diff options
| author | David Celis <me@davidcel.is> | 2017-04-09 09:33:40 -0700 |
|---|---|---|
| committer | Eugen <eugen@zeonfederated.com> | 2017-04-09 18:33:40 +0200 |
| commit | d4fe6cd2bfee50cfcde5de5c3f58240552e9c71d (patch) | |
| tree | d4a7cf3666e6310652fac11f3078506b7ab44b54 /app | |
| parent | ea6c930c04762bef00b42dad16a17b71b8acc93b (diff) | |
Allow users to update their Account in the API (#1179)
* Allow users to update their Account in the API It would be nice for API clients to be able to allow users to update their accounts without having to wrap Mastodon in a web view. This patch adds an API endpoint to let users submit a PATCH for their account. Signed-off-by: David Celis <me@davidcel.is> * Add /api/v1/accounts/update_credentials to the API docs Signed-off-by: David Celis <me@davidcel.is>
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/api/v1/accounts_controller.rb | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/app/controllers/api/v1/accounts_controller.rb b/app/controllers/api/v1/accounts_controller.rb index 454873116..bb7cda035 100644 --- a/app/controllers/api/v1/accounts_controller.rb +++ b/app/controllers/api/v1/accounts_controller.rb @@ -1,10 +1,11 @@ # frozen_string_literal: true class Api::V1::AccountsController < ApiController - before_action -> { doorkeeper_authorize! :read }, except: [:follow, :unfollow, :block, :unblock, :mute, :unmute] + before_action -> { doorkeeper_authorize! :read }, except: [:follow, :unfollow, :block, :unblock, :mute, :unmute, :update_credentials] before_action -> { doorkeeper_authorize! :follow }, only: [:follow, :unfollow, :block, :unblock, :mute, :unmute] + before_action -> { doorkeeper_authorize! :write }, only: [:update_credentials] before_action :require_user!, except: [:show, :following, :followers, :statuses] - before_action :set_account, except: [:verify_credentials, :suggestions, :search] + before_action :set_account, except: [:verify_credentials, :update_credentials, :suggestions, :search] respond_to :json @@ -15,6 +16,14 @@ class Api::V1::AccountsController < ApiController render action: :show end + def update_credentials + @account = current_user.account + + @account.update_attributes!(account_params) + + render action: :show + end + def following results = Follow.where(account: @account).paginate_by_max_id(limit_param(DEFAULT_ACCOUNTS_LIMIT), params[:max_id], params[:since_id]) accounts = Account.where(id: results.map(&:target_account_id)).map { |a| [a.id, a] }.to_h @@ -135,4 +144,8 @@ class Api::V1::AccountsController < ApiController def statuses_pagination_params(core_params) params.permit(:limit, :only_media, :exclude_replies).merge(core_params) end + + def account_params + @account_params ||= params.permit(:display_name, :note, :avatar, :header) + end end |