X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fstatic_fe%2Fstatic_fe_controller.ex;h=a7a891b133ea6e8fd28b7601cb7d31385803f7f0;hb=9c672ecbb5d4477cd16d2139a2cb66d3923ac5c8;hp=b45d82c2d638d65e26e42cf09006b6158ca63226;hpb=0867cb083eb469ae10cd48d424a51efb2fae4018;p=akkoma

diff --git a/lib/pleroma/web/static_fe/static_fe_controller.ex b/lib/pleroma/web/static_fe/static_fe_controller.ex
index b45d82c2d..a7a891b13 100644
--- a/lib/pleroma/web/static_fe/static_fe_controller.ex
+++ b/lib/pleroma/web/static_fe/static_fe_controller.ex
@@ -1,5 +1,5 @@
 # Pleroma: A lightweight social networking server
-# Copyright Â© 2017-2019 Pleroma Authors <https://pleroma.social/>
+# Copyright Â© 2017-2020 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.StaticFE.StaticFEController do
@@ -17,6 +17,10 @@ defmodule Pleroma.Web.StaticFE.StaticFEController do
   plug(:put_view, Pleroma.Web.StaticFE.StaticFEView)
   plug(:assign_id)
 
+  plug(Pleroma.Plugs.EnsureAuthenticatedPlug,
+    unless_func: &Pleroma.Web.FederatingPlug.federating?/1
+  )
+
   @page_keys ["max_id", "min_id", "limit", "since_id", "order"]
 
   defp get_title(%Object{data: %{"name" => name}}) when is_binary(name),
@@ -27,7 +31,13 @@ defmodule Pleroma.Web.StaticFE.StaticFEController do
 
   defp get_title(_), do: nil
 
-  def get_counts(%Activity{} = activity) do
+  defp not_found(conn, message) do
+    conn
+    |> put_status(404)
+    |> render("error.html", %{message: message, meta: ""})
+  end
+
+  defp get_counts(%Activity{} = activity) do
     %Object{data: data} = Object.normalize(activity)
 
     %{
@@ -37,9 +47,9 @@ defmodule Pleroma.Web.StaticFE.StaticFEController do
     }
   end
 
-  def represent(%Activity{} = activity), do: represent(activity, false)
+  defp represent(%Activity{} = activity), do: represent(activity, false)
 
-  def represent(%Activity{object: %Object{data: data}} = activity, selected) do
+  defp represent(%Activity{object: %Object{data: data}} = activity, selected) do
     {:ok, user} = User.get_or_fetch(activity.object.data["actor"])
 
     link =
@@ -48,10 +58,19 @@ defmodule Pleroma.Web.StaticFE.StaticFEController do
         _ -> data["url"] || data["external_url"] || data["id"]
       end
 
+    content =
+      if data["content"] do
+        data["content"]
+        |> Pleroma.HTML.filter_tags()
+        |> Pleroma.Emoji.Formatter.emojify(Map.get(data, "emoji", %{}))
+      else
+        nil
+      end
+
     %{
-      user: user,
+      user: User.sanitize_html(user),
       title: get_title(activity.object),
-      content: data["content"] || nil,
+      content: content,
       attachment: data["attachment"],
       link: link,
       published: data["published"],
@@ -83,9 +102,7 @@ defmodule Pleroma.Web.StaticFE.StaticFEController do
         |> redirect(external: data["url"] || data["external_url"] || data["id"])
 
       _ ->
-        conn
-        |> put_status(404)
-        |> render("error.html", %{message: "Post not found.", meta: ""})
+        not_found(conn, "Post not found.")
     end
   end
 
@@ -94,8 +111,14 @@ defmodule Pleroma.Web.StaticFE.StaticFEController do
       %User{} = user ->
         meta = Metadata.build_tags(%{user: user})
 
+        params =
+          params
+          |> Map.take(@page_keys)
+          |> Map.new(fn {k, v} -> {String.to_existing_atom(k), v} end)
+
         timeline =
-          ActivityPub.fetch_user_activities(user, nil, Map.take(params, @page_keys))
+          user
+          |> ActivityPub.fetch_user_activities(nil, params)
           |> Enum.map(&represent/1)
 
         prev_page_id =
@@ -105,7 +128,7 @@ defmodule Pleroma.Web.StaticFE.StaticFEController do
         next_page_id = List.last(timeline) && List.last(timeline).id
 
         render(conn, "profile.html", %{
-          user: user,
+          user: User.sanitize_html(user),
           timeline: timeline,
           prev_page_id: prev_page_id,
           next_page_id: next_page_id,
@@ -113,32 +136,47 @@ defmodule Pleroma.Web.StaticFE.StaticFEController do
         })
 
       _ ->
-        conn
-        |> put_status(404)
-        |> render("error.html", %{message: "User not found.", meta: ""})
+        not_found(conn, "User not found.")
     end
   end
 
   def show(%{assigns: %{object_id: _}} = conn, _params) do
     url = Helpers.url(conn) <> conn.request_path
+
     case Activity.get_create_by_object_ap_id_with_object(url) do
       %Activity{} = activity ->
-        redirect(conn, to: "/notice/#{activity.id}")
-        _ ->
-        conn
-        |> put_status(404)
-        |> render("error.html", %{message: "Post not found.", meta: ""})
+        to = Helpers.o_status_path(Pleroma.Web.Endpoint, :notice, activity)
+        redirect(conn, to: to)
+
+      _ ->
+        not_found(conn, "Post not found.")
+    end
+  end
+
+  def show(%{assigns: %{activity_id: _}} = conn, _params) do
+    url = Helpers.url(conn) <> conn.request_path
+
+    case Activity.get_by_ap_id(url) do
+      %Activity{} = activity ->
+        to = Helpers.o_status_path(Pleroma.Web.Endpoint, :notice, activity)
+        redirect(conn, to: to)
+
+      _ ->
+        not_found(conn, "Post not found.")
     end
   end
 
-  def assign_id(%{path_info: ["notice", notice_id]} = conn, _opts),
+  defp assign_id(%{path_info: ["notice", notice_id]} = conn, _opts),
     do: assign(conn, :notice_id, notice_id)
 
-  def assign_id(%{path_info: ["users", user_id]} = conn, _opts),
+  defp assign_id(%{path_info: ["users", user_id]} = conn, _opts),
     do: assign(conn, :username_or_id, user_id)
 
-  def assign_id(%{path_info: ["objects", object_id]} = conn, _opts),
+  defp assign_id(%{path_info: ["objects", object_id]} = conn, _opts),
     do: assign(conn, :object_id, object_id)
 
-  def assign_id(conn, _opts), do: conn
+  defp assign_id(%{path_info: ["activities", activity_id]} = conn, _opts),
+    do: assign(conn, :activity_id, activity_id)
+
+  defp assign_id(conn, _opts), do: conn
 end