2017-03-23 05:26:22 +11:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
class StatusesController < ApplicationController
|
2022-10-20 23:35:29 +11:00
|
|
|
include WebAppControllerConcern
|
2018-02-02 20:19:59 +11:00
|
|
|
include SignatureAuthentication
|
2017-05-30 02:22:22 +10:00
|
|
|
include Authorization
|
2019-07-08 20:03:45 +10:00
|
|
|
include AccountOwnedConcern
|
2017-03-23 05:26:22 +11:00
|
|
|
|
2023-04-24 06:27:24 +10:00
|
|
|
vary_by -> { public_fetch_mode? ? 'Accept, Accept-Language, Cookie' : 'Accept, Accept-Language, Cookie, Signature' }
|
2023-04-20 00:07:29 +10:00
|
|
|
|
2022-09-22 06:45:57 +10:00
|
|
|
before_action :require_account_signature!, only: [:show, :activity], if: -> { request.format == :json && authorized_fetch_mode? }
|
2017-03-23 05:26:22 +11:00
|
|
|
before_action :set_status
|
2019-07-12 04:11:09 +10:00
|
|
|
before_action :redirect_to_original, only: :show
|
2017-03-23 05:26:22 +11:00
|
|
|
|
2023-03-26 10:40:01 +11:00
|
|
|
after_action :set_link_headers
|
|
|
|
|
2019-08-12 06:59:40 +10:00
|
|
|
skip_around_action :set_locale, if: -> { request.format == :json }
|
2023-08-03 03:32:48 +10:00
|
|
|
skip_before_action :require_functional!, only: [:show, :embed], unless: :limited_federation_mode?
|
2019-08-12 06:59:40 +10:00
|
|
|
|
2022-12-16 03:11:58 +11:00
|
|
|
content_security_policy only: :embed do |policy|
|
|
|
|
policy.frame_ancestors(false)
|
2018-10-12 05:35:46 +11:00
|
|
|
end
|
|
|
|
|
2017-03-23 05:26:22 +11:00
|
|
|
def show
|
2017-07-15 11:01:39 +10:00
|
|
|
respond_to do |format|
|
|
|
|
format.html do
|
2019-06-05 22:02:59 +10:00
|
|
|
expires_in 10.seconds, public: true if current_account.nil?
|
2017-07-15 11:01:39 +10:00
|
|
|
end
|
|
|
|
|
|
|
|
format.json do
|
2023-04-24 06:27:24 +10:00
|
|
|
expires_in 3.minutes, public: true if @status.distributable? && public_fetch_mode?
|
2019-07-22 06:32:16 +10:00
|
|
|
render_with_cache json: @status, content_type: 'application/activity+json', serializer: ActivityPub::NoteSerializer, adapter: ActivityPub::Adapter
|
2017-07-15 11:01:39 +10:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2017-03-23 05:26:22 +11:00
|
|
|
|
2017-07-15 11:01:39 +10:00
|
|
|
def activity
|
2019-07-12 04:11:09 +10:00
|
|
|
expires_in 3.minutes, public: @status.distributable? && public_fetch_mode?
|
2020-06-03 03:24:53 +10:00
|
|
|
render_with_cache json: ActivityPub::ActivityPresenter.from_status(@status), content_type: 'application/activity+json', serializer: ActivityPub::ActivitySerializer, adapter: ActivityPub::Adapter
|
2017-03-23 05:26:22 +11:00
|
|
|
end
|
|
|
|
|
2017-08-30 18:23:43 +10:00
|
|
|
def embed
|
2020-05-04 00:30:36 +10:00
|
|
|
return not_found if @status.hidden? || @status.reblog?
|
2018-07-01 12:12:34 +10:00
|
|
|
|
|
|
|
expires_in 180, public: true
|
2023-05-23 22:27:17 +10:00
|
|
|
response.headers.delete('X-Frame-Options')
|
2018-07-01 12:12:34 +10:00
|
|
|
|
2019-07-08 00:16:51 +10:00
|
|
|
render layout: 'embedded'
|
2017-08-30 18:23:43 +10:00
|
|
|
end
|
|
|
|
|
2017-03-23 05:26:22 +11:00
|
|
|
private
|
|
|
|
|
|
|
|
def set_link_headers
|
2024-09-06 06:05:38 +10:00
|
|
|
response.headers['Link'] = LinkHeader.new(
|
|
|
|
[[ActivityPub::TagManager.instance.uri_for(@status), [%w(rel alternate), %w(type application/activity+json)]]]
|
|
|
|
).to_s
|
2017-03-23 05:26:22 +11:00
|
|
|
end
|
|
|
|
|
|
|
|
def set_status
|
2019-07-08 00:16:51 +10:00
|
|
|
@status = @account.statuses.find(params[:id])
|
2017-05-30 02:22:22 +10:00
|
|
|
authorize @status, :show?
|
|
|
|
rescue Mastodon::NotPermittedError
|
2020-01-24 10:20:51 +11:00
|
|
|
not_found
|
2017-03-23 05:26:22 +11:00
|
|
|
end
|
|
|
|
|
2017-08-25 00:21:42 +10:00
|
|
|
def redirect_to_original
|
2023-03-26 10:38:32 +11:00
|
|
|
redirect_to(ActivityPub::TagManager.instance.url_for(@status.reblog), allow_other_host: true) if @status.reblog?
|
2017-08-25 00:21:42 +10:00
|
|
|
end
|
2017-03-23 05:26:22 +11:00
|
|
|
end
|