nekobus
/
mastodon_neko
forked from closed-social/mastodon
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
闭社主体 forked from https://github.com/tootsuite/mastodon
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4043 Commits
2 Branches
112 MiB
Tree: 95f018a3d4
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '95f018a3d4'
${ noResults }
mastodon_neko/app/controllers/api/base_controller.rb

90 lines
2.6 KiB
Raw Normal View History

Fix rubocop issues, introduce usage of frozen literal to improve performance
8 years ago
Clean up for api/base controller (#3629) * Move ApiController to Api/BaseController * API controllers inherit from Api::BaseController * Add coverage for various error cases in api/base controller
7 years ago
API pagination for all collections using Link header
8 years ago
Coverage improvement and concern extraction for rate limit headers in API controller (#3625) * Coverage for rate limit headers * Move rate limit headers methods to concern * Move throttle check to condition on before_action * Move match_data variable into method * Move utc timestamp to separate method * Move header setting into smaller methods * specs cleanup
7 years ago
Upgrade to Rails 5.0.0.1
8 years ago
Do not store last visited URL from API controllers (#1330) Sign-in redirects you back to last visited URL, but in case of API requests, this sometimes redirected users to an API URL that, of course, greeted them with an {"error":"The access token is invalid"}
7 years ago
Adding doorkeeper, adding a REST API POST /api/statuses Params: status (text contents), in_reply_to_id (optional) GET /api/statuses/:id POST /api/statuses/:id/reblog GET /api/accounts/:id GET /api/accounts/:id/following GET /api/accounts/:id/followers POST /api/accounts/:id/follow POST /api/accounts/:id/unfollow POST /api/follows Params: uri (e.g. user@domain) OAuth authentication is currently disabled, but the API can be used with HTTP Auth.
8 years ago
Add validation of media attachments, clean up mastodon-own exception classes
7 years ago
Meaningful validation errors in API response
8 years ago
The frontend will now be an OAuth app, auto-authorized. The frontend will use an access token for API requests Adding better errors for the API controllers, posting a simple status works from the frontend now
8 years ago
Fix webfinger retries (#4275) * Do not raise unretryable exceptions in ResolveRemoteAccountService * Removed fatal exceptions from ResolveRemoteAccountService Exceptions that cannot be retried should not be raised. New exception class for those that can be retried (Mastodon::UnexpectedResponseError)
7 years ago
Improved error handling for FollowRemoteService
8 years ago
Catching more exceptions that slipped through, removing AR logging from production as it's very verbose and not very useful
8 years ago
Add validation of media attachments, clean up mastodon-own exception classes
7 years ago
Add "locked" flag to accounts, prevent blocked users from following, force-unfollow blocked users
7 years ago
Better error message in doorkeeper json response
8 years ago
Adding OAuth access scopes, fixing OAuth authorization UI, adding rate limiting to the API
8 years ago
Adding doorkeeper, adding a REST API POST /api/statuses Params: status (text contents), in_reply_to_id (optional) GET /api/statuses/:id POST /api/statuses/:id/reblog GET /api/accounts/:id GET /api/accounts/:id/following GET /api/accounts/:id/followers POST /api/accounts/:id/follow POST /api/accounts/:id/unfollow POST /api/follows Params: uri (e.g. user@domain) OAuth authentication is currently disabled, but the API can be used with HTTP Auth.
8 years ago
API pagination for all collections using Link header
8 years ago
Fix rubocop issues, introduce usage of frozen literal to improve performance
8 years ago
Don't send Link header when don't know prev and next links (#4633)
7 years ago
API pagination for all collections using Link header
8 years ago
API now respects ?limit param as long as it's within 2x default limit
7 years ago
Adding doorkeeper, adding a REST API POST /api/statuses Params: status (text contents), in_reply_to_id (optional) GET /api/statuses/:id POST /api/statuses/:id/reblog GET /api/accounts/:id GET /api/accounts/:id/following GET /api/accounts/:id/followers POST /api/accounts/:id/follow POST /api/accounts/:id/unfollow POST /api/follows Params: uri (e.g. user@domain) OAuth authentication is currently disabled, but the API can be used with HTTP Auth.
8 years ago
Rename "publish" to "toot" in english locale, fix lightbox showing old image before loading new one, cache notifications API, fix missing follow button on public profiles
8 years ago
Adding doorkeeper, adding a REST API POST /api/statuses Params: status (text contents), in_reply_to_id (optional) GET /api/statuses/:id POST /api/statuses/:id/reblog GET /api/accounts/:id GET /api/accounts/:id/following GET /api/accounts/:id/followers POST /api/accounts/:id/follow POST /api/accounts/:id/unfollow POST /api/follows Params: uri (e.g. user@domain) OAuth authentication is currently disabled, but the API can be used with HTTP Auth.
8 years ago
Avoid dynamic methods due to processing speed (#2080)
7 years ago
Move timelines API from statuses to its own controller, add a check for resources that require a user context vs those that don't (such as public timeline) /api/v1/statuses/public -> /api/v1/timelines/public /api/v1/statuses/home -> /api/v1/timelines/home /api/v1/statuses/mentions -> /api/v1/timelines/mentions /api/v1/statuses/tag/:tag -> /api/v1/timelines/tag/:tag
8 years ago
Fix require_user! behavior when not logged in (#4604)
7 years ago
Adding doorkeeper, adding a REST API POST /api/statuses Params: status (text contents), in_reply_to_id (optional) GET /api/statuses/:id POST /api/statuses/:id/reblog GET /api/accounts/:id GET /api/accounts/:id/following GET /api/accounts/:id/followers POST /api/accounts/:id/follow POST /api/accounts/:id/unfollow POST /api/follows Params: uri (e.g. user@domain) OAuth authentication is currently disabled, but the API can be used with HTTP Auth.
8 years ago
Replace logo, fix #57 - delete/unreblog/unfavourite API, fix #45 - app registration API
8 years ago
Fix #16 - Optimize n+1 queries when checking reblogged/favourited values for status lists in API
8 years ago
Fix rubocop issues, introduce usage of frozen literal to improve performance
8 years ago
Move timelines API from statuses to its own controller, add a check for resources that require a user context vs those that don't (such as public timeline) /api/v1/statuses/public -> /api/v1/timelines/public /api/v1/statuses/home -> /api/v1/timelines/home /api/v1/statuses/mentions -> /api/v1/timelines/mentions /api/v1/statuses/tag/:tag -> /api/v1/timelines/tag/:tag
8 years ago
Feature conversations muting (#3017) * Add <ostatus:conversation /> tag to Atom input/output Only uses ref attribute (not href) because href would be the alternate link that's always included also. Creates new conversation for every non-reply status. Carries over conversation for every reply. Keeps remote URIs verbatim, generates local URIs on the fly like the rest of them. * Conversation muting - prevents notifications that reference a conversation (including replies, favourites, reblogs) from being created. API endpoints /api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute Currently no way to tell when a status/conversation is muted, so the web UI only has a "disable notifications" button, doesn't work as a toggle * Display "Dismiss notifications" on all statuses in notifications column, not just own * Add "muted" as a boolean attribute on statuses JSON For now always false on contained reblogs, since it's only relevant for statuses returned from the notifications endpoint, which are not nested Remove "Disable notifications" from detailed status view, since it's only relevant in the notifications column * Up max class length * Remove pending test for conversation mute * Add tests, clean up * Rename to "mute conversation" and "unmute conversation" * Raise validation error when trying to mute/unmute status without conversation
7 years ago
Move timelines API from statuses to its own controller, add a check for resources that require a user context vs those that don't (such as public timeline) /api/v1/statuses/public -> /api/v1/timelines/public /api/v1/statuses/home -> /api/v1/timelines/home /api/v1/statuses/mentions -> /api/v1/timelines/mentions /api/v1/statuses/tag/:tag -> /api/v1/timelines/tag/:tag
8 years ago
Feature conversations muting (#3017) * Add <ostatus:conversation /> tag to Atom input/output Only uses ref attribute (not href) because href would be the alternate link that's always included also. Creates new conversation for every non-reply status. Carries over conversation for every reply. Keeps remote URIs verbatim, generates local URIs on the fly like the rest of them. * Conversation muting - prevents notifications that reference a conversation (including replies, favourites, reblogs) from being created. API endpoints /api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute Currently no way to tell when a status/conversation is muted, so the web UI only has a "disable notifications" button, doesn't work as a toggle * Display "Dismiss notifications" on all statuses in notifications column, not just own * Add "muted" as a boolean attribute on statuses JSON For now always false on contained reblogs, since it's only relevant for statuses returned from the notifications endpoint, which are not nested Remove "Disable notifications" from detailed status view, since it's only relevant in the notifications column * Up max class length * Remove pending test for conversation mute * Add tests, clean up * Rename to "mute conversation" and "unmute conversation" * Raise validation error when trying to mute/unmute status without conversation
7 years ago
Fix #16 - Optimize n+1 queries when checking reblogged/favourited values for status lists in API
8 years ago
Fixing some bugs, adding pending test examples
8 years ago
 
  1. # frozen_string_literal: true
  2. 

  3. class Api::BaseController < ApplicationController
  4.   DEFAULT_STATUSES_LIMIT = 20

  5.   DEFAULT_ACCOUNTS_LIMIT = 40

  6. 

  7.   include RateLimitHeaders
  8. 

  9.   skip_before_action :verify_authenticity_token
  10.   skip_before_action :store_current_location
  11. 

  12.   rescue_from ActiveRecord::RecordInvalid, Mastodon::ValidationError do |e|
  13.     render json: { error: e.to_s }, status: 422

  14.   end
  15. 

  16.   rescue_from ActiveRecord::RecordNotFound do
  17.     render json: { error: 'Record not found' }, status: 404

  18.   end
  19. 

  20.   rescue_from HTTP::Error, Mastodon::UnexpectedResponseError do
  21.     render json: { error: 'Remote data could not be fetched' }, status: 503

  22.   end
  23. 

  24.   rescue_from OpenSSL::SSL::SSLError do
  25.     render json: { error: 'Remote SSL certificate could not be verified' }, status: 503

  26.   end
  27. 

  28.   rescue_from Mastodon::NotPermittedError do
  29.     render json: { error: 'This action is not allowed' }, status: 403

  30.   end
  31. 

  32.   def doorkeeper_unauthorized_render_options(error: nil)
  33.     { json: { error: (error.try(:description) || 'Not authorized') } }
  34.   end
  35. 

  36.   def doorkeeper_forbidden_render_options(*)
  37.     { json: { error: 'This action is outside the authorized scopes' } }
  38.   end
  39. 

  40.   protected
  41. 

  42.   def set_pagination_headers(next_path = nil, prev_path = nil)
  43.     links = []
  44.     links << [next_path, [%w(rel next)]] if next_path
  45.     links << [prev_path, [%w(rel prev)]] if prev_path
  46.     response.headers['Link'] = LinkHeader.new(links) unless links.empty?
  47.   end
  48. 

  49.   def limit_param(default_limit)
  50.     return default_limit unless params[:limit]
  51.     [params[:limit].to_i.abs, default_limit * 2].min
  52.   end
  53. 

  54.   def current_resource_owner
  55.     @current_user ||= User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token
  56.   end
  57. 

  58.   def current_user
  59.     current_resource_owner || super
  60.   rescue ActiveRecord::RecordNotFound
  61.     nil
  62.   end
  63. 

  64.   def require_user!
  65.     if current_user
  66.       set_user_activity
  67.     else
  68.       render json: { error: 'This method requires an authenticated user' }, status: 422

  69.     end
  70.   end
  71. 

  72.   def render_empty
  73.     render json: {}, status: 200

  74.   end
  75. 

  76.   def set_maps(statuses) # rubocop:disable Style/AccessorMethodName
  77.     if current_account.nil?
  78.       @reblogs_map    = {}
  79.       @favourites_map = {}
  80.       @mutes_map      = {}
  81.       return
  82.     end
  83. 

  84.     status_ids       = statuses.compact.flat_map { |s| [s.id, s.reblog_of_id] }.uniq
  85.     conversation_ids = statuses.compact.map(&:conversation_id).compact.uniq
  86.     @reblogs_map     = Status.reblogs_map(status_ids, current_account)
  87.     @favourites_map  = Status.favourites_map(status_ids, current_account)
  88.     @mutes_map       = Status.mutes_map(conversation_ids, current_account)
  89.   end
  90. end