chinwagsocial/app/controllers/statuses_controller.rb

70 lines
2.2 KiB
Ruby
Raw Permalink Normal View History

2017-03-23 05:26:22 +11:00
# frozen_string_literal: true
class StatusesController < ApplicationController
include WebAppControllerConcern
include SignatureAuthentication
include Authorization
include AccountOwnedConcern
2017-03-23 05:26:22 +11:00
vary_by -> { public_fetch_mode? ? 'Accept, Accept-Language, Cookie' : 'Accept, Accept-Language, Cookie, Signature' }
before_action :require_account_signature!, only: [:show, :activity], if: -> { request.format == :json && authorized_fetch_mode? }
2017-03-23 05:26:22 +11:00
before_action :set_status
before_action :redirect_to_original, only: :show
2017-03-23 05:26:22 +11:00
after_action :set_link_headers
skip_around_action :set_locale, if: -> { request.format == :json }
skip_before_action :require_functional!, only: [:show, :embed], unless: :limited_federation_mode?
content_security_policy only: :embed do |policy|
policy.frame_ancestors(false)
end
2017-03-23 05:26:22 +11:00
def show
respond_to do |format|
format.html do
expires_in 10.seconds, public: true if current_account.nil?
end
format.json do
expires_in 3.minutes, public: true if @status.distributable? && public_fetch_mode?
render_with_cache json: @status, content_type: 'application/activity+json', serializer: ActivityPub::NoteSerializer, adapter: ActivityPub::Adapter
end
end
end
2017-03-23 05:26:22 +11:00
def activity
expires_in 3.minutes, public: @status.distributable? && public_fetch_mode?
2020-06-03 03:24:53 +10:00
render_with_cache json: ActivityPub::ActivityPresenter.from_status(@status), content_type: 'application/activity+json', serializer: ActivityPub::ActivitySerializer, adapter: ActivityPub::Adapter
2017-03-23 05:26:22 +11:00
end
def embed
return not_found if @status.hidden? || @status.reblog?
expires_in 180, public: true
response.headers.delete('X-Frame-Options')
render layout: 'embedded'
end
2017-03-23 05:26:22 +11:00
private
def set_link_headers
response.headers['Link'] = LinkHeader.new(
[[ActivityPub::TagManager.instance.uri_for(@status), [%w(rel alternate), %w(type application/activity+json)]]]
).to_s
2017-03-23 05:26:22 +11:00
end
def set_status
@status = @account.statuses.find(params[:id])
authorize @status, :show?
rescue Mastodon::NotPermittedError
not_found
2017-03-23 05:26:22 +11:00
end
def redirect_to_original
redirect_to(ActivityPub::TagManager.instance.url_for(@status.reblog), allow_other_host: true) if @status.reblog?
end
2017-03-23 05:26:22 +11:00
end