348aed03cf
Conflicts: - `.github/dependabot.yml`: Upstream made changes, but we had removed it. Discarded upstream changes. - `.rubocop_todo.yml`: Upstream regenerated the file, we had some glitch-soc-specific ignores. - `app/models/account_statuses_filter.rb`: Minor upstream code style change where glitch-soc had slightly different code due to handling of local-only posts. Updated to match upstream's code style. - `app/models/status.rb`: Upstream moved ActiveRecord callback definitions, glitch-soc had an extra one. Moved the definitions as upstream did. - `app/services/backup_service.rb`: Upstream rewrote a lot of the backup service, glitch-soc had changes because of exporting local-only posts. Took upstream changes and added back code to deal with local-only posts. - `config/routes.rb`: Upstream split the file into different files, while glitch-soc had a few extra routes. Extra routes added to `config/routes/settings.rb`, `config/routes/api.rb` and `config/routes/admin.rb` - `db/schema.rb`: Upstream has new migrations, while glitch-soc had an extra migration. Updated the expected serial number to match upstream's. - `lib/mastodon/version.rb`: Upstream added support to set version tags from environment variables, while glitch-soc has an extra `+glitch` tag. Changed the code to support upstream's feature but prepending a `+glitch`. - `spec/lib/activitypub/activity/create_spec.rb`: Minor code style change upstream, while glitch-soc has extra tests due to `directMessage` handling. Applied upstream's changes while keeping glitch-soc's extra tests. - `spec/models/concerns/account_interactions_spec.rb`: Minor code style change upstream, while glitch-soc has extra tests. Applied upstream's changes while keeping glitch-soc's extra tests.
73 lines
1.5 KiB
Ruby
73 lines
1.5 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class AuthorizeInteractionsController < ApplicationController
|
|
include Authorization
|
|
|
|
layout 'modal'
|
|
|
|
before_action :authenticate_user!
|
|
before_action :set_body_classes
|
|
before_action :set_resource
|
|
before_action :set_pack
|
|
|
|
def show
|
|
if @resource.is_a?(Account)
|
|
render :show
|
|
elsif @resource.is_a?(Status)
|
|
redirect_to web_url("@#{@resource.account.pretty_acct}/#{@resource.id}")
|
|
else
|
|
render :error
|
|
end
|
|
end
|
|
|
|
def create
|
|
if @resource.is_a?(Account) && FollowService.new.call(current_account, @resource, with_rate_limit: true)
|
|
render :success
|
|
else
|
|
render :error
|
|
end
|
|
rescue ActiveRecord::RecordNotFound
|
|
render :error
|
|
end
|
|
|
|
private
|
|
|
|
def set_resource
|
|
@resource = located_resource
|
|
authorize(@resource, :show?) if @resource.is_a?(Status)
|
|
rescue Mastodon::NotPermittedError
|
|
not_found
|
|
end
|
|
|
|
def located_resource
|
|
if uri_param_is_url?
|
|
ResolveURLService.new.call(uri_param)
|
|
else
|
|
account_from_remote_follow
|
|
end
|
|
end
|
|
|
|
def account_from_remote_follow
|
|
ResolveAccountService.new.call(uri_param)
|
|
end
|
|
|
|
def uri_param_is_url?
|
|
parsed_uri.path && %w(http https).include?(parsed_uri.scheme)
|
|
end
|
|
|
|
def parsed_uri
|
|
Addressable::URI.parse(uri_param).normalize
|
|
end
|
|
|
|
def uri_param
|
|
params[:uri] || params.fetch(:acct, '').delete_prefix('acct:')
|
|
end
|
|
|
|
def set_body_classes
|
|
@body_classes = 'modal-layout'
|
|
end
|
|
|
|
def set_pack
|
|
use_pack 'modal'
|
|
end
|
|
end
|