51 lines
1.1 KiB
Ruby
51 lines
1.1 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class AuthorizeInteractionsController < ApplicationController
|
|
include Authorization
|
|
|
|
before_action :authenticate_user!
|
|
before_action :set_resource
|
|
|
|
def show
|
|
if @resource.is_a?(Account)
|
|
redirect_to web_url("@#{@resource.pretty_acct}")
|
|
elsif @resource.is_a?(Status)
|
|
redirect_to web_url("@#{@resource.account.pretty_acct}/#{@resource.id}")
|
|
else
|
|
not_found
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
def set_resource
|
|
@resource = located_resource
|
|
authorize(@resource, :show?) if @resource.is_a?(Status)
|
|
rescue Mastodon::NotPermittedError
|
|
not_found
|
|
end
|
|
|
|
def located_resource
|
|
if uri_param_is_url?
|
|
ResolveURLService.new.call(uri_param)
|
|
else
|
|
account_from_remote_follow
|
|
end
|
|
end
|
|
|
|
def account_from_remote_follow
|
|
ResolveAccountService.new.call(uri_param)
|
|
end
|
|
|
|
def uri_param_is_url?
|
|
parsed_uri.path && %w(http https).include?(parsed_uri.scheme)
|
|
end
|
|
|
|
def parsed_uri
|
|
Addressable::URI.parse(uri_param).normalize
|
|
end
|
|
|
|
def uri_param
|
|
params[:uri] || params.fetch(:acct, '').delete_prefix('acct:')
|
|
end
|
|
end
|