diff options
| author | Eugen <eugen@zeonfederated.com> | 2017-04-08 23:39:31 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-04-08 23:39:31 +0200 |
| commit | b89f007862bb06bbf892c4f37dbc31ed83138b53 (patch) | |
| tree | a2052b0ef9fc554ef9a7049a3c16ed78a08dbd26 /app/controllers/api | |
| parent | 9acdb166e8871632f592bfcd2386dfc288d81a07 (diff) | |
Make public timelines API not require user context/app credentials (#1291)
* Make /api/v1/timelines/public and /api/v1/timelines/tag/:id public Fix #1156 - respect query params when generating pagination links in API * Apply pagination fix to more APIs
Diffstat (limited to 'app/controllers/api')
| -rw-r--r-- | app/controllers/api/v1/accounts_controller.rb | 28 | ||||
| -rw-r--r-- | app/controllers/api/v1/blocks_controller.rb | 12 | ||||
| -rw-r--r-- | app/controllers/api/v1/favourites_controller.rb | 11 | ||||
| -rw-r--r-- | app/controllers/api/v1/follow_requests_controller.rb | 12 | ||||
| -rw-r--r-- | app/controllers/api/v1/mutes_controller.rb | 12 | ||||
| -rw-r--r-- | app/controllers/api/v1/notifications_controller.rb | 12 | ||||
| -rw-r--r-- | app/controllers/api/v1/statuses_controller.rb | 17 | ||||
| -rw-r--r-- | app/controllers/api/v1/timelines_controller.rb | 26 |
8 files changed, 74 insertions, 56 deletions
diff --git a/app/controllers/api/v1/accounts_controller.rb b/app/controllers/api/v1/accounts_controller.rb index da18474cb..454873116 100644 --- a/app/controllers/api/v1/accounts_controller.rb +++ b/app/controllers/api/v1/accounts_controller.rb @@ -20,10 +20,8 @@ class Api::V1::AccountsController < ApiController accounts = Account.where(id: results.map(&:target_account_id)).map { |a| [a.id, a] }.to_h @accounts = results.map { |f| accounts[f.target_account_id] } - # set_account_counters_maps(@accounts) - - next_path = following_api_v1_account_url(max_id: results.last.id) if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) - prev_path = following_api_v1_account_url(since_id: results.first.id) unless results.empty? + next_path = following_api_v1_account_url(pagination_params(max_id: results.last.id)) if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) + prev_path = following_api_v1_account_url(pagination_params(since_id: results.first.id)) unless results.empty? set_pagination_headers(next_path, prev_path) @@ -35,10 +33,8 @@ class Api::V1::AccountsController < ApiController accounts = Account.where(id: results.map(&:account_id)).map { |a| [a.id, a] }.to_h @accounts = results.map { |f| accounts[f.account_id] } - # set_account_counters_maps(@accounts) - - next_path = followers_api_v1_account_url(max_id: results.last.id) if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) - prev_path = followers_api_v1_account_url(since_id: results.first.id) unless results.empty? + next_path = followers_api_v1_account_url(pagination_params(max_id: results.last.id)) if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) + prev_path = followers_api_v1_account_url(pagination_params(since_id: results.first.id)) unless results.empty? set_pagination_headers(next_path, prev_path) @@ -52,11 +48,9 @@ class Api::V1::AccountsController < ApiController @statuses = cache_collection(@statuses, Status) set_maps(@statuses) - # set_counters_maps(@statuses) - # set_account_counters_maps(@statuses.flat_map { |s| [s.account, s.reblog? ? s.reblog.account : nil] }.compact.uniq) - next_path = statuses_api_v1_account_url(max_id: @statuses.last.id) unless @statuses.empty? - prev_path = statuses_api_v1_account_url(since_id: @statuses.first.id) unless @statuses.empty? + next_path = statuses_api_v1_account_url(statuses_pagination_params(max_id: @statuses.last.id)) unless @statuses.empty? + prev_path = statuses_api_v1_account_url(statuses_pagination_params(since_id: @statuses.first.id)) unless @statuses.empty? set_pagination_headers(next_path, prev_path) end @@ -117,8 +111,6 @@ class Api::V1::AccountsController < ApiController def search @accounts = AccountSearchService.new.call(params[:q], limit_param(DEFAULT_ACCOUNTS_LIMIT), params[:resolve] == 'true', current_account) - # set_account_counters_maps(@accounts) unless @accounts.nil? - render action: :index end @@ -135,4 +127,12 @@ class Api::V1::AccountsController < ApiController @muting = Account.muting_map([@account.id], current_user.account_id) @requested = Account.requested_map([@account.id], current_user.account_id) end + + def pagination_params(core_params) + params.permit(:limit).merge(core_params) + end + + def statuses_pagination_params(core_params) + params.permit(:limit, :only_media, :exclude_replies).merge(core_params) + end end diff --git a/app/controllers/api/v1/blocks_controller.rb b/app/controllers/api/v1/blocks_controller.rb index dadf21265..742717ba2 100644 --- a/app/controllers/api/v1/blocks_controller.rb +++ b/app/controllers/api/v1/blocks_controller.rb @@ -11,11 +11,15 @@ class Api::V1::BlocksController < ApiController accounts = Account.where(id: results.map(&:target_account_id)).map { |a| [a.id, a] }.to_h @accounts = results.map { |f| accounts[f.target_account_id] }.compact - # set_account_counters_maps(@accounts) - - next_path = api_v1_blocks_url(max_id: results.last.id) if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) - prev_path = api_v1_blocks_url(since_id: results.first.id) unless results.empty? + next_path = api_v1_blocks_url(pagination_params(max_id: results.last.id)) if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) + prev_path = api_v1_blocks_url(pagination_params(since_id: results.first.id)) unless results.empty? set_pagination_headers(next_path, prev_path) end + + private + + def pagination_params(core_params) + params.permit(:limit).merge(core_params) + end end diff --git a/app/controllers/api/v1/favourites_controller.rb b/app/controllers/api/v1/favourites_controller.rb index 8a5b81e63..22b93fe79 100644 --- a/app/controllers/api/v1/favourites_controller.rb +++ b/app/controllers/api/v1/favourites_controller.rb @@ -11,11 +11,16 @@ class Api::V1::FavouritesController < ApiController @statuses = cache_collection(Status.where(id: results.map(&:status_id)), Status) set_maps(@statuses) - # set_counters_maps(@statuses) - next_path = api_v1_favourites_url(max_id: results.last.id) if results.size == limit_param(DEFAULT_STATUSES_LIMIT) - prev_path = api_v1_favourites_url(since_id: results.first.id) unless results.empty? + next_path = api_v1_favourites_url(pagination_params(max_id: results.last.id)) if results.size == limit_param(DEFAULT_STATUSES_LIMIT) + prev_path = api_v1_favourites_url(pagination_params(since_id: results.first.id)) unless results.empty? set_pagination_headers(next_path, prev_path) end + + private + + def pagination_params(core_params) + params.permit(:limit).merge(core_params) + end end diff --git a/app/controllers/api/v1/follow_requests_controller.rb b/app/controllers/api/v1/follow_requests_controller.rb index 3b8e8c078..73cfaf10a 100644 --- a/app/controllers/api/v1/follow_requests_controller.rb +++ b/app/controllers/api/v1/follow_requests_controller.rb @@ -9,10 +9,8 @@ class Api::V1::FollowRequestsController < ApiController accounts = Account.where(id: results.map(&:account_id)).map { |a| [a.id, a] }.to_h @accounts = results.map { |f| accounts[f.account_id] } - # set_account_counters_maps(@accounts) - - next_path = api_v1_follow_requests_url(max_id: results.last.id) if results.size == DEFAULT_ACCOUNTS_LIMIT - prev_path = api_v1_follow_requests_url(since_id: results.first.id) unless results.empty? + next_path = api_v1_follow_requests_url(pagination_params(max_id: results.last.id)) if results.size == DEFAULT_ACCOUNTS_LIMIT + prev_path = api_v1_follow_requests_url(pagination_params(since_id: results.first.id)) unless results.empty? set_pagination_headers(next_path, prev_path) end @@ -26,4 +24,10 @@ class Api::V1::FollowRequestsController < ApiController RejectFollowService.new.call(Account.find(params[:id]), current_account) render_empty end + + private + + def pagination_params(core_params) + params.permit(:limit).merge(core_params) + end end diff --git a/app/controllers/api/v1/mutes_controller.rb b/app/controllers/api/v1/mutes_controller.rb index 6f48de040..cbd98732b 100644 --- a/app/controllers/api/v1/mutes_controller.rb +++ b/app/controllers/api/v1/mutes_controller.rb @@ -11,11 +11,15 @@ class Api::V1::MutesController < ApiController accounts = Account.where(id: results.map(&:target_account_id)).map { |a| [a.id, a] }.to_h @accounts = results.map { |f| accounts[f.target_account_id] } - # set_account_counters_maps(@accounts) - - next_path = api_v1_mutes_url(max_id: results.last.id) if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) - prev_path = api_v1_mutes_url(since_id: results.first.id) unless results.empty? + next_path = api_v1_mutes_url(pagination_params(max_id: results.last.id)) if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) + prev_path = api_v1_mutes_url(pagination_params(since_id: results.first.id)) unless results.empty? set_pagination_headers(next_path, prev_path) end + + private + + def pagination_params(core_params) + params.permit(:limit).merge(core_params) + end end diff --git a/app/controllers/api/v1/notifications_controller.rb b/app/controllers/api/v1/notifications_controller.rb index 7bbc5419c..71c054334 100644 --- a/app/controllers/api/v1/notifications_controller.rb +++ b/app/controllers/api/v1/notifications_controller.rb @@ -14,11 +14,9 @@ class Api::V1::NotificationsController < ApiController statuses = @notifications.select { |n| !n.target_status.nil? }.map(&:target_status) set_maps(statuses) - # set_counters_maps(statuses) - # set_account_counters_maps(@notifications.map(&:from_account)) - next_path = api_v1_notifications_url(max_id: @notifications.last.id) unless @notifications.empty? - prev_path = api_v1_notifications_url(since_id: @notifications.first.id) unless @notifications.empty? + next_path = api_v1_notifications_url(pagination_params(max_id: @notifications.last.id)) unless @notifications.empty? + prev_path = api_v1_notifications_url(pagination_params(since_id: @notifications.first.id)) unless @notifications.empty? set_pagination_headers(next_path, prev_path) end @@ -31,4 +29,10 @@ class Api::V1::NotificationsController < ApiController Notification.where(account: current_account).delete_all render_empty end + + private + + def pagination_params(core_params) + params.permit(:limit).merge(core_params) + end end diff --git a/app/controllers/api/v1/statuses_controller.rb b/app/controllers/api/v1/statuses_controller.rb index 4ece7e702..1976ce330 100644 --- a/app/controllers/api/v1/statuses_controller.rb +++ b/app/controllers/api/v1/statuses_controller.rb @@ -23,7 +23,6 @@ class Api::V1::StatusesController < ApiController statuses = [@status] + @context[:ancestors] + @context[:descendants] set_maps(statuses) - # set_counters_maps(statuses) end def card @@ -36,10 +35,8 @@ class Api::V1::StatusesController < ApiController accounts = Account.where(id: results.map(&:account_id)).map { |a| [a.id, a] }.to_h @accounts = results.map { |r| accounts[r.account_id] } - # set_account_counters_maps(@accounts) - - next_path = reblogged_by_api_v1_status_url(max_id: results.last.id) if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) - prev_path = reblogged_by_api_v1_status_url(since_id: results.first.id) unless results.empty? + next_path = reblogged_by_api_v1_status_url(pagination_params(max_id: results.last.id)) if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) + prev_path = reblogged_by_api_v1_status_url(pagination_params(since_id: results.first.id)) unless results.empty? set_pagination_headers(next_path, prev_path) @@ -51,10 +48,8 @@ class Api::V1::StatusesController < ApiController accounts = Account.where(id: results.map(&:account_id)).map { |a| [a.id, a] }.to_h @accounts = results.map { |f| accounts[f.account_id] } - # set_account_counters_maps(@accounts) - - next_path = favourited_by_api_v1_status_url(max_id: results.last.id) if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) - prev_path = favourited_by_api_v1_status_url(since_id: results.first.id) unless results.empty? + next_path = favourited_by_api_v1_status_url(pagination_params(max_id: results.last.id)) if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) + prev_path = favourited_by_api_v1_status_url(pagination_params(since_id: results.first.id)) unless results.empty? set_pagination_headers(next_path, prev_path) @@ -115,4 +110,8 @@ class Api::V1::StatusesController < ApiController def status_params params.permit(:status, :in_reply_to_id, :sensitive, :spoiler_text, :visibility, media_ids: []) end + + def pagination_params(core_params) + params.permit(:limit).merge(core_params) + end end diff --git a/app/controllers/api/v1/timelines_controller.rb b/app/controllers/api/v1/timelines_controller.rb index 0446b9e4d..e55e7d718 100644 --- a/app/controllers/api/v1/timelines_controller.rb +++ b/app/controllers/api/v1/timelines_controller.rb @@ -1,8 +1,8 @@ # frozen_string_literal: true class Api::V1::TimelinesController < ApiController - before_action -> { doorkeeper_authorize! :read } - before_action :require_user!, only: [:home, :mentions] + before_action -> { doorkeeper_authorize! :read }, only: [:home] + before_action :require_user!, only: [:home] respond_to :json @@ -11,11 +11,9 @@ class Api::V1::TimelinesController < ApiController @statuses = cache_collection(@statuses) set_maps(@statuses) - # set_counters_maps(@statuses) - # set_account_counters_maps(@statuses.flat_map { |s| [s.account, s.reblog? ? s.reblog.account : nil] }.compact.uniq) - next_path = api_v1_home_timeline_url(max_id: @statuses.last.id) unless @statuses.empty? - prev_path = api_v1_home_timeline_url(since_id: @statuses.first.id) unless @statuses.empty? + next_path = api_v1_home_timeline_url(pagination_params(max_id: @statuses.last.id)) unless @statuses.empty? + prev_path = api_v1_home_timeline_url(pagination_params(since_id: @statuses.first.id)) unless @statuses.empty? set_pagination_headers(next_path, prev_path) @@ -27,11 +25,9 @@ class Api::V1::TimelinesController < ApiController @statuses = cache_collection(@statuses) set_maps(@statuses) - # set_counters_maps(@statuses) - # set_account_counters_maps(@statuses.flat_map { |s| [s.account, s.reblog? ? s.reblog.account : nil] }.compact.uniq) - next_path = api_v1_public_timeline_url(max_id: @statuses.last.id) unless @statuses.empty? - prev_path = api_v1_public_timeline_url(since_id: @statuses.first.id) unless @statuses.empty? + next_path = api_v1_public_timeline_url(pagination_params(max_id: @statuses.last.id)) unless @statuses.empty? + prev_path = api_v1_public_timeline_url(pagination_params(since_id: @statuses.first.id)) unless @statuses.empty? set_pagination_headers(next_path, prev_path) @@ -44,11 +40,9 @@ class Api::V1::TimelinesController < ApiController @statuses = cache_collection(@statuses) set_maps(@statuses) - # set_counters_maps(@statuses) - # set_account_counters_maps(@statuses.flat_map { |s| [s.account, s.reblog? ? s.reblog.account : nil] }.compact.uniq) - next_path = api_v1_hashtag_timeline_url(params[:id], max_id: @statuses.last.id) unless @statuses.empty? - prev_path = api_v1_hashtag_timeline_url(params[:id], since_id: @statuses.first.id) unless @statuses.empty? + next_path = api_v1_hashtag_timeline_url(params[:id], pagination_params(max_id: @statuses.last.id)) unless @statuses.empty? + prev_path = api_v1_hashtag_timeline_url(params[:id], pagination_params(since_id: @statuses.first.id)) unless @statuses.empty? set_pagination_headers(next_path, prev_path) @@ -60,4 +54,8 @@ class Api::V1::TimelinesController < ApiController def cache_collection(raw) super(raw, Status) end + + def pagination_params(core_params) + params.permit(:local, :limit).merge(core_params) + end end |