From ab4b4dcf242fcbb7f517aa8df0b6c8bbee4a1b22 Mon Sep 17 00:00:00 2001
From: Jonathan Weth <git@jonathanweth.de>
Date: Fri, 5 Nov 2021 11:41:28 +0100
Subject: [PATCH] Add needed scopes to LiveDocumentShowAPIView

---
 aleksis/apps/resint/views.py | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/aleksis/apps/resint/views.py b/aleksis/apps/resint/views.py
index fcc50f0..50bfdf6 100644
--- a/aleksis/apps/resint/views.py
+++ b/aleksis/apps/resint/views.py
@@ -1,4 +1,4 @@
-from typing import Any, Dict, Type
+from typing import Any, Dict, List, Type
 
 from django.contrib.contenttypes.models import ContentType
 from django.db.models import QuerySet
@@ -15,7 +15,7 @@ from django.views.generic.list import ListView
 
 from django_tables2 import SingleTableView
 from guardian.shortcuts import get_objects_for_user
-from oauth2_provider.views.mixins import ClientProtectedResourceMixin
+from oauth2_provider.views.mixins import ClientProtectedResourceMixin, ScopedResourceMixin
 from reversion.views import RevisionMixin
 from rules.contrib.views import PermissionRequiredMixin
 
@@ -241,5 +241,11 @@ class LiveDocumentShowView(PermissionRequiredMixin, LiveDocumentShowBaseView):
     permission_required = "resint.view_livedocument_rule"
 
 
-class LiveDocumentShowAPIView(ClientProtectedResourceMixin, LiveDocumentShowBaseView):
+class LiveDocumentShowAPIView(
+    ScopedResourceMixin, ClientProtectedResourceMixin, LiveDocumentShowBaseView
+):
     """Show the current version of the live document in API."""
+
+    def get_scopes(self, *args, **kwargs) -> List[str]:
+        """Return the scope needed to access the PDF file."""
+        return [self.get_object().scope]
-- 
GitLab