From 7edca4a21307c980db0259f95ec6e49fecc7a63a Mon Sep 17 00:00:00 2001
From: usbharu <64310155+usbharu@users.noreply.github.com>
Date: Thu, 7 Dec 2023 11:14:51 +0900
Subject: [PATCH] =?UTF-8?q?fix:=20OAuth2=E3=81=AE=E3=82=B9=E3=82=B3?=
 =?UTF-8?q?=E3=83=BC=E3=83=97=E3=82=92=E4=BF=AE=E6=AD=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../dev/usbharu/hideout/application/config/SecurityConfig.kt    | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/main/kotlin/dev/usbharu/hideout/application/config/SecurityConfig.kt b/src/main/kotlin/dev/usbharu/hideout/application/config/SecurityConfig.kt
index ec87b8e8..eb19802f 100644
--- a/src/main/kotlin/dev/usbharu/hideout/application/config/SecurityConfig.kt
+++ b/src/main/kotlin/dev/usbharu/hideout/application/config/SecurityConfig.kt
@@ -193,8 +193,10 @@ class SecurityConfig {
                 authorize(GET, "/users/*/header.jpg", permitAll)
 
                 authorize(GET, "/api/v1/accounts/verify_credentials", hasAnyScope("read", "read:accounts"))
+                authorize(GET, "/api/v1/accounts/relationships", hasAnyScope("read", "read:follows"))
                 authorize(GET, "/api/v1/accounts/*", permitAll)
                 authorize(GET, "/api/v1/accounts/*/statuses", permitAll)
+                authorize(POST, "/api/v1/accounts/*/follow", hasAnyScope("write", "write:follows"))
 
                 authorize(POST, "/api/v1/media", hasAnyScope("write", "write:media"))
                 authorize(POST, "/api/v1/statuses", hasAnyScope("write", "write:statuses"))