projects
/
akkoma
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Enforcement of OAuth scopes check for authenticated API endpoints, :skip_plug plug...
[akkoma]
/
lib
/
pleroma
/
web
/
mastodon_api
/
controllers
/
status_controller.ex
diff --git
a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
index d70749dfa119c892b2578035d1096379503258ba..37afe6949f29f1e116beb5f6c1d88fdf3c19852f 100644
(file)
--- a/
lib/pleroma/web/mastodon_api/controllers/status_controller.ex
+++ b/
lib/pleroma/web/mastodon_api/controllers/status_controller.ex
@@
-1,5
+1,5
@@
# Pleroma: A lightweight social networking server
# Pleroma: A lightweight social networking server
-# Copyright © 2017-20
19
Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-20
20
Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.MastodonAPI.StatusController do
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.MastodonAPI.StatusController do
@@
-76,7
+76,7
@@
defmodule Pleroma.Web.MastodonAPI.StatusController do
%{scopes: ["write:bookmarks"]} when action in [:bookmark, :unbookmark]
)
%{scopes: ["write:bookmarks"]} when action in [:bookmark, :unbookmark]
)
- plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug)
+ plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
when action not in [:index, :show]
)
@rate_limited_status_actions ~w(reblog unreblog favourite unfavourite create delete)a
@rate_limited_status_actions ~w(reblog unreblog favourite unfavourite create delete)a
@@
-175,6
+175,8
@@
defmodule Pleroma.Web.MastodonAPI.StatusController do
for: user,
with_direct_conversation_id: true
)
for: user,
with_direct_conversation_id: true
)
+ else
+ _ -> {:error, :not_found}
end
end
end
end
@@
-183,6
+185,7
@@
defmodule Pleroma.Web.MastodonAPI.StatusController do
with {:ok, %Activity{}} <- CommonAPI.delete(id, user) do
json(conn, %{})
else
with {:ok, %Activity{}} <- CommonAPI.delete(id, user) do
json(conn, %{})
else
+ {:error, :not_found} = e -> e
_e -> render_error(conn, :forbidden, "Can't delete this post")
end
end
_e -> render_error(conn, :forbidden, "Can't delete this post")
end
end
@@
-349,15
+352,11
@@
defmodule Pleroma.Web.MastodonAPI.StatusController do
@doc "GET /api/v1/favourites"
def favourites(%{assigns: %{user: user}} = conn, params) do
@doc "GET /api/v1/favourites"
def favourites(%{assigns: %{user: user}} = conn, params) do
- params =
- params
- |> Map.put("type", "Create")
- |> Map.put("favorited_by", user.ap_id)
- |> Map.put("blocking_user", user)
-
activities =
activities =
- ActivityPub.fetch_activities([], params)
- |> Enum.reverse()
+ ActivityPub.fetch_favourites(
+ user,
+ Map.take(params, Pleroma.Pagination.page_keys())
+ )
conn
|> add_link_headers(activities)
conn
|> add_link_headers(activities)