git.squeep.com Git - akkoma/blob - lib/pleroma/web/twitter_api/twitter_api.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
   6   alias Pleroma.Activity
   7   alias Pleroma.Emails.Mailer
   8   alias Pleroma.Emails.UserEmail
   9   alias Pleroma.Repo
  10   alias Pleroma.User
  11   alias Pleroma.UserInviteToken
  12   alias Pleroma.Web.ActivityPub.ActivityPub
  13   alias Pleroma.Web.CommonAPI
  14   alias Pleroma.Web.TwitterAPI.UserView
  15
  16   import Ecto.Query
  17
  18   def create_status(%User{} = user, %{"status" => _} = data) do
  19     CommonAPI.post(user, data)
  20   end
  21
  22   def delete(%User{} = user, id) do
  23     with %Activity{data: %{"type" => _type}} <- Activity.get_by_id(id),
  24          {:ok, activity} <- CommonAPI.delete(id, user) do
  25       {:ok, activity}
  26     end
  27   end
  28
  29   def follow(%User{} = follower, params) do
  30     with {:ok, %User{} = followed} <- get_user(params) do
  31       CommonAPI.follow(follower, followed)
  32     end
  33   end
  34
  35   def unfollow(%User{} = follower, params) do
  36     with {:ok, %User{} = unfollowed} <- get_user(params),
  37          {:ok, follower} <- CommonAPI.unfollow(follower, unfollowed) do
  38       {:ok, follower, unfollowed}
  39     end
  40   end
  41
  42   def block(%User{} = blocker, params) do
  43     with {:ok, %User{} = blocked} <- get_user(params),
  44          {:ok, blocker} <- User.block(blocker, blocked),
  45          {:ok, _activity} <- ActivityPub.block(blocker, blocked) do
  46       {:ok, blocker, blocked}
  47     else
  48       err -> err
  49     end
  50   end
  51
  52   def unblock(%User{} = blocker, params) do
  53     with {:ok, %User{} = blocked} <- get_user(params),
  54          {:ok, blocker} <- User.unblock(blocker, blocked),
  55          {:ok, _activity} <- ActivityPub.unblock(blocker, blocked) do
  56       {:ok, blocker, blocked}
  57     else
  58       err -> err
  59     end
  60   end
  61
  62   def repeat(%User{} = user, ap_id_or_id) do
  63     with {:ok, _announce, %{data: %{"id" => id}}} <- CommonAPI.repeat(ap_id_or_id, user),
  64          %Activity{} = activity <- Activity.get_create_by_object_ap_id(id) do
  65       {:ok, activity}
  66     end
  67   end
  68
  69   def unrepeat(%User{} = user, ap_id_or_id) do
  70     with {:ok, _unannounce, %{data: %{"id" => id}}} <- CommonAPI.unrepeat(ap_id_or_id, user),
  71          %Activity{} = activity <- Activity.get_create_by_object_ap_id(id) do
  72       {:ok, activity}
  73     end
  74   end
  75
  76   def pin(%User{} = user, ap_id_or_id) do
  77     CommonAPI.pin(ap_id_or_id, user)
  78   end
  79
  80   def unpin(%User{} = user, ap_id_or_id) do
  81     CommonAPI.unpin(ap_id_or_id, user)
  82   end
  83
  84   def fav(%User{} = user, ap_id_or_id) do
  85     with {:ok, _fav, %{data: %{"id" => id}}} <- CommonAPI.favorite(ap_id_or_id, user),
  86          %Activity{} = activity <- Activity.get_create_by_object_ap_id(id) do
  87       {:ok, activity}
  88     end
  89   end
  90
  91   def unfav(%User{} = user, ap_id_or_id) do
  92     with {:ok, _unfav, _fav, %{data: %{"id" => id}}} <- CommonAPI.unfavorite(ap_id_or_id, user),
  93          %Activity{} = activity <- Activity.get_create_by_object_ap_id(id) do
  94       {:ok, activity}
  95     end
  96   end
  97
  98   def upload(%Plug.Upload{} = file, %User{} = user, format \\ "xml") do
  99     {:ok, object} = ActivityPub.upload(file, actor: User.ap_id(user))
 100
 101     url = List.first(object.data["url"])
 102     href = url["href"]
 103     type = url["mediaType"]
 104
 105     case format do
 106       "xml" ->
 107         # Fake this as good as possible...
 108         """
 109         <?xml version="1.0" encoding="UTF-8"?>
 110         <rsp stat="ok" xmlns:atom="http://www.w3.org/2005/Atom">
 111         <mediaid>#{object.id}</mediaid>
 112         <media_id>#{object.id}</media_id>
 113         <media_id_string>#{object.id}</media_id_string>
 114         <media_url>#{href}</media_url>
 115         <mediaurl>#{href}</mediaurl>
 116         <atom:link rel="enclosure" href="#{href}" type="#{type}"></atom:link>
 117         </rsp>
 118         """
 119
 120       "json" ->
 121         %{
 122           media_id: object.id,
 123           media_id_string: "#{object.id}}",
 124           media_url: href,
 125           size: 0
 126         }
 127         |> Jason.encode!()
 128     end
 129   end
 130
 131   def register_user(params, opts \\ []) do
 132     token = params["token"]
 133
 134     params = %{
 135       nickname: params["nickname"],
 136       name: params["fullname"],
 137       bio: User.parse_bio(params["bio"]),
 138       email: params["email"],
 139       password: params["password"],
 140       password_confirmation: params["confirm"],
 141       captcha_solution: params["captcha_solution"],
 142       captcha_token: params["captcha_token"],
 143       captcha_answer_data: params["captcha_answer_data"]
 144     }
 145
 146     captcha_enabled = Pleroma.Config.get([Pleroma.Captcha, :enabled])
 147     # true if captcha is disabled or enabled and valid, false otherwise
 148     captcha_ok =
 149       if !captcha_enabled do
 150         :ok
 151       else
 152         Pleroma.Captcha.validate(
 153           params[:captcha_token],
 154           params[:captcha_solution],
 155           params[:captcha_answer_data]
 156         )
 157       end
 158
 159     # Captcha invalid
 160     if captcha_ok != :ok do
 161       {:error, error} = captcha_ok
 162       # I have no idea how this error handling works
 163       {:error, %{error: Jason.encode!(%{captcha: [error]})}}
 164     else
 165       registration_process(
 166         params,
 167         %{
 168           registrations_open: Pleroma.Config.get([:instance, :registrations_open]),
 169           token: token
 170         },
 171         opts
 172       )
 173     end
 174   end
 175
 176   defp registration_process(params, %{registrations_open: true}, opts) do
 177     create_user(params, opts)
 178   end
 179
 180   defp registration_process(params, %{token: token}, opts) do
 181     invite =
 182       unless is_nil(token) do
 183         Repo.get_by(UserInviteToken, %{token: token})
 184       end
 185
 186     valid_invite? = invite && UserInviteToken.valid_invite?(invite)
 187
 188     case invite do
 189       nil ->
 190         {:error, "Invalid token"}
 191
 192       invite when valid_invite? ->
 193         UserInviteToken.update_usage!(invite)
 194         create_user(params, opts)
 195
 196       _ ->
 197         {:error, "Expired token"}
 198     end
 199   end
 200
 201   defp create_user(params, opts) do
 202     changeset = User.register_changeset(%User{}, params, opts)
 203
 204     case User.register(changeset) do
 205       {:ok, user} ->
 206         {:ok, user}
 207
 208       {:error, changeset} ->
 209         errors =
 210           Ecto.Changeset.traverse_errors(changeset, fn {msg, _opts} -> msg end)
 211           |> Jason.encode!()
 212
 213         {:error, %{error: errors}}
 214     end
 215   end
 216
 217   def password_reset(nickname_or_email) do
 218     with true <- is_binary(nickname_or_email),
 219          %User{local: true} = user <- User.get_by_nickname_or_email(nickname_or_email),
 220          {:ok, token_record} <- Pleroma.PasswordResetToken.create_token(user) do
 221       user
 222       |> UserEmail.password_reset_email(token_record.token)
 223       |> Mailer.deliver_async()
 224     else
 225       false ->
 226         {:error, "bad user identifier"}
 227
 228       %User{local: false} ->
 229         {:error, "remote user"}
 230
 231       nil ->
 232         {:error, "unknown user"}
 233     end
 234   end
 235
 236   def get_user(user \\ nil, params) do
 237     case params do
 238       %{"user_id" => user_id} ->
 239         case User.get_cached_by_nickname_or_id(user_id) do
 240           nil ->
 241             {:error, "No user with such user_id"}
 242
 243           %User{info: %{deactivated: true}} ->
 244             {:error, "User has been disabled"}
 245
 246           user ->
 247             {:ok, user}
 248         end
 249
 250       %{"screen_name" => nickname} ->
 251         case User.get_cached_by_nickname(nickname) do
 252           nil -> {:error, "No user with such screen_name"}
 253           target -> {:ok, target}
 254         end
 255
 256       _ ->
 257         if user do
 258           {:ok, user}
 259         else
 260           {:error, "You need to specify screen_name or user_id"}
 261         end
 262     end
 263   end
 264
 265   defp parse_int(string, default)
 266
 267   defp parse_int(string, default) when is_binary(string) do
 268     with {n, _} <- Integer.parse(string) do
 269       n
 270     else
 271       _e -> default
 272     end
 273   end
 274
 275   defp parse_int(_, default), do: default
 276
 277   # TODO: unify the search query with MastoAPI one and do only pagination here
 278   def search(_user, %{"q" => query} = params) do
 279     limit = parse_int(params["rpp"], 20)
 280     page = parse_int(params["page"], 1)
 281     offset = (page - 1) * limit
 282
 283     q =
 284       from(
 285         [a, o] in Activity.with_preloaded_object(Activity),
 286         where: fragment("?->>'type' = 'Create'", a.data),
 287         where: "https://www.w3.org/ns/activitystreams#Public" in a.recipients,
 288         where:
 289           fragment(
 290             "to_tsvector('english', ?->>'content') @@ plainto_tsquery('english', ?)",
 291             o.data,
 292             ^query
 293           ),
 294         limit: ^limit,
 295         offset: ^offset,
 296         # this one isn't indexed so psql won't take the wrong index.
 297         order_by: [desc: :inserted_at]
 298       )
 299
 300     _activities = Repo.all(q)
 301   end
 302
 303   def get_external_profile(for_user, uri) do
 304     with {:ok, %User{} = user} <- User.get_or_fetch(uri) do
 305       {:ok, UserView.render("show.json", %{user: user, for: for_user})}
 306     else
 307       _e ->
 308         {:error, "Couldn't find user"}
 309     end
 310   end
 311 end