nekobus
/
mastodon_neko
forked from closed-social/mastodon
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
闭社主体 forked from https://github.com/tootsuite/mastodon
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4588 Commits
2 Branches
112 MiB
Tree: d07983b56d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd07983b56d'
${ noResults }
mastodon_neko/app/controllers/stream_entries_controller.rb

60 lines
1.8 KiB
Raw Normal View History

Fix rubocop issues, introduce usage of frozen literal to improve performance
8 years ago
Refactoring Grape API methods into normal controllers & other things
8 years ago
Extract authorization policy for viewing statuses (#3150)
7 years ago
HTTP signatures (#4146) * Add Request class with HTTP signature generator Spec: https://tools.ietf.org/html/draft-cavage-http-signatures-06 * Add HTTP signature verification concern * Add test for SignatureVerification concern * Add basic test for Request class * Make PuSH subscribe/unsubscribe requests use new Request class Accidentally fix lease_seconds not being set and sent properly, and change the new minimum subscription duration to 1 day * Make all PuSH workers use new Request class * Make Salmon sender use new Request class * Make FetchLinkService use new Request class * Make FetchAtomService use the new Request class * Make Remotable use the new Request class * Make ResolveRemoteAccountService use the new Request class * Add more tests * Allow +-30 seconds window for signed request to remain valid * Disable time window validation for signed requests, restore 7 days as PuSH subscription duration (which was previous default due to a bug)
7 years ago
Extract authorization policy for viewing statuses (#3150)
7 years ago
Adjusting design of profile and entry pages, linkify mentions in statuses
8 years ago
Refactoring Grape API methods into normal controllers & other things
8 years ago
Fix #24 - Thread resolving for remote statuses This is a big one, so let me enumerate: Accounts as well as stream entry pages now contain Link headers that reference the Atom feed and Webfinger URL for the former and Atom entry for the latter. So you only need to HEAD those resources to get that information, no need to download and parse HTML <link>s. ProcessFeedService will now queue ThreadResolveWorker for each remote status that it cannot find otherwise. Furthermore, entries are now processed in reverse order (from bottom to top) in case a newer entry references a chronologically previous one. ThreadResolveWorker uses FetchRemoteStatusService to obtain a status and attach the child status it was queued for to it. FetchRemoteStatusService looks up the URL, first with a HEAD, tests if it's an Atom feed, in which case it processes it directly. Next for Link headers to the Atom feed, in which case that is fetched and processed. Lastly if it's HTML, it is checked for <link>s to the Atom feed, and if such is found, that is fetched and processed. The account for the status is derived from author/name attribute in the XML and the hostname in the URL (domain). FollowRemoteAccountService and ProcessFeedService are used. This means that potentially threads are resolved recursively until a dead-end is encountered, however it is performed asynchronously over background jobs, so it should be ok.
8 years ago
Add filters for suspended accounts
8 years ago
Refactoring Grape API methods into normal controllers & other things
8 years ago
Catching more exceptions that slipped through, removing AR logging from production as it's very verbose and not very useful
8 years ago
Cover StreamEntriesController more and remove redundant instructions (#3257) * Cover StreamEntriesController more * Remove redundant instructions in StreamEntriesController
7 years ago
Catching more exceptions that slipped through, removing AR logging from production as it's very verbose and not very useful
8 years ago
Rewrite Atom generation from stream entries to use Ox instead of Nokogiri (#1124) * Rewrite Atom generation from stream entries to use Ox instead of Nokogiri::Builder StreamEntry is now limited to only statuses, which allows some optimization. Removed extra queries on AccountsController#show. AtomSerializer instead of AtomBuilderHelper used in AccountsController#show, StreamEntriesController#show, StreamEntryRenderer and PubSubHubbub::DistributionWorker PubSubHubbub::DistributionWorker moves n+1 DomainBlock query to PubSubHubbub::DeliveryWorker instead. All Salmon slaps that aren't based on StreamEntry still use AtomBuilderHelper and Nokogiri * All Salmon slaps now use Ox instead of Nokogiri. No touch from status on account
7 years ago
Correct OStatus inflection (Ostatus -> OStatus) (#4255)
7 years ago
Rewrite Atom generation from stream entries to use Ox instead of Nokogiri (#1124) * Rewrite Atom generation from stream entries to use Ox instead of Nokogiri::Builder StreamEntry is now limited to only statuses, which allows some optimization. Removed extra queries on AccountsController#show. AtomSerializer instead of AtomBuilderHelper used in AccountsController#show, StreamEntriesController#show, StreamEntryRenderer and PubSubHubbub::DistributionWorker PubSubHubbub::DistributionWorker moves n+1 DomainBlock query to PubSubHubbub::DeliveryWorker instead. All Salmon slaps that aren't based on StreamEntry still use AtomBuilderHelper and Nokogiri * All Salmon slaps now use Ox instead of Nokogiri. No touch from status on account
7 years ago
Refactoring Grape API methods into normal controllers & other things
8 years ago
Add OEmbed iframe HTML, convert emojis on public pages, increase size of attachment thumbnails
7 years ago
Update status embeds (#4742) - Use statuses controller for embeds instead of stream entries controller - Prefer /@:username/:id/embed URL for embeds - Use /@:username as author_url in OEmbed - Add follow link to embeds which opens web intent in new window - Use redis cache in development - Cache entire embed
7 years ago
Add OEmbed iframe HTML, convert emojis on public pages, increase size of attachment thumbnails
7 years ago
Refactoring Grape API methods into normal controllers & other things
8 years ago
Case-insensitive search by usernames
8 years ago
Refactoring Grape API methods into normal controllers & other things
8 years ago
Fix #24 - Thread resolving for remote statuses This is a big one, so let me enumerate: Accounts as well as stream entry pages now contain Link headers that reference the Atom feed and Webfinger URL for the former and Atom entry for the latter. So you only need to HEAD those resources to get that information, no need to download and parse HTML <link>s. ProcessFeedService will now queue ThreadResolveWorker for each remote status that it cannot find otherwise. Furthermore, entries are now processed in reverse order (from bottom to top) in case a newer entry references a chronologically previous one. ThreadResolveWorker uses FetchRemoteStatusService to obtain a status and attach the child status it was queued for to it. FetchRemoteStatusService looks up the URL, first with a HEAD, tests if it's an Atom feed, in which case it processes it directly. Next for Link headers to the Atom feed, in which case that is fetched and processed. Lastly if it's HTML, it is checked for <link>s to the Atom feed, and if such is found, that is fetched and processed. The account for the status is derived from author/name attribute in the XML and the hostname in the URL (domain). FollowRemoteAccountService and ProcessFeedService are used. This means that potentially threads are resolved recursively until a dead-end is encountered, however it is performed asynchronously over background jobs, so it should be ok.
8 years ago
Add alternate links to ActivityPub resources from HTML/HEAD variants (#4586)
7 years ago
Fix #24 - Thread resolving for remote statuses This is a big one, so let me enumerate: Accounts as well as stream entry pages now contain Link headers that reference the Atom feed and Webfinger URL for the former and Atom entry for the latter. So you only need to HEAD those resources to get that information, no need to download and parse HTML <link>s. ProcessFeedService will now queue ThreadResolveWorker for each remote status that it cannot find otherwise. Furthermore, entries are now processed in reverse order (from bottom to top) in case a newer entry references a chronologically previous one. ThreadResolveWorker uses FetchRemoteStatusService to obtain a status and attach the child status it was queued for to it. FetchRemoteStatusService looks up the URL, first with a HEAD, tests if it's an Atom feed, in which case it processes it directly. Next for Link headers to the Atom feed, in which case that is fetched and processed. Lastly if it's HTML, it is checked for <link>s to the Atom feed, and if such is found, that is fetched and processed. The account for the status is derived from author/name attribute in the XML and the hostname in the URL (domain). FollowRemoteAccountService and ProcessFeedService are used. This means that potentially threads are resolved recursively until a dead-end is encountered, however it is performed asynchronously over background jobs, so it should be ok.
8 years ago
Refactoring Grape API methods into normal controllers & other things
8 years ago
Do not display non-Status stream entries anymore
7 years ago
Adjusting public display of statuses to look similar to logged-in UI, fix #361 with rich OEmbed display via iframe, fix #237 by hiding sensitive content behind a spoiler on public pages
7 years ago
Follow call on locked account creates follow request instead Reflect "requested" relationship in API and UI Reflect inability of private posts to be reblogged in the UI Disable Webfinger for locked accounts
7 years ago
Extract authorization policy for viewing statuses (#3150)
7 years ago
Refactoring Grape API methods into normal controllers & other things
8 years ago
Add filters for suspended accounts
8 years ago
Fix wrong HTTP status codes on error pages
7 years ago
Add filters for suspended accounts
8 years ago
Refactoring Grape API methods into normal controllers & other things
8 years ago
 
  1. # frozen_string_literal: true
  2. 

  3. class StreamEntriesController < ApplicationController
  4.   include Authorization
  5.   include SignatureVerification
  6. 

  7.   layout 'public'
  8. 

  9.   before_action :set_account
  10.   before_action :set_stream_entry
  11.   before_action :set_link_headers
  12.   before_action :check_account_suspension
  13. 

  14.   def show
  15.     respond_to do |format|
  16.       format.html do
  17.         @ancestors   = @stream_entry.activity.reply? ? cache_collection(@stream_entry.activity.ancestors(current_account), Status) : []
  18.         @descendants = cache_collection(@stream_entry.activity.descendants(current_account), Status)
  19.       end
  20. 

  21.       format.atom do
  22.         render xml: OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.entry(@stream_entry, true))
  23.       end
  24.     end
  25.   end
  26. 

  27.   def embed
  28.     redirect_to embed_short_account_status_url(@account, @stream_entry.activity), status: 301

  29.   end
  30. 

  31.   private
  32. 

  33.   def set_account
  34.     @account = Account.find_local!(params[:account_username])
  35.   end
  36. 

  37.   def set_link_headers
  38.     response.headers['Link'] = LinkHeader.new(
  39.       [
  40.         [account_stream_entry_url(@account, @stream_entry, format: 'atom'), [%w(rel alternate), %w(type application/atom+xml)]],
  41.         [ActivityPub::TagManager.instance.uri_for(@stream_entry.activity), [%w(rel alternate), %w(type application/activity+json)]],
  42.       ]
  43.     )
  44.   end
  45. 

  46.   def set_stream_entry
  47.     @stream_entry = @account.stream_entries.where(activity_type: 'Status').find(params[:id])
  48.     @type         = @stream_entry.activity_type.downcase
  49. 

  50.     raise ActiveRecord::RecordNotFound if @stream_entry.activity.nil?
  51.     authorize @stream_entry.activity, :show? if @stream_entry.hidden?
  52.   rescue Mastodon::NotPermittedError
  53.     # Reraise in order to get a 404
  54.     raise ActiveRecord::RecordNotFound
  55.   end
  56. 

  57.   def check_account_suspension
  58.     gone if @account.suspended?
  59.   end
  60. end