document controller functions

app/controllers/LilaController.scala

@@ -65,12 +65,14 @@ abstract private[controllers] class LilaController(val env: Env)
   implicit def reqConfig(using req: RequestHeader): ui.EmbedConfig = ui.EmbedConfig(req)
   def reqLang(using req: RequestHeader): Lang                      = I18nLangPicker(req)
 
+  /* Anonymous and authenticated requests */
   protected def Open(f: Context ?=> Fu[Result]): Action[Unit] =
     OpenOf(parse.empty)(f(using _))
 
   protected def OpenOf[A](parser: BodyParser[A])(f: Context => Fu[Result]): Action[A] =
     Action.async(parser)(handleOpen(f, _))
 
+  /* Anonymous and authenticated requests, with a body */
   protected def OpenBody(f: BodyContext[?] ?=> Fu[Result]): Action[AnyContent] =
     OpenBodyOf(parse.anyContent)(f(using _))
 
@@ -81,6 +83,7 @@ abstract private[controllers] class LilaController(val env: Env)
       }
     }
 
+  /* Anonymous, authenticated, and oauth requests */
   protected def OpenOrScoped(selectors: OAuthScope.Selector*)(
       open: Context => Fu[Result],
       scoped: RequestHeader => UserModel => Fu[Result]
@@ -90,6 +93,7 @@ abstract private[controllers] class LilaController(val env: Env)
       else handleOpen(open, req)
     }
 
+  /* Anonymous, authenticated, and oauth requests */
   protected def OpenOrScoped(selectors: OAuthScope.Selector*)(
       f: (RequestHeader, Option[UserModel]) => Fu[Result]
   ): Action[Unit] =
@@ -108,6 +112,7 @@ abstract private[controllers] class LilaController(val env: Env)
   //     scoped: Request[_] => UserModel => Fu[Result]
   // ): Action[AnyContent] = OpenOrScopedBody(parse.anyContent)(selectors)(auth, scoped)
 
+  /* Anonymous, authenticated, and oauth requests with a body */
   protected def OpenOrScopedBody[A](parser: BodyParser[A])(selectors: Seq[OAuthScope.Selector])(
       open: BodyContext[A] => Fu[Result],
       scoped: Request[A] => UserModel => Fu[Result]
@@ -117,6 +122,7 @@ abstract private[controllers] class LilaController(val env: Env)
       then ScopedBody(parser)(selectors)(scoped)(req)
       else OpenBodyOf(parser)(open)(req)
 
+  /* Anonymous and oauth requests */
   protected def AnonOrScoped(selectors: OAuthScope.Selector*)(
       f: RequestHeader => Option[UserModel] => Fu[Result]
   ): Action[Unit] =
@@ -125,6 +131,7 @@ abstract private[controllers] class LilaController(val env: Env)
       else f(req)(none)
     }
 
+  /* Anonymous and oauth requests with a body */
   protected def AnonOrScopedBody[A](parser: BodyParser[A])(selectors: OAuthScope.Selector*)(
       f: Request[A] => Option[UserModel] => Fu[Result]
   ): Action[A] =
@@ -134,6 +141,7 @@ abstract private[controllers] class LilaController(val env: Env)
       else f(req)(none)
     }
 
+  /* Authenticated and oauth requests */
   protected def AuthOrScoped(selectors: OAuthScope.Selector*)(
       auth: Context => UserModel => Fu[Result],
       scoped: RequestHeader => UserModel => Fu[Result]
@@ -143,11 +151,13 @@ abstract private[controllers] class LilaController(val env: Env)
       else handleAuth(auth, req)
     }
 
+  /* Authenticated and oauth requests with a body */
   protected def AuthOrScopedBody(selectors: OAuthScope.Selector*)(
       auth: BodyContext[?] => UserModel => Fu[Result],
       scoped: Request[?] => UserModel => Fu[Result]
   ): Action[AnyContent] = AuthOrScopedBody(parse.anyContent)(selectors)(auth, scoped)
 
+  /* Authenticated and oauth requests with a body */
   protected def AuthOrScopedBody[A](parser: BodyParser[A])(selectors: Seq[OAuthScope.Selector])(
       auth: BodyContext[A] => UserModel => Fu[Result],
       scoped: Request[A] => UserModel => Fu[Result]
@@ -157,9 +167,11 @@ abstract private[controllers] class LilaController(val env: Env)
       else AuthBody(parser)(auth)(req)
     }
 
+  /* Authenticated requests */
   protected def Auth(f: Context => UserModel => Fu[Result]): Action[Unit] =
     Auth(parse.empty)(f)
 
+  /* Authenticated requests */
   protected def Auth[A](parser: BodyParser[A])(f: Context => UserModel => Fu[Result]): Action[A] =
     Action.async(parser) { handleAuth(f, _) }
 
@@ -170,9 +182,11 @@ abstract private[controllers] class LilaController(val env: Env)
       }
     }
 
+  /* Authenticated requests with a body */
   protected def AuthBody(f: BodyContext[?] => UserModel => Fu[Result]): Action[AnyContent] =
     AuthBody(parse.anyContent)(f)
 
+  /* Authenticated requests with a body */
   protected def AuthBody[A](parser: BodyParser[A])(f: BodyContext[A] => UserModel => Fu[Result]): Action[A] =
     Action.async(parser) { req =>
       CSRF(req) {
@@ -182,12 +196,15 @@ abstract private[controllers] class LilaController(val env: Env)
       }
     }
 
+  /* Authenticated requests requiring certain permissions */
   protected def Secure(perm: Permission.Selector)(f: Context => Holder => Fu[Result]): Action[AnyContent] =
     Secure(perm(Permission))(f)
 
+  /* Authenticated requests requiring certain permissions */
   protected def Secure(perm: Permission)(f: Context => Holder => Fu[Result]): Action[AnyContent] =
     Secure(parse.anyContent)(perm)(f)
 
+  /* Authenticated requests requiring certain permissions */
   protected def Secure[A](
       parser: BodyParser[A]
   )(perm: Permission)(f: Context => Holder => Fu[Result]): Action[A] =
@@ -200,33 +217,39 @@ abstract private[controllers] class LilaController(val env: Env)
       if (s(me)) f(ctx)(me) else authorizationFailed
     }
 
+  /* Authenticated requests requiring certain permissions, with a body */
   protected def SecureBody[A](
       parser: BodyParser[A]
   )(perm: Permission)(f: BodyContext[A] => Holder => Fu[Result]): Action[A] =
     AuthBody(parser) { implicit ctx => me =>
       if (isGranted(perm)) f(ctx)(Holder(me)) else authorizationFailed
     }
 
+  /* Authenticated requests requiring certain permissions, with a body */
   protected def SecureBody(
       perm: Permission.Selector
   )(f: BodyContext[?] => Holder => Fu[Result]): Action[AnyContent] =
     SecureBody(parse.anyContent)(perm(Permission))(f)
 
+  /* OAuth requests */
   protected def Scoped[A](
       parser: BodyParser[A]
   )(selectors: Seq[OAuthScope.Selector])(f: RequestHeader => UserModel => Fu[Result]): Action[A] =
     Action.async(parser)(handleScoped(selectors)(f))
 
+  /* OAuth requests */
   protected def Scoped(
       selectors: OAuthScope.Selector*
   )(f: RequestHeader => UserModel => Fu[Result]): Action[Unit] =
     Scoped(parse.empty)(selectors)(f)
 
+  /* OAuth requests with a body */
   protected def ScopedBody[A](
       parser: BodyParser[A]
   )(selectors: Seq[OAuthScope.Selector])(f: Request[A] => UserModel => Fu[Result]): Action[A] =
     Action.async(parser)(handleScoped(selectors)(f))
 
+  /* OAuth requests with a body */
   protected def ScopedBody(
       selectors: OAuthScope.Selector*
   )(f: Request[?] => UserModel => Fu[Result]): Action[AnyContent] =
@@ -255,15 +278,25 @@ abstract private[controllers] class LilaController(val env: Env)
       lila.mon.user.oauth.request(false).increment()
       OAuthServer.responseHeaders(scopes, Nil) { Unauthorized(jsonError(e.message)) }.toFuccess
 
+  /* Authenticated and OAuth requests requiring certain permissions */
   protected def SecureOrScoped(perm: Permission.Selector)(
       secure: Context => Holder => Fu[Result],
       scoped: RequestHeader => Holder => Fu[Result]
   ): Action[Unit] =
     Action.async(parse.empty) { req =>
-      if (HTTPRequest isOAuth req) SecureScoped(perm)(scoped)(req)
+      if (HTTPRequest isOAuth req) SecureOrScoped(perm)(scoped)(req)
       else Secure(parse.empty)(perm(Permission))(secure)(req)
     }
 
+  /* Authenticated and OAuth requests requiring certain permissions */
+  protected def SecureOrScoped(perm: Permission.Selector)(
+      f: RequestHeader => Holder => Fu[Result]
+  ) =
+    Scoped() { req => me =>
+      IfGranted(perm, req, me)(f(req)(Holder(me)))
+    }
+
+  /* Authenticated and OAuth requests requiring certain permissions, with a body */
   protected def SecureOrScopedBody(perm: Permission.Selector)(
       secure: BodyContext[?] => Holder => Fu[Result],
       scoped: Request[?] => Holder => Fu[Result]
@@ -273,13 +306,7 @@ abstract private[controllers] class LilaController(val env: Env)
       else SecureBody(parse.anyContent)(perm(Permission))(secure)(req)
     }
 
-  protected def SecureScoped(perm: Permission.Selector)(
-      f: RequestHeader => Holder => Fu[Result]
-  ) =
-    Scoped() { req => me =>
-      IfGranted(perm, req, me)(f(req)(Holder(me)))
-    }
-
+  /* Authenticated and OAuth requests requiring certain permissions, with a body */
   protected def SecuredScopedBody(perm: Permission.Selector)(
       f: Request[?] => Holder => Fu[Result]
   ) =

app/controllers/Mod.scala

@@ -567,7 +567,7 @@ final class Mod(
     }
 
   def apiUserLog(username: UserStr) =
-    SecureScoped(_.ModLog) { _ => me =>
+    SecureOrScoped(_.ModLog) { _ => me =>
       import lila.common.Json.given
       env.user.repo byId username flatMapz { user =>
         for