X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Ftwitter_api%2Ftwitter_api_controller.ex;h=1c728166c6b2570ccee1c03ea42a5723116f8d35;hb=11d08c622606030492a3938d7287a85af49f23a5;hp=786849aa330b9424ad172f11af6d56ddb5c0a030;hpb=0554d91dcdc4263594ca02d4796c59bda49de3ce;p=akkoma diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index 786849aa3..1c728166c 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -1,5 +1,12 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + defmodule Pleroma.Web.TwitterAPI.Controller do use Pleroma.Web, :controller + + import Pleroma.Web.ControllerHelper, only: [json_response: 3] + alias Pleroma.Web.TwitterAPI.{TwitterAPI, UserView, ActivityView, NotificationView} alias Pleroma.Web.CommonAPI alias Pleroma.{Repo, Activity, Object, User, Notification} @@ -14,7 +21,10 @@ defmodule Pleroma.Web.TwitterAPI.Controller do def verify_credentials(%{assigns: %{user: user}} = conn, _params) do token = Phoenix.Token.sign(conn, "user socket", user.id) - render(conn, UserView, "show.json", %{user: user, token: token}) + + conn + |> put_view(UserView) + |> render("show.json", %{user: user, token: token}) end def status_update(%{assigns: %{user: user}} = conn, %{"status" => _} = status_data) do @@ -55,7 +65,8 @@ defmodule Pleroma.Web.TwitterAPI.Controller do activities = ActivityPub.fetch_public_activities(params) conn - |> render(ActivityView, "index.json", %{activities: activities, for: user}) + |> put_view(ActivityView) + |> render("index.json", %{activities: activities, for: user}) end def public_timeline(%{assigns: %{user: user}} = conn, params) do @@ -68,7 +79,8 @@ defmodule Pleroma.Web.TwitterAPI.Controller do activities = ActivityPub.fetch_public_activities(params) conn - |> render(ActivityView, "index.json", %{activities: activities, for: user}) + |> put_view(ActivityView) + |> render("index.json", %{activities: activities, for: user}) end def friends_timeline(%{assigns: %{user: user}} = conn, params) do @@ -83,29 +95,55 @@ defmodule Pleroma.Web.TwitterAPI.Controller do |> ActivityPub.contain_timeline(user) conn - |> render(ActivityView, "index.json", %{activities: activities, for: user}) + |> put_view(ActivityView) + |> render("index.json", %{activities: activities, for: user}) end def show_user(conn, params) do - with {:ok, shown} <- TwitterAPI.get_user(params) do - if user = conn.assigns.user do - render(conn, UserView, "show.json", %{user: shown, for: user}) - else - render(conn, UserView, "show.json", %{user: shown}) - end + for_user = conn.assigns.user + + with {:ok, shown} <- TwitterAPI.get_user(params), + true <- + User.auth_active?(shown) || + (for_user && (for_user.id == shown.id || User.superuser?(for_user))) do + params = + if for_user do + %{user: shown, for: for_user} + else + %{user: shown} + end + + conn + |> put_view(UserView) + |> render("show.json", params) else {:error, msg} -> bad_request_reply(conn, msg) + + false -> + conn + |> put_status(404) + |> json(%{error: "Unconfirmed user"}) end end def user_timeline(%{assigns: %{user: user}} = conn, params) do case TwitterAPI.get_user(user, params) do {:ok, target_user} -> + # Twitter and ActivityPub use a different name and sense for this parameter. + {include_rts, params} = Map.pop(params, "include_rts") + + params = + case include_rts do + x when x == "false" or x == "0" -> Map.put(params, "exclude_reblogs", "true") + _ -> params + end + activities = ActivityPub.fetch_user_activities(target_user, user, params) conn - |> render(ActivityView, "index.json", %{activities: activities, for: user}) + |> put_view(ActivityView) + |> render("index.json", %{activities: activities, for: user}) {:error, msg} -> bad_request_reply(conn, msg) @@ -121,7 +159,8 @@ defmodule Pleroma.Web.TwitterAPI.Controller do activities = ActivityPub.fetch_activities([user.ap_id], params) conn - |> render(ActivityView, "index.json", %{activities: activities, for: user}) + |> put_view(ActivityView) + |> render("index.json", %{activities: activities, for: user}) end def dm_timeline(%{assigns: %{user: user}} = conn, params) do @@ -134,14 +173,16 @@ defmodule Pleroma.Web.TwitterAPI.Controller do activities = Repo.all(query) conn - |> render(ActivityView, "index.json", %{activities: activities, for: user}) + |> put_view(ActivityView) + |> render("index.json", %{activities: activities, for: user}) end def notifications(%{assigns: %{user: user}} = conn, params) do notifications = Notification.for_user(user, params) conn - |> render(NotificationView, "notification.json", %{notifications: notifications, for: user}) + |> put_view(NotificationView) + |> render("notification.json", %{notifications: notifications, for: user}) end def notifications_read(%{assigns: %{user: user}} = conn, %{"latest_id" => latest_id} = params) do @@ -150,7 +191,8 @@ defmodule Pleroma.Web.TwitterAPI.Controller do notifications = Notification.for_user(user, params) conn - |> render(NotificationView, "notification.json", %{notifications: notifications, for: user}) + |> put_view(NotificationView) + |> render("notification.json", %{notifications: notifications, for: user}) end def notifications_read(%{assigns: %{user: _user}} = conn, _) do @@ -160,7 +202,9 @@ defmodule Pleroma.Web.TwitterAPI.Controller do def follow(%{assigns: %{user: user}} = conn, params) do case TwitterAPI.follow(user, params) do {:ok, user, followed, _activity} -> - render(conn, UserView, "show.json", %{user: followed, for: user}) + conn + |> put_view(UserView) + |> render("show.json", %{user: followed, for: user}) {:error, msg} -> forbidden_json_reply(conn, msg) @@ -170,7 +214,9 @@ defmodule Pleroma.Web.TwitterAPI.Controller do def block(%{assigns: %{user: user}} = conn, params) do case TwitterAPI.block(user, params) do {:ok, user, blocked} -> - render(conn, UserView, "show.json", %{user: blocked, for: user}) + conn + |> put_view(UserView) + |> render("show.json", %{user: blocked, for: user}) {:error, msg} -> forbidden_json_reply(conn, msg) @@ -180,7 +226,9 @@ defmodule Pleroma.Web.TwitterAPI.Controller do def unblock(%{assigns: %{user: user}} = conn, params) do case TwitterAPI.unblock(user, params) do {:ok, user, blocked} -> - render(conn, UserView, "show.json", %{user: blocked, for: user}) + conn + |> put_view(UserView) + |> render("show.json", %{user: blocked, for: user}) {:error, msg} -> forbidden_json_reply(conn, msg) @@ -189,14 +237,18 @@ defmodule Pleroma.Web.TwitterAPI.Controller do def delete_post(%{assigns: %{user: user}} = conn, %{"id" => id}) do with {:ok, activity} <- TwitterAPI.delete(user, id) do - render(conn, ActivityView, "activity.json", %{activity: activity, for: user}) + conn + |> put_view(ActivityView) + |> render("activity.json", %{activity: activity, for: user}) end end def unfollow(%{assigns: %{user: user}} = conn, params) do case TwitterAPI.unfollow(user, params) do {:ok, user, unfollowed} -> - render(conn, UserView, "show.json", %{user: unfollowed, for: user}) + conn + |> put_view(UserView) + |> render("show.json", %{user: unfollowed, for: user}) {:error, msg} -> forbidden_json_reply(conn, msg) @@ -206,7 +258,9 @@ defmodule Pleroma.Web.TwitterAPI.Controller do def fetch_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do with %Activity{} = activity <- Repo.get(Activity, id), true <- ActivityPub.visible_for_user?(activity, user) do - render(conn, ActivityView, "activity.json", %{activity: activity, for: user}) + conn + |> put_view(ActivityView) + |> render("activity.json", %{activity: activity, for: user}) end end @@ -220,7 +274,8 @@ defmodule Pleroma.Web.TwitterAPI.Controller do "user" => user }) do conn - |> render(ActivityView, "index.json", %{activities: activities, for: user}) + |> put_view(ActivityView) + |> render("index.json", %{activities: activities, for: user}) end end @@ -287,34 +342,68 @@ defmodule Pleroma.Web.TwitterAPI.Controller do def favorite(%{assigns: %{user: user}} = conn, %{"id" => id}) do with {_, {:ok, id}} <- {:param_cast, Ecto.Type.cast(:integer, id)}, {:ok, activity} <- TwitterAPI.fav(user, id) do - render(conn, ActivityView, "activity.json", %{activity: activity, for: user}) + conn + |> put_view(ActivityView) + |> render("activity.json", %{activity: activity, for: user}) end end def unfavorite(%{assigns: %{user: user}} = conn, %{"id" => id}) do with {_, {:ok, id}} <- {:param_cast, Ecto.Type.cast(:integer, id)}, {:ok, activity} <- TwitterAPI.unfav(user, id) do - render(conn, ActivityView, "activity.json", %{activity: activity, for: user}) + conn + |> put_view(ActivityView) + |> render("activity.json", %{activity: activity, for: user}) end end def retweet(%{assigns: %{user: user}} = conn, %{"id" => id}) do with {_, {:ok, id}} <- {:param_cast, Ecto.Type.cast(:integer, id)}, {:ok, activity} <- TwitterAPI.repeat(user, id) do - render(conn, ActivityView, "activity.json", %{activity: activity, for: user}) + conn + |> put_view(ActivityView) + |> render("activity.json", %{activity: activity, for: user}) end end def unretweet(%{assigns: %{user: user}} = conn, %{"id" => id}) do with {_, {:ok, id}} <- {:param_cast, Ecto.Type.cast(:integer, id)}, {:ok, activity} <- TwitterAPI.unrepeat(user, id) do - render(conn, ActivityView, "activity.json", %{activity: activity, for: user}) + conn + |> put_view(ActivityView) + |> render("activity.json", %{activity: activity, for: user}) + end + end + + def pin(%{assigns: %{user: user}} = conn, %{"id" => id}) do + with {_, {:ok, id}} <- {:param_cast, Ecto.Type.cast(:integer, id)}, + {:ok, activity} <- TwitterAPI.pin(user, id) do + conn + |> put_view(ActivityView) + |> render("activity.json", %{activity: activity, for: user}) + else + {:error, message} -> bad_request_reply(conn, message) + err -> err + end + end + + def unpin(%{assigns: %{user: user}} = conn, %{"id" => id}) do + with {_, {:ok, id}} <- {:param_cast, Ecto.Type.cast(:integer, id)}, + {:ok, activity} <- TwitterAPI.unpin(user, id) do + conn + |> put_view(ActivityView) + |> render("activity.json", %{activity: activity, for: user}) + else + {:error, message} -> bad_request_reply(conn, message) + err -> err end end def register(conn, params) do with {:ok, user} <- TwitterAPI.register_user(params) do - render(conn, UserView, "show.json", %{user: user}) + conn + |> put_view(UserView) + |> render("show.json", %{user: user}) else {:error, errors} -> conn @@ -322,13 +411,46 @@ defmodule Pleroma.Web.TwitterAPI.Controller do end end + def password_reset(conn, params) do + nickname_or_email = params["email"] || params["nickname"] + + with {:ok, _} <- TwitterAPI.password_reset(nickname_or_email) do + json_response(conn, :no_content, "") + end + end + + def confirm_email(conn, %{"user_id" => uid, "token" => token}) do + with %User{} = user <- Repo.get(User, uid), + true <- user.local, + true <- user.info.confirmation_pending, + true <- user.info.confirmation_token == token, + info_change <- User.Info.confirmation_changeset(user.info, :confirmed), + changeset <- Changeset.change(user) |> Changeset.put_embed(:info, info_change), + {:ok, _} <- User.update_and_set_cache(changeset) do + conn + |> redirect(to: "/") + end + end + + def resend_confirmation_email(conn, params) do + nickname_or_email = params["email"] || params["nickname"] + + with %User{} = user <- User.get_by_nickname_or_email(nickname_or_email), + {:ok, _} <- User.try_send_confirmation_email(user) do + conn + |> json_response(:no_content, "") + end + end + def update_avatar(%{assigns: %{user: user}} = conn, params) do {:ok, object} = ActivityPub.upload(params, type: :avatar) change = Changeset.change(user, %{avatar: object.data}) {:ok, user} = User.update_and_set_cache(change) CommonAPI.update(user) - render(conn, UserView, "show.json", %{user: user, for: user}) + conn + |> put_view(UserView) + |> render("show.json", %{user: user, for: user}) end def update_banner(%{assigns: %{user: user}} = conn, params) do @@ -374,8 +496,10 @@ defmodule Pleroma.Web.TwitterAPI.Controller do end def followers(%{assigns: %{user: for_user}} = conn, params) do + {:ok, page} = Ecto.Type.cast(:integer, params["page"] || 1) + with {:ok, user} <- TwitterAPI.get_user(for_user, params), - {:ok, followers} <- User.get_followers(user) do + {:ok, followers} <- User.get_followers(user, page) do followers = cond do for_user && user.id == for_user.id -> followers @@ -383,15 +507,19 @@ defmodule Pleroma.Web.TwitterAPI.Controller do true -> followers end - render(conn, UserView, "index.json", %{users: followers, for: conn.assigns[:user]}) + conn + |> put_view(UserView) + |> render("index.json", %{users: followers, for: conn.assigns[:user]}) else _e -> bad_request_reply(conn, "Can't get followers") end end def friends(%{assigns: %{user: for_user}} = conn, params) do + {:ok, page} = Ecto.Type.cast(:integer, params["page"] || 1) + with {:ok, user} <- TwitterAPI.get_user(conn.assigns[:user], params), - {:ok, friends} <- User.get_friends(user) do + {:ok, friends} <- User.get_friends(user, page) do friends = cond do for_user && user.id == for_user.id -> friends @@ -399,16 +527,28 @@ defmodule Pleroma.Web.TwitterAPI.Controller do true -> friends end - render(conn, UserView, "index.json", %{users: friends, for: conn.assigns[:user]}) + conn + |> put_view(UserView) + |> render("index.json", %{users: friends, for: conn.assigns[:user]}) else _e -> bad_request_reply(conn, "Can't get friends") end end + def blocks(%{assigns: %{user: user}} = conn, _params) do + with blocked_users <- User.blocked_users(user) do + conn + |> put_view(UserView) + |> render("index.json", %{users: blocked_users, for: user}) + end + end + def friend_requests(conn, params) do with {:ok, user} <- TwitterAPI.get_user(conn.assigns[:user], params), {:ok, friend_requests} <- User.get_follow_requests(user) do - render(conn, UserView, "index.json", %{users: friend_requests, for: conn.assigns[:user]}) + conn + |> put_view(UserView) + |> render("index.json", %{users: friend_requests, for: conn.assigns[:user]}) else _e -> bad_request_reply(conn, "Can't get friend requests") end @@ -428,7 +568,9 @@ defmodule Pleroma.Web.TwitterAPI.Controller do object: follow_activity.data["id"], type: "Accept" }) do - render(conn, UserView, "show.json", %{user: follower, for: followed}) + conn + |> put_view(UserView) + |> render("show.json", %{user: follower, for: followed}) else e -> bad_request_reply(conn, "Can't approve user: #{inspect(e)}") end @@ -447,7 +589,9 @@ defmodule Pleroma.Web.TwitterAPI.Controller do object: follow_activity.data["id"], type: "Reject" }) do - render(conn, UserView, "show.json", %{user: follower, for: followed}) + conn + |> put_view(UserView) + |> render("show.json", %{user: follower, for: followed}) else e -> bad_request_reply(conn, "Can't deny user: #{inspect(e)}") end @@ -511,7 +655,10 @@ defmodule Pleroma.Web.TwitterAPI.Controller do changeset <- Ecto.Changeset.put_embed(changeset, :info, info_cng), {:ok, user} <- User.update_and_set_cache(changeset) do CommonAPI.update(user) - render(conn, UserView, "user.json", %{user: user, for: user}) + + conn + |> put_view(UserView) + |> render("user.json", %{user: user, for: user}) else error -> Logger.debug("Can't update user: #{inspect(error)}") @@ -523,14 +670,16 @@ defmodule Pleroma.Web.TwitterAPI.Controller do activities = TwitterAPI.search(user, params) conn - |> render(ActivityView, "index.json", %{activities: activities, for: user}) + |> put_view(ActivityView) + |> render("index.json", %{activities: activities, for: user}) end def search_user(%{assigns: %{user: user}} = conn, %{"query" => query}) do users = User.search(query, true) conn - |> render(UserView, "index.json", %{users: users, for: user}) + |> put_view(UserView) + |> render("index.json", %{users: users, for: user}) end defp bad_request_reply(conn, error_message) do @@ -549,7 +698,7 @@ defmodule Pleroma.Web.TwitterAPI.Controller do json_reply(conn, 403, json) end - def only_if_public_instance(conn = %{conn: %{assigns: %{user: _user}}}, _), do: conn + def only_if_public_instance(%{assigns: %{user: %User{}}} = conn, _), do: conn def only_if_public_instance(conn, _) do if Keyword.get(Application.get_env(:pleroma, :instance), :public) do