about summary refs log tree commit diff
path: root/app/controllers/api/v1/push/subscriptions_controller.rb
blob: 1cbc92b93d70dcbfd916b75dd7932d20d2829354 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# frozen_string_literal: true

class Api::V1::Push::SubscriptionsController < Api::BaseController
  before_action -> { doorkeeper_authorize! :push }
  before_action :require_user!
  before_action :set_web_push_subscription

  def create
    @web_subscription&.destroy!

    @web_subscription = ::Web::PushSubscription.create!(
      endpoint: subscription_params[:endpoint],
      key_p256dh: subscription_params[:keys][:p256dh],
      key_auth: subscription_params[:keys][:auth],
      data: data_params,
      user_id: current_user.id,
      access_token_id: doorkeeper_token.id
    )

    render json: @web_subscription, serializer: REST::WebPushSubscriptionSerializer
  end

  def show
    raise ActiveRecord::RecordNotFound if @web_subscription.nil?

    render json: @web_subscription, serializer: REST::WebPushSubscriptionSerializer
  end

  def update
    raise ActiveRecord::RecordNotFound if @web_subscription.nil?

    @web_subscription.update!(data: data_params)

    render json: @web_subscription, serializer: REST::WebPushSubscriptionSerializer
  end

  def destroy
    @web_subscription&.destroy!
    render_empty
  end

  private

  def set_web_push_subscription
    @web_subscription = ::Web::PushSubscription.find_by(access_token_id: doorkeeper_token.id)
  end

  def subscription_params
    params.require(:subscription).permit(:endpoint, keys: [:auth, :p256dh])
  end

  def data_params
    return {} if params[:data].blank?
    params.require(:data).permit(alerts: [:follow, :follow_request, :favourite, :reblog, :mention, :poll])
  end
end