From 9aecc0f48a046e0a05b8ca69511f8b72756fb431 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Tue, 8 Nov 2016 23:22:44 +0100 Subject: Move timelines API from statuses to its own controller, add a check for resources that require a user context vs those that don't (such as public timeline) /api/v1/statuses/public -> /api/v1/timelines/public /api/v1/statuses/home -> /api/v1/timelines/home /api/v1/statuses/mentions -> /api/v1/timelines/mentions /api/v1/statuses/tag/:tag -> /api/v1/timelines/tag/:tag --- .../javascripts/components/actions/timelines.jsx | 4 +-- app/controllers/api/v1/accounts_controller.rb | 3 +- app/controllers/api/v1/follows_controller.rb | 2 ++ app/controllers/api/v1/media_controller.rb | 2 ++ app/controllers/api/v1/statuses_controller.rb | 35 ++------------------ app/controllers/api/v1/timelines_controller.rb | 37 ++++++++++++++++++++++ app/controllers/api_controller.rb | 18 +++++++++-- app/models/status.rb | 26 +++++++++------ app/views/api/v1/timelines/index.rabl | 2 ++ 9 files changed, 81 insertions(+), 48 deletions(-) create mode 100644 app/controllers/api/v1/timelines_controller.rb create mode 100644 app/views/api/v1/timelines/index.rabl (limited to 'app') diff --git a/app/assets/javascripts/components/actions/timelines.jsx b/app/assets/javascripts/components/actions/timelines.jsx index 1dd770848..0f23ca7fc 100644 --- a/app/assets/javascripts/components/actions/timelines.jsx +++ b/app/assets/javascripts/components/actions/timelines.jsx @@ -73,7 +73,7 @@ export function refreshTimeline(timeline, replace = false, id = null) { path = `${path}/${id}` } - api(getState).get(`/api/v1/statuses/${path}${params}`).then(function (response) { + api(getState).get(`/api/v1/timelines/${path}${params}`).then(function (response) { dispatch(refreshTimelineSuccess(timeline, response.data, replace)); }).catch(function (error) { dispatch(refreshTimelineFail(timeline, error)); @@ -101,7 +101,7 @@ export function expandTimeline(timeline, id = null) { path = `${path}/${id}` } - api(getState).get(`/api/v1/statuses/${path}?max_id=${lastId}`).then(response => { + api(getState).get(`/api/v1/timelines/${path}?max_id=${lastId}`).then(response => { dispatch(expandTimelineSuccess(timeline, response.data)); }).catch(error => { dispatch(expandTimelineFail(timeline, error)); diff --git a/app/controllers/api/v1/accounts_controller.rb b/app/controllers/api/v1/accounts_controller.rb index bb06ddac9..4140439a8 100644 --- a/app/controllers/api/v1/accounts_controller.rb +++ b/app/controllers/api/v1/accounts_controller.rb @@ -1,8 +1,9 @@ class Api::V1::AccountsController < ApiController before_action -> { doorkeeper_authorize! :read }, except: [:follow, :unfollow, :block, :unblock] before_action -> { doorkeeper_authorize! :follow }, only: [:follow, :unfollow, :block, :unblock] - + before_action :require_user!, except: [:show, :following, :followers, :statuses] before_action :set_account, except: [:verify_credentials, :suggestions] + respond_to :json def show diff --git a/app/controllers/api/v1/follows_controller.rb b/app/controllers/api/v1/follows_controller.rb index 526316531..80a5aedf2 100644 --- a/app/controllers/api/v1/follows_controller.rb +++ b/app/controllers/api/v1/follows_controller.rb @@ -1,5 +1,7 @@ class Api::V1::FollowsController < ApiController before_action -> { doorkeeper_authorize! :follow } + before_action :require_user! + respond_to :json def create diff --git a/app/controllers/api/v1/media_controller.rb b/app/controllers/api/v1/media_controller.rb index dffc797fe..ab216f9c9 100644 --- a/app/controllers/api/v1/media_controller.rb +++ b/app/controllers/api/v1/media_controller.rb @@ -1,5 +1,7 @@ class Api::V1::MediaController < ApiController before_action -> { doorkeeper_authorize! :write } + before_action :require_user! + respond_to :json def create diff --git a/app/controllers/api/v1/statuses_controller.rb b/app/controllers/api/v1/statuses_controller.rb index 0a823e3e6..51a044a6c 100644 --- a/app/controllers/api/v1/statuses_controller.rb +++ b/app/controllers/api/v1/statuses_controller.rb @@ -1,8 +1,8 @@ class Api::V1::StatusesController < ApiController before_action -> { doorkeeper_authorize! :read }, except: [:create, :destroy, :reblog, :unreblog, :favourite, :unfavourite] before_action -> { doorkeeper_authorize! :write }, only: [:create, :destroy, :reblog, :unreblog, :favourite, :unfavourite] - - before_action :set_status, only: [:show, :context, :reblogged_by, :favourited_by] + before_action :require_user!, except: [:show, :context, :reblogged_by, :favourited_by] + before_action :set_status, only: [:show, :context, :reblogged_by, :favourited_by] respond_to :json @@ -56,37 +56,6 @@ class Api::V1::StatusesController < ApiController render action: :show end - def home - @statuses = Feed.new(:home, current_user.account).get(20, params[:max_id], params[:since_id]).to_a - set_maps(@statuses) - render action: :index - end - - def mentions - @statuses = Feed.new(:mentions, current_user.account).get(20, params[:max_id], params[:since_id]).to_a - set_maps(@statuses) - render action: :index - end - - def public - @statuses = Status.as_public_timeline(current_user.account).paginate_by_max_id(20, params[:max_id], params[:since_id]).to_a - set_maps(@statuses) - render action: :index - end - - def tag - @tag = Tag.find_by(name: params[:id].downcase) - - if @tag.nil? - @statuses = [] - else - @statuses = Status.as_tag_timeline(@tag, current_user.account).paginate_by_max_id(20, params[:max_id], params[:since_id]).to_a - set_maps(@statuses) - end - - render action: :index - end - private def set_status diff --git a/app/controllers/api/v1/timelines_controller.rb b/app/controllers/api/v1/timelines_controller.rb new file mode 100644 index 000000000..e5176dd4b --- /dev/null +++ b/app/controllers/api/v1/timelines_controller.rb @@ -0,0 +1,37 @@ +class Api::V1::TimelinesController < ApiController + before_action -> { doorkeeper_authorize! :read } + before_action :require_user!, only: [:home, :mentions] + + respond_to :json + + def home + @statuses = Feed.new(:home, current_account).get(20, params[:max_id], params[:since_id]).to_a + set_maps(@statuses) + render action: :index + end + + def mentions + @statuses = Feed.new(:mentions, current_account).get(20, params[:max_id], params[:since_id]).to_a + set_maps(@statuses) + render action: :index + end + + def public + @statuses = Status.as_public_timeline(current_account).paginate_by_max_id(20, params[:max_id], params[:since_id]).to_a + set_maps(@statuses) + render action: :index + end + + def tag + @tag = Tag.find_by(name: params[:id].downcase) + + if @tag.nil? + @statuses = [] + else + @statuses = Status.as_tag_timeline(@tag, current_account).paginate_by_max_id(20, params[:max_id], params[:since_id]).to_a + set_maps(@statuses) + end + + render action: :index + end +end diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb index 273aaff85..db4035a96 100644 --- a/app/controllers/api_controller.rb +++ b/app/controllers/api_controller.rb @@ -60,6 +60,14 @@ class ApiController < ApplicationController def current_user super || current_resource_owner + rescue ActiveRecord::RecordNotFound + nil + end + + def require_user! + current_resource_owner + rescue ActiveRecord::RecordNotFound + render json: { error: 'This method requires an authenticated user' }, status: 422 end def render_empty @@ -67,8 +75,14 @@ class ApiController < ApplicationController end def set_maps(statuses) + if current_account.nil? + @reblogs_map = {} + @favourites_map = {} + return + end + status_ids = statuses.flat_map { |s| [s.id, s.reblog_of_id] }.compact.uniq - @reblogs_map = Status.reblogs_map(status_ids, current_user.account) - @favourites_map = Status.favourites_map(status_ids, current_user.account) + @reblogs_map = Status.reblogs_map(status_ids, current_account) + @favourites_map = Status.favourites_map(status_ids, current_account) end end diff --git a/app/models/status.rb b/app/models/status.rb index d68b7afa6..07aef26ee 100644 --- a/app/models/status.rb +++ b/app/models/status.rb @@ -95,23 +95,29 @@ class Status < ApplicationRecord where(id: Mention.where(account: account).pluck(:status_id)).with_includes.with_counters end - def as_public_timeline(account) - joins('LEFT OUTER JOIN statuses AS reblogs ON statuses.reblog_of_id = reblogs.id') + def as_public_timeline(account = nil) + query = joins('LEFT OUTER JOIN statuses AS reblogs ON statuses.reblog_of_id = reblogs.id') .joins('LEFT OUTER JOIN accounts ON statuses.account_id = accounts.id') .where('accounts.silenced = FALSE') - .where('(reblogs.account_id IS NULL OR reblogs.account_id NOT IN (SELECT target_account_id FROM blocks WHERE account_id = ?)) AND statuses.account_id NOT IN (SELECT target_account_id FROM blocks WHERE account_id = ?)', account.id, account.id) - .with_includes - .with_counters + + unless account.nil? + query = query.where('(reblogs.account_id IS NULL OR reblogs.account_id NOT IN (SELECT target_account_id FROM blocks WHERE account_id = ?)) AND statuses.account_id NOT IN (SELECT target_account_id FROM blocks WHERE account_id = ?)', account.id, account.id) + end + + query.with_includes.with_counters end - def as_tag_timeline(tag, account) - tag.statuses + def as_tag_timeline(tag, account = nil) + query = tag.statuses .joins('LEFT OUTER JOIN statuses AS reblogs ON statuses.reblog_of_id = reblogs.id') .joins('LEFT OUTER JOIN accounts ON statuses.account_id = accounts.id') .where('accounts.silenced = FALSE') - .where('(reblogs.account_id IS NULL OR reblogs.account_id NOT IN (SELECT target_account_id FROM blocks WHERE account_id = ?)) AND statuses.account_id NOT IN (SELECT target_account_id FROM blocks WHERE account_id = ?)', account.id, account.id) - .with_includes - .with_counters + + unless account.nil? + query = query.where('(reblogs.account_id IS NULL OR reblogs.account_id NOT IN (SELECT target_account_id FROM blocks WHERE account_id = ?)) AND statuses.account_id NOT IN (SELECT target_account_id FROM blocks WHERE account_id = ?)', account.id, account.id) + end + + query.with_includes.with_counters end def favourites_map(status_ids, account_id) diff --git a/app/views/api/v1/timelines/index.rabl b/app/views/api/v1/timelines/index.rabl new file mode 100644 index 000000000..0a0ed13c5 --- /dev/null +++ b/app/views/api/v1/timelines/index.rabl @@ -0,0 +1,2 @@ +collection @statuses +extends('api/v1/statuses/show') -- cgit