1f6ed4f86a
* Add more granular OAuth scopes * Add human-readable descriptions of the new scopes * Ensure new scopes look good on the app UI * Add tests * Group scopes in screen and color-code dangerous ones * Fix wrong extra scope
41 lines
768 B
Ruby
41 lines
768 B
Ruby
# frozen_string_literal: true
|
|
|
|
class Api::V1::SearchController < Api::BaseController
|
|
include Authorization
|
|
|
|
RESULTS_LIMIT = 5
|
|
|
|
before_action -> { doorkeeper_authorize! :read, :'read:search' }
|
|
before_action :require_user!
|
|
|
|
respond_to :json
|
|
|
|
def index
|
|
@search = Search.new(search)
|
|
render json: @search, serializer: REST::SearchSerializer
|
|
end
|
|
|
|
private
|
|
|
|
def search
|
|
search_results.tap do |search|
|
|
search[:statuses].keep_if do |status|
|
|
begin
|
|
authorize status, :show?
|
|
rescue Mastodon::NotPermittedError
|
|
false
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
def search_results
|
|
SearchService.new.call(
|
|
params[:q],
|
|
RESULTS_LIMIT,
|
|
truthy_param?(:resolve),
|
|
current_account
|
|
)
|
|
end
|
|
end
|