- # frozen_string_literal: true
-
- class Api::V1::Statuses::ReblogsController < Api::BaseController
- include Authorization
-
- before_action -> { doorkeeper_authorize! :write, :'write:statuses' }
- before_action :require_user!
- before_action :set_reblog
-
- override_rate_limit_headers :create, family: :statuses
-
- def create
- @status = ReblogService.new.call(current_account, @reblog, reblog_params)
-
- render json: @status, serializer: REST::StatusSerializer
- end
-
- def destroy
- @status = current_account.statuses.find_by(reblog_of_id: @reblog.id)
-
- if @status
- authorize @status, :unreblog?
- @status.discard
- RemovalWorker.perform_async(@status.id)
- end
-
- render json: @reblog, serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new([@status], current_account.id, reblogs_map: { @reblog.id => false })
- end
-
- private
-
- def set_reblog
- @reblog = Status.find(params[:status_id])
- authorize @reblog, :show?
- rescue Mastodon::NotPermittedError
- not_found
- end
-
- def reblog_params
- params.permit(:visibility)
- end
- end
|