62bafa20a1
* Revert "Add indication that you have been blocked in web UI (#10420)" This reverts commitbd02ec6daa. * Revert "Add `blocked_by` relationship to the REST API (#10373)" This reverts commit9745de883b. * Hide blocking accounts from search results * Filter blocking accouts from account followers * Filter blocking accouts from account's following accounts * Filter blocking accounts from “reblogged by” and “favourited by” lists * Remove blocking account from URL search * Return 410 on trying to fetch user data from a user who blocked us * Return 410 in /api/v1/account/statuses for suspended or blocking accounts * Fix status filtering when performing URL search * Restore some React improvements Restore some cleanup frombd02ec6daa* Refactor by adding `without_blocking` scope
95 lines
3.2 KiB
Ruby
95 lines
3.2 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class Api::V1::AccountsController < Api::BaseController
|
|
before_action -> { authorize_if_got_token! :read, :'read:accounts' }, except: [:create, :follow, :unfollow, :block, :unblock, :mute, :unmute]
|
|
before_action -> { doorkeeper_authorize! :follow, :'write:follows' }, only: [:follow, :unfollow]
|
|
before_action -> { doorkeeper_authorize! :follow, :'write:mutes' }, only: [:mute, :unmute]
|
|
before_action -> { doorkeeper_authorize! :follow, :'write:blocks' }, only: [:block, :unblock]
|
|
before_action -> { doorkeeper_authorize! :write, :'write:accounts' }, only: [:create]
|
|
|
|
before_action :require_user!, except: [:show, :create]
|
|
before_action :set_account, except: [:create]
|
|
before_action :check_account_suspension, only: [:show]
|
|
before_action :check_account_block, only: [:show]
|
|
before_action :check_enabled_registrations, only: [:create]
|
|
|
|
respond_to :json
|
|
|
|
def show
|
|
render json: @account, serializer: REST::AccountSerializer
|
|
end
|
|
|
|
def create
|
|
token = AppSignUpService.new.call(doorkeeper_token.application, account_params)
|
|
response = Doorkeeper::OAuth::TokenResponse.new(token)
|
|
|
|
headers.merge!(response.headers)
|
|
|
|
self.response_body = Oj.dump(response.body)
|
|
self.status = response.status
|
|
end
|
|
|
|
def follow
|
|
FollowService.new.call(current_user.account, @account, reblogs: truthy_param?(:reblogs))
|
|
|
|
options = @account.locked? ? {} : { following_map: { @account.id => { reblogs: truthy_param?(:reblogs) } }, requested_map: { @account.id => false } }
|
|
|
|
render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships(options)
|
|
end
|
|
|
|
def block
|
|
BlockService.new.call(current_user.account, @account)
|
|
render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
|
|
end
|
|
|
|
def mute
|
|
MuteService.new.call(current_user.account, @account, notifications: truthy_param?(:notifications))
|
|
render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
|
|
end
|
|
|
|
def unfollow
|
|
UnfollowService.new.call(current_user.account, @account)
|
|
render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
|
|
end
|
|
|
|
def unblock
|
|
UnblockService.new.call(current_user.account, @account)
|
|
render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
|
|
end
|
|
|
|
def unmute
|
|
UnmuteService.new.call(current_user.account, @account)
|
|
render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
|
|
end
|
|
|
|
private
|
|
|
|
def set_account
|
|
@account = Account.find(params[:id])
|
|
end
|
|
|
|
def relationships(**options)
|
|
AccountRelationshipsPresenter.new([@account.id], current_user.account_id, options)
|
|
end
|
|
|
|
def check_account_suspension
|
|
gone if @account.suspended?
|
|
end
|
|
|
|
def check_account_block
|
|
gone if current_account.present? && @account.blocking?(current_account)
|
|
end
|
|
|
|
def account_params
|
|
params.permit(:username, :email, :password, :agreement, :locale)
|
|
end
|
|
|
|
def check_enabled_registrations
|
|
forbidden if single_user_mode? || !allowed_registrations?
|
|
end
|
|
|
|
def allowed_registrations?
|
|
Setting.registrations_mode != 'none'
|
|
end
|
|
end
|