plug(Pleroma.Web.ApiSpec.CastAndValidate)
- plug(
- :skip_plug,
- Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug when action in [:index, :show]
- )
+ plug(:skip_public_check when action in [:index, :show])
@unauthenticated_access %{fallback: :proceed_unauthenticated, scopes: []}
def pin(%{assigns: %{user: user}} = conn, %{id: ap_id_or_id}) do
with {:ok, activity} <- CommonAPI.pin(ap_id_or_id, user) do
try_render(conn, "show.json", activity: activity, for: user, as: :activity)
+ else
+ {:error, :pinned_statuses_limit_reached} ->
+ {:error, "You have already pinned the maximum number of statuses"}
+
+ {:error, :ownership_error} ->
+ {:error, :unprocessable_entity, "Someone else's status cannot be pinned"}
+
+ {:error, :visibility_error} ->
+ {:error, :unprocessable_entity, "Non-public status cannot be pinned"}
+
+ error ->
+ error
end
end
def context(%{assigns: %{user: user}} = conn, %{id: id}) do
with %Activity{} = activity <- Activity.get_by_id(id) do
activities =
- ActivityPub.fetch_activities_for_context(activity.data["context"], %{
+ activity.data["context"]
+ |> ActivityPub.fetch_activities_for_context(%{
blocking_user: user,
user: user,
exclude_id: activity.id
})
+ |> Enum.filter(fn activity -> Visibility.visible_for_user?(activity, user) end)
render(conn, "context.json", activity: activity, activities: activities, user: user)
end