diff options
author | pluralcafe-docker <git@plural.cafe> | 2019-01-04 21:19:55 +0000 |
---|---|---|
committer | pluralcafe-docker <git@plural.cafe> | 2019-01-04 21:19:55 +0000 |
commit | 74134e490c49d8a7d88cc69720e22cd88cee9233 (patch) | |
tree | bd7fc8d41f7887037401ff86c81bc93d5fb00d01 /app/controllers | |
parent | 797a8429a0deb511e6d6092edad39f856231534e (diff) | |
parent | 0acd51acdc1e670bf57f58671cb8e30743782c63 (diff) |
Merge branch 'glitch'
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/admin/account_actions_controller.rb | 2 | ||||
-rw-r--r-- | app/controllers/admin/accounts_controller.rb | 5 | ||||
-rw-r--r-- | app/controllers/admin/followers_controller.rb | 22 | ||||
-rw-r--r-- | app/controllers/api/base_controller.rb | 10 | ||||
-rw-r--r-- | app/controllers/api/v1/accounts/statuses_controller.rb | 10 | ||||
-rw-r--r-- | app/controllers/api/v1/accounts_controller.rb | 26 | ||||
-rw-r--r-- | app/controllers/auth/confirmations_controller.rb | 10 | ||||
-rw-r--r-- | app/controllers/auth/registrations_controller.rb | 1 | ||||
-rw-r--r-- | app/controllers/concerns/signature_verification.rb | 1 | ||||
-rw-r--r-- | app/controllers/settings/exports/blocked_domains_controller.rb | 19 | ||||
-rw-r--r-- | app/controllers/settings/exports/lists_controller.rb | 19 |
11 files changed, 109 insertions, 16 deletions
diff --git a/app/controllers/admin/account_actions_controller.rb b/app/controllers/admin/account_actions_controller.rb index e847495f1..a2cea461e 100644 --- a/app/controllers/admin/account_actions_controller.rb +++ b/app/controllers/admin/account_actions_controller.rb @@ -17,7 +17,7 @@ module Admin account_action.save! if account_action.with_report? - redirect_to admin_report_path(account_action.report) + redirect_to admin_reports_path else redirect_to admin_account_path(@account.id) end diff --git a/app/controllers/admin/accounts_controller.rb b/app/controllers/admin/accounts_controller.rb index f5e5f7ed5..562fba996 100644 --- a/app/controllers/admin/accounts_controller.rb +++ b/app/controllers/admin/accounts_controller.rb @@ -62,9 +62,8 @@ module Admin def redownload authorize @account, :redownload? - @account.reset_avatar! - @account.reset_header! - @account.save! + @account.update!(last_webfingered_at: nil) + ResolveAccountService.new.call(@account) redirect_to admin_account_path(@account.id) end diff --git a/app/controllers/admin/followers_controller.rb b/app/controllers/admin/followers_controller.rb new file mode 100644 index 000000000..819628b20 --- /dev/null +++ b/app/controllers/admin/followers_controller.rb @@ -0,0 +1,22 @@ +# frozen_string_literal: true + +module Admin + class FollowersController < BaseController + before_action :set_account + + PER_PAGE = 40 + + def index + authorize :account, :index? + @followers = followers.recent.page(params[:page]).per(PER_PAGE) + end + + def set_account + @account = Account.find(params[:account_id]) + end + + def followers + Follow.includes(:account).where(target_account: @account) + end + end +end diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb index ac8de5fc0..a1dd30918 100644 --- a/app/controllers/api/base_controller.rb +++ b/app/controllers/api/base_controller.rb @@ -68,12 +68,14 @@ class Api::BaseController < ApplicationController end def require_user! - if current_user && !current_user.disabled? - set_user_activity - elsif current_user + if !current_user + render json: { error: 'This method requires an authenticated user' }, status: 422 + elsif current_user.disabled? render json: { error: 'Your login is currently disabled' }, status: 403 + elsif !current_user.confirmed? + render json: { error: 'Email confirmation is not completed' }, status: 403 else - render json: { error: 'This method requires an authenticated user' }, status: 422 + set_user_activity end end diff --git a/app/controllers/api/v1/accounts/statuses_controller.rb b/app/controllers/api/v1/accounts/statuses_controller.rb index d3f1197f8..6c2a5c141 100644 --- a/app/controllers/api/v1/accounts/statuses_controller.rb +++ b/app/controllers/api/v1/accounts/statuses_controller.rb @@ -28,13 +28,11 @@ class Api::V1::Accounts::StatusesController < Api::BaseController def account_statuses statuses = truthy_param?(:pinned) ? pinned_scope : permitted_account_statuses - statuses = statuses.paginate_by_id( - limit_param(DEFAULT_STATUSES_LIMIT), - params_slice(:max_id, :since_id, :min_id) - ) + statuses = statuses.paginate_by_id(limit_param(DEFAULT_STATUSES_LIMIT), params_slice(:max_id, :since_id, :min_id)) statuses.merge!(only_media_scope) if truthy_param?(:only_media) statuses.merge!(no_replies_scope) if truthy_param?(:exclude_replies) + statuses.merge!(no_reblogs_scope) if truthy_param?(:exclude_reblogs) statuses end @@ -65,6 +63,10 @@ class Api::V1::Accounts::StatusesController < Api::BaseController Status.without_replies end + def no_reblogs_scope + Status.without_reblogs + end + def pagination_params(core_params) params.slice(:limit, :only_media, :exclude_replies).permit(:limit, :only_media, :exclude_replies).merge(core_params) end diff --git a/app/controllers/api/v1/accounts_controller.rb b/app/controllers/api/v1/accounts_controller.rb index f711c4676..6e4084c4e 100644 --- a/app/controllers/api/v1/accounts_controller.rb +++ b/app/controllers/api/v1/accounts_controller.rb @@ -1,14 +1,16 @@ # frozen_string_literal: true class Api::V1::AccountsController < Api::BaseController - before_action -> { authorize_if_got_token! :read, :'read:accounts' }, except: [:follow, :unfollow, :block, :unblock, :mute, :unmute] + before_action -> { authorize_if_got_token! :read, :'read:accounts' }, except: [:create, :follow, :unfollow, :block, :unblock, :mute, :unmute] before_action -> { doorkeeper_authorize! :follow, :'write:follows' }, only: [:follow, :unfollow] before_action -> { doorkeeper_authorize! :follow, :'write:mutes' }, only: [:mute, :unmute] before_action -> { doorkeeper_authorize! :follow, :'write:blocks' }, only: [:block, :unblock] + before_action -> { doorkeeper_authorize! :write, :'write:accounts' }, only: [:create] - before_action :require_user!, except: [:show] - before_action :set_account + before_action :require_user!, except: [:show, :create] + before_action :set_account, except: [:create] before_action :check_account_suspension, only: [:show] + before_action :check_enabled_registrations, only: [:create] respond_to :json @@ -16,6 +18,16 @@ class Api::V1::AccountsController < Api::BaseController render json: @account, serializer: REST::AccountSerializer end + def create + token = AppSignUpService.new.call(doorkeeper_token.application, account_params) + response = Doorkeeper::OAuth::TokenResponse.new(token) + + headers.merge!(response.headers) + + self.response_body = Oj.dump(response.body) + self.status = response.status + end + def follow FollowService.new.call(current_user.account, @account, reblogs: truthy_param?(:reblogs)) @@ -62,4 +74,12 @@ class Api::V1::AccountsController < Api::BaseController def check_account_suspension gone if @account.suspended? end + + def account_params + params.permit(:username, :email, :password, :agreement) + end + + def check_enabled_registrations + forbidden if single_user_mode? || !Setting.open_registrations + end end diff --git a/app/controllers/auth/confirmations_controller.rb b/app/controllers/auth/confirmations_controller.rb index 2954c34da..eade82e36 100644 --- a/app/controllers/auth/confirmations_controller.rb +++ b/app/controllers/auth/confirmations_controller.rb @@ -7,9 +7,9 @@ class Auth::ConfirmationsController < Devise::ConfirmationsController before_action :set_user, only: [:finish_signup] before_action :set_pack - # GET/PATCH /users/:id/finish_signup def finish_signup return unless request.patch? && params[:user] + if @user.update(user_params) @user.skip_reconfirmation! bypass_sign_in(@user) @@ -36,4 +36,12 @@ class Auth::ConfirmationsController < Devise::ConfirmationsController def user_params params.require(:user).permit(:email) end + + def after_confirmation_path_for(_resource_name, user) + if user.created_by_application && truthy_param?(:redirect_to_app) + user.created_by_application.redirect_uri + else + super + end + end end diff --git a/app/controllers/auth/registrations_controller.rb b/app/controllers/auth/registrations_controller.rb index 0696dea86..11436d7c5 100644 --- a/app/controllers/auth/registrations_controller.rb +++ b/app/controllers/auth/registrations_controller.rb @@ -27,6 +27,7 @@ class Auth::RegistrationsController < Devise::RegistrationsController resource.locale = I18n.locale resource.invite_code = params[:invite_code] if resource.invite_code.blank? + resource.agreement = true resource.build_account if resource.account.nil? end diff --git a/app/controllers/concerns/signature_verification.rb b/app/controllers/concerns/signature_verification.rb index 7e491641b..887096e8b 100644 --- a/app/controllers/concerns/signature_verification.rb +++ b/app/controllers/concerns/signature_verification.rb @@ -47,6 +47,7 @@ module SignatureVerification .with_fallback { nil } .with_threshold(1) .with_cool_off_time(5.minutes.seconds) + .with_error_handler { |error, handle| error.is_a?(HTTP::Error) ? handle.call(error) : raise(error) } account = account_stoplight.run diff --git a/app/controllers/settings/exports/blocked_domains_controller.rb b/app/controllers/settings/exports/blocked_domains_controller.rb new file mode 100644 index 000000000..6676ce340 --- /dev/null +++ b/app/controllers/settings/exports/blocked_domains_controller.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +module Settings + module Exports + class BlockedDomainsController < ApplicationController + include ExportControllerConcern + + def index + send_export_file + end + + private + + def export_data + @export.to_blocked_domains_csv + end + end + end +end diff --git a/app/controllers/settings/exports/lists_controller.rb b/app/controllers/settings/exports/lists_controller.rb new file mode 100644 index 000000000..cf5a9de44 --- /dev/null +++ b/app/controllers/settings/exports/lists_controller.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +module Settings + module Exports + class ListsController < ApplicationController + include ExportControllerConcern + + def index + send_export_file + end + + private + + def export_data + @export.to_lists_csv + end + end + end +end |