From d7dc84439c60069a0cb9eeca81dc61c297a8667b Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Thu, 29 Dec 2016 16:54:54 +0100 Subject: Add ability to use remote follow function on other sites --- app/controllers/authorize_follow_controller.rb | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 app/controllers/authorize_follow_controller.rb (limited to 'app/controllers/authorize_follow_controller.rb') diff --git a/app/controllers/authorize_follow_controller.rb b/app/controllers/authorize_follow_controller.rb new file mode 100644 index 000000000..a276250a4 --- /dev/null +++ b/app/controllers/authorize_follow_controller.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +class AuthorizeFollowController < ApplicationController + layout 'public' + + before_action :authenticate_user! + + def new + @account = FollowRemoteAccountService.new.call(params[:acct]) + render :error if @account.nil? + end + + def create + @account = FollowService.new.call(current_account, params[:acct]).try(:target_account) + + if @account.nil? + render :error + else + redirect_to web_url("accounts/#{@account.id}") + end + rescue ActiveRecord::RecordNotFound, Mastodon::NotPermitted + render :error + end +end -- cgit From 8724094ed0e531f4435bf2784c9c1b7176acd764 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Thu, 29 Dec 2016 17:23:27 +0100 Subject: Support remote follow request providing URL instead of acct --- app/assets/stylesheets/accounts.scss | 4 ++++ app/controllers/authorize_follow_controller.rb | 19 ++++++++++++++++++- app/views/authorize_follow/new.html.haml | 3 ++- 3 files changed, 24 insertions(+), 2 deletions(-) (limited to 'app/controllers/authorize_follow_controller.rb') diff --git a/app/assets/stylesheets/accounts.scss b/app/assets/stylesheets/accounts.scss index 5d0963307..748bb8224 100644 --- a/app/assets/stylesheets/accounts.scss +++ b/app/assets/stylesheets/accounts.scss @@ -337,6 +337,10 @@ overflow: hidden; margin-bottom: 15px; + &:last-child { + margin-bottom: 0; + } + & > div { float: left; margin-right: 10px; diff --git a/app/controllers/authorize_follow_controller.rb b/app/controllers/authorize_follow_controller.rb index a276250a4..ca72c9691 100644 --- a/app/controllers/authorize_follow_controller.rb +++ b/app/controllers/authorize_follow_controller.rb @@ -6,7 +6,14 @@ class AuthorizeFollowController < ApplicationController before_action :authenticate_user! def new - @account = FollowRemoteAccountService.new.call(params[:acct]) + uri = Addressable::URI.parse(params[:acct]) + + if uri.path && %w(http https).include?(uri.scheme) + set_account_from_url + else + set_account_from_acct + end + render :error if @account.nil? end @@ -21,4 +28,14 @@ class AuthorizeFollowController < ApplicationController rescue ActiveRecord::RecordNotFound, Mastodon::NotPermitted render :error end + + private + + def set_account_from_url + @account = FetchRemoteAccountService.new.call(params[:acct]) + end + + def set_account_from_acct + @account = FollowRemoteAccountService.new.call(params[:acct]) + end end diff --git a/app/views/authorize_follow/new.html.haml b/app/views/authorize_follow/new.html.haml index 7368b834a..44bf575ff 100644 --- a/app/views/authorize_follow/new.html.haml +++ b/app/views/authorize_follow/new.html.haml @@ -14,7 +14,8 @@ %strong= display_name(@account) %span= "@#{@account.acct}" - .account__header__content= Formatter.instance.simplified_format(@account) + - unless @account.note.blank? + .account__header__content= Formatter.instance.simplified_format(@account) = form_tag authorize_follow_path, method: :post, class: 'simple_form' do = hidden_field_tag :acct, @account.acct -- cgit From f79ba2de83af5d9a1a94415c3ca38a7e7d6f2cfc Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Mon, 2 Jan 2017 22:31:10 +0100 Subject: Fix admin UI not loading JS, make sure to strip "acct:" out of remote account's usernames when authorizing follow --- app/controllers/authorize_follow_controller.rb | 12 ++++++++---- app/views/layouts/admin.html.haml | 3 +++ 2 files changed, 11 insertions(+), 4 deletions(-) (limited to 'app/controllers/authorize_follow_controller.rb') diff --git a/app/controllers/authorize_follow_controller.rb b/app/controllers/authorize_follow_controller.rb index ca72c9691..e866b5599 100644 --- a/app/controllers/authorize_follow_controller.rb +++ b/app/controllers/authorize_follow_controller.rb @@ -6,7 +6,7 @@ class AuthorizeFollowController < ApplicationController before_action :authenticate_user! def new - uri = Addressable::URI.parse(params[:acct]) + uri = Addressable::URI.parse(acct_param) if uri.path && %w(http https).include?(uri.scheme) set_account_from_url @@ -18,7 +18,7 @@ class AuthorizeFollowController < ApplicationController end def create - @account = FollowService.new.call(current_account, params[:acct]).try(:target_account) + @account = FollowService.new.call(current_account, acct_param).try(:target_account) if @account.nil? render :error @@ -32,10 +32,14 @@ class AuthorizeFollowController < ApplicationController private def set_account_from_url - @account = FetchRemoteAccountService.new.call(params[:acct]) + @account = FetchRemoteAccountService.new.call(acct_param) end def set_account_from_acct - @account = FollowRemoteAccountService.new.call(params[:acct]) + @account = FollowRemoteAccountService.new.call(acct_param) + end + + def acct_param + params[:acct].gsub(/\Aacct:/, '') end end diff --git a/app/views/layouts/admin.html.haml b/app/views/layouts/admin.html.haml index 2fc116f45..11f76a1de 100644 --- a/app/views/layouts/admin.html.haml +++ b/app/views/layouts/admin.html.haml @@ -1,3 +1,6 @@ +- content_for :header_tags do + = javascript_include_tag 'application_public' + - content_for :content do .admin-wrapper .sidebar -- cgit