projects / akkoma / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Fix leaking private configuration parameters in Mastodon and Twitter APIs, and add...
[akkoma] / lib / pleroma / web / twitter_api / views / user_view.ex
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.TwitterAPI.UserView do
6 use Pleroma.Web, :view
7 alias Pleroma.Formatter
8 alias Pleroma.HTML
9 alias Pleroma.User
10 alias Pleroma.Web.CommonAPI.Utils
11 alias Pleroma.Web.MediaProxy
12
13 def render("show.json", %{user: user = %User{}} = assigns) do
14 render_one(user, Pleroma.Web.TwitterAPI.UserView, "user.json", assigns)
15 end
16
17 def render("index.json", %{users: users, for: user}) do
18 users
19 |> render_many(Pleroma.Web.TwitterAPI.UserView, "user.json", for: user)
20 |> Enum.filter(&Enum.any?/1)
21 end
22
23 def render("user.json", %{user: user = %User{}} = assigns) do
24 if User.visible_for?(user, assigns[:for]),
25 do: do_render("user.json", assigns),
26 else: %{}
27 end
28
29 def render("short.json", %{
30 user: %User{
31 nickname: nickname,
32 id: id,
33 ap_id: ap_id,
34 name: name
35 }
36 }) do
37 %{
38 "fullname" => name,
39 "id" => id,
40 "ostatus_uri" => ap_id,
41 "profile_url" => ap_id,
42 "screen_name" => nickname
43 }
44 end
45
46 defp do_render("user.json", %{user: user = %User{}} = assigns) do
47 for_user = assigns[:for]
48 image = User.avatar_url(user) |> MediaProxy.url()
49
50 {following, follows_you, statusnet_blocking} =
51 if for_user do
52 {
53 User.following?(for_user, user),
54 User.following?(user, for_user),
55 User.blocks?(for_user, user)
56 }
57 else
58 {false, false, false}
59 end
60
61 user_info = User.get_cached_user_info(user)
62
63 emoji =
64 (user.info.source_data["tag"] || [])
65 |> Enum.filter(fn %{"type" => t} -> t == "Emoji" end)
66 |> Enum.map(fn %{"icon" => %{"url" => url}, "name" => name} ->
67 {String.trim(name, ":"), url}
68 end)
69
70 # ``fields`` is an array of mastodon profile field, containing ``{"name": "…", "value": "…"}``.
71 # For example: [{"name": "Pronoun", "value": "she/her"}, …]
72 fields =
73 (user.info.source_data["attachment"] || [])
74 |> Enum.filter(fn %{"type" => t} -> t == "PropertyValue" end)
75 |> Enum.map(fn fields -> Map.take(fields, ["name", "value"]) end)
76
77 data =
78 %{
79 "created_at" => user.inserted_at |> Utils.format_naive_asctime(),
80 "description" => HTML.strip_tags((user.bio || "") |> String.replace("<br>", "\n")),
81 "description_html" => HTML.filter_tags(user.bio, User.html_filter_policy(for_user)),
82 "favourites_count" => 0,
83 "followers_count" => user_info[:follower_count],
84 "following" => following,
85 "follows_you" => follows_you,
86 "statusnet_blocking" => statusnet_blocking,
87 "friends_count" => user_info[:following_count],
88 "id" => user.id,
89 "name" => user.name || user.nickname,
90 "name_html" =>
91 if(user.name,
92 do: HTML.strip_tags(user.name) |> Formatter.emojify(emoji),
93 else: user.nickname
94 ),
95 "profile_image_url" => image,
96 "profile_image_url_https" => image,
97 "profile_image_url_profile_size" => image,
98 "profile_image_url_original" => image,
99 "screen_name" => user.nickname,
100 "statuses_count" => user_info[:note_count],
101 "statusnet_profile_url" => user.ap_id,
102 "cover_photo" => User.banner_url(user) |> MediaProxy.url(),
103 "background_image" => image_url(user.info.background) |> MediaProxy.url(),
104 "is_local" => user.local,
105 "locked" => user.info.locked,
106 "hide_followers" => user.info.hide_followers,
107 "hide_follows" => user.info.hide_follows,
108 "fields" => fields,
109
110 # Pleroma extension
111 "pleroma" =>
112 %{
113 "confirmation_pending" => user_info.confirmation_pending,
114 "tags" => user.tags
115 }
116 |> maybe_with_activation_status(user, for_user)
117 }
118 |> maybe_with_user_settings(user, for_user)
119
120 data =
121 if(user.info.is_admin || user.info.is_moderator,
122 do: maybe_with_role(data, user, for_user),
123 else: data
124 )
125
126 if assigns[:token] do
127 Map.put(data, "token", token_string(assigns[:token]))
128 else
129 data
130 end
131 end
132
133 defp maybe_with_activation_status(data, user, %User{info: %{is_admin: true}}) do
134 Map.put(data, "deactivated", user.info.deactivated)
135 end
136
137 defp maybe_with_activation_status(data, _, _), do: data
138
139 defp maybe_with_role(data, %User{id: id} = user, %User{id: id}) do
140 Map.merge(data, %{
141 "role" => role(user),
142 "show_role" => user.info.show_role,
143 "rights" => %{
144 "delete_others_notice" => !!user.info.is_moderator,
145 "admin" => !!user.info.is_admin
146 }
147 })
148 end
149
150 defp maybe_with_role(data, %User{info: %{show_role: true}} = user, _user) do
151 Map.merge(data, %{
152 "role" => role(user),
153 "rights" => %{
154 "delete_others_notice" => !!user.info.is_moderator,
155 "admin" => !!user.info.is_admin
156 }
157 })
158 end
159
160 defp maybe_with_role(data, _, _), do: data
161
162 defp maybe_with_user_settings(data, %User{info: info, id: id} = _user, %User{id: id}) do
163 data
164 |> Kernel.put_in(["default_scope"], info.default_scope)
165 |> Kernel.put_in(["no_rich_text"], info.no_rich_text)
166 end
167
168 defp maybe_with_user_settings(data, _, _), do: data
169 defp role(%User{info: %{:is_admin => true}}), do: "admin"
170 defp role(%User{info: %{:is_moderator => true}}), do: "moderator"
171 defp role(_), do: "member"
172
173 defp image_url(%{"url" => [%{"href" => href} | _]}), do: href
174 defp image_url(_), do: nil
175
176 defp token_string(%Pleroma.Web.OAuth.Token{token: token_str}), do: token_str
177 defp token_string(token), do: token
178 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git