diff options
Diffstat (limited to 'app/controllers')
44 files changed, 388 insertions, 70 deletions
diff --git a/app/controllers/about_controller.rb b/app/controllers/about_controller.rb index 0dbf0283d..ce1e8293c 100644 --- a/app/controllers/about_controller.rb +++ b/app/controllers/about_controller.rb @@ -1,6 +1,7 @@ # frozen_string_literal: true class AboutController < ApplicationController + before_action :set_pack before_action :set_body_classes before_action :set_instance_presenter, only: [:show, :more, :terms] @@ -25,6 +26,10 @@ class AboutController < ApplicationController helper_method :new_user + def set_pack + use_pack action_name == 'show' ? 'about' : 'common' + end + def set_instance_presenter @instance_presenter = InstancePresenter.new end diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb index f788a9078..85d9e784a 100644 --- a/app/controllers/accounts_controller.rb +++ b/app/controllers/accounts_controller.rb @@ -10,6 +10,7 @@ class AccountsController < ApplicationController def show respond_to do |format| format.html do + use_pack 'public' @body_classes = 'with-modals' @pinned_statuses = [] @endorsed_accounts = @account.endorsed_accounts.to_a.sample(4) @@ -63,7 +64,7 @@ class AccountsController < ApplicationController end def default_statuses - @account.statuses.where(visibility: [:public, :unlisted]) + @account.statuses.not_local_only.where(visibility: [:public, :unlisted]) end def only_media_scope diff --git a/app/controllers/admin/base_controller.rb b/app/controllers/admin/base_controller.rb index 7fb69d578..fc299f74c 100644 --- a/app/controllers/admin/base_controller.rb +++ b/app/controllers/admin/base_controller.rb @@ -5,8 +5,13 @@ module Admin include Authorization include AccountableConcern + layout 'admin' + before_action :require_staff! + before_action :set_pack - layout 'admin' + def set_pack + use_pack 'admin' + end end end diff --git a/app/controllers/admin/settings_controller.rb b/app/controllers/admin/settings_controller.rb index d9f261489..46e9b2c07 100644 --- a/app/controllers/admin/settings_controller.rb +++ b/app/controllers/admin/settings_controller.rb @@ -16,7 +16,8 @@ module Admin timeline_preview show_staff_badge bootstrap_timeline_accounts - theme + flavour + skin thumbnail hero mascot diff --git a/app/controllers/admin/statuses_controller.rb b/app/controllers/admin/statuses_controller.rb index a69f12084..62f49806c 100644 --- a/app/controllers/admin/statuses_controller.rb +++ b/app/controllers/admin/statuses_controller.rb @@ -22,6 +22,15 @@ module Admin @form = Form::StatusBatch.new end + def show + authorize :status, :index? + + @statuses = @account.statuses.where(id: params[:id]) + authorize @statuses[0], :show? + + @form = Form::StatusBatch.new + end + def create authorize :status, :update? diff --git a/app/controllers/api/v1/bookmarks_controller.rb b/app/controllers/api/v1/bookmarks_controller.rb new file mode 100644 index 000000000..1cab3c372 --- /dev/null +++ b/app/controllers/api/v1/bookmarks_controller.rb @@ -0,0 +1,71 @@ +# frozen_string_literal: true + +class Api::V1::BookmarksController < Api::BaseController + before_action -> { doorkeeper_authorize! :read, :'read:bookmarks' } + before_action :require_user! + after_action :insert_pagination_headers + + respond_to :json + + def index + @statuses = load_statuses + render json: @statuses, each_serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new(@statuses, current_user&.account_id) + end + + private + + def load_statuses + cached_bookmarks + end + + def cached_bookmarks + cache_collection( + Status.reorder(nil).joins(:bookmarks).merge(results), + Status + ) + end + + def results + @_results ||= account_bookmarks.paginate_by_max_id( + limit_param(DEFAULT_STATUSES_LIMIT), + params[:max_id], + params[:since_id] + ) + end + + def account_bookmarks + current_account.bookmarks + end + + def insert_pagination_headers + set_pagination_headers(next_path, prev_path) + end + + def next_path + if records_continue? + api_v1_bookmarks_url pagination_params(max_id: pagination_max_id) + end + end + + def prev_path + unless results.empty? + api_v1_bookmarks_url pagination_params(since_id: pagination_since_id) + end + end + + def pagination_max_id + results.last.id + end + + def pagination_since_id + results.first.id + end + + def records_continue? + results.size == limit_param(DEFAULT_STATUSES_LIMIT) + end + + def pagination_params(core_params) + params.slice(:limit).permit(:limit).merge(core_params) + end +end diff --git a/app/controllers/api/v1/mutes_controller.rb b/app/controllers/api/v1/mutes_controller.rb index df6c8e86c..3b3a39943 100644 --- a/app/controllers/api/v1/mutes_controller.rb +++ b/app/controllers/api/v1/mutes_controller.rb @@ -8,16 +8,25 @@ class Api::V1::MutesController < Api::BaseController respond_to :json def index - @accounts = load_accounts + @data = @accounts = load_accounts render json: @accounts, each_serializer: REST::AccountSerializer end + def details + @data = @mutes = load_mutes + render json: @mutes, each_serializer: REST::MuteSerializer + end + private def load_accounts paginated_mutes.map(&:target_account) end + def load_mutes + paginated_mutes.includes(:account, :target_account).to_a + end + def paginated_mutes @paginated_mutes ||= Mute.eager_load(:target_account) .where(account: current_account) @@ -34,26 +43,34 @@ class Api::V1::MutesController < Api::BaseController def next_path if records_continue? - api_v1_mutes_url pagination_params(max_id: pagination_max_id) + url_for pagination_params(max_id: pagination_max_id) end end def prev_path - unless paginated_mutes.empty? - api_v1_mutes_url pagination_params(since_id: pagination_since_id) + unless @data.empty? + url_for pagination_params(since_id: pagination_since_id) end end def pagination_max_id - paginated_mutes.last.id + if params[:action] == "details" + @mutes.last.id + else + paginated_mutes.last.id + end end def pagination_since_id - paginated_mutes.first.id + if params[:action] == "details" + @mutes.first.id + else + paginated_mutes.first.id + end end def records_continue? - paginated_mutes.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) + @data.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) end def pagination_params(core_params) diff --git a/app/controllers/api/v1/notifications_controller.rb b/app/controllers/api/v1/notifications_controller.rb index e2dec62af..3b492c516 100644 --- a/app/controllers/api/v1/notifications_controller.rb +++ b/app/controllers/api/v1/notifications_controller.rb @@ -25,11 +25,20 @@ class Api::V1::NotificationsController < Api::BaseController render_empty end + def destroy + dismiss + end + def dismiss current_account.notifications.find_by!(id: params[:id]).destroy! render_empty end + def destroy_multiple + current_account.notifications.where(id: params[:ids]).destroy_all + render_empty + end + private def load_notifications diff --git a/app/controllers/api/v1/search_controller.rb b/app/controllers/api/v1/search_controller.rb index dc1a37599..895b22b7e 100644 --- a/app/controllers/api/v1/search_controller.rb +++ b/app/controllers/api/v1/search_controller.rb @@ -3,7 +3,7 @@ class Api::V1::SearchController < Api::BaseController include Authorization - RESULTS_LIMIT = 5 + RESULTS_LIMIT = 10 before_action -> { doorkeeper_authorize! :read, :'read:search' } before_action :require_user! diff --git a/app/controllers/api/v1/statuses/bookmarks_controller.rb b/app/controllers/api/v1/statuses/bookmarks_controller.rb new file mode 100644 index 000000000..bb9729cf5 --- /dev/null +++ b/app/controllers/api/v1/statuses/bookmarks_controller.rb @@ -0,0 +1,39 @@ +# frozen_string_literal: true + +class Api::V1::Statuses::BookmarksController < Api::BaseController + include Authorization + + before_action -> { doorkeeper_authorize! :write, :'write:bookmarks' } + before_action :require_user! + + respond_to :json + + def create + @status = bookmarked_status + render json: @status, serializer: REST::StatusSerializer + end + + def destroy + @status = requested_status + @bookmarks_map = { @status.id => false } + + bookmark = Bookmark.find_by!(account: current_user.account, status: @status) + bookmark.destroy! + + render json: @status, serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new([@status], current_user&.account_id, bookmarks_map: @bookmarks_map) + end + + private + + def bookmarked_status + authorize_with current_user.account, requested_status, :show? + + bookmark = Bookmark.find_or_create_by!(account: current_user.account, status: requested_status) + + bookmark.status.reload + end + + def requested_status + Status.find(params[:status_id]) + end +end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index fb4283da3..dca6c5a5a 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -13,7 +13,8 @@ class ApplicationController < ActionController::Base helper_method :current_account helper_method :current_session - helper_method :current_theme + helper_method :current_flavour + helper_method :current_skin helper_method :single_user_mode? helper_method :use_seamless_external_login? @@ -56,6 +57,75 @@ class ApplicationController < ActionController::Base new_user_session_path end + def pack(data, pack_name, skin = 'default') + return nil unless pack?(data, pack_name) + pack_data = { + common: pack_name == 'common' ? nil : resolve_pack(data['name'] ? Themes.instance.flavour(current_flavour) : Themes.instance.core, 'common', skin), + flavour: data['name'], + pack: pack_name, + preload: nil, + skin: nil, + supported_locales: data['locales'], + } + if data['pack'][pack_name].is_a?(Hash) + pack_data[:common] = nil if data['pack'][pack_name]['use_common'] == false + pack_data[:pack] = nil unless data['pack'][pack_name]['filename'] + if data['pack'][pack_name]['preload'] + pack_data[:preload] = [data['pack'][pack_name]['preload']] if data['pack'][pack_name]['preload'].is_a?(String) + pack_data[:preload] = data['pack'][pack_name]['preload'] if data['pack'][pack_name]['preload'].is_a?(Array) + end + if skin != 'default' && data['skin'][skin] + pack_data[:skin] = skin if data['skin'][skin].include?(pack_name) + else # default skin + pack_data[:skin] = 'default' if data['pack'][pack_name]['stylesheet'] + end + end + pack_data + end + + def pack?(data, pack_name) + if data['pack'].is_a?(Hash) && data['pack'].key?(pack_name) + return true if data['pack'][pack_name].is_a?(String) || data['pack'][pack_name].is_a?(Hash) + end + false + end + + def nil_pack(data, pack_name, skin = 'default') + { + common: pack_name == 'common' ? nil : resolve_pack(data['name'] ? Themes.instance.flavour(current_flavour) : Themes.instance.core, 'common', skin), + flavour: data['name'], + pack: nil, + preload: nil, + skin: nil, + supported_locales: data['locales'], + } + end + + def resolve_pack(data, pack_name, skin = 'default') + result = pack(data, pack_name, skin) + unless result + if data['name'] && data.key?('fallback') + if data['fallback'].nil? + return nil_pack(data, pack_name, skin) + elsif data['fallback'].is_a?(String) && Themes.instance.flavour(data['fallback']) + return resolve_pack(Themes.instance.flavour(data['fallback']), pack_name) + elsif data['fallback'].is_a?(Array) + data['fallback'].each do |fallback| + return resolve_pack(Themes.instance.flavour(fallback), pack_name) if Themes.instance.flavour(fallback) + end + end + return nil_pack(data, pack_name, skin) + end + return data.key?('name') && data['name'] != Setting.default_settings['flavour'] ? resolve_pack(Themes.instance.flavour(Setting.default_settings['flavour']), pack_name) : nil_pack(data, pack_name, skin) + end + result + end + + def use_pack(pack_name) + @core = resolve_pack(Themes.instance.core, pack_name) + @theme = resolve_pack(Themes.instance.flavour(current_flavour), pack_name, current_skin) + end + protected def truthy_param?(key) @@ -98,9 +168,14 @@ class ApplicationController < ActionController::Base @current_session ||= SessionActivation.find_by(session_id: cookies.signed['_session_id']) end - def current_theme - return Setting.theme unless Themes.instance.names.include? current_user&.setting_theme - current_user.setting_theme + def current_flavour + return Setting.flavour unless Themes.instance.flavours.include? current_user&.setting_flavour + current_user.setting_flavour + end + + def current_skin + return Setting.skin unless Themes.instance.skins_for(current_flavour).include? current_user&.setting_skin + current_user.setting_skin end def cache_collection(raw, klass) @@ -128,6 +203,7 @@ class ApplicationController < ActionController::Base format.any { head code } format.html do set_locale + use_pack 'error' render "errors/#{code}", layout: 'error', status: code end end diff --git a/app/controllers/auth/confirmations_controller.rb b/app/controllers/auth/confirmations_controller.rb index 7af9cbe81..2954c34da 100644 --- a/app/controllers/auth/confirmations_controller.rb +++ b/app/controllers/auth/confirmations_controller.rb @@ -5,6 +5,7 @@ class Auth::ConfirmationsController < Devise::ConfirmationsController before_action :set_body_classes before_action :set_user, only: [:finish_signup] + before_action :set_pack # GET/PATCH /users/:id/finish_signup def finish_signup @@ -20,6 +21,10 @@ class Auth::ConfirmationsController < Devise::ConfirmationsController private + def set_pack + use_pack 'auth' + end + def set_user @user = current_user end diff --git a/app/controllers/auth/passwords_controller.rb b/app/controllers/auth/passwords_controller.rb index 34b98da53..a59806f0d 100644 --- a/app/controllers/auth/passwords_controller.rb +++ b/app/controllers/auth/passwords_controller.rb @@ -2,6 +2,7 @@ class Auth::PasswordsController < Devise::PasswordsController before_action :check_validity_of_reset_password_token, only: :edit + before_action :set_pack before_action :set_body_classes layout 'auth' @@ -22,4 +23,8 @@ class Auth::PasswordsController < Devise::PasswordsController def reset_password_token_is_valid? resource_class.with_reset_password_token(params[:reset_password_token]).present? end + + def set_pack + use_pack 'auth' + end end diff --git a/app/controllers/auth/registrations_controller.rb b/app/controllers/auth/registrations_controller.rb index a19f4e62e..fcfd1830a 100644 --- a/app/controllers/auth/registrations_controller.rb +++ b/app/controllers/auth/registrations_controller.rb @@ -6,6 +6,7 @@ class Auth::RegistrationsController < Devise::RegistrationsController before_action :set_invite, only: [:new, :create] before_action :check_enabled_registrations, only: [:new, :create] before_action :configure_sign_up_params, only: [:create] + before_action :set_pack before_action :set_sessions, only: [:edit, :update] before_action :set_instance_presenter, only: [:new, :create, :update] before_action :set_body_classes, only: [:new, :create] @@ -76,6 +77,10 @@ class Auth::RegistrationsController < Devise::RegistrationsController private + def set_pack + use_pack %w(edit update).include?(action_name) ? 'admin' : 'auth' + end + def set_instance_presenter @instance_presenter = InstancePresenter.new end diff --git a/app/controllers/auth/sessions_controller.rb b/app/controllers/auth/sessions_controller.rb index 901e82331..d4a659409 100644 --- a/app/controllers/auth/sessions_controller.rb +++ b/app/controllers/auth/sessions_controller.rb @@ -8,6 +8,7 @@ class Auth::SessionsController < Devise::SessionsController skip_before_action :require_no_authentication, only: [:create] skip_before_action :check_user_permissions, only: [:destroy] prepend_before_action :authenticate_with_two_factor, if: :two_factor_enabled?, only: [:create] + prepend_before_action :set_pack before_action :set_instance_presenter, only: [:new] before_action :set_body_classes after_action :clear_site_data, only: [:destroy] @@ -109,6 +110,10 @@ class Auth::SessionsController < Devise::SessionsController private + def set_pack + use_pack 'auth' + end + def set_instance_presenter @instance_presenter = InstancePresenter.new end @@ -130,7 +135,7 @@ class Auth::SessionsController < Devise::SessionsController # Should be '"*"' but that doesn't work in Chrome (neither does '"executionContexts"') # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Clear-Site-Data - response.headers['Clear-Site-Data'] = '"cache", "cookies", "storage"' + response.headers['Clear-Site-Data'] = '"cache", "cookies"' end def continue_after? diff --git a/app/controllers/authorize_interactions_controller.rb b/app/controllers/authorize_interactions_controller.rb index e27366ea3..20b3fa94b 100644 --- a/app/controllers/authorize_interactions_controller.rb +++ b/app/controllers/authorize_interactions_controller.rb @@ -8,6 +8,7 @@ class AuthorizeInteractionsController < ApplicationController before_action :authenticate_user! before_action :set_body_classes before_action :set_resource + before_action :set_pack def show if @resource.is_a?(Account) @@ -63,4 +64,8 @@ class AuthorizeInteractionsController < ApplicationController def set_body_classes @body_classes = 'modal-layout' end + + def set_pack + use_pack 'modal' + end end diff --git a/app/controllers/filters_controller.rb b/app/controllers/filters_controller.rb index 175dbab07..0d1200fcc 100644 --- a/app/controllers/filters_controller.rb +++ b/app/controllers/filters_controller.rb @@ -7,6 +7,7 @@ class FiltersController < ApplicationController before_action :set_filters, only: :index before_action :set_filter, only: [:edit, :update, :destroy] + before_action :set_pack def index @filters = current_account.custom_filters @@ -43,6 +44,10 @@ class FiltersController < ApplicationController private + def set_pack + use_pack 'settings' + end + def set_filters @filters = current_account.custom_filters end diff --git a/app/controllers/follower_accounts_controller.rb b/app/controllers/follower_accounts_controller.rb index 99cb3676f..f5670c6bf 100644 --- a/app/controllers/follower_accounts_controller.rb +++ b/app/controllers/follower_accounts_controller.rb @@ -6,6 +6,8 @@ class FollowerAccountsController < ApplicationController def index respond_to do |format| format.html do + use_pack 'public' + next if @account.user_hides_network? follows diff --git a/app/controllers/following_accounts_controller.rb b/app/controllers/following_accounts_controller.rb index 03c4b1046..098b2a20c 100644 --- a/app/controllers/following_accounts_controller.rb +++ b/app/controllers/following_accounts_controller.rb @@ -6,6 +6,8 @@ class FollowingAccountsController < ApplicationController def index respond_to do |format| format.html do + use_pack 'public' + next if @account.user_hides_network? follows diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb index b5d6460f9..82e5265f5 100644 --- a/app/controllers/home_controller.rb +++ b/app/controllers/home_controller.rb @@ -2,6 +2,8 @@ class HomeController < ApplicationController before_action :authenticate_user! + + before_action :set_pack before_action :set_referrer_policy_header before_action :set_initial_state_json @@ -39,6 +41,10 @@ class HomeController < ApplicationController redirect_to(matches ? tag_path(CGI.unescape(matches[:tag])) : default_redirect_path) end + def set_pack + use_pack 'home' + end + def set_initial_state_json serializable_resource = ActiveModelSerializers::SerializableResource.new(InitialStatePresenter.new(initial_state_params), serializer: InitialStateSerializer) @initial_state_json = serializable_resource.to_json diff --git a/app/controllers/invites_controller.rb b/app/controllers/invites_controller.rb index 3aaa2776f..3dc934761 100644 --- a/app/controllers/invites_controller.rb +++ b/app/controllers/invites_controller.rb @@ -6,6 +6,7 @@ class InvitesController < ApplicationController layout 'admin' before_action :authenticate_user! + before_action :set_pack def index authorize :invite, :create? @@ -37,6 +38,10 @@ class InvitesController < ApplicationController private + def set_pack + use_pack 'settings' + end + def invites Invite.where(user: current_user).order(id: :desc) end diff --git a/app/controllers/oauth/authorizations_controller.rb b/app/controllers/oauth/authorizations_controller.rb index cebbdc4d0..f6f5d1ecc 100644 --- a/app/controllers/oauth/authorizations_controller.rb +++ b/app/controllers/oauth/authorizations_controller.rb @@ -5,6 +5,7 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController before_action :store_current_location before_action :authenticate_resource_owner! + before_action :set_pack include Localized @@ -14,6 +15,10 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController store_location_for(:user, request.url) end + def set_pack + use_pack 'auth' + end + def render_success if skip_authorization? || (matching_token? && !truthy_param?('force_login')) redirect_or_render authorize_response diff --git a/app/controllers/oauth/authorized_applications_controller.rb b/app/controllers/oauth/authorized_applications_controller.rb index 0c28d194b..1e420b3e7 100644 --- a/app/controllers/oauth/authorized_applications_controller.rb +++ b/app/controllers/oauth/authorized_applications_controller.rb @@ -5,6 +5,7 @@ class Oauth::AuthorizedApplicationsController < Doorkeeper::AuthorizedApplicatio before_action :store_current_location before_action :authenticate_resource_owner! + before_action :set_pack include Localized @@ -18,4 +19,8 @@ class Oauth::AuthorizedApplicationsController < Doorkeeper::AuthorizedApplicatio def store_current_location store_location_for(:user, request.url) end + + def set_pack + use_pack 'settings' + end end diff --git a/app/controllers/remote_follow_controller.rb b/app/controllers/remote_follow_controller.rb index 8ba331cd1..17bc1940a 100644 --- a/app/controllers/remote_follow_controller.rb +++ b/app/controllers/remote_follow_controller.rb @@ -4,6 +4,7 @@ class RemoteFollowController < ApplicationController layout 'modal' before_action :set_account + before_action :set_pack before_action :gone, if: :suspended_account? before_action :set_body_classes @@ -32,6 +33,10 @@ class RemoteFollowController < ApplicationController { acct: session[:remote_follow] } end + def set_pack + use_pack 'modal' + end + def set_account @account = Account.find_local!(params[:account_username]) end diff --git a/app/controllers/remote_interaction_controller.rb b/app/controllers/remote_interaction_controller.rb index 6299a1e13..6861f3f21 100644 --- a/app/controllers/remote_interaction_controller.rb +++ b/app/controllers/remote_interaction_controller.rb @@ -7,6 +7,7 @@ class RemoteInteractionController < ApplicationController before_action :set_status before_action :set_body_classes + before_action :set_pack def new @remote_follow = RemoteFollow.new(session_params) @@ -45,4 +46,8 @@ class RemoteInteractionController < ApplicationController @body_classes = 'modal-layout' @hide_header = true end + + def set_pack + use_pack 'modal' + end end diff --git a/app/controllers/settings/applications_controller.rb b/app/controllers/settings/applications_controller.rb index 2a4962311..03c890a50 100644 --- a/app/controllers/settings/applications_controller.rb +++ b/app/controllers/settings/applications_controller.rb @@ -1,9 +1,7 @@ # frozen_string_literal: true -class Settings::ApplicationsController < ApplicationController - layout 'admin' +class Settings::ApplicationsController < Settings::BaseController - before_action :authenticate_user! before_action :set_application, only: [:show, :update, :destroy, :regenerate] before_action :prepare_scopes, only: [:create, :update] diff --git a/app/controllers/settings/base_controller.rb b/app/controllers/settings/base_controller.rb new file mode 100644 index 000000000..7322d461b --- /dev/null +++ b/app/controllers/settings/base_controller.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +class Settings::BaseController < ApplicationController + layout 'admin' + + before_action :authenticate_user! + before_action :set_pack + + def set_pack + use_pack 'settings' + end +end diff --git a/app/controllers/settings/deletes_controller.rb b/app/controllers/settings/deletes_controller.rb index 80002b995..4c1121471 100644 --- a/app/controllers/settings/deletes_controller.rb +++ b/app/controllers/settings/deletes_controller.rb @@ -1,10 +1,8 @@ # frozen_string_literal: true -class Settings::DeletesController < ApplicationController - layout 'admin' +class Settings::DeletesController < Settings::BaseController - before_action :check_enabled_deletion - before_action :authenticate_user! + prepend_before_action :check_enabled_deletion def show @confirmation = Form::DeleteConfirmation.new diff --git a/app/controllers/settings/exports_controller.rb b/app/controllers/settings/exports_controller.rb index 869e11d3b..cf8745576 100644 --- a/app/controllers/settings/exports_controller.rb +++ b/app/controllers/settings/exports_controller.rb @@ -1,12 +1,8 @@ # frozen_string_literal: true -class Settings::ExportsController < ApplicationController +class Settings::ExportsController < Settings::BaseController include Authorization - layout 'admin' - - before_action :authenticate_user! - def show @export = Export.new(current_account) @backups = current_user.backups diff --git a/app/controllers/settings/flavours_controller.rb b/app/controllers/settings/flavours_controller.rb new file mode 100644 index 000000000..634387715 --- /dev/null +++ b/app/controllers/settings/flavours_controller.rb @@ -0,0 +1,32 @@ +# frozen_string_literal: true + +class Settings::FlavoursController < Settings::BaseController + def index + redirect_to action: 'show', flavour: current_flavour + end + + def show + unless Themes.instance.flavours.include?(params[:flavour]) || (params[:flavour] == current_flavour) + redirect_to action: 'show', flavour: current_flavour + end + + @listing = Themes.instance.flavours + @selected = params[:flavour] + end + + def update + user_settings.update(user_settings_params) + redirect_to action: 'show', flavour: params[:flavour] + end + + private + + def user_settings + UserSettingsDecorator.new(current_user) + end + + def user_settings_params + { setting_flavour: params.require(:flavour), + setting_skin: params.dig(:user, :setting_skin) }.with_indifferent_access + end +end diff --git a/app/controllers/settings/follower_domains_controller.rb b/app/controllers/settings/follower_domains_controller.rb index a128bd136..83945df52 100644 --- a/app/controllers/settings/follower_domains_controller.rb +++ b/app/controllers/settings/follower_domains_controller.rb @@ -1,10 +1,8 @@ # frozen_string_literal: true -class Settings::FollowerDomainsController < ApplicationController - layout 'admin' - - before_action :authenticate_user! +require 'sidekiq-bulk' +class Settings::FollowerDomainsController < Settings::BaseController def show @account = current_account @domains = current_account.followers.reorder(Arel.sql('MIN(follows.id) DESC')).group('accounts.domain').select('accounts.domain, count(accounts.id) as accounts_from_domain').page(params[:page]).per(10) diff --git a/app/controllers/settings/imports_controller.rb b/app/controllers/settings/imports_controller.rb index 0db13d1ca..dbd136ebe 100644 --- a/app/controllers/settings/imports_controller.rb +++ b/app/controllers/settings/imports_controller.rb @@ -1,9 +1,6 @@ # frozen_string_literal: true -class Settings::ImportsController < ApplicationController - layout 'admin' - - before_action :authenticate_user! +class Settings::ImportsController < Settings::BaseController before_action :set_account def show diff --git a/app/controllers/settings/migrations_controller.rb b/app/controllers/settings/migrations_controller.rb index bc6436b87..89b3f7246 100644 --- a/app/controllers/settings/migrations_controller.rb +++ b/app/controllers/settings/migrations_controller.rb @@ -1,10 +1,6 @@ # frozen_string_literal: true -class Settings::MigrationsController < ApplicationController - layout 'admin' - - before_action :authenticate_user! - +class Settings::MigrationsController < Settings::BaseController def show @migration = Form::Migration.new(account: current_account.moved_to_account) end diff --git a/app/controllers/settings/notifications_controller.rb b/app/controllers/settings/notifications_controller.rb index fe45c17b2..68ebddfc9 100644 --- a/app/controllers/settings/notifications_controller.rb +++ b/app/controllers/settings/notifications_controller.rb @@ -1,10 +1,6 @@ # frozen_string_literal: true -class Settings::NotificationsController < ApplicationController - layout 'admin' - - before_action :authenticate_user! - +class Settings::NotificationsController < Settings::BaseController def show; end def update diff --git a/app/controllers/settings/preferences_controller.rb b/app/controllers/settings/preferences_controller.rb index b83900f07..5c5f31d2b 100644 --- a/app/controllers/settings/preferences_controller.rb +++ b/app/controllers/settings/preferences_controller.rb @@ -1,10 +1,6 @@ # frozen_string_literal: true -class Settings::PreferencesController < ApplicationController - layout 'admin' - - before_action :authenticate_user! - +class Settings::PreferencesController < Settings::BaseController def show; end def update @@ -38,6 +34,7 @@ class Settings::PreferencesController < ApplicationController :setting_default_language, :setting_unfollow_modal, :setting_boost_modal, + :setting_favourite_modal, :setting_delete_modal, :setting_auto_play_gif, :setting_display_media, @@ -45,7 +42,6 @@ class Settings::PreferencesController < ApplicationController :setting_reduce_motion, :setting_system_font_ui, :setting_noindex, - :setting_theme, :setting_hide_network, notification_emails: %i(follow follow_request reblog favourite mention digest report), interactions: %i(must_be_follower must_be_following) diff --git a/app/controllers/settings/profiles_controller.rb b/app/controllers/settings/profiles_controller.rb index fe265c81d..918dbc6c6 100644 --- a/app/controllers/settings/profiles_controller.rb +++ b/app/controllers/settings/profiles_controller.rb @@ -1,11 +1,8 @@ # frozen_string_literal: true -class Settings::ProfilesController < ApplicationController +class Settings::ProfilesController < Settings::BaseController include ObfuscateFilename - layout 'admin' - - before_action :authenticate_user! before_action :set_account obfuscate_filename [:account, :avatar] diff --git a/app/controllers/settings/sessions_controller.rb b/app/controllers/settings/sessions_controller.rb index 0da1b027b..780ea64b4 100644 --- a/app/controllers/settings/sessions_controller.rb +++ b/app/controllers/settings/sessions_controller.rb @@ -1,5 +1,6 @@ # frozen_string_literal: true +# Intentionally does not inherit from BaseController class Settings::SessionsController < ApplicationController before_action :set_session, only: :destroy diff --git a/app/controllers/settings/two_factor_authentication/confirmations_controller.rb b/app/controllers/settings/two_factor_authentication/confirmations_controller.rb index 8d534960d..8518c61ee 100644 --- a/app/controllers/settings/two_factor_authentication/confirmations_controller.rb +++ b/app/controllers/settings/two_factor_authentication/confirmations_controller.rb @@ -2,10 +2,7 @@ module Settings module TwoFactorAuthentication - class ConfirmationsController < ApplicationController - layout 'admin' - - before_action :authenticate_user! + class ConfirmationsController < BaseController before_action :ensure_otp_secret def new diff --git a/app/controllers/settings/two_factor_authentication/recovery_codes_controller.rb b/app/controllers/settings/two_factor_authentication/recovery_codes_controller.rb index e591e9502..94d1567f3 100644 --- a/app/controllers/settings/two_factor_authentication/recovery_codes_controller.rb +++ b/app/controllers/settings/two_factor_authentication/recovery_codes_controller.rb @@ -2,11 +2,7 @@ module Settings module TwoFactorAuthentication - class RecoveryCodesController < ApplicationController - layout 'admin' - - before_action :authenticate_user! - + class RecoveryCodesController < BaseController def create @recovery_codes = current_user.generate_otp_backup_codes! current_user.save! diff --git a/app/controllers/settings/two_factor_authentications_controller.rb b/app/controllers/settings/two_factor_authentications_controller.rb index 863cc7351..8c7737e9d 100644 --- a/app/controllers/settings/two_factor_authentications_controller.rb +++ b/app/controllers/settings/two_factor_authentications_controller.rb @@ -1,10 +1,7 @@ # frozen_string_literal: true module Settings - class TwoFactorAuthenticationsController < ApplicationController - layout 'admin' - - before_action :authenticate_user! + class TwoFactorAuthenticationsController < BaseController before_action :verify_otp_required, only: [:create] def show diff --git a/app/controllers/shares_controller.rb b/app/controllers/shares_controller.rb index 9ef1e0749..4624c29a6 100644 --- a/app/controllers/shares_controller.rb +++ b/app/controllers/shares_controller.rb @@ -4,6 +4,7 @@ class SharesController < ApplicationController layout 'modal' before_action :authenticate_user! + before_action :set_pack before_action :set_body_classes def show @@ -26,6 +27,10 @@ class SharesController < ApplicationController } end + def set_pack + use_pack 'share' + end + def set_body_classes @body_classes = 'modal-layout compose-standalone' end diff --git a/app/controllers/statuses_controller.rb b/app/controllers/statuses_controller.rb index d4ad3df60..145e77918 100644 --- a/app/controllers/statuses_controller.rb +++ b/app/controllers/statuses_controller.rb @@ -19,9 +19,14 @@ class StatusesController < ApplicationController before_action :set_referrer_policy_header, only: [:show] before_action :set_cache_headers + content_security_policy only: :embed do |p| + p.frame_ancestors(false) + end + def show respond_to do |format| format.html do + use_pack 'public' @body_classes = 'with-modals' set_ancestors @@ -49,6 +54,7 @@ class StatusesController < ApplicationController end def embed + use_pack 'embed' raise ActiveRecord::RecordNotFound if @status.hidden? skip_session! diff --git a/app/controllers/stream_entries_controller.rb b/app/controllers/stream_entries_controller.rb index 8568b151c..8cb54a148 100644 --- a/app/controllers/stream_entries_controller.rb +++ b/app/controllers/stream_entries_controller.rb @@ -15,6 +15,7 @@ class StreamEntriesController < ApplicationController def show respond_to do |format| format.html do + use_pack 'public' redirect_to short_account_status_url(params[:account_username], @stream_entry.activity) if @type == 'status' end @@ -53,7 +54,7 @@ class StreamEntriesController < ApplicationController @type = @stream_entry.activity_type.downcase raise ActiveRecord::RecordNotFound if @stream_entry.activity.nil? - authorize @stream_entry.activity, :show? if @stream_entry.hidden? + authorize @stream_entry.activity, :show? if @stream_entry.hidden? || @stream_entry.local_only? rescue Mastodon::NotPermittedError # Reraise in order to get a 404 raise ActiveRecord::RecordNotFound diff --git a/app/controllers/tags_controller.rb b/app/controllers/tags_controller.rb index 8772509d5..a48fdb9f8 100644 --- a/app/controllers/tags_controller.rb +++ b/app/controllers/tags_controller.rb @@ -11,6 +11,7 @@ class TagsController < ApplicationController respond_to do |format| format.html do + use_pack 'about' serializable_resource = ActiveModelSerializers::SerializableResource.new(InitialStatePresenter.new(initial_state_params), serializer: InitialStateSerializer) @initial_state_json = serializable_resource.to_json end |