diff options
author | Claire <claire.github-309c@sitedethib.com> | 2022-01-23 19:17:31 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-01-23 19:17:31 +0100 |
commit | e58e0eb9aa375b1107b207e8229a2142c4edc0b8 (patch) | |
tree | 9418aede73dbd682e937f900cd0eb1b637f2ea24 /app/controllers/api | |
parent | b209e919bddb4bb72bb4f8589f4b15654f22ef53 (diff) | |
parent | 9483d0c6b2b3eaffca8e02e8be4b9a21c5f9e767 (diff) |
Merge pull request #1663 from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
Diffstat (limited to 'app/controllers/api')
-rw-r--r-- | app/controllers/api/v1/accounts_controller.rb | 6 | ||||
-rw-r--r-- | app/controllers/api/v1/statuses/histories_controller.rb | 21 | ||||
-rw-r--r-- | app/controllers/api/v1/statuses/sources_controller.rb | 21 |
3 files changed, 47 insertions, 1 deletions
diff --git a/app/controllers/api/v1/accounts_controller.rb b/app/controllers/api/v1/accounts_controller.rb index cbccd64f3..5c47158e0 100644 --- a/app/controllers/api/v1/accounts_controller.rb +++ b/app/controllers/api/v1/accounts_controller.rb @@ -83,10 +83,14 @@ class Api::V1::AccountsController < Api::BaseController end def check_enabled_registrations - forbidden if single_user_mode? || !allowed_registrations? + forbidden if single_user_mode? || omniauth_only? || !allowed_registrations? end def allowed_registrations? Setting.registrations_mode != 'none' end + + def omniauth_only? + ENV['OMNIAUTH_ONLY'] == 'true' + end end diff --git a/app/controllers/api/v1/statuses/histories_controller.rb b/app/controllers/api/v1/statuses/histories_controller.rb new file mode 100644 index 000000000..c2c1fac5d --- /dev/null +++ b/app/controllers/api/v1/statuses/histories_controller.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +class Api::V1::Statuses::HistoriesController < Api::BaseController + include Authorization + + before_action -> { authorize_if_got_token! :read, :'read:statuses' } + before_action :set_status + + def show + render json: @status.edits, each_serializer: REST::StatusEditSerializer + end + + private + + def set_status + @status = Status.find(params[:status_id]) + authorize @status, :show? + rescue Mastodon::NotPermittedError + not_found + end +end diff --git a/app/controllers/api/v1/statuses/sources_controller.rb b/app/controllers/api/v1/statuses/sources_controller.rb new file mode 100644 index 000000000..434086451 --- /dev/null +++ b/app/controllers/api/v1/statuses/sources_controller.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +class Api::V1::Statuses::SourcesController < Api::BaseController + include Authorization + + before_action -> { doorkeeper_authorize! :read, :'read:statuses' } + before_action :set_status + + def show + render json: @status, serializer: REST::StatusSourceSerializer + end + + private + + def set_status + @status = Status.find(params[:status_id]) + authorize @status, :show? + rescue Mastodon::NotPermittedError + not_found + end +end |