From b1aec4c8d5f28b8e1e8530fa06b1d183f42b3b26 Mon Sep 17 00:00:00 2001
From: Lynne <lynne@bune.city>
Date: Tue, 24 Sep 2019 11:48:04 +1000
Subject: [PATCH] add missing permission

---
 app/pages/bot/accounts_add.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/pages/bot/accounts_add.py b/app/pages/bot/accounts_add.py
index b50ef6f..88066c6 100644
--- a/app/pages/bot/accounts_add.py
+++ b/app/pages/bot/accounts_add.py
@@ -51,7 +51,7 @@ def bot_accounts_add(mysql, cfg):
 			session['client_id'], session['client_secret'] = Mastodon.create_app(
 				"FediBooks User Authenticator",
 				api_base_url="https://{}".format(session['instance']),
-				scopes=["read:statuses"] if session['instance_type'] == 'Mastodon' else ["read"],
+				scopes=["read:statuses", "read:accounts"] if session['instance_type'] == 'Mastodon' else ["read"],
 				website=cfg['base_uri']
 			)
 
@@ -63,7 +63,7 @@ def bot_accounts_add(mysql, cfg):
 
 			session['url'] = client.auth_request_url(
 				client_id=session['client_id'],
-				scopes=["read:statuses"] if session['instance_type'] == 'Mastodon' else ["read"]
+				scopes=["read:statuses", "read:accounts"] if session['instance_type'] == 'Mastodon' else ["read"]
 			)
 
 		elif session['step'] == 2:
@@ -72,7 +72,7 @@ def bot_accounts_add(mysql, cfg):
 				client = Mastodon(client_id=session['client_id'], client_secret=session['client_secret'], api_base_url=session['instance'])
 				session['secret'] = client.log_in(
 					code = request.form['code'],
-					scopes=["read:statuses"] if session['instance_type'] == 'Mastodon' else ["read"],
+					scopes=["read:statuses", "read:accounts"] if session['instance_type'] == 'Mastodon' else ["read"],
 				)
 				username = client.account_verify_credentials()['username']
 				if username != session['username']: