From d3b141c9b552675621ace5c28552d327624a9aa5 Mon Sep 17 00:00:00 2001
From: alemi <me@alemi.dev>
Date: Mon, 20 May 2024 01:42:30 +0200
Subject: [PATCH] feat: option to allow public debug fetches

---
 src/config.rs                         | 3 +++
 src/routes/activitypub/application.rs | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/config.rs b/src/config.rs
index 076015d..5ca8ecb 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -64,6 +64,9 @@ pub struct DatasourceConfig {
 pub struct SecurityConfig {
 	#[serde(default)]
 	pub allow_registration: bool,
+
+	#[serde(default)]
+	pub allow_public_debugger: bool,
 }
 
 
diff --git a/src/routes/activitypub/application.rs b/src/routes/activitypub/application.rs
index d524260..d466050 100644
--- a/src/routes/activitypub/application.rs
+++ b/src/routes/activitypub/application.rs
@@ -50,7 +50,7 @@ pub async fn debug(
 	AuthIdentity(auth): AuthIdentity,
 ) -> crate::Result<Json<serde_json::Value>> {
 	// only local users can request debug fetches
-	if !matches!(auth, Identity::Local(_)) {
+	if !ctx.cfg().security.allow_public_debugger && !matches!(auth, Identity::Local(_)) {
 		return Err(UpubError::unauthorized());
 	}
 	Ok(Json(