From: Ivan Tashkinov Date: Sun, 17 Feb 2019 11:07:04 +0000 (+0300) Subject: [#468] Merged `upstream/develop`, resolved conflicts. X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=bc4f77b10bb4360ac00d1999b1d08fa55e1fa547;p=akkoma [#468] Merged `upstream/develop`, resolved conflicts. --- bc4f77b10bb4360ac00d1999b1d08fa55e1fa547 diff --cc lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 5d51e913d,dcaeccac6..942bb4338 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@@ -4,27 -4,33 +4,35 @@@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do use Pleroma.Web, :controller - alias Pleroma.{Repo, Object, Activity, User, Notification, Stats} + alias Pleroma.Activity + alias Pleroma.Config + alias Pleroma.Filter + alias Pleroma.Notification + alias Pleroma.Object + alias Pleroma.Repo + alias Pleroma.Stats + alias Pleroma.User alias Pleroma.Web - - alias Pleroma.Web.MastodonAPI.{ - StatusView, - AccountView, - MastodonView, - ListView, - FilterView, - PushSubscriptionView - } - - alias Pleroma.Web.ActivityPub.ActivityPub - alias Pleroma.Web.ActivityPub.Utils alias Pleroma.Web.CommonAPI - alias Pleroma.Web.OAuth.{Authorization, Token, App} alias Pleroma.Web.MediaProxy + alias Pleroma.Web.Push + alias Push.Subscription + + alias Pleroma.Web.MastodonAPI.AccountView + alias Pleroma.Web.MastodonAPI.FilterView + alias Pleroma.Web.MastodonAPI.ListView + alias Pleroma.Web.MastodonAPI.MastodonView + alias Pleroma.Web.MastodonAPI.PushSubscriptionView + alias Pleroma.Web.MastodonAPI.StatusView + alias Pleroma.Web.ActivityPub.ActivityPub + alias Pleroma.Web.ActivityPub.Utils + alias Pleroma.Web.OAuth.App + alias Pleroma.Web.OAuth.Authorization + alias Pleroma.Web.OAuth.Token + import Pleroma.Web.ControllerHelper, only: [oauth_scopes: 2] import Ecto.Query + require Logger @httpoison Application.get_env(:pleroma, :httpoison) diff --cc lib/pleroma/web/oauth/authorization.ex index c5b7ec9a5,9039b8b45..d37c2cb83 --- a/lib/pleroma/web/oauth/authorization.ex +++ b/lib/pleroma/web/oauth/authorization.ex @@@ -21,9 -23,8 +24,9 @@@ defmodule Pleroma.Web.OAuth.Authorizati timestamps() end - def create_authorization(%App{} = app, %User{} = user) do + def create_authorization(%App{} = app, %User{} = user, scopes \\ nil) do + scopes = scopes || app.scopes - token = :crypto.strong_rand_bytes(32) |> Base.url_encode64() + token = :crypto.strong_rand_bytes(32) |> Base.url_encode64(padding: false) authorization = %Authorization{ token: token, diff --cc lib/pleroma/web/oauth/oauth_controller.ex index fe2c958c9,dddfcf299..7c1a3adbd --- a/lib/pleroma/web/oauth/oauth_controller.ex +++ b/lib/pleroma/web/oauth/oauth_controller.ex @@@ -5,12 -5,13 +5,15 @@@ defmodule Pleroma.Web.OAuth.OAuthController do use Pleroma.Web, :controller - alias Pleroma.Web.OAuth.{Authorization, Token, App} - alias Pleroma.{Repo, User} + alias Pleroma.Web.OAuth.Authorization + alias Pleroma.Web.OAuth.Token + alias Pleroma.Web.OAuth.App + alias Pleroma.Repo + alias Pleroma.User alias Comeonin.Pbkdf2 + import Pleroma.Web.ControllerHelper, only: [oauth_scopes: 2] + plug(:fetch_session) plug(:fetch_flash) diff --cc lib/pleroma/web/oauth/token.ex index 1fae5ed3a,ca9e718ac..ea4d56a29 --- a/lib/pleroma/web/oauth/token.ex +++ b/lib/pleroma/web/oauth/token.ex @@@ -28,10 -30,9 +31,10 @@@ defmodule Pleroma.Web.OAuth.Token d end end - def create_token(%App{} = app, %User{} = user) do + def create_token(%App{} = app, %User{} = user, scopes \\ nil) do + scopes = scopes || app.scopes - token = :crypto.strong_rand_bytes(32) |> Base.url_encode64() - refresh_token = :crypto.strong_rand_bytes(32) |> Base.url_encode64() + token = :crypto.strong_rand_bytes(32) |> Base.url_encode64(padding: false) + refresh_token = :crypto.strong_rand_bytes(32) |> Base.url_encode64(padding: false) token = %Token{ token: token, diff --cc lib/pleroma/web/router.ex index 6f17de1ca,d66a1c2a1..e09164a77 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@@ -194,100 -158,84 +194,102 @@@ defmodule Pleroma.Web.Router d scope "/api/v1", Pleroma.Web.MastodonAPI do pipe_through(:authenticated_api) - patch("/accounts/update_credentials", MastodonAPIController, :update_credentials) - get("/accounts/verify_credentials", MastodonAPIController, :verify_credentials) - get("/accounts/relationships", MastodonAPIController, :relationships) - get("/accounts/search", MastodonAPIController, :account_search) - post("/accounts/:id/follow", MastodonAPIController, :follow) - post("/accounts/:id/unfollow", MastodonAPIController, :unfollow) - post("/accounts/:id/block", MastodonAPIController, :block) - post("/accounts/:id/unblock", MastodonAPIController, :unblock) - post("/accounts/:id/mute", MastodonAPIController, :relationship_noop) - post("/accounts/:id/unmute", MastodonAPIController, :relationship_noop) - get("/accounts/:id/lists", MastodonAPIController, :account_lists) + scope [] do + pipe_through(:oauth_read) + + get("/accounts/verify_credentials", MastodonAPIController, :verify_credentials) - get("/follow_requests", MastodonAPIController, :follow_requests) - post("/follow_requests/:id/authorize", MastodonAPIController, :authorize_follow_request) - post("/follow_requests/:id/reject", MastodonAPIController, :reject_follow_request) + get("/accounts/relationships", MastodonAPIController, :relationships) + get("/accounts/search", MastodonAPIController, :account_search) - post("/follows", MastodonAPIController, :follow) + get("/accounts/:id/lists", MastodonAPIController, :account_lists) - get("/blocks", MastodonAPIController, :blocks) + get("/follow_requests", MastodonAPIController, :follow_requests) + get("/blocks", MastodonAPIController, :blocks) + get("/mutes", MastodonAPIController, :empty_array) - get("/mutes", MastodonAPIController, :empty_array) + get("/timelines/home", MastodonAPIController, :home_timeline) + get("/timelines/direct", MastodonAPIController, :dm_timeline) - get("/timelines/home", MastodonAPIController, :home_timeline) + get("/favourites", MastodonAPIController, :favourites) + get("/bookmarks", MastodonAPIController, :bookmarks) - get("/timelines/direct", MastodonAPIController, :dm_timeline) + post("/notifications/clear", MastodonAPIController, :clear_notifications) + post("/notifications/dismiss", MastodonAPIController, :dismiss_notification) + get("/notifications", MastodonAPIController, :notifications) + get("/notifications/:id", MastodonAPIController, :get_notification) - get("/favourites", MastodonAPIController, :favourites) - get("/bookmarks", MastodonAPIController, :bookmarks) + get("/lists", MastodonAPIController, :get_lists) + get("/lists/:id", MastodonAPIController, :get_list) + get("/lists/:id/accounts", MastodonAPIController, :list_accounts) - post("/statuses", MastodonAPIController, :post_status) - delete("/statuses/:id", MastodonAPIController, :delete_status) + get("/domain_blocks", MastodonAPIController, :domain_blocks) + + get("/filters", MastodonAPIController, :get_filters) + + get("/suggestions", MastodonAPIController, :suggestions) + + get("/endorsements", MastodonAPIController, :empty_array) + end + + scope [] do + pipe_through(:oauth_write) + + patch("/accounts/update_credentials", MastodonAPIController, :update_credentials) + + post("/statuses", MastodonAPIController, :post_status) + delete("/statuses/:id", MastodonAPIController, :delete_status) - post("/statuses/:id/reblog", MastodonAPIController, :reblog_status) - post("/statuses/:id/unreblog", MastodonAPIController, :unreblog_status) - post("/statuses/:id/favourite", MastodonAPIController, :fav_status) - post("/statuses/:id/unfavourite", MastodonAPIController, :unfav_status) - post("/statuses/:id/pin", MastodonAPIController, :pin_status) - post("/statuses/:id/unpin", MastodonAPIController, :unpin_status) - post("/statuses/:id/bookmark", MastodonAPIController, :bookmark_status) - post("/statuses/:id/unbookmark", MastodonAPIController, :unbookmark_status) + post("/statuses/:id/reblog", MastodonAPIController, :reblog_status) + post("/statuses/:id/unreblog", MastodonAPIController, :unreblog_status) + post("/statuses/:id/favourite", MastodonAPIController, :fav_status) + post("/statuses/:id/unfavourite", MastodonAPIController, :unfav_status) + post("/statuses/:id/pin", MastodonAPIController, :pin_status) + post("/statuses/:id/unpin", MastodonAPIController, :unpin_status) + post("/statuses/:id/bookmark", MastodonAPIController, :bookmark_status) + post("/statuses/:id/unbookmark", MastodonAPIController, :unbookmark_status) + post("/statuses/:id/mute", MastodonAPIController, :mute_conversation) + post("/statuses/:id/unmute", MastodonAPIController, :unmute_conversation) - post("/notifications/clear", MastodonAPIController, :clear_notifications) - post("/notifications/dismiss", MastodonAPIController, :dismiss_notification) - get("/notifications", MastodonAPIController, :notifications) - get("/notifications/:id", MastodonAPIController, :get_notification) + post("/media", MastodonAPIController, :upload) + put("/media/:id", MastodonAPIController, :update_media) + + delete("/lists/:id", MastodonAPIController, :delete_list) + post("/lists", MastodonAPIController, :create_list) + put("/lists/:id", MastodonAPIController, :rename_list) - post("/media", MastodonAPIController, :upload) - put("/media/:id", MastodonAPIController, :update_media) + post("/lists/:id/accounts", MastodonAPIController, :add_to_list) + delete("/lists/:id/accounts", MastodonAPIController, :remove_from_list) - get("/lists", MastodonAPIController, :get_lists) - get("/lists/:id", MastodonAPIController, :get_list) - delete("/lists/:id", MastodonAPIController, :delete_list) - post("/lists", MastodonAPIController, :create_list) - put("/lists/:id", MastodonAPIController, :rename_list) - get("/lists/:id/accounts", MastodonAPIController, :list_accounts) - post("/lists/:id/accounts", MastodonAPIController, :add_to_list) - delete("/lists/:id/accounts", MastodonAPIController, :remove_from_list) + post("/filters", MastodonAPIController, :create_filter) + get("/filters/:id", MastodonAPIController, :get_filter) + put("/filters/:id", MastodonAPIController, :update_filter) + delete("/filters/:id", MastodonAPIController, :delete_filter) + end + + scope [] do + pipe_through(:oauth_follow) - get("/domain_blocks", MastodonAPIController, :domain_blocks) - post("/domain_blocks", MastodonAPIController, :block_domain) - delete("/domain_blocks", MastodonAPIController, :unblock_domain) + post("/follows", MastodonAPIController, :follow) + post("/accounts/:id/follow", MastodonAPIController, :follow) - get("/filters", MastodonAPIController, :get_filters) - post("/filters", MastodonAPIController, :create_filter) - get("/filters/:id", MastodonAPIController, :get_filter) - put("/filters/:id", MastodonAPIController, :update_filter) - delete("/filters/:id", MastodonAPIController, :delete_filter) + post("/accounts/:id/unfollow", MastodonAPIController, :unfollow) + post("/accounts/:id/block", MastodonAPIController, :block) + post("/accounts/:id/unblock", MastodonAPIController, :unblock) + post("/accounts/:id/mute", MastodonAPIController, :relationship_noop) + post("/accounts/:id/unmute", MastodonAPIController, :relationship_noop) - post("/push/subscription", MastodonAPIController, :create_push_subscription) - get("/push/subscription", MastodonAPIController, :get_push_subscription) - put("/push/subscription", MastodonAPIController, :update_push_subscription) - delete("/push/subscription", MastodonAPIController, :delete_push_subscription) + post("/follow_requests/:id/authorize", MastodonAPIController, :authorize_follow_request) + post("/follow_requests/:id/reject", MastodonAPIController, :reject_follow_request) - get("/suggestions", MastodonAPIController, :suggestions) + post("/domain_blocks", MastodonAPIController, :block_domain) + delete("/domain_blocks", MastodonAPIController, :unblock_domain) - get("/endorsements", MastodonAPIController, :empty_array) + post("/push/subscription", MastodonAPIController, :create_push_subscription) + get("/push/subscription", MastodonAPIController, :get_push_subscription) + put("/push/subscription", MastodonAPIController, :update_push_subscription) + delete("/push/subscription", MastodonAPIController, :delete_push_subscription) + end end scope "/api/web", Pleroma.Web.MastodonAPI do