diff options
| author | Claire <claire.github-309c@sitedethib.com> | 2023-02-13 16:36:29 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-02-13 16:36:29 +0100 |
| commit | d6930b3847405dc9f8c1a54fb74d488a3c9a775e (patch) | |
| tree | feb3e7aa1713113cd8792c739cdd8ad8456560ed /app/controllers/api/v1/statuses_controller.rb | |
| parent | c84f38abc4b82d77c5d832399d5746fe51de3c67 (diff) | |
Add API parameter to safeguard unexpect mentions in new posts (#18350)
Diffstat (limited to 'app/controllers/api/v1/statuses_controller.rb')
| -rw-r--r-- | app/controllers/api/v1/statuses_controller.rb | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/app/controllers/api/v1/statuses_controller.rb b/app/controllers/api/v1/statuses_controller.rb index 9a8c0c161..fadd1b045 100644 --- a/app/controllers/api/v1/statuses_controller.rb +++ b/app/controllers/api/v1/statuses_controller.rb @@ -63,11 +63,18 @@ class Api::V1::StatusesController < Api::BaseController scheduled_at: status_params[:scheduled_at], application: doorkeeper_token.application, poll: status_params[:poll], + allowed_mentions: status_params[:allowed_mentions], idempotency: request.headers['Idempotency-Key'], with_rate_limit: true ) render json: @status, serializer: @status.is_a?(ScheduledStatus) ? REST::ScheduledStatusSerializer : REST::StatusSerializer + rescue PostStatusService::UnexpectedMentionsError => e + unexpected_accounts = ActiveModel::Serializer::CollectionSerializer.new( + e.accounts, + serializer: REST::AccountSerializer + ) + render json: { error: e.message, unexpected_accounts: unexpected_accounts }, status: 422 end def update @@ -128,6 +135,7 @@ class Api::V1::StatusesController < Api::BaseController :visibility, :language, :scheduled_at, + allowed_mentions: [], media_ids: [], media_attributes: [ :id, |