.circleci
.github
app
chewy
controllers
activitypub
admin
api
v1
accounts
apps
instances
lists
statuses
timelines
accounts_controller.rb
apps_controller.rb
blocks_controller.rb
custom_emojis_controller.rb
domain_blocks_controller.rb
favourites_controller.rb
follow_requests_controller.rb
follows_controller.rb
instances_controller.rb
lists_controller.rb
media_controller.rb
mutes_controller.rb
notifications_controller.rb
reports_controller.rb
search_controller.rb
statuses_controller.rb
streaming_controller.rb
web
base_controller.rb
oembed_controller.rb
push_controller.rb
salmon_controller.rb
subscriptions_controller.rb
auth
concerns
oauth
settings
well_known
about_controller.rb
account_follow_controller.rb
account_unfollow_controller.rb
accounts_controller.rb
application_controller.rb
authorize_follows_controller.rb
emojis_controller.rb
follower_accounts_controller.rb
following_accounts_controller.rb
home_controller.rb
intents_controller.rb
invites_controller.rb
manifests_controller.rb
media_controller.rb
media_proxy_controller.rb
remote_follow_controller.rb
remote_unfollows.rb
shares_controller.rb
statuses_controller.rb
stream_entries_controller.rb
tags_controller.rb
helpers
javascript
lib
mailers
models
policies
presenters
serializers
services
validators
views
workers
bin
config
db
docs
lib
log
nanobox
public
spec
streaming
vendor
.babelrc
.buildpacks
.codeclimate.yml
.dockerignore
.editorconfig
.env.nanobox
.env.production.sample
.env.test
.env.vagrant
.eslintignore
.eslintrc.yml
.foreman
.gitattributes
.gitignore
.haml-lint.yml
.nanoignore
.nvmrc
.postcssrc.yml
.profile
.rspec
.rubocop.yml
.ruby-version
.scss-lint.yml
.slugignore
.yarnclean
AUTHORS.md
Aptfile
CODE_OF_CONDUCT.md
CONTRIBUTING.md
Capfile
Dockerfile
Gemfile
Gemfile.lock
LICENSE
Procfile
Procfile.dev
README.md
Rakefile
Vagrantfile
app.json
boxfile.yml
config.ru
docker-compose.yml
dump.rdb
jest.config.js
package.json
scalingo.json
yarn.lock
87 lines
3.1 KiB
Ruby
87 lines
3.1 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class Api::V1::StatusesController < Api::BaseController
|
|
include Authorization
|
|
|
|
before_action :authorize_if_got_token, except: [:create, :destroy]
|
|
before_action -> { doorkeeper_authorize! :write }, only: [:create, :destroy]
|
|
before_action :require_user!, except: [:show, :context, :card]
|
|
before_action :set_status, only: [:show, :context, :card]
|
|
|
|
respond_to :json
|
|
|
|
def show
|
|
cached = Rails.cache.read(@status.cache_key)
|
|
@status = cached unless cached.nil?
|
|
render json: @status, serializer: REST::StatusSerializer
|
|
end
|
|
|
|
def context
|
|
ancestors_results = @status.in_reply_to_id.nil? ? [] : @status.ancestors(DEFAULT_STATUSES_LIMIT, current_account)
|
|
descendants_results = @status.descendants(DEFAULT_STATUSES_LIMIT, current_account)
|
|
loaded_ancestors = cache_collection(ancestors_results, Status)
|
|
loaded_descendants = cache_collection(descendants_results, Status)
|
|
|
|
@context = Context.new(ancestors: loaded_ancestors, descendants: loaded_descendants)
|
|
statuses = [@status] + @context.ancestors + @context.descendants
|
|
|
|
render json: @context, serializer: REST::ContextSerializer, relationships: StatusRelationshipsPresenter.new(statuses, current_user&.account_id)
|
|
end
|
|
|
|
def card
|
|
@card = @status.preview_cards.first
|
|
|
|
if @card.nil?
|
|
render_empty
|
|
else
|
|
render json: @card, serializer: REST::PreviewCardSerializer
|
|
end
|
|
end
|
|
|
|
def create
|
|
@status = PostStatusService.new.call(current_user.account,
|
|
status_params[:status],
|
|
status_params[:in_reply_to_id].blank? ? nil : Status.find(status_params[:in_reply_to_id]),
|
|
media_ids: status_params[:media_ids],
|
|
sensitive: status_params[:sensitive],
|
|
spoiler_text: status_params[:spoiler_text],
|
|
visibility: status_params[:visibility],
|
|
application: doorkeeper_token.application,
|
|
idempotency: request.headers['Idempotency-Key'])
|
|
|
|
render json: @status, serializer: REST::StatusSerializer
|
|
end
|
|
|
|
def destroy
|
|
@status = Status.where(account_id: current_user.account).find(params[:id])
|
|
authorize @status, :destroy?
|
|
|
|
RemovalWorker.perform_async(@status.id)
|
|
|
|
render_empty
|
|
end
|
|
|
|
private
|
|
|
|
def set_status
|
|
@status = Status.find(params[:id])
|
|
authorize @status, :show?
|
|
rescue Mastodon::NotPermittedError
|
|
# Reraise in order to get a 404 instead of a 403 error code
|
|
raise ActiveRecord::RecordNotFound
|
|
end
|
|
|
|
def status_params
|
|
params.permit(:status, :in_reply_to_id, :sensitive, :spoiler_text, :visibility, media_ids: [])
|
|
end
|
|
|
|
def pagination_params(core_params)
|
|
params.slice(:limit).permit(:limit).merge(core_params)
|
|
end
|
|
|
|
def authorize_if_got_token
|
|
request_token = Doorkeeper::OAuth::Token.from_request(request, *Doorkeeper.configuration.access_token_methods)
|
|
doorkeeper_authorize! :read if request_token
|
|
end
|
|
end
|