From e7f20cc43ff21afa229da40ee4e5755495948772 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Tue, 26 Feb 2019 15:21:36 +0100
Subject: Add type, limit, offset, min_id, max_id, account_id to search API
 (#10091)

* Add type, limit, offset, min_id, max_id, account_id to search API

Fix #8939

* Make the offset work on accounts and hashtags search as well

* Assure brakeman we are not doing mass assignment here

* Do not allow paginating unless a type is chosen

* Fix search query and index id field on statuses instead of created_at
---
 .../api/v1/accounts/search_controller.rb           |  5 +++--
 app/controllers/api/v1/search_controller.rb        | 26 ++++++++--------------
 app/controllers/api/v2/search_controller.rb        |  2 +-
 3 files changed, 13 insertions(+), 20 deletions(-)

(limited to 'app/controllers/api')

diff --git a/app/controllers/api/v1/accounts/search_controller.rb b/app/controllers/api/v1/accounts/search_controller.rb
index 91c9f1547..4217b527a 100644
--- a/app/controllers/api/v1/accounts/search_controller.rb
+++ b/app/controllers/api/v1/accounts/search_controller.rb
@@ -16,10 +16,11 @@ class Api::V1::Accounts::SearchController < Api::BaseController
   def account_search
     AccountSearchService.new.call(
       params[:q],
-      limit_param(DEFAULT_ACCOUNTS_LIMIT),
       current_account,
+      limit: limit_param(DEFAULT_ACCOUNTS_LIMIT),
       resolve: truthy_param?(:resolve),
-      following: truthy_param?(:following)
+      following: truthy_param?(:following),
+      offset: params[:offset]
     )
   end
 end
diff --git a/app/controllers/api/v1/search_controller.rb b/app/controllers/api/v1/search_controller.rb
index dc1a37599..6131cbbb6 100644
--- a/app/controllers/api/v1/search_controller.rb
+++ b/app/controllers/api/v1/search_controller.rb
@@ -3,7 +3,7 @@
 class Api::V1::SearchController < Api::BaseController
   include Authorization
 
-  RESULTS_LIMIT = 5
+  RESULTS_LIMIT = 20
 
   before_action -> { doorkeeper_authorize! :read, :'read:search' }
   before_action :require_user!
@@ -11,30 +11,22 @@ class Api::V1::SearchController < Api::BaseController
   respond_to :json
 
   def index
-    @search = Search.new(search)
+    @search = Search.new(search_results)
     render json: @search, serializer: REST::SearchSerializer
   end
 
   private
 
-  def search
-    search_results.tap do |search|
-      search[:statuses].keep_if do |status|
-        begin
-          authorize status, :show?
-        rescue Mastodon::NotPermittedError
-          false
-        end
-      end
-    end
-  end
-
   def search_results
     SearchService.new.call(
       params[:q],
-      RESULTS_LIMIT,
-      truthy_param?(:resolve),
-      current_account
+      current_account,
+      limit_param(RESULTS_LIMIT),
+      search_params.merge(resolve: truthy_param?(:resolve))
     )
   end
+
+  def search_params
+    params.permit(:type, :offset, :min_id, :max_id, :account_id)
+  end
 end
diff --git a/app/controllers/api/v2/search_controller.rb b/app/controllers/api/v2/search_controller.rb
index 2e91d68ee..9aa6edc69 100644
--- a/app/controllers/api/v2/search_controller.rb
+++ b/app/controllers/api/v2/search_controller.rb
@@ -2,7 +2,7 @@
 
 class Api::V2::SearchController < Api::V1::SearchController
   def index
-    @search = Search.new(search)
+    @search = Search.new(search_results)
     render json: @search, serializer: REST::V2::SearchSerializer
   end
 end
-- 
cgit 


From a5e7ada62fa2824be158f0b3bed7f3c39ce9c0fa Mon Sep 17 00:00:00 2001
From: abcang <abcang1015@gmail.com>
Date: Tue, 26 Feb 2019 23:23:24 +0900
Subject: Improve account media query (#10121)

---
 app/controllers/api/v1/accounts/statuses_controller.rb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'app/controllers/api')

diff --git a/app/controllers/api/v1/accounts/statuses_controller.rb b/app/controllers/api/v1/accounts/statuses_controller.rb
index 6fdc827cb..ed10f3f6a 100644
--- a/app/controllers/api/v1/accounts/statuses_controller.rb
+++ b/app/controllers/api/v1/accounts/statuses_controller.rb
@@ -51,9 +51,9 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
     # Also, Avoid getting slow by not narrowing down by `statuses.account_id`.
     # When narrowing down by `statuses.account_id`, `index_statuses_20180106` will be used
     # and the table will be joined by `Merge Semi Join`, so the query will be slow.
-    Status.joins(:media_attachments).merge(@account.media_attachments).permitted_for(@account, current_account)
-          .paginate_by_max_id(limit_param(DEFAULT_STATUSES_LIMIT), params[:max_id], params[:since_id])
-          .reorder(id: :desc).distinct(:id).pluck(:id)
+    @account.statuses.joins(:media_attachments).merge(@account.media_attachments).permitted_for(@account, current_account)
+            .paginate_by_max_id(limit_param(DEFAULT_STATUSES_LIMIT), params[:max_id], params[:since_id])
+            .reorder(id: :desc).distinct(:id).pluck(:id)
   end
 
   def pinned_scope
-- 
cgit