X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fmastodon_api%2Fcontrollers%2Fsearch_controller.ex;h=fcab4ef63e22fa2c5e4944f18b94fd40bf46f727;hb=dd4d10b275e76afc029aea642ae3d69b07e33d81;hp=9072aa7a47c1a3702b8ae46b45cfd676be57d30a;hpb=f017260cdc90d37c1878d7f2f29263dca017ebeb;p=akkoma
diff --git a/lib/pleroma/web/mastodon_api/controllers/search_controller.ex b/lib/pleroma/web/mastodon_api/controllers/search_controller.ex
index 9072aa7a4..fcab4ef63 100644
--- a/lib/pleroma/web/mastodon_api/controllers/search_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/search_controller.ex
@@ -1,11 +1,12 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2019 Pleroma Authors
+# Copyright © 2017-2020 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.MastodonAPI.SearchController do
use Pleroma.Web, :controller
alias Pleroma.Activity
+ alias Pleroma.Plugs.OAuthScopesPlug
alias Pleroma.Plugs.RateLimiter
alias Pleroma.Repo
alias Pleroma.User
@@ -15,13 +16,20 @@ defmodule Pleroma.Web.MastodonAPI.SearchController do
alias Pleroma.Web.MastodonAPI.StatusView
require Logger
- plug(RateLimiter, :search when action in [:search, :search2, :account_search])
+
+ # Note: Mastodon doesn't allow unauthenticated access (requires read:accounts / read:search)
+ plug(OAuthScopesPlug, %{scopes: ["read:search"], fallback: :proceed_unauthenticated})
+
+ plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug)
+
+ plug(RateLimiter, [name: :search] when action in [:search, :search2, :account_search])
def account_search(%{assigns: %{user: user}} = conn, %{"q" => query} = params) do
accounts = User.search(query, search_options(params, user))
- res = AccountView.render("accounts.json", users: accounts, for: user, as: :user)
- json(conn, res)
+ conn
+ |> put_view(AccountView)
+ |> render("index.json", users: accounts, for: user, as: :user)
end
def search2(conn, params), do: do_search(:v2, conn, params)
@@ -35,7 +43,7 @@ defmodule Pleroma.Web.MastodonAPI.SearchController do
result =
default_values
|> Enum.map(fn {resource, default_value} ->
- if params["type"] == nil or params["type"] == resource do
+ if params["type"] in [nil, resource] do
{resource, fn -> resource_search(version, resource, query, options) end}
else
{resource, fn -> default_value end}
@@ -71,7 +79,7 @@ defmodule Pleroma.Web.MastodonAPI.SearchController do
defp resource_search(_, "accounts", query, options) do
accounts = with_fallback(fn -> User.search(query, options) end)
- AccountView.render("accounts.json", users: accounts, for: options[:for_user], as: :user)
+ AccountView.render("index.json", users: accounts, for: options[:for_user], as: :user)
end
defp resource_search(_, "statuses", query, options) do