defmodule Pleroma.Web.MastodonAPI.StatusController do
use Pleroma.Web, :controller
- import Pleroma.Web.MastodonAPI.MastodonAPIController, only: [try_render: 3]
+ import Pleroma.Web.ControllerHelper, only: [try_render: 3, add_link_headers: 2]
require Ecto.Query
alias Pleroma.Activity
alias Pleroma.Bookmark
alias Pleroma.Object
+ alias Pleroma.Plugs.OAuthScopesPlug
alias Pleroma.Plugs.RateLimiter
alias Pleroma.Repo
alias Pleroma.ScheduledActivity
alias Pleroma.Web.CommonAPI
alias Pleroma.Web.MastodonAPI.AccountView
alias Pleroma.Web.MastodonAPI.ScheduledActivityView
- alias Pleroma.Web.MastodonAPI.StatusView
+
+ @unauthenticated_access %{fallback: :proceed_unauthenticated, scopes: []}
+
+ plug(
+ OAuthScopesPlug,
+ %{@unauthenticated_access | scopes: ["read:statuses"]}
+ when action in [
+ :index,
+ :show,
+ :card,
+ :context
+ ]
+ )
+
+ plug(
+ OAuthScopesPlug,
+ %{scopes: ["write:statuses"]}
+ when action in [
+ :create,
+ :delete,
+ :reblog,
+ :unreblog
+ ]
+ )
+
+ plug(OAuthScopesPlug, %{scopes: ["read:favourites"]} when action == :favourites)
+
+ plug(
+ OAuthScopesPlug,
+ %{scopes: ["write:favourites"]} when action in [:favourite, :unfavourite]
+ )
+
+ plug(
+ OAuthScopesPlug,
+ %{scopes: ["write:mutes"]} when action in [:mute_conversation, :unmute_conversation]
+ )
+
+ plug(
+ OAuthScopesPlug,
+ %{@unauthenticated_access | scopes: ["read:accounts"]}
+ when action in [:favourited_by, :reblogged_by]
+ )
+
+ plug(OAuthScopesPlug, %{scopes: ["write:accounts"]} when action in [:pin, :unpin])
+
+ # Note: scope not present in Mastodon: read:bookmarks
+ plug(OAuthScopesPlug, %{scopes: ["read:bookmarks"]} when action == :bookmarks)
+
+ # Note: scope not present in Mastodon: write:bookmarks
+ plug(
+ OAuthScopesPlug,
+ %{scopes: ["write:bookmarks"]} when action in [:bookmark, :unbookmark]
+ )
+
+ plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug)
@rate_limited_status_actions ~w(reblog unreblog favourite unfavourite create delete)a
end
end
+ def create(%{assigns: %{user: _user}} = conn, %{"media_ids" => _} = params) do
+ create(conn, Map.put(params, "status", ""))
+ end
+
@doc "GET /api/v1/statuses/:id"
def show(%{assigns: %{user: user}} = conn, %{"id" => id}) do
with %Activity{} = activity <- Activity.get_by_id_with_object(id),
end
@doc "POST /api/v1/statuses/:id/reblog"
- def reblog(%{assigns: %{user: user}} = conn, %{"id" => ap_id_or_id}) do
- with {:ok, announce, _activity} <- CommonAPI.repeat(ap_id_or_id, user),
+ def reblog(%{assigns: %{user: user}} = conn, %{"id" => ap_id_or_id} = params) do
+ with {:ok, announce, _activity} <- CommonAPI.repeat(ap_id_or_id, user, params),
%Activity{} = announce <- Activity.normalize(announce.data) do
try_render(conn, "show.json", %{activity: announce, for: user, as: :activity})
end
end
@doc "GET /api/v1/statuses/:id/card"
+ @deprecated "https://github.com/tootsuite/mastodon/pull/11213"
def card(%{assigns: %{user: user}} = conn, %{"id" => status_id}) do
with %Activity{} = activity <- Activity.get_by_id(status_id),
true <- Visibility.visible_for_user?(activity, user) do
conn
|> put_view(AccountView)
- |> render("accounts.json", for: user, users: users, as: :user)
+ |> render("index.json", for: user, users: users, as: :user)
else
{:visible, false} -> {:error, :not_found}
_ -> json(conn, [])
def reblogged_by(%{assigns: %{user: user}} = conn, %{"id" => id}) do
with %Activity{} = activity <- Activity.get_by_id_with_object(id),
{:visible, true} <- {:visible, Visibility.visible_for_user?(activity, user)},
- %Object{data: %{"announcements" => announces}} <- Object.normalize(activity) do
+ %Object{data: %{"announcements" => announces, "id" => ap_id}} <-
+ Object.normalize(activity) do
+ announces =
+ "Announce"
+ |> Activity.Queries.by_type()
+ |> Ecto.Query.where([a], a.actor in ^announces)
+ # this is to use the index
+ |> Activity.Queries.by_object_id(ap_id)
+ |> Repo.all()
+ |> Enum.filter(&Visibility.visible_for_user?(&1, user))
+ |> Enum.map(& &1.actor)
+ |> Enum.uniq()
+
users =
User
|> Ecto.Query.where([u], u.ap_id in ^announces)
conn
|> put_view(AccountView)
- |> render("accounts.json", for: user, users: users, as: :user)
+ |> render("index.json", for: user, users: users, as: :user)
else
{:visible, false} -> {:error, :not_found}
_ -> json(conn, [])
"exclude_id" => activity.id
})
- # TODO: Move to view
- grouped_activities = Enum.group_by(activities, fn %{id: id} -> id < activity.id end)
-
- result = %{
- ancestors:
- StatusView.render(
- "index.json",
- for: user,
- activities: grouped_activities[true] || [],
- as: :activity
- )
- |> Enum.reverse(),
- # credo:disable-for-previous-line Credo.Check.Refactor.PipeChainStart
- descendants:
- StatusView.render(
- "index.json",
- for: user,
- activities: grouped_activities[false] || [],
- as: :activity
- )
- |> Enum.reverse()
- # credo:disable-for-previous-line Credo.Check.Refactor.PipeChainStart
- }
-
- json(conn, result)
+ render(conn, "context.json", activity: activity, activities: activities, user: user)
end
end
+
+ @doc "GET /api/v1/favourites"
+ def favourites(%{assigns: %{user: user}} = conn, params) do
+ params =
+ params
+ |> Map.put("type", "Create")
+ |> Map.put("favorited_by", user.ap_id)
+ |> Map.put("blocking_user", user)
+
+ activities =
+ ActivityPub.fetch_activities([], params)
+ |> Enum.reverse()
+
+ conn
+ |> add_link_headers(activities)
+ |> render("index.json", activities: activities, for: user, as: :activity)
+ end
+
+ @doc "GET /api/v1/bookmarks"
+ def bookmarks(%{assigns: %{user: user}} = conn, params) do
+ user = User.get_cached_by_id(user.id)
+
+ bookmarks =
+ user.id
+ |> Bookmark.for_user_query()
+ |> Pleroma.Pagination.fetch_paginated(params)
+
+ activities =
+ bookmarks
+ |> Enum.map(fn b -> Map.put(b.activity, :bookmark, Map.delete(b, :activity)) end)
+
+ conn
+ |> add_link_headers(bookmarks)
+ |> render("index.json", %{activities: activities, for: user, as: :activity})
+ end
end
projects / akkoma / blobdiff