From f8e0942745636f0f51e5ff57d1b40f79ee82f87b Mon Sep 17 00:00:00 2001
From: William Pitcock <nenolod@dereferenced.org>
Date: Thu, 7 Jun 2018 00:04:03 +0000
Subject: [PATCH] twitter api: add approve/deny endpoints
---
lib/pleroma/web/router.ex | 2 +
.../web/twitter_api/twitter_api_controller.ex | 44 +++++++++++++++++-
.../twitter_api_controller_test.exs | 46 +++++++++++++++++++
3 files changed, 90 insertions(+), 2 deletions(-)
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
index ea134bbff..6f8b427b5 100644
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@@ -248,6 +248,8 @@ defmodule Pleroma.Web.Router do
post("/statuses/destroy/:id", TwitterAPI.Controller, :delete_post)
get("/pleroma/friend_requests", TwitterAPI.Controller, :friend_requests)
+ post("/pleroma/friendships/approve", TwitterAPI.Controller, :approve_friend_request)
+ post("/pleroma/friendships/deny", TwitterAPI.Controller, :deny_friend_request)
post("/friendships/create", TwitterAPI.Controller, :follow)
post("/friendships/destroy", TwitterAPI.Controller, :unfollow)
diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
index 123d20177..b29687df5 100644
--- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
@@ -4,6 +4,7 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
alias Pleroma.Web.CommonAPI
alias Pleroma.{Repo, Activity, User, Notification}
alias Pleroma.Web.ActivityPub.ActivityPub
+ alias Pleroma.Web.ActivityPub.Utils
alias Ecto.Changeset
require Logger
@@ -332,14 +333,53 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
end
def friend_requests(conn, params) do
- with {:ok, user} <- TwitterAPI.get_user(conn.assigns.user, params),
+ with {:ok, user} <- TwitterAPI.get_user(conn.assigns[:user], params),
{:ok, friend_requests} <- User.get_follow_requests(user) do
- render(conn, UserView, "index.json", %{users: friend_requests, for: user})
+ render(conn, UserView, "index.json", %{users: friend_requests, for: conn.assigns[:user]})
else
_e -> bad_request_reply(conn, "Can't get friend requests")
end
end
+ def approve_friend_request(conn, %{"user_id" => uid} = params) do
+ with followed <- conn.assigns[:user],
+ uid when is_number(uid) <- String.to_integer(uid),
+ %User{} = follower <- Repo.get(User, uid),
+ {:ok, follower} <- User.maybe_follow(follower, followed),
+ %Activity{} = follow_activity <- Utils.fetch_latest_follow(follower, followed),
+ {:ok, follow_activity} <- Utils.update_follow_state(follow_activity, "accept"),
+ {:ok, _activity} <-
+ ActivityPub.accept(%{
+ to: [follower.ap_id],
+ actor: followed.ap_id,
+ object: follow_activity.data["id"],
+ type: "Accept"
+ }) do
+ render(conn, UserView, "show.json", %{user: follower, for: followed})
+ else
+ e -> bad_request_reply(conn, "Can't approve user: #{inspect(e)}")
+ end
+ end
+
+ def deny_friend_request(conn, %{"user_id" => uid} = params) do
+ with followed <- conn.assigns[:user],
+ uid when is_number(uid) <- String.to_integer(uid),
+ %User{} = follower <- Repo.get(User, uid),
+ %Activity{} = follow_activity <- Utils.fetch_latest_follow(follower, followed),
+ {:ok, follow_activity} <- Utils.update_follow_state(follow_activity, "reject"),
+ {:ok, _activity} <-
+ ActivityPub.reject(%{
+ to: [follower.ap_id],
+ actor: followed.ap_id,
+ object: follow_activity.data["id"],
+ type: "Reject"
+ }) do
+ render(conn, UserView, "show.json", %{user: follower, for: followed})
+ else
+ e -> bad_request_reply(conn, "Can't deny user: #{inspect(e)}")
+ end
+ end
+
def friends_ids(%{assigns: %{user: user}} = conn, _params) do
with {:ok, friends} <- User.get_friends(user) do
ids =
diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs
index ac8ccfbc3..bd11551df 100644
--- a/test/web/twitter_api/twitter_api_controller_test.exs
+++ b/test/web/twitter_api/twitter_api_controller_test.exs
@@ -980,4 +980,50 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
assert other_user.id == relationship["id"]
end
end
+
+ describe "POST /api/pleroma/friendships/approve" do
+ test "it approves a friend request" do
+ user = insert(:user, %{info: %{"locked" => true}})
+ other_user = insert(:user)
+
+ {:ok, activity} = ActivityPub.follow(other_user, user)
+
+ user = Repo.get(User, user.id)
+ other_user = Repo.get(User, other_user.id)
+
+ assert User.following?(other_user, user) == false
+
+ conn =
+ build_conn()
+ |> assign(:user, user)
+ |> post("/api/pleroma/friendships/approve", %{"user_id" => to_string(other_user.id)})
+
+ assert relationship = json_response(conn, 200)
+ assert other_user.id == relationship["id"]
+ assert relationship["follows_you"] == true
+ end
+ end
+
+ describe "POST /api/pleroma/friendships/deny" do
+ test "it denies a friend request" do
+ user = insert(:user, %{info: %{"locked" => true}})
+ other_user = insert(:user)
+
+ {:ok, activity} = ActivityPub.follow(other_user, user)
+
+ user = Repo.get(User, user.id)
+ other_user = Repo.get(User, other_user.id)
+
+ assert User.following?(other_user, user) == false
+
+ conn =
+ build_conn()
+ |> assign(:user, user)
+ |> post("/api/pleroma/friendships/deny", %{"user_id" => to_string(other_user.id)})
+
+ assert relationship = json_response(conn, 200)
+ assert other_user.id == relationship["id"]
+ assert relationship["follows_you"] == false
+ end
+ end
end
--
2.49.0