projects
/
akkoma
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch 'mrf/simple_policy/check_actor' into 'develop'
[akkoma]
/
lib
/
pleroma
/
web
/
mastodon_api
/
controllers
/
search_controller.ex
diff --git
a/lib/pleroma/web/mastodon_api/controllers/search_controller.ex
b/lib/pleroma/web/mastodon_api/controllers/search_controller.ex
index c91713773bf91a372dcfd276e1834f1f73ea1dce..6cfd68a84b0d60e16fd2c3bbb6a0b42ee7e5f0ff 100644
(file)
--- a/
lib/pleroma/web/mastodon_api/controllers/search_controller.ex
+++ b/
lib/pleroma/web/mastodon_api/controllers/search_controller.ex
@@
-6,6
+6,7
@@
defmodule Pleroma.Web.MastodonAPI.SearchController do
use Pleroma.Web, :controller
alias Pleroma.Activity
use Pleroma.Web, :controller
alias Pleroma.Activity
+ alias Pleroma.Plugs.OAuthScopesPlug
alias Pleroma.Plugs.RateLimiter
alias Pleroma.Repo
alias Pleroma.User
alias Pleroma.Plugs.RateLimiter
alias Pleroma.Repo
alias Pleroma.User
@@
-15,6
+16,12
@@
defmodule Pleroma.Web.MastodonAPI.SearchController do
alias Pleroma.Web.MastodonAPI.StatusView
require Logger
alias Pleroma.Web.MastodonAPI.StatusView
require Logger
+
+ # Note: Mastodon doesn't allow unauthenticated access (requires read:accounts / read:search)
+ plug(OAuthScopesPlug, %{scopes: ["read:search"], fallback: :proceed_unauthenticated})
+
+ plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug)
+
plug(RateLimiter, :search when action in [:search, :search2, :account_search])
def account_search(%{assigns: %{user: user}} = conn, %{"q" => query} = params) do
plug(RateLimiter, :search when action in [:search, :search2, :account_search])
def account_search(%{assigns: %{user: user}} = conn, %{"q" => query} = params) do
@@
-22,7
+29,7
@@
defmodule Pleroma.Web.MastodonAPI.SearchController do
conn
|> put_view(AccountView)
conn
|> put_view(AccountView)
- |> render("
accounts
.json", users: accounts, for: user, as: :user)
+ |> render("
index
.json", users: accounts, for: user, as: :user)
end
def search2(conn, params), do: do_search(:v2, conn, params)
end
def search2(conn, params), do: do_search(:v2, conn, params)
@@
-72,7
+79,7
@@
defmodule Pleroma.Web.MastodonAPI.SearchController do
defp resource_search(_, "accounts", query, options) do
accounts = with_fallback(fn -> User.search(query, options) end)
defp resource_search(_, "accounts", query, options) do
accounts = with_fallback(fn -> User.search(query, options) end)
- AccountView.render("
accounts
.json", users: accounts, for: options[:for_user], as: :user)
+ AccountView.render("
index
.json", users: accounts, for: options[:for_user], as: :user)
end
defp resource_search(_, "statuses", query, options) do
end
defp resource_search(_, "statuses", query, options) do