about summary refs log tree commit diff
path: root/app/controllers/application_controller.rb
diff options
context:
space:
mode:
authorFire Demon <firedemon@creature.cafe>2020-07-28 20:40:25 -0500
committerFire Demon <firedemon@creature.cafe>2020-08-30 05:45:16 -0500
commit054e15e4f03eecb174374466581b9662a6b38e24 (patch)
tree80db06ea08762f659878d8ffe2ffb4f54333b9c6 /app/controllers/application_controller.rb
parent9234fb32e6b2b8bf8fb2184f9b1b57202eb5f625 (diff)
[Privacy] Add options for private accounts
Diffstat (limited to 'app/controllers/application_controller.rb')
-rw-r--r--app/controllers/application_controller.rb42
1 files changed, 41 insertions, 1 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index e996c2217..9608f1cf9 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -12,6 +12,7 @@ class ApplicationController < ActionController::Base
   include SessionTrackingConcern
   include CacheConcern
   include DomainControlHelper
+  include SignatureVerification
 
   helper_method :current_account
   helper_method :current_session
@@ -71,6 +72,28 @@ class ApplicationController < ActionController::Base
     redirect_to edit_user_registration_path unless current_user.functional?
   end
 
+  def require_authenticated!
+    return if current_account?
+
+    respond_to do |format|
+      format.any { redirect_to edit_user_registration_path }
+      format.json { forbidden }
+    end
+  end
+
+  def require_known!(account)
+    return if authenticated_or_following?(account)
+
+    respond_to do |format|
+      format.any { redirect_to edit_user_registration_path }
+      format.json { forbidden }
+    end
+  end
+
+  def require_following!(account)
+    forbidden unless following?(account)
+  end
+
   def after_sign_out_path_for(_resource_or_scope)
     new_user_session_path
   end
@@ -197,7 +220,7 @@ class ApplicationController < ActionController::Base
   def current_account
     return @current_account if defined?(@current_account)
 
-    @current_account = current_user&.account
+    @current_account = current_user&.account.presence || signed_request_account
   end
 
   def current_session
@@ -225,4 +248,21 @@ class ApplicationController < ActionController::Base
       format.json { render json: { error: Rack::Utils::HTTP_STATUS_CODES[code] }, status: code }
     end
   end
+
+  def following?(account)
+    return if account.blank?
+
+    @account_following ||= {}
+    return @account_following[account.id] if @account_following[account.id].present?
+
+    @account_following[account.id] = current_account.present? && (current_account.id == account.id || current_account.following?(account))
+  end
+
+  def authenticated_or_following?(account)
+    current_user.functional? || following?(account)
+  end
+
+  def current_account?
+    current_account.present?
+  end
 end