From c4dd1074fcdeba84c812feec70d757bae0456fdd Mon Sep 17 00:00:00 2001
From: Fire Demon <firedemon@creature.cafe>
Date: Sat, 25 Jul 2020 23:23:09 -0500
Subject: [Feature, Privacy] Add API support for per-domain post privacy
 (account)

---
 .../api/v1/domain_permissions_controller.rb        | 81 ++++++++++++++++++++++
 app/policies/account_domain_permission_policy.rb   | 17 +++++
 config/initializers/doorkeeper.rb                  |  6 ++
 config/routes.rb                                   |  2 +
 4 files changed, 106 insertions(+)
 create mode 100644 app/controllers/api/v1/domain_permissions_controller.rb
 create mode 100644 app/policies/account_domain_permission_policy.rb

diff --git a/app/controllers/api/v1/domain_permissions_controller.rb b/app/controllers/api/v1/domain_permissions_controller.rb
new file mode 100644
index 000000000..1b0e37135
--- /dev/null
+++ b/app/controllers/api/v1/domain_permissions_controller.rb
@@ -0,0 +1,81 @@
+# frozen_string_literal: true
+
+class Api::V1::DomainPermissionsController < Api::BaseController
+  before_action -> { doorkeeper_authorize! :read, :'read:domain_permissions', :'read:domain_permissions:account' }, only: :show
+  before_action -> { doorkeeper_authorize! :write, :'write:domain_permissions', :'write:domain_permissions:account' }, only: [:create, :update, :destroy]
+  before_action :require_user!
+  before_action :set_permission, except: [:show, :create]
+  after_action :insert_pagination_headers
+
+  LIMIT = 100
+
+  def show
+    @permissions = load_account_domain_permissions
+    render json: @permissions, each_serializer: REST::AccountDomainPermissionSerializer
+  end
+
+  def create
+    @permission = current_account.domain_permissions.create!(domain_permission_params)
+    render json: @permission, serializer: REST::AccountDomainPermissionSerializer
+  end
+
+  def update
+    @permission.update!(domain_permission_params)
+    render json: @permission, serializer: REST::AccountDomainPermissionSerializer
+  end
+
+  def destroy
+    @permission.destroy!
+    render_empty
+  end
+
+  private
+
+  def load_account_domain_permissions
+    account_domain_permissions.paginate_by_max_id(
+      limit_param(LIMIT),
+      params[:max_id],
+      params[:since_id]
+    )
+  end
+
+  def set_permission
+    @permission = current_account.domain_permissions.find(params[:id])
+  end
+
+  def account_domain_permissions
+    current_account.domain_permissions
+  end
+
+  def insert_pagination_headers
+    set_pagination_headers(next_path, prev_path)
+  end
+
+  def next_path
+    api_v1_domain_permissions_url pagination_params(max_id: pagination_max_id) if records_continue?
+  end
+
+  def prev_path
+    api_v1_domain_permissions_url pagination_params(since_id: pagination_since_id) unless @permissions.empty?
+  end
+
+  def pagination_max_id
+    @permissions.last.id
+  end
+
+  def pagination_since_id
+    @permissions.first.id
+  end
+
+  def records_continue?
+    @permissions.size == limit_param(LIMIT)
+  end
+
+  def pagination_params(core_params)
+    params.slice(:limit).permit(:limit).merge(core_params)
+  end
+
+  def domain_permission_params
+    params.permit(:domain, :visibility)
+  end
+end
diff --git a/app/policies/account_domain_permission_policy.rb b/app/policies/account_domain_permission_policy.rb
new file mode 100644
index 000000000..b50857f9f
--- /dev/null
+++ b/app/policies/account_domain_permission_policy.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class AccountDomainPermissionPolicy < ApplicationPolicy
+  def update?
+    owned?
+  end
+
+  def destroy?
+    owned?
+  end
+
+  private
+
+  def owned?
+    record.account_id == current_account&.id
+  end
+end
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
index 4394444bb..1c790e90a 100644
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -77,6 +77,9 @@ Doorkeeper.configure do
                   :'write:reports',
                   :'write:statuses',
                   :'write:statuses:publish',
+                  :'write:domain_permissions',
+                  :'write:domain_permissions:account',
+                  :'write:domain_permissions:statuses',
                   :read,
                   :'read:accounts',
                   :'read:blocks',
@@ -89,6 +92,9 @@ Doorkeeper.configure do
                   :'read:notifications',
                   :'read:search',
                   :'read:statuses',
+                  :'read:domain_permissions',
+                  :'read:domain_permissions:account',
+                  :'read:domain_permissions:statuses',
                   :follow,
                   :push,
                   :'admin:read',
diff --git a/config/routes.rb b/config/routes.rb
index 974a94e47..fd43f9c8c 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -396,6 +396,8 @@ Rails.application.routes.draw do
       resource :domain_blocks, only: [:show, :create, :destroy]
       resource :directory, only: [:show]
 
+      resource :domain_permissions, only: [:show, :create, :update, :destroy]
+
       resources :follow_requests, only: [:index] do
         member do
           post :authorize
-- 
cgit