diff options
| author | Starfall <root@starfall.blue> | 2019-12-09 19:07:33 -0600 |
|---|---|---|
| committer | Starfall <root@starfall.blue> | 2019-12-09 19:09:31 -0600 |
| commit | 6b34fcfef7566105e8d80ab5fee0a539c06cddbf (patch) | |
| tree | 8fad2d47bf8be255d3c671c40cbfd04c2f55ed03 /app/controllers/api/base_controller.rb | |
| parent | 9fbb4af7611aa7836e65ef9f544d341423c15685 (diff) | |
| parent | 246addd5b33a172600342af3fb6fb5e4c80ad95e (diff) | |
Merge branch 'glitch'`
Diffstat (limited to 'app/controllers/api/base_controller.rb')
| -rw-r--r-- | app/controllers/api/base_controller.rb | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb index eca558f42..144fdd6ac 100644 --- a/app/controllers/api/base_controller.rb +++ b/app/controllers/api/base_controller.rb @@ -7,16 +7,23 @@ class Api::BaseController < ApplicationController include RateLimitHeaders skip_before_action :store_current_location - skip_before_action :check_user_permissions + skip_before_action :require_functional! + before_action :require_authenticated_user!, if: :disallow_unauthenticated_api_access? before_action :set_cache_headers protect_from_forgery with: :null_session + skip_around_action :set_locale + rescue_from ActiveRecord::RecordInvalid, Mastodon::ValidationError do |e| render json: { error: e.to_s }, status: 422 end + rescue_from ActiveRecord::RecordNotUnique do + render json: { error: 'Duplicate record' }, status: 422 + end + rescue_from ActiveRecord::RecordNotFound do render json: { error: 'Record not found' }, status: 404 end @@ -33,6 +40,14 @@ class Api::BaseController < ApplicationController render json: { error: 'This action is not allowed' }, status: 403 end + rescue_from Mastodon::RaceConditionError do + render json: { error: 'There was a temporary problem serving your request, please try again' }, status: 503 + end + + rescue_from ActionController::ParameterMissing do |e| + render json: { error: e.to_s }, status: 400 + end + def doorkeeper_unauthorized_render_options(error: nil) { json: { error: (error.try(:description) || 'Not authorized') } } end @@ -69,6 +84,10 @@ class Api::BaseController < ApplicationController nil end + def require_authenticated_user! + render json: { error: 'This API requires an authenticated user' }, status: 401 unless current_user + end + def require_user! if !current_user render json: { error: 'This method requires an authenticated user' }, status: 422 @@ -94,4 +113,8 @@ class Api::BaseController < ApplicationController def set_cache_headers response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate' end + + def disallow_unauthenticated_api_access? + authorized_fetch_mode? + end end |