- POST /api/v1/push/subscription - PUT /api/v1/push/subscription - DELETE /api/v1/push/subscription - New OAuth scope: "push" (required for the above methods)pull/4/head
@ -0,0 +1,50 @@ | |||||
# frozen_string_literal: true | |||||
class Api::V1::Push::SubscriptionsController < Api::BaseController | |||||
before_action -> { doorkeeper_authorize! :push } | |||||
before_action :require_user! | |||||
before_action :set_web_push_subscription | |||||
def create | |||||
@web_subscription&.destroy! | |||||
@web_subscription = ::Web::PushSubscription.create!( | |||||
endpoint: subscription_params[:endpoint], | |||||
key_p256dh: subscription_params[:keys][:p256dh], | |||||
key_auth: subscription_params[:keys][:auth], | |||||
data: data_params, | |||||
user_id: current_user.id, | |||||
access_token_id: doorkeeper_token.id | |||||
) | |||||
render json: @web_subscription, serializer: REST::WebPushSubscriptionSerializer | |||||
end | |||||
def update | |||||
raise ActiveRecord::RecordNotFound if @web_subscription.nil? | |||||
@web_subscription.update!(data: data_params) | |||||
render json: @web_subscription, serializer: REST::WebPushSubscriptionSerializer | |||||
end | |||||
def destroy | |||||
@web_subscription&.destroy! | |||||
render_empty | |||||
end | |||||
private | |||||
def set_web_push_subscription | |||||
@web_subscription = ::Web::PushSubscription.find_by(access_token_id: doorkeeper_token.id) | |||||
end | |||||
def subscription_params | |||||
params.require(:subscription).permit(:endpoint, keys: [:auth, :p256dh]) | |||||
end | |||||
def data_params | |||||
return {} if params[:data].blank? | |||||
params.require(:data).permit(alerts: [:follow, :favourite, :reblog, :mention]) | |||||
end | |||||
end |
@ -0,0 +1,13 @@ | |||||
# frozen_string_literal: true | |||||
class REST::WebPushSubscriptionSerializer < ActiveModel::Serializer | |||||
attributes :id, :endpoint, :alerts, :server_key | |||||
def alerts | |||||
object.data&.dig('alerts') || {} | |||||
end | |||||
def server_key | |||||
Rails.configuration.x.vapid_public_key | |||||
end | |||||
end |
@ -0,0 +1,18 @@ | |||||
# frozen_string_literal: true | |||||
class Web::PushNotificationWorker | |||||
include Sidekiq::Worker | |||||
sidekiq_options backtrace: true | |||||
def perform(subscription_id, notification_id) | |||||
subscription = ::Web::PushSubscription.find(subscription_id) | |||||
notification = Notification.find(notification_id) | |||||
subscription.push(notification) unless notification.activity.nil? | |||||
rescue Webpush::InvalidSubscription, Webpush::ExpiredSubscription | |||||
subscription.destroy! | |||||
rescue ActiveRecord::RecordNotFound | |||||
true | |||||
end | |||||
end |
@ -1,25 +0,0 @@ | |||||
# frozen_string_literal: true | |||||
class WebPushNotificationWorker | |||||
include Sidekiq::Worker | |||||
sidekiq_options backtrace: true | |||||
def perform(session_activation_id, notification_id) | |||||
session_activation = SessionActivation.find(session_activation_id) | |||||
notification = Notification.find(notification_id) | |||||
return if session_activation.web_push_subscription.nil? || notification.activity.nil? | |||||
session_activation.web_push_subscription.push(notification) | |||||
rescue Webpush::InvalidSubscription, Webpush::ExpiredSubscription | |||||
# Subscription expiration is not currently implemented in any browser | |||||
session_activation.web_push_subscription.destroy! | |||||
session_activation.update!(web_push_subscription: nil) | |||||
true | |||||
rescue ActiveRecord::RecordNotFound | |||||
true | |||||
end | |||||
end |
@ -0,0 +1,6 @@ | |||||
class AddAccessTokenIdToWebPushSubscriptions < ActiveRecord::Migration[5.2] | |||||
def change | |||||
add_reference :web_push_subscriptions, :access_token, null: true, default: nil, foreign_key: { on_delete: :cascade, to_table: :oauth_access_tokens }, index: false | |||||
add_reference :web_push_subscriptions, :user, null: true, default: nil, foreign_key: { on_delete: :cascade }, index: false | |||||
end | |||||
end |
@ -0,0 +1,13 @@ | |||||
class MigrateWebPushSubscriptions < ActiveRecord::Migration[5.2] | |||||
disable_ddl_transaction! | |||||
def up | |||||
add_index :web_push_subscriptions, :user_id, algorithm: :concurrently | |||||
add_index :web_push_subscriptions, :access_token_id, algorithm: :concurrently | |||||
end | |||||
def down | |||||
remove_index :web_push_subscriptions, :user_id | |||||
remove_index :web_push_subscriptions, :access_token_id | |||||
end | |||||
end |
@ -0,0 +1,83 @@ | |||||
# frozen_string_literal: true | |||||
require 'rails_helper' | |||||
describe Api::V1::Push::SubscriptionsController do | |||||
render_views | |||||
let(:user) { Fabricate(:user) } | |||||
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'push') } | |||||
before do | |||||
allow(controller).to receive(:doorkeeper_token) { token } | |||||
end | |||||
let(:create_payload) do | |||||
{ | |||||
subscription: { | |||||
endpoint: 'https://fcm.googleapis.com/fcm/send/fiuH06a27qE:APA91bHnSiGcLwdaxdyqVXNDR9w1NlztsHb6lyt5WDKOC_Z_Q8BlFxQoR8tWFSXUIDdkyw0EdvxTu63iqamSaqVSevW5LfoFwojws8XYDXv_NRRLH6vo2CdgiN4jgHv5VLt2A8ah6lUX', | |||||
keys: { | |||||
p256dh: 'BEm_a0bdPDhf0SOsrnB2-ategf1hHoCnpXgQsFj5JCkcoMrMt2WHoPfEYOYPzOIs9mZE8ZUaD7VA5vouy0kEkr8=', | |||||
auth: 'eH_C8rq2raXqlcBVDa1gLg==', | |||||
}, | |||||
} | |||||
}.with_indifferent_access | |||||
end | |||||
let(:alerts_payload) do | |||||
{ | |||||
data: { | |||||
alerts: { | |||||
follow: true, | |||||
favourite: false, | |||||
reblog: true, | |||||
mention: false, | |||||
} | |||||
} | |||||
}.with_indifferent_access | |||||
end | |||||
describe 'POST #create' do | |||||
it 'saves push subscriptions' do | |||||
post :create, params: create_payload | |||||
push_subscription = Web::PushSubscription.find_by(endpoint: create_payload[:subscription][:endpoint]) | |||||
expect(push_subscription.endpoint).to eq(create_payload[:subscription][:endpoint]) | |||||
expect(push_subscription.key_p256dh).to eq(create_payload[:subscription][:keys][:p256dh]) | |||||
expect(push_subscription.key_auth).to eq(create_payload[:subscription][:keys][:auth]) | |||||
expect(push_subscription.user_id).to eq user.id | |||||
expect(push_subscription.access_token_id).to eq token.id | |||||
end | |||||
it 'replaces old subscription on repeat calls' do | |||||
post :create, params: create_payload | |||||
post :create, params: create_payload | |||||
expect(Web::PushSubscription.where(endpoint: create_payload[:subscription][:endpoint]).count).to eq 1 | |||||
end | |||||
end | |||||
describe 'PUT #update' do | |||||
it 'changes alert settings' do | |||||
post :create, params: create_payload | |||||
put :update, params: alerts_payload | |||||
push_subscription = Web::PushSubscription.find_by(endpoint: create_payload[:subscription][:endpoint]) | |||||
expect(push_subscription.data.dig('alerts', 'follow')).to eq(alerts_payload[:data][:alerts][:follow].to_s) | |||||
expect(push_subscription.data.dig('alerts', 'favourite')).to eq(alerts_payload[:data][:alerts][:favourite].to_s) | |||||
expect(push_subscription.data.dig('alerts', 'reblog')).to eq(alerts_payload[:data][:alerts][:reblog].to_s) | |||||
expect(push_subscription.data.dig('alerts', 'mention')).to eq(alerts_payload[:data][:alerts][:mention].to_s) | |||||
end | |||||
end | |||||
describe 'DELETE #destroy' do | |||||
it 'removes the subscription' do | |||||
post :create, params: create_payload | |||||
delete :destroy | |||||
expect(Web::PushSubscription.find_by(endpoint: create_payload[:subscription][:endpoint])).to be_nil | |||||
end | |||||
end | |||||
end |