From 4d85c27d1adc83aadd219767dbdc7e17b05230b0 Mon Sep 17 00:00:00 2001 From: Daniel Axtens Date: Wed, 16 Nov 2022 14:56:30 +1100 Subject: Add 'private' to Cache-Control, match Rails expectations (#20608) Several controlers set quite intricate Cache-Control headers in order to hopefully not be cached by any intermediate proxies or local caches. Unfortunately, these headers are processed by ActionDispatch::HTTP::Cache in a way that squashes and discards any values set alongside no-store other than private: https://github.com/rails/rails/blob/8015c2c2cf5c8718449677570f372ceb01318a32/actionpack/lib/action_dispatch/http/cache.rb#L207-L209 We want to preserve no-store on these responses, but we might as well remove parts that are going to be dropped anyway. As many of the endpoints in these controllers are private to a particular user, we should also add "private", which will be preserved alongside no-store. --- app/controllers/api/base_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers/api') diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb index 665425f29..defef0656 100644 --- a/app/controllers/api/base_controller.rb +++ b/app/controllers/api/base_controller.rb @@ -129,7 +129,7 @@ class Api::BaseController < ApplicationController end def set_cache_headers - response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate' + response.headers['Cache-Control'] = 'private, no-store' end def disallow_unauthenticated_api_access? -- cgit From e1f819fd78c0c004c0629530203353fbf6d11a91 Mon Sep 17 00:00:00 2001 From: trwnh Date: Thu, 17 Nov 2022 03:54:10 -0600 Subject: Fix pagination of followed tags (#20861) * Fix missing pagination headers on followed tags * Fix typo --- app/controllers/api/v1/followed_tags_controller.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'app/controllers/api') diff --git a/app/controllers/api/v1/followed_tags_controller.rb b/app/controllers/api/v1/followed_tags_controller.rb index f0dfd044c..eae2bdc01 100644 --- a/app/controllers/api/v1/followed_tags_controller.rb +++ b/app/controllers/api/v1/followed_tags_controller.rb @@ -3,11 +3,11 @@ class Api::V1::FollowedTagsController < Api::BaseController TAGS_LIMIT = 100 - before_action -> { doorkeeper_authorize! :follow, :read, :'read:follows' }, except: :show + before_action -> { doorkeeper_authorize! :follow, :read, :'read:follows' } before_action :require_user! before_action :set_results - after_action :insert_pagination_headers, only: :show + after_action :insert_pagination_headers def index render json: @results.map(&:tag), each_serializer: REST::TagSerializer, relationships: TagRelationshipsPresenter.new(@results.map(&:tag), current_user&.account_id) @@ -43,7 +43,7 @@ class Api::V1::FollowedTagsController < Api::BaseController end def records_continue? - @results.size == limit_param(TAG_LIMIT) + @results.size == limit_param(TAGS_LIMIT) end def pagination_params(core_params) -- cgit From 7fdeed5fbca1b6b761029870f02a3f812288f0aa Mon Sep 17 00:00:00 2001 From: trwnh Date: Thu, 17 Nov 2022 03:55:59 -0600 Subject: Make tag following idempotent (#20860) --- app/controllers/api/v1/tags_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers/api') diff --git a/app/controllers/api/v1/tags_controller.rb b/app/controllers/api/v1/tags_controller.rb index 32f71bdce..0966ee469 100644 --- a/app/controllers/api/v1/tags_controller.rb +++ b/app/controllers/api/v1/tags_controller.rb @@ -12,7 +12,7 @@ class Api::V1::TagsController < Api::BaseController end def follow - TagFollow.create!(tag: @tag, account: current_account, rate_limit: true) + TagFollow.first_or_create!(tag: @tag, account: current_account, rate_limit: true) render json: @tag, serializer: REST::TagSerializer end -- cgit From 51a33ce77a32b85eaff37670c40a497aaef13e18 Mon Sep 17 00:00:00 2001 From: Claire Date: Mon, 21 Nov 2022 10:35:09 +0100 Subject: Fix not being able to follow more than one hashtag (#21285) Fixes regression from #20860 --- app/controllers/api/v1/tags_controller.rb | 2 +- spec/controllers/api/v1/tags_controller_spec.rb | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) (limited to 'app/controllers/api') diff --git a/app/controllers/api/v1/tags_controller.rb b/app/controllers/api/v1/tags_controller.rb index 0966ee469..272362c31 100644 --- a/app/controllers/api/v1/tags_controller.rb +++ b/app/controllers/api/v1/tags_controller.rb @@ -12,7 +12,7 @@ class Api::V1::TagsController < Api::BaseController end def follow - TagFollow.first_or_create!(tag: @tag, account: current_account, rate_limit: true) + TagFollow.create_with(rate_limit: true).find_or_create_by!(tag: @tag, account: current_account) render json: @tag, serializer: REST::TagSerializer end diff --git a/spec/controllers/api/v1/tags_controller_spec.rb b/spec/controllers/api/v1/tags_controller_spec.rb index ac42660df..216faad87 100644 --- a/spec/controllers/api/v1/tags_controller_spec.rb +++ b/spec/controllers/api/v1/tags_controller_spec.rb @@ -33,7 +33,11 @@ RSpec.describe Api::V1::TagsController, type: :controller do end describe 'POST #follow' do + let!(:unrelated_tag) { Fabricate(:tag) } + before do + TagFollow.create!(account: user.account, tag: unrelated_tag) + post :follow, params: { id: name } end -- cgit