Make public timelines API not require user context/app credentials (#1291)
* Make /api/v1/timelines/public and /api/v1/timelines/tag/:id public Fix #1156 - respect query params when generating pagination links in API * Apply pagination fix to more APIs
This commit is contained in:
		
					parent
					
						
							
								9acdb166e8
							
						
					
				
			
			
				commit
				
					
						b89f007862
					
				
			
		
					 8 changed files with 74 additions and 56 deletions
				
			
		|  | @ -20,10 +20,8 @@ class Api::V1::AccountsController < ApiController | |||
|     accounts  = Account.where(id: results.map(&:target_account_id)).map { |a| [a.id, a] }.to_h | ||||
|     @accounts = results.map { |f| accounts[f.target_account_id] } | ||||
| 
 | ||||
|     # set_account_counters_maps(@accounts) | ||||
| 
 | ||||
|     next_path = following_api_v1_account_url(max_id: results.last.id)    if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) | ||||
|     prev_path = following_api_v1_account_url(since_id: results.first.id) unless results.empty? | ||||
|     next_path = following_api_v1_account_url(pagination_params(max_id: results.last.id))    if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) | ||||
|     prev_path = following_api_v1_account_url(pagination_params(since_id: results.first.id)) unless results.empty? | ||||
| 
 | ||||
|     set_pagination_headers(next_path, prev_path) | ||||
| 
 | ||||
|  | @ -35,10 +33,8 @@ class Api::V1::AccountsController < ApiController | |||
|     accounts  = Account.where(id: results.map(&:account_id)).map { |a| [a.id, a] }.to_h | ||||
|     @accounts = results.map { |f| accounts[f.account_id] } | ||||
| 
 | ||||
|     # set_account_counters_maps(@accounts) | ||||
| 
 | ||||
|     next_path = followers_api_v1_account_url(max_id: results.last.id)    if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) | ||||
|     prev_path = followers_api_v1_account_url(since_id: results.first.id) unless results.empty? | ||||
|     next_path = followers_api_v1_account_url(pagination_params(max_id: results.last.id))    if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) | ||||
|     prev_path = followers_api_v1_account_url(pagination_params(since_id: results.first.id)) unless results.empty? | ||||
| 
 | ||||
|     set_pagination_headers(next_path, prev_path) | ||||
| 
 | ||||
|  | @ -52,11 +48,9 @@ class Api::V1::AccountsController < ApiController | |||
|     @statuses = cache_collection(@statuses, Status) | ||||
| 
 | ||||
|     set_maps(@statuses) | ||||
|     # set_counters_maps(@statuses) | ||||
|     # set_account_counters_maps(@statuses.flat_map { |s| [s.account, s.reblog? ? s.reblog.account : nil] }.compact.uniq) | ||||
| 
 | ||||
|     next_path = statuses_api_v1_account_url(max_id: @statuses.last.id)    unless @statuses.empty? | ||||
|     prev_path = statuses_api_v1_account_url(since_id: @statuses.first.id) unless @statuses.empty? | ||||
|     next_path = statuses_api_v1_account_url(statuses_pagination_params(max_id: @statuses.last.id))    unless @statuses.empty? | ||||
|     prev_path = statuses_api_v1_account_url(statuses_pagination_params(since_id: @statuses.first.id)) unless @statuses.empty? | ||||
| 
 | ||||
|     set_pagination_headers(next_path, prev_path) | ||||
|   end | ||||
|  | @ -117,8 +111,6 @@ class Api::V1::AccountsController < ApiController | |||
|   def search | ||||
|     @accounts = AccountSearchService.new.call(params[:q], limit_param(DEFAULT_ACCOUNTS_LIMIT), params[:resolve] == 'true', current_account) | ||||
| 
 | ||||
|     # set_account_counters_maps(@accounts) unless @accounts.nil? | ||||
| 
 | ||||
|     render action: :index | ||||
|   end | ||||
| 
 | ||||
|  | @ -135,4 +127,12 @@ class Api::V1::AccountsController < ApiController | |||
|     @muting      = Account.muting_map([@account.id], current_user.account_id) | ||||
|     @requested   = Account.requested_map([@account.id], current_user.account_id) | ||||
|   end | ||||
| 
 | ||||
|   def pagination_params(core_params) | ||||
|     params.permit(:limit).merge(core_params) | ||||
|   end | ||||
| 
 | ||||
|   def statuses_pagination_params(core_params) | ||||
|     params.permit(:limit, :only_media, :exclude_replies).merge(core_params) | ||||
|   end | ||||
| end | ||||
|  |  | |||
|  | @ -11,11 +11,15 @@ class Api::V1::BlocksController < ApiController | |||
|     accounts  = Account.where(id: results.map(&:target_account_id)).map { |a| [a.id, a] }.to_h | ||||
|     @accounts = results.map { |f| accounts[f.target_account_id] }.compact | ||||
| 
 | ||||
|     # set_account_counters_maps(@accounts) | ||||
| 
 | ||||
|     next_path = api_v1_blocks_url(max_id: results.last.id)    if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) | ||||
|     prev_path = api_v1_blocks_url(since_id: results.first.id) unless results.empty? | ||||
|     next_path = api_v1_blocks_url(pagination_params(max_id: results.last.id))    if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) | ||||
|     prev_path = api_v1_blocks_url(pagination_params(since_id: results.first.id)) unless results.empty? | ||||
| 
 | ||||
|     set_pagination_headers(next_path, prev_path) | ||||
|   end | ||||
| 
 | ||||
|   private | ||||
| 
 | ||||
|   def pagination_params(core_params) | ||||
|     params.permit(:limit).merge(core_params) | ||||
|   end | ||||
| end | ||||
|  |  | |||
|  | @ -11,11 +11,16 @@ class Api::V1::FavouritesController < ApiController | |||
|     @statuses = cache_collection(Status.where(id: results.map(&:status_id)), Status) | ||||
| 
 | ||||
|     set_maps(@statuses) | ||||
|     # set_counters_maps(@statuses) | ||||
| 
 | ||||
|     next_path = api_v1_favourites_url(max_id: results.last.id)    if results.size == limit_param(DEFAULT_STATUSES_LIMIT) | ||||
|     prev_path = api_v1_favourites_url(since_id: results.first.id) unless results.empty? | ||||
|     next_path = api_v1_favourites_url(pagination_params(max_id: results.last.id))    if results.size == limit_param(DEFAULT_STATUSES_LIMIT) | ||||
|     prev_path = api_v1_favourites_url(pagination_params(since_id: results.first.id)) unless results.empty? | ||||
| 
 | ||||
|     set_pagination_headers(next_path, prev_path) | ||||
|   end | ||||
| 
 | ||||
|   private | ||||
| 
 | ||||
|   def pagination_params(core_params) | ||||
|     params.permit(:limit).merge(core_params) | ||||
|   end | ||||
| end | ||||
|  |  | |||
|  | @ -9,10 +9,8 @@ class Api::V1::FollowRequestsController < ApiController | |||
|     accounts  = Account.where(id: results.map(&:account_id)).map { |a| [a.id, a] }.to_h | ||||
|     @accounts = results.map { |f| accounts[f.account_id] } | ||||
| 
 | ||||
|     # set_account_counters_maps(@accounts) | ||||
| 
 | ||||
|     next_path = api_v1_follow_requests_url(max_id: results.last.id)    if results.size == DEFAULT_ACCOUNTS_LIMIT | ||||
|     prev_path = api_v1_follow_requests_url(since_id: results.first.id) unless results.empty? | ||||
|     next_path = api_v1_follow_requests_url(pagination_params(max_id: results.last.id))    if results.size == DEFAULT_ACCOUNTS_LIMIT | ||||
|     prev_path = api_v1_follow_requests_url(pagination_params(since_id: results.first.id)) unless results.empty? | ||||
| 
 | ||||
|     set_pagination_headers(next_path, prev_path) | ||||
|   end | ||||
|  | @ -26,4 +24,10 @@ class Api::V1::FollowRequestsController < ApiController | |||
|     RejectFollowService.new.call(Account.find(params[:id]), current_account) | ||||
|     render_empty | ||||
|   end | ||||
| 
 | ||||
|   private | ||||
| 
 | ||||
|   def pagination_params(core_params) | ||||
|     params.permit(:limit).merge(core_params) | ||||
|   end | ||||
| end | ||||
|  |  | |||
|  | @ -11,11 +11,15 @@ class Api::V1::MutesController < ApiController | |||
|     accounts  = Account.where(id: results.map(&:target_account_id)).map { |a| [a.id, a] }.to_h | ||||
|     @accounts = results.map { |f| accounts[f.target_account_id] } | ||||
| 
 | ||||
|     # set_account_counters_maps(@accounts) | ||||
| 
 | ||||
|     next_path = api_v1_mutes_url(max_id: results.last.id)    if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) | ||||
|     prev_path = api_v1_mutes_url(since_id: results.first.id) unless results.empty? | ||||
|     next_path = api_v1_mutes_url(pagination_params(max_id: results.last.id))    if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) | ||||
|     prev_path = api_v1_mutes_url(pagination_params(since_id: results.first.id)) unless results.empty? | ||||
| 
 | ||||
|     set_pagination_headers(next_path, prev_path) | ||||
|   end | ||||
| 
 | ||||
|   private | ||||
| 
 | ||||
|   def pagination_params(core_params) | ||||
|     params.permit(:limit).merge(core_params) | ||||
|   end | ||||
| end | ||||
|  |  | |||
|  | @ -14,11 +14,9 @@ class Api::V1::NotificationsController < ApiController | |||
|     statuses       = @notifications.select { |n| !n.target_status.nil? }.map(&:target_status) | ||||
| 
 | ||||
|     set_maps(statuses) | ||||
|     # set_counters_maps(statuses) | ||||
|     # set_account_counters_maps(@notifications.map(&:from_account)) | ||||
| 
 | ||||
|     next_path = api_v1_notifications_url(max_id: @notifications.last.id)    unless @notifications.empty? | ||||
|     prev_path = api_v1_notifications_url(since_id: @notifications.first.id) unless @notifications.empty? | ||||
|     next_path = api_v1_notifications_url(pagination_params(max_id: @notifications.last.id))    unless @notifications.empty? | ||||
|     prev_path = api_v1_notifications_url(pagination_params(since_id: @notifications.first.id)) unless @notifications.empty? | ||||
| 
 | ||||
|     set_pagination_headers(next_path, prev_path) | ||||
|   end | ||||
|  | @ -31,4 +29,10 @@ class Api::V1::NotificationsController < ApiController | |||
|     Notification.where(account: current_account).delete_all | ||||
|     render_empty | ||||
|   end | ||||
| 
 | ||||
|   private | ||||
| 
 | ||||
|   def pagination_params(core_params) | ||||
|     params.permit(:limit).merge(core_params) | ||||
|   end | ||||
| end | ||||
|  |  | |||
|  | @ -23,7 +23,6 @@ class Api::V1::StatusesController < ApiController | |||
|     statuses = [@status] + @context[:ancestors] + @context[:descendants] | ||||
| 
 | ||||
|     set_maps(statuses) | ||||
|     # set_counters_maps(statuses) | ||||
|   end | ||||
| 
 | ||||
|   def card | ||||
|  | @ -36,10 +35,8 @@ class Api::V1::StatusesController < ApiController | |||
|     accounts  = Account.where(id: results.map(&:account_id)).map { |a| [a.id, a] }.to_h | ||||
|     @accounts = results.map { |r| accounts[r.account_id] } | ||||
| 
 | ||||
|     # set_account_counters_maps(@accounts) | ||||
| 
 | ||||
|     next_path = reblogged_by_api_v1_status_url(max_id: results.last.id)    if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) | ||||
|     prev_path = reblogged_by_api_v1_status_url(since_id: results.first.id) unless results.empty? | ||||
|     next_path = reblogged_by_api_v1_status_url(pagination_params(max_id: results.last.id))    if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) | ||||
|     prev_path = reblogged_by_api_v1_status_url(pagination_params(since_id: results.first.id)) unless results.empty? | ||||
| 
 | ||||
|     set_pagination_headers(next_path, prev_path) | ||||
| 
 | ||||
|  | @ -51,10 +48,8 @@ class Api::V1::StatusesController < ApiController | |||
|     accounts  = Account.where(id: results.map(&:account_id)).map { |a| [a.id, a] }.to_h | ||||
|     @accounts = results.map { |f| accounts[f.account_id] } | ||||
| 
 | ||||
|     # set_account_counters_maps(@accounts) | ||||
| 
 | ||||
|     next_path = favourited_by_api_v1_status_url(max_id: results.last.id)    if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) | ||||
|     prev_path = favourited_by_api_v1_status_url(since_id: results.first.id) unless results.empty? | ||||
|     next_path = favourited_by_api_v1_status_url(pagination_params(max_id: results.last.id))    if results.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) | ||||
|     prev_path = favourited_by_api_v1_status_url(pagination_params(since_id: results.first.id)) unless results.empty? | ||||
| 
 | ||||
|     set_pagination_headers(next_path, prev_path) | ||||
| 
 | ||||
|  | @ -115,4 +110,8 @@ class Api::V1::StatusesController < ApiController | |||
|   def status_params | ||||
|     params.permit(:status, :in_reply_to_id, :sensitive, :spoiler_text, :visibility, media_ids: []) | ||||
|   end | ||||
| 
 | ||||
|   def pagination_params(core_params) | ||||
|     params.permit(:limit).merge(core_params) | ||||
|   end | ||||
| end | ||||
|  |  | |||
|  | @ -1,8 +1,8 @@ | |||
| # frozen_string_literal: true | ||||
| 
 | ||||
| class Api::V1::TimelinesController < ApiController | ||||
|   before_action -> { doorkeeper_authorize! :read } | ||||
|   before_action :require_user!, only: [:home, :mentions] | ||||
|   before_action -> { doorkeeper_authorize! :read }, only: [:home] | ||||
|   before_action :require_user!, only: [:home] | ||||
| 
 | ||||
|   respond_to :json | ||||
| 
 | ||||
|  | @ -11,11 +11,9 @@ class Api::V1::TimelinesController < ApiController | |||
|     @statuses = cache_collection(@statuses) | ||||
| 
 | ||||
|     set_maps(@statuses) | ||||
|     # set_counters_maps(@statuses) | ||||
|     # set_account_counters_maps(@statuses.flat_map { |s| [s.account, s.reblog? ? s.reblog.account : nil] }.compact.uniq) | ||||
| 
 | ||||
|     next_path = api_v1_home_timeline_url(max_id: @statuses.last.id)    unless @statuses.empty? | ||||
|     prev_path = api_v1_home_timeline_url(since_id: @statuses.first.id) unless @statuses.empty? | ||||
|     next_path = api_v1_home_timeline_url(pagination_params(max_id: @statuses.last.id))    unless @statuses.empty? | ||||
|     prev_path = api_v1_home_timeline_url(pagination_params(since_id: @statuses.first.id)) unless @statuses.empty? | ||||
| 
 | ||||
|     set_pagination_headers(next_path, prev_path) | ||||
| 
 | ||||
|  | @ -27,11 +25,9 @@ class Api::V1::TimelinesController < ApiController | |||
|     @statuses = cache_collection(@statuses) | ||||
| 
 | ||||
|     set_maps(@statuses) | ||||
|     # set_counters_maps(@statuses) | ||||
|     # set_account_counters_maps(@statuses.flat_map { |s| [s.account, s.reblog? ? s.reblog.account : nil] }.compact.uniq) | ||||
| 
 | ||||
|     next_path = api_v1_public_timeline_url(max_id: @statuses.last.id)    unless @statuses.empty? | ||||
|     prev_path = api_v1_public_timeline_url(since_id: @statuses.first.id) unless @statuses.empty? | ||||
|     next_path = api_v1_public_timeline_url(pagination_params(max_id: @statuses.last.id))    unless @statuses.empty? | ||||
|     prev_path = api_v1_public_timeline_url(pagination_params(since_id: @statuses.first.id)) unless @statuses.empty? | ||||
| 
 | ||||
|     set_pagination_headers(next_path, prev_path) | ||||
| 
 | ||||
|  | @ -44,11 +40,9 @@ class Api::V1::TimelinesController < ApiController | |||
|     @statuses = cache_collection(@statuses) | ||||
| 
 | ||||
|     set_maps(@statuses) | ||||
|     # set_counters_maps(@statuses) | ||||
|     # set_account_counters_maps(@statuses.flat_map { |s| [s.account, s.reblog? ? s.reblog.account : nil] }.compact.uniq) | ||||
| 
 | ||||
|     next_path = api_v1_hashtag_timeline_url(params[:id], max_id: @statuses.last.id)    unless @statuses.empty? | ||||
|     prev_path = api_v1_hashtag_timeline_url(params[:id], since_id: @statuses.first.id) unless @statuses.empty? | ||||
|     next_path = api_v1_hashtag_timeline_url(params[:id], pagination_params(max_id: @statuses.last.id))    unless @statuses.empty? | ||||
|     prev_path = api_v1_hashtag_timeline_url(params[:id], pagination_params(since_id: @statuses.first.id)) unless @statuses.empty? | ||||
| 
 | ||||
|     set_pagination_headers(next_path, prev_path) | ||||
| 
 | ||||
|  | @ -60,4 +54,8 @@ class Api::V1::TimelinesController < ApiController | |||
|   def cache_collection(raw) | ||||
|     super(raw, Status) | ||||
|   end | ||||
| 
 | ||||
|   def pagination_params(core_params) | ||||
|     params.permit(:local, :limit).merge(core_params) | ||||
|   end | ||||
| end | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue