about summary refs log tree commit diff
path: root/app/controllers/accounts_controller.rb
blob: 8059e0e5dc7cfa9f1e854cb3d38dcf14841a8268 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
# frozen_string_literal: true

class AccountsController < ApplicationController
  PAGE_SIZE     = 20
  PAGE_SIZE_MAX = 200

  include AccountControllerConcern
  include SignatureAuthentication

  before_action :set_cache_headers
  before_action :set_body_classes

  before_action :require_authenticated!, if: -> { @account.require_auth? || @account.private? }

  skip_around_action :set_locale, if: -> { [:json, :rss].include?(request.format&.to_sym) }
  skip_before_action :require_functional! # , unless: :whitelist_mode?

  def show
    respond_to do |format|
      format.html do
        use_pack 'public'
        expires_in 0, public: true unless user_signed_in? || signed_request_account.present?

        @pinned_statuses   = []
        @endorsed_accounts = unauthorized? ? [] : @account.endorsed_accounts.to_a.sample(4)
        @featured_hashtags = unauthorized? ? [] : @account.featured_tags.order(statuses_count: :desc)

        if unauthorized?
          @statuses = []
          return
        end

        @pinned_statuses = cache_collection(@account.pinned_statuses.not_local_only, Status) if show_pinned_statuses?
        @statuses        = filtered_status_page
        @statuses        = cache_collection(@statuses, Status)
        @rss_url         = rss_url

        unless @statuses.empty?
          @older_url = older_url if @statuses.last.id > filtered_statuses.last.id
          @newer_url = newer_url if @statuses.first.id < filtered_statuses.first.id
        end
      end

      format.rss do
        return forbidden if unauthorized?

        expires_in 1.minute, public: !current_account?

        limit     = params[:limit].present? ? [params[:limit].to_i, PAGE_SIZE_MAX].min : PAGE_SIZE
        @statuses = filtered_statuses.without_reblogs.limit(limit)
        @statuses = cache_collection(@statuses, Status)
        render xml: RSS::AccountSerializer.render(@account, @statuses, params[:tag])
      end

      format.json do
        expires_in 3.minutes, public: !current_account?
        render_with_cache json: @account, content_type: 'application/activity+json', serializer: ActivityPub::ActorSerializer, adapter: ActivityPub::Adapter, fields: restrict_fields_to
      end
    end
  end

  private

  def set_body_classes
    @body_classes = 'with-modals'
  end

  def show_pinned_statuses?
    [threads_requested?, replies_requested?, reblogs_requested?, mentions_requested?, media_requested?, tag_requested?, params[:max_id].present?, params[:min_id].present?].none?
  end

  def filtered_statuses
    return mentions_scope if mentions_requested?

    default_statuses.tap do |statuses|
      statuses.merge!(only_media_scope) if media_requested?
    end
  end

  def default_statuses
    @account.statuses.permitted_for(
      @account,
      current_account,
      include_reblogs: !(threads_requested? || replies_requested?),
      only_reblogs: reblogs_requested?,
      only_replies: replies_requested?,
      tag: tag_requested? ? params[:tag] : nil
    )
  end

  def only_media_scope
    Status.where(id: account_media_status_ids)
  end

  def account_media_status_ids
    @account.media_attachments.attached.reorder(nil).select(:status_id).distinct
  end

  def mentions_scope
    return Status.none unless current_account?

    Status.mentions_between(@account, current_account)
  end

  def username_param
    params[:username]
  end

  def rss_url
    if tag_requested?
      short_account_tag_url(@account, params[:tag], format: 'rss')
    else
      short_account_url(@account, format: 'rss')
    end
  end

  def older_url
    pagination_url(max_id: @statuses.last.id)
  end

  def newer_url
    pagination_url(min_id: @statuses.first.id)
  end

  def pagination_url(max_id: nil, min_id: nil)
    if tag_requested?
      short_account_tag_url(@account, params[:tag], max_id: max_id, min_id: min_id)
    elsif media_requested?
      short_account_media_url(@account, max_id: max_id, min_id: min_id)
    elsif threads_requested?
      short_account_threads_url(@account, max_id: max_id, min_id: min_id)
    elsif replies_requested?
      short_account_with_replies_url(@account, max_id: max_id, min_id: min_id)
    elsif reblogs_requested?
      short_account_reblogs_url(@account, max_id: max_id, min_id: min_id)
    elsif mentions_requested?
      short_account_mentions_url(@account, max_id: max_id, min_id: min_id)
    else
      short_account_url(@account, max_id: max_id, min_id: min_id)
    end
  end

  def media_requested?
    request.path.split('.').first.ends_with?('/media') && !tag_requested?
  end

  def threads_requested?
    request.path.split('.').first.ends_with?('/threads') && !tag_requested?
  end

  def replies_requested?
    return false unless current_account&.id == @account.id || @account.show_replies?

    request.path.split('.').first.ends_with?('/with_replies') && !tag_requested?
  end

  def tag_requested?
    request.path.split('.').first.ends_with?(Addressable::URI.parse("/tagged/#{params[:tag]}").normalize)
  end

  def reblogs_requested?
    request.path.split('.').first.ends_with?('/reblogs') && !tag_requested?
  end

  def mentions_requested?
    request.path.split('.').first.ends_with?('/mentions') && !tag_requested?
  end

  def filtered_status_page
    filtered_statuses.paginate_by_id(PAGE_SIZE, params_slice(:max_id, :min_id, :since_id))
  end

  def params_slice(*keys)
    params.slice(*keys).permit(*keys)
  end

  def restrict_fields_to
    if current_account&.id == @account.id || (signed_request_account.present? && !blocked?)
      # Return all fields
    else
      %i(id type preferred_username inbox public_key endpoints)
    end
  end

  def blocked?
    @blocked ||= current_account && @account.blocking?(current_account)
  end

  def unauthorized?
    @unauthorized ||= blocked? || (@account.private? && !following?(@account))
  end
end