X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Ftwitter_api%2Ftwitter_api_controller.ex;h=7ae850d71471544f3f48392bdd6fe6a55d1bafe4;hb=bee6acd51dc4e84e44caecf9d123dfff2f640a38;hp=e8a3150e97655928e9dcb2c4bfd44ea959715bca;hpb=1de0aa2f1025d4a860a11e658ce5fed26fe1c4ad;p=akkoma diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index e8a3150e9..7ae850d71 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -1,3 +1,7 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2018 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + defmodule Pleroma.Web.TwitterAPI.Controller do use Pleroma.Web, :controller @@ -13,7 +17,6 @@ defmodule Pleroma.Web.TwitterAPI.Controller do require Logger plug(:only_if_public_instance when action in [:public_timeline, :public_and_external_timeline]) - plug(:fetch_flash when action in [:confirm_email]) action_fallback(:errors) def verify_credentials(%{assigns: %{user: user}} = conn, _params) do @@ -97,10 +100,15 @@ defmodule Pleroma.Web.TwitterAPI.Controller do end def show_user(conn, params) do - with {:ok, shown} <- TwitterAPI.get_user(params) do + for_user = conn.assigns.user + + with {:ok, shown} <- TwitterAPI.get_user(params), + true <- + User.auth_active?(shown) || + (for_user && (for_user.id == shown.id || User.superuser?(for_user))) do params = - if user = conn.assigns.user do - %{user: shown, for: user} + if for_user do + %{user: shown, for: for_user} else %{user: shown} end @@ -111,12 +119,26 @@ defmodule Pleroma.Web.TwitterAPI.Controller do else {:error, msg} -> bad_request_reply(conn, msg) + + false -> + conn + |> put_status(404) + |> json(%{error: "Unconfirmed user"}) end end def user_timeline(%{assigns: %{user: user}} = conn, params) do case TwitterAPI.get_user(user, params) do {:ok, target_user} -> + # Twitter and ActivityPub use a different name and sense for this parameter. + {include_rts, params} = Map.pop(params, "include_rts") + + params = + case include_rts do + x when x == "false" or x == "0" -> Map.put(params, "exclude_reblogs", "true") + _ -> params + end + activities = ActivityPub.fetch_user_activities(target_user, user, params) conn @@ -373,18 +395,29 @@ defmodule Pleroma.Web.TwitterAPI.Controller do end end - def confirm_email(conn, %{"token" => token}) do - with %User{} = user <- User.get_by_confirmation_token(token), + def confirm_email(conn, %{"user_id" => uid, "token" => token}) do + with %User{} = user <- Repo.get(User, uid), true <- user.local, - info_change <- User.Info.confirmation_update(user.info, :confirmed), + true <- user.info.confirmation_pending, + true <- user.info.confirmation_token == token, + info_change <- User.Info.confirmation_changeset(user.info, :confirmed), changeset <- Changeset.change(user) |> Changeset.put_embed(:info, info_change), {:ok, _} <- User.update_and_set_cache(changeset) do conn - |> put_flash(:info, "Email confirmed. Please sign in.") |> redirect(to: "/") end end + def resend_confirmation_email(conn, params) do + nickname_or_email = params["email"] || params["nickname"] + + with %User{} = user <- User.get_by_nickname_or_email(nickname_or_email), + {:ok, _} <- User.try_send_confirmation_email(user) do + conn + |> json_response(:no_content, "") + end + end + def update_avatar(%{assigns: %{user: user}} = conn, params) do {:ok, object} = ActivityPub.upload(params, type: :avatar) change = Changeset.change(user, %{avatar: object.data})