alias Pleroma.Web.ActivityPub.UserView
alias Pleroma.Web.ActivityPub.Utils
alias Pleroma.Web.ActivityPub.Visibility
+ alias Pleroma.Web.Endpoint
alias Pleroma.Web.FederatingPlug
alias Pleroma.Web.Federator
[unless_func: &FederatingPlug.federating?/1] when action not in @federating_only_actions
)
+ # Note: :following and :followers must be served even without authentication (as via :api)
plug(
EnsureAuthenticatedPlug
- when action in [:read_inbox, :update_outbox, :whoami, :upload_media, :following, :followers]
+ when action in [:read_inbox, :update_outbox, :whoami, :upload_media]
)
plug(
end
end
- def object(conn, %{"uuid" => uuid}) do
- with ap_id <- o_status_url(conn, :object, uuid),
+ def object(conn, _) do
+ with ap_id <- Endpoint.url() <> conn.request_path,
%Object{} = object <- Object.get_cached_by_ap_id(ap_id),
{_, true} <- {:public?, Visibility.is_public?(object)} do
conn
conn
end
- def activity(conn, %{"uuid" => uuid}) do
- with ap_id <- o_status_url(conn, :activity, uuid),
+ def activity(conn, _params) do
+ with ap_id <- Endpoint.url() <> conn.request_path,
%Activity{} = activity <- Activity.normalize(ap_id),
{_, true} <- {:public?, Visibility.is_public?(activity)} do
conn
|> json(err)
end
- defp handle_user_activity(%User{} = user, %{"type" => "Create"} = params) do
+ defp handle_user_activity(
+ %User{} = user,
+ %{"type" => "Create", "object" => %{"type" => "Note"}} = params
+ ) do
object =
params["object"]
|> Map.merge(Map.take(params, ["to", "cc"]))
defp handle_user_activity(%User{} = user, %{"type" => "Delete"} = params) do
with %Object{} = object <- Object.normalize(params["object"]),
true <- user.is_moderator || user.ap_id == object.data["actor"],
- {:ok, delete} <- ActivityPub.delete(object) do
+ {:ok, delete_data, _} <- Builder.delete(user, object.data["id"]),
+ {:ok, delete, _} <- Pipeline.common_pipeline(delete_data, local: true) do
{:ok, delete}
else
_ -> {:error, dgettext("errors", "Can't delete object")}