# frozen_string_literal: true
-class Api::V1::AccountsController < ApiController
- before_action -> { doorkeeper_authorize! :read }, except: [:follow, :unfollow, :block, :unblock, :mute, :unmute]
- before_action -> { doorkeeper_authorize! :follow }, only: [:follow, :unfollow, :block, :unblock, :mute, :unmute]
- before_action :require_user!, except: [:show, :following, :followers, :statuses]
- before_action :set_account, except: [:verify_credentials, :suggestions, :search]
+class Api::V1::AccountsController < Api::BaseController
+ before_action -> { authorize_if_got_token! :read, :'read:accounts' }, except: [:create, :follow, :unfollow, :block, :unblock, :mute, :unmute]
+ before_action -> { doorkeeper_authorize! :follow, :'write:follows' }, only: [:follow, :unfollow]
+ before_action -> { doorkeeper_authorize! :follow, :'write:mutes' }, only: [:mute, :unmute]
+ before_action -> { doorkeeper_authorize! :follow, :'write:blocks' }, only: [:block, :unblock]
+ before_action -> { doorkeeper_authorize! :write, :'write:accounts' }, only: [:create]
- respond_to :json
-
- def show; end
-
- def verify_credentials
- @account = current_user.account
- render action: :show
- end
+ before_action :require_user!, except: [:show, :create]
+ before_action :set_account, except: [:create]
+ before_action :check_account_suspension, only: [:show]
+ before_action :check_enabled_registrations, only: [:create]
- def following
- results = Follow.where(account: @account).paginate_by_max_id(limit_param(DEFAULT_ACCOUNTS_LIMIT), params[:max_id], params[:since_id])
- accounts = Account.where(id: results.map(&:target_account_id)).map { |a| [a.id, a] }.to_h
- @accounts = results.map { |f| accounts[f.target_account_id] }
+ skip_before_action :require_authenticated_user!, only: :create
- set_account_counters_maps(@accounts)
-
- next_path = following_api_v1_account_url(max_id: results.last.id) if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
- prev_path = following_api_v1_account_url(since_id: results.first.id) unless results.empty?
-
- set_pagination_headers(next_path, prev_path)
-
- render action: :index
- end
-
- def followers
- results = Follow.where(target_account: @account).paginate_by_max_id(limit_param(DEFAULT_ACCOUNTS_LIMIT), params[:max_id], params[:since_id])
- accounts = Account.where(id: results.map(&:account_id)).map { |a| [a.id, a] }.to_h
- @accounts = results.map { |f| accounts[f.account_id] }
-
- set_account_counters_maps(@accounts)
-
- next_path = followers_api_v1_account_url(max_id: results.last.id) if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
- prev_path = followers_api_v1_account_url(since_id: results.first.id) unless results.empty?
-
- set_pagination_headers(next_path, prev_path)
+ respond_to :json
- render action: :index
+ def show
+ render json: @account, serializer: REST::AccountSerializer
end
- def statuses
- @statuses = @account.statuses.permitted_for(@account, current_account).paginate_by_max_id(limit_param(DEFAULT_STATUSES_LIMIT), params[:max_id], params[:since_id])
- @statuses = cache_collection(@statuses, Status)
-
- set_maps(@statuses)
- set_counters_maps(@statuses)
+ def create
+ token = AppSignUpService.new.call(doorkeeper_token.application, account_params)
+ response = Doorkeeper::OAuth::TokenResponse.new(token)
- next_path = statuses_api_v1_account_url(max_id: @statuses.last.id) unless @statuses.empty?
- prev_path = statuses_api_v1_account_url(since_id: @statuses.first.id) unless @statuses.empty?
+ headers.merge!(response.headers)
- set_pagination_headers(next_path, prev_path)
+ self.response_body = Oj.dump(response.body)
+ self.status = response.status
end
- def media_statuses
- media_ids = MediaAttachment.where(account: @account).where.not(status_id: nil).reorder('').select('distinct status_id')
- @statuses = @account.statuses.where(id: media_ids).permitted_for(@account, current_account).paginate_by_max_id(limit_param(DEFAULT_STATUSES_LIMIT), params[:max_id], params[:since_id])
- @statuses = cache_collection(@statuses, Status)
-
- set_maps(@statuses)
- set_counters_maps(@statuses)
-
- next_path = media_statuses_api_v1_account_url(max_id: @statuses.last.id) unless @statuses.empty?
- prev_path = media_statuses_api_v1_account_url(since_id: @statuses.first.id) unless @statuses.empty?
+ def follow
+ FollowService.new.call(current_user.account, @account, reblogs: truthy_param?(:reblogs))
- set_pagination_headers(next_path, prev_path)
- render action: :statuses
- end
+ options = @account.locked? || current_user.account.silenced? ? {} : { following_map: { @account.id => { reblogs: truthy_param?(:reblogs) } }, requested_map: { @account.id => false } }
- def follow
- FollowService.new.call(current_user.account, @account.acct)
- set_relationship
- render action: :relationship
+ render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships(options)
end
def block
BlockService.new.call(current_user.account, @account)
-
- @following = { @account.id => false }
- @followed_by = { @account.id => false }
- @blocking = { @account.id => true }
- @requested = { @account.id => false }
- @muting = { @account.id => current_user.account.muting?(@account.id) }
-
- render action: :relationship
+ render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
end
def mute
- MuteService.new.call(current_user.account, @account)
- set_relationship
- render action: :relationship
+ MuteService.new.call(current_user.account, @account, notifications: truthy_param?(:notifications))
+ render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
end
def unfollow
UnfollowService.new.call(current_user.account, @account)
- set_relationship
- render action: :relationship
+ render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
end
def unblock
UnblockService.new.call(current_user.account, @account)
- set_relationship
- render action: :relationship
+ render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
end
def unmute
UnmuteService.new.call(current_user.account, @account)
- set_relationship
- render action: :relationship
+ render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
end
- def relationships
- ids = params[:id].is_a?(Enumerable) ? params[:id].map(&:to_i) : [params[:id].to_i]
+ private
- @accounts = Account.where(id: ids).select('id')
- @following = Account.following_map(ids, current_user.account_id)
- @followed_by = Account.followed_by_map(ids, current_user.account_id)
- @blocking = Account.blocking_map(ids, current_user.account_id)
- @muting = Account.muting_map(ids, current_user.account_id)
- @requested = Account.requested_map(ids, current_user.account_id)
+ def set_account
+ @account = Account.find(params[:id])
end
- def search
- @accounts = SearchService.new.call(params[:q], limit_param(DEFAULT_ACCOUNTS_LIMIT), params[:resolve] == 'true')
-
- set_account_counters_maps(@accounts) unless @accounts.nil?
+ def relationships(**options)
+ AccountRelationshipsPresenter.new([@account.id], current_user.account_id, options)
+ end
- render action: :index
+ def check_account_suspension
+ gone if @account.suspended?
end
- private
+ def account_params
+ params.permit(:username, :email, :password, :agreement, :locale)
+ end
- def set_account
- @account = Account.find(params[:id])
+ def check_enabled_registrations
+ forbidden if single_user_mode? || !allowed_registrations?
end
- def set_relationship
- @following = Account.following_map([@account.id], current_user.account_id)
- @followed_by = Account.followed_by_map([@account.id], current_user.account_id)
- @blocking = Account.blocking_map([@account.id], current_user.account_id)
- @muting = Account.muting_map([@account.id], current_user.account_id)
- @requested = Account.requested_map([@account.id], current_user.account_id)
+ def allowed_registrations?
+ Setting.registrations_mode != 'none'
end
end
cat aescling's git repositories / mastodon.git / blobdiff