add missing permission

2024-11-25 08:38:59 +00:00 · 2019-09-24 11:48:04 +10:00 · 2019-09-24 11:48:04 +10:00 · b1aec4c8d5
commit b1aec4c8d5
parent 8d99f46d1a
1 changed files with 3 additions and 3 deletions
--- a/app/pages/bot/accounts_add.py
+++ b/app/pages/bot/accounts_add.py
@ -51,7 +51,7 @@ def bot_accounts_add(mysql, cfg):
 			session['client_id'], session['client_secret'] = Mastodon.create_app(
 				"FediBooks User Authenticator",
 				api_base_url="https://{}".format(session['instance']),
-				scopes=["read:statuses"] if session['instance_type'] == 'Mastodon' else ["read"],
+				scopes=["read:statuses", "read:accounts"] if session['instance_type'] == 'Mastodon' else ["read"],
 				website=cfg['base_uri']
 			)
@ -63,7 +63,7 @@ def bot_accounts_add(mysql, cfg):
 			session['url'] = client.auth_request_url(
 				client_id=session['client_id'],
-				scopes=["read:statuses"] if session['instance_type'] == 'Mastodon' else ["read"]
+				scopes=["read:statuses", "read:accounts"] if session['instance_type'] == 'Mastodon' else ["read"]
 			)
 		elif session['step'] == 2:
@ -72,7 +72,7 @@ def bot_accounts_add(mysql, cfg):
 				client = Mastodon(client_id=session['client_id'], client_secret=session['client_secret'], api_base_url=session['instance'])
 				session['secret'] = client.log_in(
 					code = request.form['code'],
-					scopes=["read:statuses"] if session['instance_type'] == 'Mastodon' else ["read"],
+					scopes=["read:statuses", "read:accounts"] if session['instance_type'] == 'Mastodon' else ["read"],
 				)
 				username = client.account_verify_credentials()['username']
 				if username != session['username']: