.circleci
.github
app
chewy
controllers
activitypub
admin
api
v1
accounts
apps
instances
lists
push
statuses
timelines
accounts_controller.rb
apps_controller.rb
blocks_controller.rb
custom_emojis_controller.rb
domain_blocks_controller.rb
endorsements_controller.rb
favourites_controller.rb
filters_controller.rb
follow_requests_controller.rb
follows_controller.rb
instances_controller.rb
lists_controller.rb
media_controller.rb
mutes_controller.rb
notifications_controller.rb
reports_controller.rb
search_controller.rb
statuses_controller.rb
streaming_controller.rb
suggestions_controller.rb
v2
web
base_controller.rb
oembed_controller.rb
push_controller.rb
salmon_controller.rb
subscriptions_controller.rb
auth
concerns
oauth
settings
well_known
about_controller.rb
account_follow_controller.rb
account_unfollow_controller.rb
accounts_controller.rb
application_controller.rb
authorize_interactions_controller.rb
custom_css_controller.rb
emojis_controller.rb
filters_controller.rb
follower_accounts_controller.rb
following_accounts_controller.rb
home_controller.rb
intents_controller.rb
invites_controller.rb
manifests_controller.rb
media_controller.rb
media_proxy_controller.rb
remote_follow_controller.rb
remote_interaction_controller.rb
remote_unfollows_controller.rb
shares_controller.rb
statuses_controller.rb
stream_entries_controller.rb
tags_controller.rb
helpers
javascript
lib
mailers
models
policies
presenters
serializers
services
validators
views
workers
bin
config
db
dist
lib
log
nanobox
public
spec
streaming
vendor
.buildpacks
.codeclimate.yml
.dockerignore
.editorconfig
.env.nanobox
.env.production.sample
.env.test
.env.vagrant
.eslintignore
.eslintrc.yml
.foreman
.gitattributes
.gitignore
.haml-lint.yml
.nanoignore
.nvmrc
.postcssrc.yml
.profile
.rspec
.rubocop.yml
.ruby-version
.scss-lint.yml
.slugignore
.yarnclean
AUTHORS.md
Aptfile
CODE_OF_CONDUCT.md
CONTRIBUTING.md
Capfile
Dockerfile
Gemfile
Gemfile.lock
LICENSE
Procfile
Procfile.dev
README.md
Rakefile
Vagrantfile
app.json
babel.config.js
boxfile.yml
config.ru
docker-compose.yml
jest.config.js
package.json
priv-config
scalingo.json
yarn.lock
87 lines
3.2 KiB
Ruby
87 lines
3.2 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class Api::V1::StatusesController < Api::BaseController
|
|
include Authorization
|
|
|
|
before_action -> { authorize_if_got_token! :read, :'read:statuses' }, except: [:create, :destroy]
|
|
before_action -> { doorkeeper_authorize! :write, :'write:statuses' }, only: [:create, :destroy]
|
|
before_action :require_user!, except: [:show, :context, :card]
|
|
before_action :set_status, only: [:show, :context, :card]
|
|
|
|
respond_to :json
|
|
|
|
# This API was originally unlimited, pagination cannot be introduced without
|
|
# breaking backwards-compatibility. Arbitrarily high number to cover most
|
|
# conversations as quasi-unlimited, it would be too much work to render more
|
|
# than this anyway
|
|
CONTEXT_LIMIT = 4_096
|
|
|
|
def show
|
|
@status = cache_collection([@status], Status).first
|
|
render json: @status, serializer: REST::StatusSerializer
|
|
end
|
|
|
|
def context
|
|
ancestors_results = @status.in_reply_to_id.nil? ? [] : @status.ancestors(CONTEXT_LIMIT, current_account)
|
|
descendants_results = @status.descendants(CONTEXT_LIMIT, current_account)
|
|
loaded_ancestors = cache_collection(ancestors_results, Status)
|
|
loaded_descendants = cache_collection(descendants_results, Status)
|
|
|
|
@context = Context.new(ancestors: loaded_ancestors, descendants: loaded_descendants)
|
|
statuses = [@status] + @context.ancestors + @context.descendants
|
|
|
|
render json: @context, serializer: REST::ContextSerializer, relationships: StatusRelationshipsPresenter.new(statuses, current_user&.account_id)
|
|
end
|
|
|
|
def card
|
|
@card = @status.preview_cards.first
|
|
|
|
if @card.nil?
|
|
render_empty
|
|
else
|
|
render json: @card, serializer: REST::PreviewCardSerializer
|
|
end
|
|
end
|
|
|
|
def create
|
|
@status = PostStatusService.new.call(current_user.account,
|
|
status_params[:status],
|
|
status_params[:in_reply_to_id].blank? ? nil : Status.find(status_params[:in_reply_to_id]),
|
|
media_ids: status_params[:media_ids],
|
|
sensitive: status_params[:sensitive],
|
|
spoiler_text: status_params[:spoiler_text],
|
|
visibility: status_params[:visibility],
|
|
application: doorkeeper_token.application,
|
|
idempotency: request.headers['Idempotency-Key'])
|
|
|
|
render json: @status, serializer: REST::StatusSerializer
|
|
end
|
|
|
|
def destroy
|
|
@status = Status.where(account_id: current_user.account).find(params[:id])
|
|
authorize @status, :destroy?
|
|
|
|
RemovalWorker.perform_async(@status.id)
|
|
|
|
render_empty
|
|
end
|
|
|
|
private
|
|
|
|
def set_status
|
|
@status = Status.find(params[:id])
|
|
authorize @status, :show?
|
|
rescue Mastodon::NotPermittedError
|
|
# Reraise in order to get a 404 instead of a 403 error code
|
|
raise ActiveRecord::RecordNotFound
|
|
end
|
|
|
|
def status_params
|
|
params.permit(:status, :in_reply_to_id, :sensitive, :spoiler_text, :visibility, media_ids: [])
|
|
end
|
|
|
|
def pagination_params(core_params)
|
|
params.slice(:limit).permit(:limit).merge(core_params)
|
|
end
|
|
end
|