git.squeep.com Git - akkoma/blob - lib/pleroma/web/twitter_api/twitter_api_controller.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.TwitterAPI.Controller do
   6   use Pleroma.Web, :controller
   7
   8   alias Pleroma.Notification
   9   alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
  10   alias Pleroma.Plugs.OAuthScopesPlug
  11   alias Pleroma.User
  12   alias Pleroma.Web.OAuth.Token
  13   alias Pleroma.Web.TwitterAPI.TokenView
  14
  15   require Logger
  16
  17   plug(
  18     OAuthScopesPlug,
  19     %{scopes: ["write:notifications"]} when action == :mark_notifications_as_read
  20   )
  21
  22   plug(
  23     :skip_plug,
  24     [OAuthScopesPlug, EnsurePublicOrAuthenticatedPlug] when action == :confirm_email
  25   )
  26
  27   plug(:skip_plug, OAuthScopesPlug when action in [:oauth_tokens, :revoke_token])
  28
  29   action_fallback(:errors)
  30
  31   def confirm_email(conn, %{"user_id" => uid, "token" => token}) do
  32     with %User{} = user <- User.get_cached_by_id(uid),
  33          true <- user.local and user.confirmation_pending and user.confirmation_token == token,
  34          {:ok, _} <-
  35            user
  36            |> User.confirmation_changeset(need_confirmation: false)
  37            |> User.update_and_set_cache() do
  38       User.post_register_action(user)
  39       redirect(conn, to: "/")
  40     end
  41   end
  42
  43   def oauth_tokens(%{assigns: %{user: user}} = conn, _params) do
  44     with oauth_tokens <- Token.get_user_tokens(user) do
  45       conn
  46       |> put_view(TokenView)
  47       |> render("index.json", %{tokens: oauth_tokens})
  48     end
  49   end
  50
  51   def revoke_token(%{assigns: %{user: user}} = conn, %{"id" => id} = _params) do
  52     Token.delete_user_token(user, id)
  53
  54     json_reply(conn, 201, "")
  55   end
  56
  57   defp errors(conn, {:param_cast, _}) do
  58     conn
  59     |> put_status(400)
  60     |> json("Invalid parameters")
  61   end
  62
  63   defp errors(conn, _) do
  64     conn
  65     |> put_status(500)
  66     |> json("Something went wrong")
  67   end
  68
  69   defp json_reply(conn, status, json) do
  70     conn
  71     |> put_resp_content_type("application/json")
  72     |> send_resp(status, json)
  73   end
  74
  75   def mark_notifications_as_read(
  76         %{assigns: %{user: user}} = conn,
  77         %{"latest_id" => latest_id} = params
  78       ) do
  79     Notification.set_read_up_to(user, latest_id)
  80
  81     notifications = Notification.for_user(user, params)
  82
  83     conn
  84     # XXX: This is a hack because pleroma-fe still uses that API.
  85     |> put_view(Pleroma.Web.MastodonAPI.NotificationView)
  86     |> render("index.json", %{notifications: notifications, for: user})
  87   end
  88
  89   def mark_notifications_as_read(%{assigns: %{user: _user}} = conn, _) do
  90     bad_request_reply(conn, "You need to specify latest_id")
  91   end
  92
  93   defp bad_request_reply(conn, error_message) do
  94     json = error_json(conn, error_message)
  95     json_reply(conn, 400, json)
  96   end
  97
  98   defp error_json(conn, error_message) do
  99     %{"error" => error_message, "request" => conn.request_path} |> Jason.encode!()
 100   end
 101 end