diff options
| author | Fire Demon <firedemon@creature.cafe> | 2020-07-25 23:23:09 -0500 |
|---|---|---|
| committer | Fire Demon <firedemon@creature.cafe> | 2020-08-30 05:45:15 -0500 |
| commit | c4dd1074fcdeba84c812feec70d757bae0456fdd (patch) | |
| tree | bf1f7f78bd811e3dd227380d27813a3ae8fddf7a | |
| parent | 70763ef0ea6cb6b997ac144d8b4d855b16fb838c (diff) | |
[Feature, Privacy] Add API support for per-domain post privacy (account)
| -rw-r--r-- | app/controllers/api/v1/domain_permissions_controller.rb | 81 | ||||
| -rw-r--r-- | app/policies/account_domain_permission_policy.rb | 17 | ||||
| -rw-r--r-- | config/initializers/doorkeeper.rb | 6 | ||||
| -rw-r--r-- | config/routes.rb | 2 |
4 files changed, 106 insertions, 0 deletions
diff --git a/app/controllers/api/v1/domain_permissions_controller.rb b/app/controllers/api/v1/domain_permissions_controller.rb new file mode 100644 index 000000000..1b0e37135 --- /dev/null +++ b/app/controllers/api/v1/domain_permissions_controller.rb @@ -0,0 +1,81 @@ +# frozen_string_literal: true + +class Api::V1::DomainPermissionsController < Api::BaseController + before_action -> { doorkeeper_authorize! :read, :'read:domain_permissions', :'read:domain_permissions:account' }, only: :show + before_action -> { doorkeeper_authorize! :write, :'write:domain_permissions', :'write:domain_permissions:account' }, only: [:create, :update, :destroy] + before_action :require_user! + before_action :set_permission, except: [:show, :create] + after_action :insert_pagination_headers + + LIMIT = 100 + + def show + @permissions = load_account_domain_permissions + render json: @permissions, each_serializer: REST::AccountDomainPermissionSerializer + end + + def create + @permission = current_account.domain_permissions.create!(domain_permission_params) + render json: @permission, serializer: REST::AccountDomainPermissionSerializer + end + + def update + @permission.update!(domain_permission_params) + render json: @permission, serializer: REST::AccountDomainPermissionSerializer + end + + def destroy + @permission.destroy! + render_empty + end + + private + + def load_account_domain_permissions + account_domain_permissions.paginate_by_max_id( + limit_param(LIMIT), + params[:max_id], + params[:since_id] + ) + end + + def set_permission + @permission = current_account.domain_permissions.find(params[:id]) + end + + def account_domain_permissions + current_account.domain_permissions + end + + def insert_pagination_headers + set_pagination_headers(next_path, prev_path) + end + + def next_path + api_v1_domain_permissions_url pagination_params(max_id: pagination_max_id) if records_continue? + end + + def prev_path + api_v1_domain_permissions_url pagination_params(since_id: pagination_since_id) unless @permissions.empty? + end + + def pagination_max_id + @permissions.last.id + end + + def pagination_since_id + @permissions.first.id + end + + def records_continue? + @permissions.size == limit_param(LIMIT) + end + + def pagination_params(core_params) + params.slice(:limit).permit(:limit).merge(core_params) + end + + def domain_permission_params + params.permit(:domain, :visibility) + end +end diff --git a/app/policies/account_domain_permission_policy.rb b/app/policies/account_domain_permission_policy.rb new file mode 100644 index 000000000..b50857f9f --- /dev/null +++ b/app/policies/account_domain_permission_policy.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +class AccountDomainPermissionPolicy < ApplicationPolicy + def update? + owned? + end + + def destroy? + owned? + end + + private + + def owned? + record.account_id == current_account&.id + end +end diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index 4394444bb..1c790e90a 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -77,6 +77,9 @@ Doorkeeper.configure do :'write:reports', :'write:statuses', :'write:statuses:publish', + :'write:domain_permissions', + :'write:domain_permissions:account', + :'write:domain_permissions:statuses', :read, :'read:accounts', :'read:blocks', @@ -89,6 +92,9 @@ Doorkeeper.configure do :'read:notifications', :'read:search', :'read:statuses', + :'read:domain_permissions', + :'read:domain_permissions:account', + :'read:domain_permissions:statuses', :follow, :push, :'admin:read', diff --git a/config/routes.rb b/config/routes.rb index 974a94e47..fd43f9c8c 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -396,6 +396,8 @@ Rails.application.routes.draw do resource :domain_blocks, only: [:show, :create, :destroy] resource :directory, only: [:show] + resource :domain_permissions, only: [:show, :create, :update, :destroy] + resources :follow_requests, only: [:index] do member do post :authorize |