|
|
- # frozen_string_literal: true
-
- class AuthorizeFollowsController < ApplicationController
- layout 'public'
-
- before_action :authenticate_user!
-
- def show
- @account = located_account || render(:error)
- end
-
- def create
- @account = follow_attempt.try(:target_account)
-
- if @account.nil?
- render :error
- else
- redirect_to web_url("accounts/#{@account.id}")
- end
- rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError
- render :error
- end
-
- private
-
- def follow_attempt
- FollowService.new.call(current_account, acct_without_prefix)
- end
-
- def located_account
- if acct_param_is_url?
- account_from_remote_fetch
- else
- account_from_remote_follow
- end
- end
-
- def account_from_remote_fetch
- FetchRemoteAccountService.new.call(acct_without_prefix)
- end
-
- def account_from_remote_follow
- FollowRemoteAccountService.new.call(acct_without_prefix)
- end
-
- def acct_param_is_url?
- parsed_uri.path && %w(http https).include?(parsed_uri.scheme)
- end
-
- def parsed_uri
- Addressable::URI.parse(acct_without_prefix).normalize
- end
-
- def acct_without_prefix
- acct_params.gsub(/\Aacct:/, '')
- end
-
- def acct_params
- params.fetch(:acct, '')
- end
- end
|
