X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Frouter.ex;h=6a4e4a1d4e77d098d701352833ccdfc0686ba42d;hb=e5b34f5e0544371603bc2b570c26ede3182c2f8b;hp=6228b5868dad3dfe53c0dfa2aa8a171532451080;hpb=05862ded7a156ad6db16a70ec90045a2149da97d;p=akkoma

diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
index 6228b5868..6a4e4a1d4 100644
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@@ -84,11 +84,13 @@ defmodule Pleroma.Web.Router do
     plug(Pleroma.Plugs.EnsureUserKeyPlug)
   end
 
-  pipeline :oauth_read_or_unauthenticated do
+  pipeline :oauth_read_or_public do
     plug(Pleroma.Plugs.OAuthScopesPlug, %{
       scopes: ["read"],
       fallback: :proceed_unauthenticated
     })
+
+    plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug)
   end
 
   pipeline :oauth_read do
@@ -146,34 +148,60 @@ defmodule Pleroma.Web.Router do
   scope "/api/pleroma/admin", Pleroma.Web.AdminAPI do
     pipe_through([:admin_api, :oauth_write])
 
-    post("/user/follow", AdminAPIController, :user_follow)
-    post("/user/unfollow", AdminAPIController, :user_unfollow)
-
-    get("/users", AdminAPIController, :list_users)
-    get("/users/:nickname", AdminAPIController, :user_show)
+    post("/users/follow", AdminAPIController, :user_follow)
+    post("/users/unfollow", AdminAPIController, :user_unfollow)
 
+    # TODO: to be removed at version 1.0
     delete("/user", AdminAPIController, :user_delete)
-    patch("/users/:nickname/toggle_activation", AdminAPIController, :user_toggle_activation)
     post("/user", AdminAPIController, :user_create)
+
+    delete("/users", AdminAPIController, :user_delete)
+    post("/users", AdminAPIController, :user_create)
+    patch("/users/:nickname/toggle_activation", AdminAPIController, :user_toggle_activation)
     put("/users/tag", AdminAPIController, :tag_users)
     delete("/users/tag", AdminAPIController, :untag_users)
 
+    # TODO: to be removed at version 1.0
     get("/permission_group/:nickname", AdminAPIController, :right_get)
     get("/permission_group/:nickname/:permission_group", AdminAPIController, :right_get)
     post("/permission_group/:nickname/:permission_group", AdminAPIController, :right_add)
     delete("/permission_group/:nickname/:permission_group", AdminAPIController, :right_delete)
 
-    put("/activation_status/:nickname", AdminAPIController, :set_activation_status)
+    get("/users/:nickname/permission_group", AdminAPIController, :right_get)
+    get("/users/:nickname/permission_group/:permission_group", AdminAPIController, :right_get)
+    post("/users/:nickname/permission_group/:permission_group", AdminAPIController, :right_add)
+
+    delete(
+      "/users/:nickname/permission_group/:permission_group",
+      AdminAPIController,
+      :right_delete
+    )
+
+    put("/users/:nickname/activation_status", AdminAPIController, :set_activation_status)
 
     post("/relay", AdminAPIController, :relay_follow)
     delete("/relay", AdminAPIController, :relay_unfollow)
 
-    get("/invite_token", AdminAPIController, :get_invite_token)
-    get("/invites", AdminAPIController, :invites)
-    post("/revoke_invite", AdminAPIController, :revoke_invite)
-    post("/email_invite", AdminAPIController, :email_invite)
+    get("/users/invite_token", AdminAPIController, :get_invite_token)
+    get("/users/invites", AdminAPIController, :invites)
+    post("/users/revoke_invite", AdminAPIController, :revoke_invite)
+    post("/users/email_invite", AdminAPIController, :email_invite)
 
+    # TODO: to be removed at version 1.0
     get("/password_reset", AdminAPIController, :get_password_reset)
+
+    get("/users/:nickname/password_reset", AdminAPIController, :get_password_reset)
+
+    get("/users", AdminAPIController, :list_users)
+    get("/users/:nickname", AdminAPIController, :user_show)
+
+    get("/reports", AdminAPIController, :list_reports)
+    get("/reports/:id", AdminAPIController, :report_show)
+    put("/reports/:id", AdminAPIController, :report_update_state)
+    post("/reports/:id/respond", AdminAPIController, :report_respond)
+
+    put("/statuses/:id", AdminAPIController, :status_update)
+    delete("/statuses/:id", AdminAPIController, :status_delete)
   end
 
   scope "/", Pleroma.Web.TwitterAPI do
@@ -197,6 +225,7 @@ defmodule Pleroma.Web.Router do
       post("/change_password", UtilController, :change_password)
       post("/delete_account", UtilController, :delete_account)
       put("/notification_settings", UtilController, :update_notificaton_settings)
+      post("/disable_account", UtilController, :disable_account)
     end
 
     scope [] do
@@ -276,6 +305,9 @@ defmodule Pleroma.Web.Router do
 
       get("/suggestions", MastodonAPIController, :suggestions)
 
+      get("/conversations", MastodonAPIController, :conversations)
+      post("/conversations/:id/read", MastodonAPIController, :conversation_read)
+
       get("/endorsements", MastodonAPIController, :empty_array)
 
       get("/pleroma/flavour", MastodonAPIController, :get_flavour)
@@ -364,6 +396,8 @@ defmodule Pleroma.Web.Router do
   scope "/api/v1", Pleroma.Web.MastodonAPI do
     pipe_through(:api)
 
+    post("/accounts", MastodonAPIController, :account_register)
+
     get("/instance", MastodonAPIController, :masto_instance)
     get("/instance/peers", MastodonAPIController, :peers)
     post("/apps", MastodonAPIController, :create_app)
@@ -380,7 +414,7 @@ defmodule Pleroma.Web.Router do
     get("/accounts/search", MastodonAPIController, :account_search)
 
     scope [] do
-      pipe_through(:oauth_read_or_unauthenticated)
+      pipe_through(:oauth_read_or_public)
 
       get("/timelines/public", MastodonAPIController, :public_timeline)
       get("/timelines/tag/:tag", MastodonAPIController, :hashtag_timeline)
@@ -395,11 +429,13 @@ defmodule Pleroma.Web.Router do
       get("/accounts/:id", MastodonAPIController, :user)
 
       get("/search", MastodonAPIController, :search)
+
+      get("/pleroma/accounts/:id/favourites", MastodonAPIController, :user_favourites)
     end
   end
 
   scope "/api/v2", Pleroma.Web.MastodonAPI do
-    pipe_through([:api, :oauth_read_or_unauthenticated])
+    pipe_through([:api, :oauth_read_or_public])
     get("/search", MastodonAPIController, :search2)
   end
 
@@ -429,7 +465,7 @@ defmodule Pleroma.Web.Router do
     )
 
     scope [] do
-      pipe_through(:oauth_read_or_unauthenticated)
+      pipe_through(:oauth_read_or_public)
 
       get("/statuses/user_timeline", TwitterAPI.Controller, :user_timeline)
       get("/qvitter/statuses/user_timeline", TwitterAPI.Controller, :user_timeline)
@@ -447,7 +483,7 @@ defmodule Pleroma.Web.Router do
   end
 
   scope "/api", Pleroma.Web do
-    pipe_through([:api, :oauth_read_or_unauthenticated])
+    pipe_through([:api, :oauth_read_or_public])
 
     get("/statuses/public_timeline", TwitterAPI.Controller, :public_timeline)
 
@@ -461,7 +497,7 @@ defmodule Pleroma.Web.Router do
   end
 
   scope "/api", Pleroma.Web, as: :twitter_api_search do
-    pipe_through([:api, :oauth_read_or_unauthenticated])
+    pipe_through([:api, :oauth_read_or_public])
     get("/pleroma/search_user", TwitterAPI.Controller, :search_user)
   end
 
@@ -645,7 +681,7 @@ defmodule Pleroma.Web.Router do
     delete("/auth/sign_out", MastodonAPIController, :logout)
 
     scope [] do
-      pipe_through(:oauth_read_or_unauthenticated)
+      pipe_through(:oauth_read_or_public)
       get("/web/*path", MastodonAPIController, :index)
     end
   end