAuth2</a>
1249
+                        </td>
1250
+                        <td> </td>
1251
+                      </tr>
1252
+                    </tbody>
1253
+                  </table>
1254
+                </section>
1255
+              </div>
1256
+            </div>
1153 1257
           </div>
1154 1258
           <h1 id="tag-User" class="swagger-summary-tag" data-traverse-target="tag-User">User</h1>
1155 1259
           <div id="operation--users-post" class="operation panel" data-traverse-target="operation--users-post">
@@ -1240,6 +1344,28 @@
1240 1344
                 </section>
1241 1345
               </div>
1242 1346
             </div>
1347
+            <div class="doc-row">
1348
+              <div class="doc-copy">
1349
+                <section class="swagger-request-security">
1350
+                  <table class="table">
1351
+                    <thead>
1352
+                      <tr>
1353
+                        <th class="swagger-request-security-schema"></th>
1354
+                        <th class="swagger-request-security-scopes"></th>
1355
+                      </tr>
1356
+                    </thead>
1357
+                    <tbody>
1358
+                      <tr>
1359
+                        <td>
1360
+                          <a href="#security-definition-OAuth2">OAuth2</a>
1361
+                        </td>
1362
+                        <td> </td>
1363
+                      </tr>
1364
+                    </tbody>
1365
+                  </table>
1366
+                </section>
1367
+              </div>
1368
+            </div>
1243 1369
           </div>
1244 1370
           <div id="operation--users-get" class="operation panel" data-traverse-target="operation--users-get">
1245 1371
             <!-- <section class="operation-tags row"> -->
@@ -1429,6 +1555,28 @@
1429 1555
                 </section>
1430 1556
               </div>
1431 1557
             </div>
1558
+            <div class="doc-row">
1559
+              <div class="doc-copy">
1560
+                <section class="swagger-request-security">
1561
+                  <table class="table">
1562
+                    <thead>
1563
+                      <tr>
1564
+                        <th class="swagger-request-security-schema"></th>
1565
+                        <th class="swagger-request-security-scopes"></th>
1566
+                      </tr>
1567
+                    </thead>
1568
+                    <tbody>
1569
+                      <tr>
1570
+                        <td>
1571
+                          <a href="#security-definition-OAuth2">OAuth2</a>
1572
+                        </td>
1573
+                        <td> </td>
1574
+                      </tr>
1575
+                    </tbody>
1576
+                  </table>
1577
+                </section>
1578
+              </div>
1579
+            </div>
1432 1580
           </div>
1433 1581
           <div id="operation--users--id--delete" class="operation panel" data-traverse-target="operation--users--id--delete">
1434 1582
             <!-- <section class="operation-tags row"> -->
@@ -1485,6 +1633,28 @@
1485 1633
                 </h5>
1486 1634
               </div>
1487 1635
             </div>
1636
+            <div class="doc-row">
1637
+              <div class="doc-copy">
1638
+                <section class="swagger-request-security">
1639
+                  <table class="table">
1640
+                    <thead>
1641
+                      <tr>
1642
+                        <th class="swagger-request-security-schema"></th>
1643
+                        <th class="swagger-request-security-scopes"></th>
1644
+                      </tr>
1645
+                    </thead>
1646
+                    <tbody>
1647
+                      <tr>
1648
+                        <td>
1649
+                          <a href="#security-definition-OAuth2">OAuth2</a>
1650
+                        </td>
1651
+                        <td> </td>
1652
+                      </tr>
1653
+                    </tbody>
1654
+                  </table>
1655
+                </section>
1656
+              </div>
1657
+            </div>
1488 1658
           </div>
1489 1659
           <div id="operation--users--id--get" class="operation panel" data-traverse-target="operation--users--id--get">
1490 1660
             <!-- <section class="operation-tags row"> -->
@@ -1636,6 +1806,28 @@
1636 1806
                 </section>
1637 1807
               </div>
1638 1808
             </div>
1809
+            <div class="doc-row">
1810
+              <div class="doc-copy">
1811
+                <section class="swagger-request-security">
1812
+                  <table class="table">
1813
+                    <thead>
1814
+                      <tr>
1815
+                        <th class="swagger-request-security-schema"></th>
1816
+                        <th class="swagger-request-security-scopes"></th>
1817
+                      </tr>
1818
+                    </thead>
1819
+                    <tbody>
1820
+                      <tr>
1821
+                        <td>
1822
+                          <a href="#security-definition-OAuth2">OAuth2</a>
1823
+                        </td>
1824
+                        <td> </td>
1825
+                      </tr>
1826
+                    </tbody>
1827
+                  </table>
1828
+                </section>
1829
+              </div>
1830
+            </div>
1639 1831
           </div>
1640 1832
           <div id="operation--users--id--put" class="operation panel" data-traverse-target="operation--users--id--put">
1641 1833
             <!-- <section class="operation-tags row"> -->
@@ -1723,6 +1915,28 @@
1723 1915
                 </h5>
1724 1916
               </div>
1725 1917
             </div>
1918
+            <div class="doc-row">
1919
+              <div class="doc-copy">
1920
+                <section class="swagger-request-security">
1921
+                  <table class="table">
1922
+                    <thead>
1923
+                      <tr>
1924
+                        <th class="swagger-request-security-schema"></th>
1925
+                        <th class="swagger-request-security-scopes"></th>
1926
+                      </tr>
1927
+                    </thead>
1928
+                    <tbody>
1929
+                      <tr>
1930
+                        <td>
1931
+                          <a href="#security-definition-OAuth2">OAuth2</a>
1932
+                        </td>
1933
+                        <td> </td>
1934
+                      </tr>
1935
+                    </tbody>
1936
+                  </table>
1937
+                </section>
1938
+              </div>
1939
+            </div>
1726 1940
           </div>
1727 1941
           <div id="operation--users-me-get" class="operation panel" data-traverse-target="operation--users-me-get">
1728 1942
             <!-- <section class="operation-tags row"> -->
@@ -1870,6 +2084,28 @@
1870 2084
                 </section>
1871 2085
               </div>
1872 2086
             </div>
2087
+            <div class="doc-row">
2088
+              <div class="doc-copy">
2089
+                <section class="swagger-request-security">
2090
+                  <table class="table">
2091
+                    <thead>
2092
+                      <tr>
2093
+                        <th class="swagger-request-security-schema"></th>
2094
+                        <th class="swagger-request-security-scopes"></th>
2095
+                      </tr>
2096
+                    </thead>
2097
+                    <tbody>
2098
+                      <tr>
2099
+                        <td>
2100
+                          <a href="#security-definition-OAuth2">OAuth2</a>
2101
+                        </td>
2102
+                        <td> </td>
2103
+                      </tr>
2104
+                    </tbody>
2105
+                  </table>
2106
+                </section>
2107
+              </div>
2108
+            </div>
1873 2109
           </div>
1874 2110
           <div id="operation--users-me-put" class="operation panel" data-traverse-target="operation--users-me-put">
1875 2111
             <!-- <section class="operation-tags row"> -->
@@ -1941,6 +2177,28 @@
1941 2177
                 </h5>
1942 2178
               </div>
1943 2179
             </div>
2180
+            <div class="doc-row">
2181
+              <div class="doc-copy">
2182
+                <section class="swagger-request-security">
2183
+                  <table class="table">
2184
+                    <thead>
2185
+                      <tr>
2186
+                        <th class="swagger-request-security-schema"></th>
2187
+                        <th class="swagger-request-security-scopes"></th>
2188
+                      </tr>
2189
+                    </thead>
2190
+                    <tbody>
2191
+                      <tr>
2192
+                        <td>
2193
+                          <a href="#security-definition-OAuth2">OAuth2</a>
2194
+                        </td>
2195
+                        <td> </td>
2196
+                      </tr>
2197
+                    </tbody>
2198
+                  </table>
2199
+                </section>
2200
+              </div>
2201
+            </div>
1944 2202
           </div>
1945 2203
           <div id="operation--users-me-video-quota-used-get" class="operation panel" data-traverse-target="operation--users-me-video-quota-used-get">
1946 2204
             <!-- <section class="operation-tags row"> -->
@@ -1997,6 +2255,28 @@
1997 2255
                 </section>
1998 2256
               </div>
1999 2257
             </div>
2258
+            <div class="doc-row">
2259
+              <div class="doc-copy">
2260
+                <section class="swagger-request-security">
2261
+                  <table class="table">
2262
+                    <thead>
2263
+                      <tr>
2264
+                        <th class="swagger-request-security-schema"></th>
2265
+                        <th class="swagger-request-security-scopes"></th>
2266
+                      </tr>
2267
+                    </thead>
2268
+                    <tbody>
2269
+                      <tr>
2270
+                        <td>
2271
+                          <a href="#security-definition-OAuth2">OAuth2</a>
2272
+                        </td>
2273
+                        <td> </td>
2274
+                      </tr>
2275
+                    </tbody>
2276
+                  </table>
2277
+                </section>
2278
+              </div>
2279
+            </div>
2000 2280
           </div>
2001 2281
           <div id="operation--users-me-videos--videoId--rating-get" class="operation panel" data-traverse-target="operation--users-me-videos--videoId--rating-get">
2002 2282
             <!-- <section class="operation-tags row"> -->
@@ -2070,6 +2350,28 @@
2070 2350
                 </section>
2071 2351
               </div>
2072 2352
             </div>
2353
+            <div class="doc-row">
2354
+              <div class="doc-copy">
2355
+                <section class="swagger-request-security">
2356
+                  <table class="table">
2357
+                    <thead>
2358
+                      <tr>
2359
+                        <th class="swagger-request-security-schema"></th>
2360
+                        <th class="swagger-request-security-scopes"></th>
2361
+                      </tr>
2362
+                    </thead>
2363
+                    <tbody>
2364
+                      <tr>
2365
+                        <td>
2366
+                          <a href="#security-definition-OAuth2">OAuth2</a>
2367
+                        </td>
2368
+                        <td> </td>
2369
+                      </tr>
2370
+                    </tbody>
2371
+                  </table>
2372
+                </section>
2373
+              </div>
2374
+            </div>
2073 2375
           </div>
2074 2376
           <div id="operation--users-me-videos-get" class="operation panel" data-traverse-target="operation--users-me-videos-get">
2075 2377
             <!-- <section class="operation-tags row"> -->
@@ -2219,6 +2521,28 @@
2219 2521
                 </section>
2220 2522
               </div>
2221 2523
             </div>
2524
+            <div class="doc-row">
2525
+              <div class="doc-copy">
2526
+                <section class="swagger-request-security">
2527
+                  <table class="table">
2528
+                    <thead>
2529
+                      <tr>
2530
+                        <th class="swagger-request-security-schema"></th>
2531
+                        <th class="swagger-request-security-scopes"></th>
2532
+                      </tr>
2533
+                    </thead>
2534
+                    <tbody>
2535
+                      <tr>
2536
+                        <td>
2537
+                          <a href="#security-definition-OAuth2">OAuth2</a>
2538
+                        </td>
2539
+                        <td> </td>
2540
+                      </tr>
2541
+                    </tbody>
2542
+                  </table>
2543
+                </section>
2544
+              </div>
2545
+            </div>
2222 2546
           </div>
2223 2547
           <div id="operation--users-register-post" class="operation panel" data-traverse-target="operation--users-register-post">
2224 2548
             <!-- <section class="operation-tags row"> -->
@@ -2362,6 +2686,28 @@
2362 2686
                 </section>
2363 2687
               </div>
2364 2688
             </div>
2689
+            <div class="doc-row">
2690
+              <div class="doc-copy">
2691
+                <section class="swagger-request-security">
2692
+                  <table class="table">
2693
+                    <thead>
2694
+                      <tr>
2695
+                        <th class="swagger-request-security-schema"></th>
2696
+                        <th class="swagger-request-security-scopes"></th>
2697
+                      </tr>
2698
+                    </thead>
2699
+                    <tbody>
2700
+                      <tr>
2701
+                        <td>
2702
+                          <a href="#security-definition-OAuth2">OAuth2</a>
2703
+                        </td>
2704
+                        <td> </td>
2705
+                      </tr>
2706
+                    </tbody>
2707
+                  </table>
2708
+                </section>
2709
+              </div>
2710
+            </div>
2365 2711
           </div>
2366 2712
           <h1 id="tag-Video" class="swagger-summary-tag" data-traverse-target="tag-Video">Video</h1>
2367 2713
           <div id="operation--videos-get" class="operation panel" data-traverse-target="operation--videos-get">
@@ -3164,6 +3510,28 @@
3164 3510
                 </section>
3165 3511
               </div>
3166 3512
             </div>
3513
+            <div class="doc-row">
3514
+              <div class="doc-copy">
3515
+                <section class="swagger-request-security">
3516
+                  <table class="table">
3517
+                    <thead>
3518
+                      <tr>
3519
+                        <th class="swagger-request-security-schema"></th>
3520
+                        <th class="swagger-request-security-scopes"></th>
3521
+                      </tr>
3522
+                    </thead>
3523
+                    <tbody>
3524
+                      <tr>
3525
+                        <td>
3526
+                          <a href="#security-definition-OAuth2">OAuth2</a>
3527
+                        </td>
3528
+                        <td> </td>
3529
+                      </tr>
3530
+                    </tbody>
3531
+                  </table>
3532
+                </section>
3533
+              </div>
3534
+            </div>
3167 3535
           </div>
3168 3536
           <div id="operation--videos--id--get" class="operation panel" data-traverse-target="operation--videos--id--get">
3169 3537
             <!-- <section class="operation-tags row"> -->
@@ -3331,6 +3699,28 @@
3331 3699
                 </h5>
3332 3700
               </div>
3333 3701
             </div>
3702
+            <div class="doc-row">
3703
+              <div class="doc-copy">
3704
+                <section class="swagger-request-security">
3705
+                  <table class="table">
3706
+                    <thead>
3707
+                      <tr>
3708
+                        <th class="swagger-request-security-schema"></th>
3709
+                        <th class="swagger-request-security-scopes"></th>
3710
+                      </tr>
3711
+                    </thead>
3712
+                    <tbody>
3713
+                      <tr>
3714
+                        <td>
3715
+                          <a href="#security-definition-OAuth2">OAuth2</a>
3716
+                        </td>
3717
+                        <td> </td>
3718
+                      </tr>
3719
+                    </tbody>
3720
+                  </table>
3721
+                </section>
3722
+              </div>
3723
+            </div>
3334 3724
           </div>
3335 3725
           <div id="operation--videos--id--description-get" class="operation panel" data-traverse-target="operation--videos--id--description-get">
3336 3726
             <!-- <section class="operation-tags row"> -->
@@ -3715,6 +4105,28 @@
3715 4105
                 </section>
3716 4106
               </div>
3717 4107
             </div>
4108
+            <div class="doc-row">
4109
+              <div class="doc-copy">
4110
+                <section class="swagger-request-security">
4111
+                  <table class="table">
4112
+                    <thead>
4113
+                      <tr>
4114
+                        <th class="swagger-request-security-schema"></th>
4115
+                        <th class="swagger-request-security-scopes"></th>
4116
+                      </tr>
4117
+                    </thead>
4118
+                    <tbody>
4119
+                      <tr>
4120
+                        <td>
4121
+                          <a href="#security-definition-OAuth2">OAuth2</a>
4122
+                        </td>
4123
+                        <td> </td>
4124
+                      </tr>
4125
+                    </tbody>
4126
+                  </table>
4127
+                </section>
4128
+              </div>
4129
+            </div>
3718 4130
           </div>
3719 4131
           <h1 id="tag-VideoAbuse" class="swagger-summary-tag" data-traverse-target="tag-VideoAbuse">VideoAbuse</h1>
3720 4132
           <div id="operation--videos-abuse-get" class="operation panel" data-traverse-target="operation--videos-abuse-get">
@@ -3851,6 +4263,28 @@
3851 4263
                 </section>
3852 4264
               </div>
3853 4265
             </div>
4266
+            <div class="doc-row">
4267
+              <div class="doc-copy">
4268
+                <section class="swagger-request-security">
4269
+                  <table class="table">
4270
+                    <thead>
4271
+                      <tr>
4272
+                        <th class="swagger-request-security-schema"></th>
4273
+                        <th class="swagger-request-security-scopes"></th>
4274
+                      </tr>
4275
+                    </thead>
4276
+                    <tbody>
4277
+                      <tr>
4278
+                        <td>
4279
+                          <a href="#security-definition-OAuth2">OAuth2</a>
4280
+                        </td>
4281
+                        <td> </td>
4282
+                      </tr>
4283
+                    </tbody>
4284
+                  </table>
4285
+                </section>
4286
+              </div>
4287
+            </div>
3854 4288
           </div>
3855 4289
           <div id="operation--videos--id--abuse-post" class="operation panel" data-traverse-target="operation--videos--id--abuse-post">
3856 4290
             <!-- <section class="operation-tags row"> -->
@@ -3907,6 +4341,28 @@
3907 4341
                 </h5>
3908 4342
               </div>
3909 4343
             </div>
4344
+            <div class="doc-row">
4345
+              <div class="doc-copy">
4346
+                <section class="swagger-request-security">
4347
+                  <table class="table">
4348
+                    <thead>
4349
+                      <tr>
4350
+                        <th class="swagger-request-security-schema"></th>
4351
+                        <th class="swagger-request-security-scopes"></th>
4352
+                      </tr>
4353
+                    </thead>
4354
+                    <tbody>
4355
+                      <tr>
4356
+                        <td>
4357
+                          <a href="#security-definition-OAuth2">OAuth2</a>
4358
+                        </td>
4359
+                        <td> </td>
4360
+                      </tr>
4361
+                    </tbody>
4362
+                  </table>
4363
+                </section>
4364
+              </div>
4365
+            </div>
3910 4366
           </div>
3911 4367
           <h1 id="tag-VideoBlacklist" class="swagger-summary-tag" data-traverse-target="tag-VideoBlacklist">VideoBlacklist</h1>
3912 4368
           <div id="operation--videos--videoId--blacklist-post" class="operation panel" data-traverse-target="operation--videos--videoId--blacklist-post">
@@ -3964,6 +4420,28 @@
3964 4420
                 </h5>
3965 4421
               </div>
3966 4422
             </div>
4423
+            <div class="doc-row">
4424
+              <div class="doc-copy">
4425
+                <section class="swagger-request-security">
4426
+                  <table class="table">
4427
+                    <thead>
4428
+                      <tr>
4429
+                        <th class="swagger-request-security-schema"></th>
4430
+                        <th class="swagger-request-security-scopes"></th>
4431
+                      </tr>
4432
+                    </thead>
4433
+                    <tbody>
4434
+                      <tr>
4435
+                        <td>
4436
+                          <a href="#security-definition-OAuth2">OAuth2</a>
4437
+                        </td>
4438
+                        <td> </td>
4439
+                      </tr>
4440
+                    </tbody>
4441
+                  </table>
4442
+                </section>
4443
+              </div>
4444
+            </div>
3967 4445
           </div>
3968 4446
           <div id="operation--videos--videoId--blacklist-delete" class="operation panel" data-traverse-target="operation--videos--videoId--blacklist-delete">
3969 4447
             <!-- <section class="operation-tags row"> -->
@@ -4020,6 +4498,28 @@
4020 4498
                 </h5>
4021 4499
               </div>
4022 4500
             </div>
4501
+            <div class="doc-row">
4502
+              <div class="doc-copy">
4503
+                <section class="swagger-request-security">
4504
+                  <table class="table">
4505
+                    <thead>
4506
+                      <tr>
4507
+                        <th class="swagger-request-security-schema"></th>
4508
+                        <th class="swagger-request-security-scopes"></th>
4509
+                      </tr>
4510
+                    </thead>
4511
+                    <tbody>
4512
+                      <tr>
4513
+                        <td>
4514
+                          <a href="#security-definition-OAuth2">OAuth2</a>
4515
+                        </td>
4516
+                        <td> </td>
4517
+                      </tr>
4518
+                    </tbody>
4519
+                  </table>
4520
+                </section>
4521
+              </div>
4522
+            </div>
4023 4523
           </div>
4024 4524
           <div id="operation--videos-blacklist-get" class="operation panel" data-traverse-target="operation--videos-blacklist-get">
4025 4525
             <!-- <section class="operation-tags row"> -->
@@ -4141,6 +4641,28 @@
4141 4641
                 </section>
4142 4642
               </div>
4143 4643
             </div>
4644
+            <div class="doc-row">
4645
+              <div class="doc-copy">
4646
+                <section class="swagger-request-security">
4647
+                  <table class="table">
4648
+                    <thead>
4649
+                      <tr>
4650
+                        <th class="swagger-request-security-schema"></th>
4651
+                        <th class="swagger-request-security-scopes"></th>
4652
+                      </tr>
4653
+                    </thead>
4654
+                    <tbody>
4655
+                      <tr>
4656
+                        <td>
4657
+                          <a href="#security-definition-OAuth2">OAuth2</a>
4658
+                        </td>
4659
+                        <td> </td>
4660
+                      </tr>
4661
+                    </tbody>
4662
+                  </table>
4663
+                </section>
4664
+              </div>
4665
+            </div>
4144 4666
           </div>
4145 4667
           <h1 id="tag-VideoChannel" class="swagger-summary-tag" data-traverse-target="tag-VideoChannel">VideoChannel</h1>
4146 4668
           <div id="operation--videos-channels-get" class="operation panel" data-traverse-target="operation--videos-channels-get">
@@ -4371,6 +4893,28 @@
4371 4893
                 </h5>
4372 4894
               </div>
4373 4895
             </div>
4896
+            <div class="doc-row">
4897
+              <div class="doc-copy">
4898
+                <section class="swagger-request-security">
4899
+                  <table class="table">
4900
+                    <thead>
4901
+                      <tr>
4902
+                        <th class="swagger-request-security-schema"></th>
4903
+                        <th class="swagger-request-security-scopes"></th>
4904
+                      </tr>
4905
+                    </thead>
4906
+                    <tbody>
4907
+                      <tr>
4908
+                        <td>
4909
+                          <a href="#security-definition-OAuth2">OAuth2</a>
4910
+                        </td>
4911
+                        <td> </td>
4912
+                      </tr>
4913
+                    </tbody>
4914
+                  </table>
4915
+                </section>
4916
+              </div>
4917
+            </div>
4374 4918
           </div>
4375 4919
           <div id="operation--videos-channels--id--get" class="operation panel" data-traverse-target="operation--videos-channels--id--get">
4376 4920
             <!-- <section class="operation-tags row"> -->
@@ -4578,6 +5122,28 @@
4578 5122
                 </h5>
4579 5123
               </div>
4580 5124
             </div>
5125
+            <div class="doc-row">
5126
+              <div class="doc-copy">
5127
+                <section class="swagger-request-security">
5128
+                  <table class="table">
5129
+                    <thead>
5130
+                      <tr>
5131
+                        <th class="swagger-request-security-schema"></th>
5132
+                        <th class="swagger-request-security-scopes"></th>
5133
+                      </tr>
5134
+                    </thead>
5135
+                    <tbody>
5136
+                      <tr>
5137
+                        <td>
5138
+                          <a href="#security-definition-OAuth2">OAuth2</a>
5139
+                        </td>
5140
+                        <td> </td>
5141
+                      </tr>
5142
+                    </tbody>
5143
+                  </table>
5144
+                </section>
5145
+              </div>
5146
+            </div>
4581 5147
           </div>
4582 5148
           <div id="operation--videos-channels--id--delete" class="operation panel" data-traverse-target="operation--videos-channels--id--delete">
4583 5149
             <!-- <section class="operation-tags row"> -->
@@ -4634,6 +5200,28 @@
4634 5200
                 </h5>
4635 5201
               </div>
4636 5202
             </div>
5203
+            <div class="doc-row">
5204
+              <div class="doc-copy">
5205
+                <section class="swagger-request-security">
5206
+                  <table class="table">
5207
+                    <thead>
5208
+                      <tr>
5209
+                        <th class="swagger-request-security-schema"></th>
5210
+                        <th class="swagger-request-security-scopes"></th>
5211
+                      </tr>
5212
+                    </thead>
5213
+                    <tbody>
5214
+                      <tr>
5215
+                        <td>
5216
+                          <a href="#security-definition-OAuth2">OAuth2</a>
5217
+                        </td>
5218
+                        <td> </td>
5219
+                      </tr>
5220
+                    </tbody>
5221
+                  </table>
5222
+                </section>
5223
+              </div>
5224
+            </div>
4637 5225
           </div>
4638 5226
           <div id="operation--videos-accounts--accountId--channels-get" class="operation panel" data-traverse-target="operation--videos-accounts--accountId--channels-get">
4639 5227
             <!-- <section class="operation-tags row"> -->
@@ -5010,6 +5598,28 @@
5010 5598
                 </section>
5011 5599
               </div>
5012 5600
             </div>
5601
+            <div class="doc-row">
5602
+              <div class="doc-copy">
5603
+                <section class="swagger-request-security">
5604
+                  <table class="table">
5605
+                    <thead>
5606
+                      <tr>
5607
+                        <th class="swagger-request-security-schema"></th>
5608
+                        <th class="swagger-request-security-scopes"></th>
5609
+                      </tr>
5610
+                    </thead>
5611
+                    <tbody>
5612
+                      <tr>
5613
+                        <td>
5614
+                          <a href="#security-definition-OAuth2">OAuth2</a>
5615
+                        </td>
5616
+                        <td> </td>
5617
+                      </tr>
5618
+                    </tbody>
5619
+                  </table>
5620
+                </section>
5621
+              </div>
5622
+            </div>
5013 5623
           </div>
5014 5624
           <div id="operation--videos--videoId--comment-threads--threadId--get" class="operation panel" data-traverse-target="operation--videos--videoId--comment-threads--threadId--get">
5015 5625
             <!-- <section class="operation-tags row"> -->
@@ -5299,6 +5909,28 @@
5299 5909
                 </section>
5300 5910
               </div>
5301 5911
             </div>
5912
+            <div class="doc-row">
5913
+              <div class="doc-copy">
5914
+                <section class="swagger-request-security">
5915
+                  <table class="table">
5916
+                    <thead>
5917
+                      <tr>
5918
+                        <th class="swagger-request-security-schema"></th>
5919
+                        <th class="swagger-request-security-scopes"></th>
5920
+                      </tr>
5921
+                    </thead>
5922
+                    <tbody>
5923
+                      <tr>
5924
+                        <td>
5925
+                          <a href="#security-definition-OAuth2">OAuth2</a>
5926
+                        </td>
5927
+                        <td> </td>
5928
+                      </tr>
5929
+                    </tbody>
5930
+                  </table>
5931
+                </section>
5932
+              </div>
5933
+            </div>
5302 5934
           </div>
5303 5935
           <div id="operation--videos--videoId--comments--commentId--delete" class="operation panel" data-traverse-target="operation--videos--videoId--comments--commentId--delete">
5304 5936
             <!-- <section class="operation-tags row"> -->
@@ -5369,6 +6001,28 @@
5369 6001
                 </h5>
5370 6002
               </div>
5371 6003
             </div>
6004
+            <div class="doc-row">
6005
+              <div class="doc-copy">
6006
+                <section class="swagger-request-security">
6007
+                  <table class="table">
6008
+                    <thead>
6009
+                      <tr>
6010
+                        <th class="swagger-request-security-schema"></th>
6011
+                        <th class="swagger-request-security-scopes"></th>
6012
+                      </tr>
6013
+                    </thead>
6014
+                    <tbody>
6015
+                      <tr>
6016
+                        <td>
6017
+                          <a href="#security-definition-OAuth2">OAuth2</a>
6018
+                        </td>
6019
+                        <td> </td>
6020
+                      </tr>
6021
+                    </tbody>
6022
+                  </table>
6023
+                </section>
6024
+              </div>
6025
+            </div>
5372 6026
           </div>
5373 6027
           <h1 id="tag-VideoRate" class="swagger-summary-tag" data-traverse-target="tag-VideoRate">VideoRate</h1>
5374 6028
           <div id="operation--videos--id--rate-put" class="operation panel" data-traverse-target="operation--videos--id--rate-put">
@@ -5426,6 +6080,28 @@
5426 6080
                 </h5>
5427 6081
               </div>
5428 6082
             </div>
6083
+            <div class="doc-row">
6084
+              <div class="doc-copy">
6085
+                <section class="swagger-request-security">
6086
+                  <table class="table">
6087
+                    <thead>
6088
+                      <tr>
6089
+                        <th class="swagger-request-security-schema"></th>
6090
+                        <th class="swagger-request-security-scopes"></th>
6091
+                      </tr>
6092
+                    </thead>
6093
+                    <tbody>
6094
+                      <tr>
6095
+                        <td>
6096
+                          <a href="#security-definition-OAuth2">OAuth2</a>
6097
+                        </td>
6098
+                        <td> </td>
6099
+                      </tr>
6100
+                    </tbody>
6101
+                  </table>
6102
+                </section>
6103
+              </div>
6104
+            </div>
5429 6105
           </div>
5430 6106
           <h1>Schema Definitions</h1>
5431 6107
           <div id="definition-VideoConstant" class="definition panel" data-traverse-target="definition-VideoConstant">

+ 11
- 4
support/doc/api/html/stylesheets/foundation.css View File

@@ -2213,7 +2213,9 @@ table {
2213 2213
   width: 100%;
2214 2214
   margin-bottom: 1rem;
2215 2215
   border-radius: 0; }
2216
-  thead, tbody, tfoot {
2216
+  thead,
2217
+  tbody,
2218
+  tfoot {
2217 2219
     border: 1px solid #f1f1f1;
2218 2220
     background-color: #fefefe; }
2219 2221
   caption {
@@ -2225,13 +2227,18 @@ table {
2225 2227
   tfoot {
2226 2228
     background: #f1f1f1;
2227 2229
     color: #23241f; }
2228
-  thead tr, tfoot tr {
2230
+  thead tr,
2231
+  tfoot tr {
2229 2232
     background: transparent; }
2230
-  thead th, thead td, tfoot th, tfoot td {
2233
+  thead th,
2234
+  thead td,
2235
+  tfoot th,
2236
+  tfoot td {
2231 2237
     padding: 0.5263157895rem 0.6578947368rem 0.6578947368rem;
2232 2238
     font-weight: bold;
2233 2239
     text-align: left; }
2234
-  tbody th, tbody td {
2240
+  tbody th,
2241
+  tbody td {
2235 2242
     padding: 0.5263157895rem 0.6578947368rem 0.6578947368rem; }
2236 2243
   tbody tr:nth-child(even) {
2237 2244
     border-bottom: 0;

+ 66
- 0
support/doc/api/openapi.yaml View File

@@ -4,6 +4,14 @@ info:
4 4
   version: 1.0.0-beta
5 5
   description: Federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser with WebTorrent and Angular.
6 6
 host: peertube.example.com
7
+securityDefinitions:
8
+  OAuth2:
9
+    description: 'In the header: *Authorization: Bearer mytoken*'
10
+    type: oauth2
11
+    flow: password
12
+    # Not implemented yet
13
+    # authorizationUrl: https://example.com/oauth/authorize
14
+    tokenUrl: https://peertube.example.com/api/v1/users/token
7 15
 basePath: '/api/v1'
8 16
 schemes:
9 17
   - https
@@ -72,6 +80,8 @@ paths:
72 80
             $ref: '#/definitions/ServerConfig'
73 81
   /jobs:
74 82
     get:
83
+      security:
84
+        - OAuth2: [ ]
75 85
       tags:
76 86
         - Job
77 87
       consumes:
@@ -108,6 +118,8 @@ paths:
108 118
               $ref: '#/definitions/Job'
109 119
   '/server/following/{host}':
110 120
     delete:
121
+      security:
122
+        - OAuth2: [ ]
111 123
       tags:
112 124
         - ServerFollowing
113 125
       consumes:
@@ -186,6 +198,8 @@ paths:
186 198
             items:
187 199
               $ref: '#/definitions/Follow'
188 200
     post:
201
+      security:
202
+        - OAuth2: [ ]
189 203
       tags:
190 204
         - ServerFollowing
191 205
       consumes:
@@ -202,6 +216,8 @@ paths:
202 216
           description: successful operation
203 217
   /users:
204 218
     post:
219
+      security:
220
+        - OAuth2: [ ]
205 221
       tags:
206 222
         - User
207 223
       consumes:
@@ -221,6 +237,8 @@ paths:
221 237
           schema:
222 238
             $ref: '#/definitions/AddUserResponse'
223 239
     get:
240
+      security:
241
+        - OAuth2: [ ]
224 242
       tags:
225 243
         - User
226 244
       consumes:
@@ -252,6 +270,8 @@ paths:
252 270
               $ref: '#/definitions/User'
253 271
   '/users/{id}':
254 272
     delete:
273
+      security:
274
+        - OAuth2: [ ]
255 275
       tags:
256 276
         - User
257 277
       consumes:
@@ -268,6 +288,8 @@ paths:
268 288
         '204':
269 289
           description: successful operation
270 290
     get:
291
+      security:
292
+        - OAuth2: [ ]
271 293
       tags:
272 294
         - User
273 295
       consumes:
@@ -286,6 +308,8 @@ paths:
286 308
           schema:
287 309
             $ref: '#/definitions/User'
288 310
     put:
311
+      security:
312
+        - OAuth2: [ ]
289 313
       tags:
290 314
         - User
291 315
       consumes:
@@ -308,6 +332,8 @@ paths:
308 332
           description: successful operation
309 333
   /users/me:
310 334
     get:
335
+      security:
336
+        - OAuth2: [ ]
311 337
       tags:
312 338
         - User
313 339
       consumes:
@@ -322,6 +348,8 @@ paths:
322 348
             items:
323 349
               $ref: '#/definitions/User'
324 350
     put:
351
+      security:
352
+        - OAuth2: [ ]
325 353
       tags:
326 354
         - User
327 355
       consumes:
@@ -339,6 +367,8 @@ paths:
339 367
           description: successful operation
340 368
   /users/me/video-quota-used:
341 369
     get:
370
+      security:
371
+        - OAuth2: [ ]
342 372
       tags:
343 373
         - User
344 374
       consumes:
@@ -353,6 +383,8 @@ paths:
353 383
             type: number
354 384
   '/users/me/videos/{videoId}/rating':
355 385
     get:
386
+      security:
387
+        - OAuth2: [ ]
356 388
       tags:
357 389
         - User
358 390
       consumes:
@@ -372,6 +404,8 @@ paths:
372 404
             $ref: '#/definitions/GetMeVideoRating'
373 405
   /users/me/videos:
374 406
     get:
407
+      security:
408
+        - OAuth2: [ ]
375 409
       tags:
376 410
         - User
377 411
       consumes:
@@ -420,6 +454,8 @@ paths:
420 454
           description: successful operation
421 455
   /users/me/avatar/pick:
422 456
     post:
457
+      security:
458
+        - OAuth2: [ ]
423 459
       tags:
424 460
         - User
425 461
       consumes:
@@ -560,6 +596,8 @@ paths:
560 596
               $ref: '#/definitions/Video'
561 597
   "/videos/{id}":
562 598
     put:
599
+      security:
600
+        - OAuth2: [ ]
563 601
       tags:
564 602
         - Video
565 603
       consumes:
@@ -645,6 +683,8 @@ paths:
645 683
           schema:
646 684
             $ref: '#/definitions/Video'
647 685
     delete:
686
+      security:
687
+        - OAuth2: [ ]
648 688
       tags:
649 689
         - Video
650 690
       consumes:
@@ -698,6 +738,8 @@ paths:
698 738
           description: successful operation
699 739
   /videos/upload:
700 740
     post:
741
+      security:
742
+        - OAuth2: [ ]
701 743
       tags:
702 744
         - Video
703 745
       consumes:
@@ -776,6 +818,8 @@ paths:
776 818
             $ref: '#/definitions/VideoUploadResponse'
777 819
   /videos/abuse:
778 820
     get:
821
+      security:
822
+        - OAuth2: [ ]
779 823
       tags:
780 824
         - VideoAbuse
781 825
       consumes:
@@ -807,6 +851,8 @@ paths:
807 851
               $ref: '#/definitions/VideoAbuse'
808 852
   "/videos/{id}/abuse":
809 853
     post:
854
+      security:
855
+        - OAuth2: [ ]
810 856
       tags:
811 857
         - VideoAbuse
812 858
       consumes:
@@ -824,6 +870,8 @@ paths:
824 870
           description: successful operation
825 871
   "/videos/{videoId}/blacklist":
826 872
     post:
873
+      security:
874
+        - OAuth2: [ ]
827 875
       tags:
828 876
         - VideoBlacklist
829 877
       consumes:
@@ -840,6 +888,8 @@ paths:
840 888
         '204':
841 889
           description: successful operation
842 890
     delete:
891
+      security:
892
+        - OAuth2: [ ]
843 893
       tags:
844 894
         - VideoBlacklist
845 895
       consumes:
@@ -857,6 +907,8 @@ paths:
857 907
           description: successful operation
858 908
   /videos/blacklist:
859 909
     get:
910
+      security:
911
+        - OAuth2: [ ]
860 912
       tags:
861 913
         - VideoBlacklist
862 914
       consumes:
@@ -918,6 +970,8 @@ paths:
918 970
             items:
919 971
               $ref: '#/definitions/VideoChannel'
920 972
     post:
973
+      security:
974
+        - OAuth2: [ ]
921 975
       tags:
922 976
         - VideoChannel
923 977
       consumes:
@@ -952,6 +1006,8 @@ paths:
952 1006
           schema:
953 1007
             $ref: '#/definitions/VideoChannel'
954 1008
     put:
1009
+      security:
1010
+        - OAuth2: [ ]
955 1011
       tags:
956 1012
         - VideoChannel
957 1013
       consumes:
@@ -972,6 +1028,8 @@ paths:
972 1028
         '204':
973 1029
           description: successful operation
974 1030
     delete:
1031
+      security:
1032
+        - OAuth2: [ ]
975 1033
       tags:
976 1034
         - VideoChannel
977 1035
       consumes:
@@ -1043,6 +1101,8 @@ paths:
1043 1101
           schema:
1044 1102
             $ref: '#/definitions/CommentThreadResponse'
1045 1103
     post:
1104
+      security:
1105
+        - OAuth2: [ ]
1046 1106
       tags:
1047 1107
         - VideoComment
1048 1108
       consumes:
@@ -1086,6 +1146,8 @@ paths:
1086 1146
             $ref: '#/definitions/VideoCommentThreadTree'
1087 1147
   "/videos/{videoId}/comments/{commentId}":
1088 1148
     post:
1149
+      security:
1150
+        - OAuth2: [ ]
1089 1151
       tags:
1090 1152
         - VideoComment
1091 1153
       consumes:
@@ -1109,6 +1171,8 @@ paths:
1109 1171
           schema:
1110 1172
             $ref: '#/definitions/CommentThreadPostResponse'
1111 1173
     delete:
1174
+      security:
1175
+        - OAuth2: [ ]
1112 1176
       tags:
1113 1177
         - VideoComment
1114 1178
       consumes:
@@ -1131,6 +1195,8 @@ paths:
1131 1195
           description: successful operation
1132 1196
   "/videos/{id}/rate":
1133 1197
     put:
1198
+      security:
1199
+        - OAuth2: [ ]
1134 1200
       tags:
1135 1201
         - VideoRate
1136 1202
       consumes:

Loading…
Cancel
Save