diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2022-01-19 22:37:27 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-01-19 22:37:27 +0100 |
commit | 1060666c583670bb3b89ed5154e61038331e30c3 (patch) | |
tree | 11713b72bc62cd395dade4cb4fe7e397bf41ffec /app/controllers/api/v1/statuses | |
parent | 2d1f082bb6bee89242ee8042dc19016179078566 (diff) |
Add support for editing for published statuses (#16697)
* Add support for editing for published statuses * Fix references to stripped-out code * Various fixes and improvements * Further fixes and improvements * Fix updates being potentially sent to unauthorized recipients * Various fixes and improvements * Fix wrong words in test * Fix notifying accounts that were tagged but were not in the audience * Fix mistake
Diffstat (limited to 'app/controllers/api/v1/statuses')
-rw-r--r-- | app/controllers/api/v1/statuses/histories_controller.rb | 21 | ||||
-rw-r--r-- | app/controllers/api/v1/statuses/sources_controller.rb | 21 |
2 files changed, 42 insertions, 0 deletions
diff --git a/app/controllers/api/v1/statuses/histories_controller.rb b/app/controllers/api/v1/statuses/histories_controller.rb new file mode 100644 index 000000000..c2c1fac5d --- /dev/null +++ b/app/controllers/api/v1/statuses/histories_controller.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +class Api::V1::Statuses::HistoriesController < Api::BaseController + include Authorization + + before_action -> { authorize_if_got_token! :read, :'read:statuses' } + before_action :set_status + + def show + render json: @status.edits, each_serializer: REST::StatusEditSerializer + end + + private + + def set_status + @status = Status.find(params[:status_id]) + authorize @status, :show? + rescue Mastodon::NotPermittedError + not_found + end +end diff --git a/app/controllers/api/v1/statuses/sources_controller.rb b/app/controllers/api/v1/statuses/sources_controller.rb new file mode 100644 index 000000000..434086451 --- /dev/null +++ b/app/controllers/api/v1/statuses/sources_controller.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +class Api::V1::Statuses::SourcesController < Api::BaseController + include Authorization + + before_action -> { doorkeeper_authorize! :read, :'read:statuses' } + before_action :set_status + + def show + render json: @status, serializer: REST::StatusSourceSerializer + end + + private + + def set_status + @status = Status.find(params[:status_id]) + authorize @status, :show? + rescue Mastodon::NotPermittedError + not_found + end +end |