From e7f20cc43ff21afa229da40ee4e5755495948772 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Tue, 26 Feb 2019 15:21:36 +0100 Subject: Add type, limit, offset, min_id, max_id, account_id to search API (#10091) * Add type, limit, offset, min_id, max_id, account_id to search API Fix #8939 * Make the offset work on accounts and hashtags search as well * Assure brakeman we are not doing mass assignment here * Do not allow paginating unless a type is chosen * Fix search query and index id field on statuses instead of created_at --- .../api/v1/accounts/search_controller.rb | 5 +++-- app/controllers/api/v1/search_controller.rb | 26 ++++++++-------------- app/controllers/api/v2/search_controller.rb | 2 +- 3 files changed, 13 insertions(+), 20 deletions(-) (limited to 'app/controllers/api') diff --git a/app/controllers/api/v1/accounts/search_controller.rb b/app/controllers/api/v1/accounts/search_controller.rb index 91c9f1547..4217b527a 100644 --- a/app/controllers/api/v1/accounts/search_controller.rb +++ b/app/controllers/api/v1/accounts/search_controller.rb @@ -16,10 +16,11 @@ class Api::V1::Accounts::SearchController < Api::BaseController def account_search AccountSearchService.new.call( params[:q], - limit_param(DEFAULT_ACCOUNTS_LIMIT), current_account, + limit: limit_param(DEFAULT_ACCOUNTS_LIMIT), resolve: truthy_param?(:resolve), - following: truthy_param?(:following) + following: truthy_param?(:following), + offset: params[:offset] ) end end diff --git a/app/controllers/api/v1/search_controller.rb b/app/controllers/api/v1/search_controller.rb index dc1a37599..6131cbbb6 100644 --- a/app/controllers/api/v1/search_controller.rb +++ b/app/controllers/api/v1/search_controller.rb @@ -3,7 +3,7 @@ class Api::V1::SearchController < Api::BaseController include Authorization - RESULTS_LIMIT = 5 + RESULTS_LIMIT = 20 before_action -> { doorkeeper_authorize! :read, :'read:search' } before_action :require_user! @@ -11,30 +11,22 @@ class Api::V1::SearchController < Api::BaseController respond_to :json def index - @search = Search.new(search) + @search = Search.new(search_results) render json: @search, serializer: REST::SearchSerializer end private - def search - search_results.tap do |search| - search[:statuses].keep_if do |status| - begin - authorize status, :show? - rescue Mastodon::NotPermittedError - false - end - end - end - end - def search_results SearchService.new.call( params[:q], - RESULTS_LIMIT, - truthy_param?(:resolve), - current_account + current_account, + limit_param(RESULTS_LIMIT), + search_params.merge(resolve: truthy_param?(:resolve)) ) end + + def search_params + params.permit(:type, :offset, :min_id, :max_id, :account_id) + end end diff --git a/app/controllers/api/v2/search_controller.rb b/app/controllers/api/v2/search_controller.rb index 2e91d68ee..9aa6edc69 100644 --- a/app/controllers/api/v2/search_controller.rb +++ b/app/controllers/api/v2/search_controller.rb @@ -2,7 +2,7 @@ class Api::V2::SearchController < Api::V1::SearchController def index - @search = Search.new(search) + @search = Search.new(search_results) render json: @search, serializer: REST::V2::SearchSerializer end end -- cgit