projects
/
akkoma
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch 'fix/captcha' into 'develop'
[akkoma]
/
lib
/
pleroma
/
web
/
pleroma_api
/
controllers
/
account_controller.ex
diff --git
a/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
b/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
index ed4fdfdbafecd0c901a9d4906ff71f805e4c9f84..be7477867b3592766fa10170331922c90c50c6a9 100644
(file)
--- a/
lib/pleroma/web/pleroma_api/controllers/account_controller.ex
+++ b/
lib/pleroma/web/pleroma_api/controllers/account_controller.ex
@@
-6,9
+6,10
@@
defmodule Pleroma.Web.PleromaAPI.AccountController do
use Pleroma.Web, :controller
import Pleroma.Web.ControllerHelper,
use Pleroma.Web, :controller
import Pleroma.Web.ControllerHelper,
- only: [json_response: 3, add_link_headers: 2, assign_account_by_id: 2]
+ only: [json_response: 3, add_link_headers: 2, assign_account_by_id: 2
, skip_relationships?: 1
]
alias Ecto.Changeset
alias Ecto.Changeset
+ alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
alias Pleroma.Plugs.OAuthScopesPlug
alias Pleroma.Plugs.RateLimiter
alias Pleroma.User
alias Pleroma.Plugs.OAuthScopesPlug
alias Pleroma.Plugs.RateLimiter
alias Pleroma.User
@@
-17,6
+18,11
@@
defmodule Pleroma.Web.PleromaAPI.AccountController do
require Pleroma.Constants
require Pleroma.Constants
+ plug(
+ :skip_plug,
+ [OAuthScopesPlug, EnsurePublicOrAuthenticatedPlug] when action == :confirmation_resend
+ )
+
plug(
OAuthScopesPlug,
%{scopes: ["follow", "write:follows"]} when action in [:subscribe, :unsubscribe]
plug(
OAuthScopesPlug,
%{scopes: ["follow", "write:follows"]} when action in [:subscribe, :unsubscribe]
@@
-33,15
+39,13
@@
defmodule Pleroma.Web.PleromaAPI.AccountController do
]
)
]
)
- plug(OAuthScopesPlug, %{scopes: ["read:favourites"]} when action == :favourites)
-
- # An extra safety measure for possible actions not guarded by OAuth permissions specification
plug(
plug(
- Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
- when action != :confirmation_resend
+ OAuthScopesPlug,
+ %{scopes: ["read:favourites"], fallback: :proceed_unauthenticated} when action == :favourites
)
plug(RateLimiter, [name: :account_confirmation_resend] when action == :confirmation_resend)
)
plug(RateLimiter, [name: :account_confirmation_resend] when action == :confirmation_resend)
+
plug(:assign_account_by_id when action in [:favourites, :subscribe, :unsubscribe])
plug(:put_view, Pleroma.Web.MastodonAPI.AccountView)
plug(:assign_account_by_id when action in [:favourites, :subscribe, :unsubscribe])
plug(:put_view, Pleroma.Web.MastodonAPI.AccountView)
@@
-132,7
+136,12
@@
defmodule Pleroma.Web.PleromaAPI.AccountController do
conn
|> add_link_headers(activities)
|> put_view(StatusView)
conn
|> add_link_headers(activities)
|> put_view(StatusView)
- |> render("index.json", activities: activities, for: for_user, as: :activity)
+ |> render("index.json",
+ activities: activities,
+ for: for_user,
+ as: :activity,
+ skip_relationships: skip_relationships?(params)
+ )
end
@doc "POST /api/v1/pleroma/accounts/:id/subscribe"
end
@doc "POST /api/v1/pleroma/accounts/:id/subscribe"