closed-social
/
mastodon
3
0
Fork 2
Code Issues 5 Pull Requests 0 Projects 0 Releases 3 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6719 Commits
4 Branches
567 MiB
Tree: 6020a21130
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6020a21130'
${ noResults }
mastodon/app/controllers/statuses_controller.rb

160 lines
4.6 KiB
Raw Normal View History

Prettier account and stream entry URLs
7 years ago
Allow retrieval of private statuses (single or in outbox) using HTTP signatures (#6225)
6 years ago
Extract authorization policy for viewing statuses (#3150)
7 years ago
Fix "Show more" URL on paginated threads for remote statuses (#7285) * Fix URL of "Show more" link in paginated threads (ancestors side) Increase item limits in threads Fix #7268 * Fix "Show more" link in paginated threads (descendants side)
6 years ago
Paginate ancestor statuses in public page (#7102) This also limits the statuses returned by API, but pagination is not implemented in Web API yet. I still expect it brings user experience better than making a user wait to fetch all ancestor statuses and flooding the column with them.
6 years ago
Prettier account and stream entry URLs
7 years ago
Fetch reblogs as Announce activity instead of Note object (#4672) * Process Create / Announce activity in FetchRemoteStatusService * Use activity URL in ActivityPub for reblogs * Redirect to the original status on StatusesController#show
7 years ago
Set Referrer-Policy to origin in web UI and public pages of private toots (#7162) Fix #7115
6 years ago
Cache JSON of immutable ActivityPub representations (#6171)
6 years ago
Prettier account and stream entry URLs
7 years ago
Improve ActivityPub representations (#3844) * Improve webfinger templates and make tests more flexible * Clean up AS2 representation of actor * Refactor outbox * Create activities representation * Add representations of followers/following collections, do not redirect /users/:username route if format is empty * Remove unused translations * ActivityPub endpoint for single statuses, add ActivityPub::TagManager for better URL/URI generation * Add ActivityPub::TagManager#to * Represent all attachments as Document instead of Image/Video specifically (Because for remote ones we may not know for sure) Add mentions and hashtags representation to AP notes * Add AP-resolvable hashtag URIs * Use ActiveModelSerializers for ActivityPub * Clean up unused translations * Separate route for object and activity * Adjust cc/to matrices * Add to/cc to activities, ensure announce activity embeds target status and not the wrapper status, add "id" to all collections
7 years ago
Finalized theme loading and stuff
7 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Improve ActivityPub representations (#3844) * Improve webfinger templates and make tests more flexible * Clean up AS2 representation of actor * Refactor outbox * Create activities representation * Add representations of followers/following collections, do not redirect /users/:username route if format is empty * Remove unused translations * ActivityPub endpoint for single statuses, add ActivityPub::TagManager for better URL/URI generation * Add ActivityPub::TagManager#to * Represent all attachments as Document instead of Image/Video specifically (Because for remote ones we may not know for sure) Add mentions and hashtags representation to AP notes * Add AP-resolvable hashtag URIs * Use ActiveModelSerializers for ActivityPub * Clean up unused translations * Separate route for object and activity * Adjust cc/to matrices * Add to/cc to activities, ensure announce activity embeds target status and not the wrapper status, add "id" to all collections
7 years ago
Cache JSON of immutable ActivityPub representations (#6171)
6 years ago
Make sure private toots remain private and do not end up in HTTP caches (#6175)
6 years ago
Cache JSON of immutable ActivityPub representations (#6171)
6 years ago
Allow HTTP caching of json view of public statuses (#6115) * Allow HTTP caching of json view of public statuses HTML views are not cached as they can contain private statuses as well * Disable session cookies for ActivityPub json rendering of public toots
6 years ago
Improve ActivityPub representations (#3844) * Improve webfinger templates and make tests more flexible * Clean up AS2 representation of actor * Refactor outbox * Create activities representation * Add representations of followers/following collections, do not redirect /users/:username route if format is empty * Remove unused translations * ActivityPub endpoint for single statuses, add ActivityPub::TagManager for better URL/URI generation * Add ActivityPub::TagManager#to * Represent all attachments as Document instead of Image/Video specifically (Because for remote ones we may not know for sure) Add mentions and hashtags representation to AP notes * Add AP-resolvable hashtag URIs * Use ActiveModelSerializers for ActivityPub * Clean up unused translations * Separate route for object and activity * Adjust cc/to matrices * Add to/cc to activities, ensure announce activity embeds target status and not the wrapper status, add "id" to all collections
7 years ago
Prettier account and stream entry URLs
7 years ago
Improve ActivityPub representations (#3844) * Improve webfinger templates and make tests more flexible * Clean up AS2 representation of actor * Refactor outbox * Create activities representation * Add representations of followers/following collections, do not redirect /users/:username route if format is empty * Remove unused translations * ActivityPub endpoint for single statuses, add ActivityPub::TagManager for better URL/URI generation * Add ActivityPub::TagManager#to * Represent all attachments as Document instead of Image/Video specifically (Because for remote ones we may not know for sure) Add mentions and hashtags representation to AP notes * Add AP-resolvable hashtag URIs * Use ActiveModelSerializers for ActivityPub * Clean up unused translations * Separate route for object and activity * Adjust cc/to matrices * Add to/cc to activities, ensure announce activity embeds target status and not the wrapper status, add "id" to all collections
7 years ago
Cache JSON of immutable ActivityPub representations (#6171)
6 years ago
Make sure private toots remain private and do not end up in HTTP caches (#6175)
6 years ago
Cache JSON of immutable ActivityPub representations (#6171)
6 years ago
Prettier account and stream entry URLs
7 years ago
Update status embeds (#4742) - Use statuses controller for embeds instead of stream entries controller - Prefer /@:username/:id/embed URL for embeds - Use /@:username as author_url in OEmbed - Add follow link to embeds which opens web intent in new window - Use redis cache in development - Cache entire embed
7 years ago
Finalized theme loading and stuff
7 years ago
Update status embeds (#4742) - Use statuses controller for embeds instead of stream entries controller - Prefer /@:username/:id/embed URL for embeds - Use /@:username as author_url in OEmbed - Add follow link to embeds which opens web intent in new window - Use redis cache in development - Cache entire embed
7 years ago
Prettier account and stream entry URLs
7 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Prettier account and stream entry URLs
7 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Fix "Show more" URL on paginated threads for remote statuses (#7285) * Fix URL of "Show more" link in paginated threads (ancestors side) Increase item limits in threads Fix #7268 * Fix "Show more" link in paginated threads (descendants side)
6 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Fix "Show more" URL on paginated threads for remote statuses (#7285) * Fix URL of "Show more" link in paginated threads (ancestors side) Increase item limits in threads Fix #7268 * Fix "Show more" link in paginated threads (descendants side)
6 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Fix "Show more" URL on paginated threads for remote statuses (#7285) * Fix URL of "Show more" link in paginated threads (ancestors side) Increase item limits in threads Fix #7268 * Fix "Show more" link in paginated threads (descendants side)
6 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Prettier account and stream entry URLs
7 years ago
Add alternate links to ActivityPub resources from HTML/HEAD variants (#4586)
7 years ago
Prettier account and stream entry URLs
7 years ago
Extract authorization policy for viewing statuses (#3150)
7 years ago
Prettier account and stream entry URLs
7 years ago
Fetch reblogs as Announce activity instead of Note object (#4672) * Process Create / Announce activity in FetchRemoteStatusService * Use activity URL in ActivityPub for reblogs * Redirect to the original status on StatusesController#show
7 years ago
Set Referrer-Policy to origin in web UI and public pages of private toots (#7162) Fix #7115
6 years ago
Prettier account and stream entry URLs
7 years ago
 
  1. # frozen_string_literal: true
  2. 

  3. class StatusesController < ApplicationController
  4.   include SignatureAuthentication
  5.   include Authorization
  6. 

  7.   ANCESTORS_LIMIT         = 40

  8.   DESCENDANTS_LIMIT       = 60

  9.   DESCENDANTS_DEPTH_LIMIT = 20

  10. 

  11.   layout 'public'
  12. 

  13.   before_action :set_account
  14.   before_action :set_status
  15.   before_action :set_link_headers
  16.   before_action :check_account_suspension
  17.   before_action :redirect_to_original, only: [:show]
  18.   before_action :set_referrer_policy_header, only: [:show]
  19.   before_action :set_cache_headers
  20. 

  21.   def show
  22.     respond_to do |format|
  23.       format.html do
  24.         use_pack 'public'
  25.         set_ancestors
  26.         set_descendants
  27. 

  28.         render 'stream_entries/show'
  29.       end
  30. 

  31.       format.json do
  32.         skip_session! unless @stream_entry.hidden?
  33. 

  34.         render_cached_json(['activitypub', 'note', @status.cache_key], content_type: 'application/activity+json', public: !@stream_entry.hidden?) do
  35.           ActiveModelSerializers::SerializableResource.new(@status, serializer: ActivityPub::NoteSerializer, adapter: ActivityPub::Adapter)
  36.         end
  37.       end
  38.     end
  39.   end
  40. 

  41.   def activity
  42.     skip_session!
  43. 

  44.     render_cached_json(['activitypub', 'activity', @status.cache_key], content_type: 'application/activity+json', public: !@stream_entry.hidden?) do
  45.       ActiveModelSerializers::SerializableResource.new(@status, serializer: ActivityPub::ActivitySerializer, adapter: ActivityPub::Adapter)
  46.     end
  47.   end
  48. 

  49.   def embed
  50.     use_pack 'embed'
  51.     response.headers['X-Frame-Options'] = 'ALLOWALL'
  52.     render 'stream_entries/embed', layout: 'embedded'
  53.   end
  54. 

  55.   private
  56. 

  57.   def create_descendant_thread(depth, statuses)
  58.     if depth < DESCENDANTS_DEPTH_LIMIT
  59.       { statuses: statuses }
  60.     else
  61.       next_status = statuses.pop
  62.       { statuses: statuses, next_status: next_status }
  63.     end
  64.   end
  65. 

  66.   def set_account
  67.     @account = Account.find_local!(params[:account_username])
  68.   end
  69. 

  70.   def set_ancestors
  71.     @ancestors     = @status.reply? ? cache_collection(@status.ancestors(ANCESTORS_LIMIT, current_account), Status) : []
  72.     @next_ancestor = @ancestors.size < ANCESTORS_LIMIT ? nil : @ancestors.shift
  73.   end
  74. 

  75.   def set_descendants
  76.     @max_descendant_thread_id   = params[:max_descendant_thread_id]&.to_i
  77.     @since_descendant_thread_id = params[:since_descendant_thread_id]&.to_i
  78. 

  79.     descendants = cache_collection(
  80.       @status.descendants(
  81.         DESCENDANTS_LIMIT,
  82.         current_account,
  83.         @max_descendant_thread_id,
  84.         @since_descendant_thread_id,
  85.         DESCENDANTS_DEPTH_LIMIT
  86.       ),
  87.       Status
  88.     )
  89. 

  90.     @descendant_threads = []
  91. 

  92.     if descendants.present?
  93.       statuses = [descendants.first]
  94.       depth    = 1

  95. 

  96.       descendants.drop(1).each_with_index do |descendant, index|
  97.         if descendants[index].id == descendant.in_reply_to_id
  98.           depth += 1

  99.           statuses << descendant
  100.         else
  101.           @descendant_threads << create_descendant_thread(depth, statuses)
  102. 

  103.           @descendant_threads.reverse_each do |descendant_thread|
  104.             statuses = descendant_thread[:statuses]
  105. 

  106.             index = statuses.find_index do |thread_status|
  107.               thread_status.id == descendant.in_reply_to_id
  108.             end
  109. 

  110.             if index.present?
  111.               depth += index - statuses.size
  112.               break
  113.             end
  114. 

  115.             depth -= statuses.size
  116.           end
  117. 

  118.           statuses = [descendant]
  119.         end
  120.       end
  121. 

  122.       @descendant_threads << create_descendant_thread(depth, statuses)
  123.     end
  124. 

  125.     @max_descendant_thread_id = @descendant_threads.pop[:statuses].first.id if descendants.size >= DESCENDANTS_LIMIT
  126.   end
  127. 

  128.   def set_link_headers
  129.     response.headers['Link'] = LinkHeader.new(
  130.       [
  131.         [account_stream_entry_url(@account, @status.stream_entry, format: 'atom'), [%w(rel alternate), %w(type application/atom+xml)]],
  132.         [ActivityPub::TagManager.instance.uri_for(@status), [%w(rel alternate), %w(type application/activity+json)]],
  133.       ]
  134.     )
  135.   end
  136. 

  137.   def set_status
  138.     @status       = @account.statuses.find(params[:id])
  139.     @stream_entry = @status.stream_entry
  140.     @type         = @stream_entry.activity_type.downcase
  141. 

  142.     authorize @status, :show?
  143.   rescue Mastodon::NotPermittedError
  144.     # Reraise in order to get a 404
  145.     raise ActiveRecord::RecordNotFound
  146.   end
  147. 

  148.   def check_account_suspension
  149.     gone if @account.suspended?
  150.   end
  151. 

  152.   def redirect_to_original
  153.     redirect_to ::TagManager.instance.url_for(@status.reblog) if @status.reblog?
  154.   end
  155. 

  156.   def set_referrer_policy_header
  157.     return if @status.public_visibility? || @status.unlisted_visibility?
  158.     response.headers['Referrer-Policy'] = 'origin'
  159.   end
  160. end