diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2019-09-17 14:58:02 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-09-17 14:58:02 +0200 |
commit | b671b912113b8705729a44424946bb31ae445df5 (patch) | |
tree | a946758e8046a20e62a50e3f9993c4c52147eb52 /app | |
parent | 0e5b9e3ba0ddc8061ad57f71924fdbfb981f42a0 (diff) |
Fix webfinger response not returning 410 when account is suspended (#11869)
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/well_known/webfinger_controller.rb | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/app/controllers/well_known/webfinger_controller.rb b/app/controllers/well_known/webfinger_controller.rb index d60bf98ab..480e58f3f 100644 --- a/app/controllers/well_known/webfinger_controller.rb +++ b/app/controllers/well_known/webfinger_controller.rb @@ -5,18 +5,22 @@ module WellKnown include RoutingHelper before_action { response.headers['Vary'] = 'Accept' } + before_action :set_account + before_action :check_account_suspension - def show - @account = Account.find_local!(username_from_resource) + rescue_from ActiveRecord::RecordNotFound, ActionController::ParameterMissing, with: :not_found + def show expires_in 3.days, public: true render json: @account, serializer: WebfingerSerializer, content_type: 'application/jrd+json' - rescue ActiveRecord::RecordNotFound, ActionController::ParameterMissing - head 404 end private + def set_account + @account = Account.find_local!(username_from_resource) + end + def username_from_resource resource_user = resource_param username, domain = resource_user.split('@') @@ -28,5 +32,17 @@ module WellKnown def resource_param params.require(:resource) end + + def check_account_suspension + expires_in(3.minutes, public: true) && gone if @account.suspended? + end + + def not_found + head 404 + end + + def gone + head 410 + end end end |