406adfca27
* Fix 2FA/sign-in token sessions being valid after password change (#14802) If someone tries logging in to an account and is prompted for a 2FA code or sign-in token, even if the account's password or e-mail is updated in the meantime, the session will show the prompt and allow the login process to complete with a valid 2FA code or sign-in token * Fix Move handler not being triggered when failing to fetch target (#15107) When failing to fetch the target account, the ProcessingWorker fails as expected, but since it hasn't cleared the `move_in_progress` flag, the next attempt at processing skips the `Move` activity altogether. This commit changes it to clear the flag when encountering any unexpected error on fetching the target account. This is likely to occur because, of, e.g., a timeout, when many instances query the same actor at the same time. * Fix slow distinct queries where grouped queries are faster (#15287) About 2x speed-up on inboxes query * Fix possible inconsistencies in tag search (#14906) Do not downcase the queried tag before passing it to postgres when searching: - tags are not downcased on creation - `arel_table[:name].lower.matches(pattern)` generates an ILIKE anyway - if Postgres and Rails happen to use different case-folding rules, downcasing before query but not before insertion may mean that some tags with some casings are not searchable * Fix updating account counters when account_stat is not yet created (#15108) * Fix account processing failing because of large collections (#15027) Fixes #15025 * Fix downloading remote media files when server returns empty filename (#14867) Fixes #14817 * Fix webfinger redirect handling in ResolveAccountService (#15187) * Fix webfinger redirect handling in ResolveAccountService ResolveAccountService#process_webfinger! handled a one-step webfinger redirection, but only accepting the result if it matched the exact URI passed as input, defeating the point of a redirection check. Instead, use the same logic as in `ActivityPub::FetchRemoteAccountService`, updating the resulting `acct:` URI with the result of the first webfinger query. * Add tests * Remove dependency on unused and unmaintained http_parser.rb gem (#14574) It seems that years ago, the “http” gem dependend on the “http_parser.rb” gem (it now depends on the “http-parser” gem), and, still years ago, we pulled it from git in order to benefit from a bugfix that wasn't released yet (#7467). * Add tootctl maintenance fix-duplicates (#14860, #15201, #15264, #15349, #15359) * Fix old migration script not being able to run if it fails midway (#15361) * Fix old migration script not being able to run if it fails midway Improve the robustness of a migration script likely to fail because of database corruption so it can run again once database corruptions are fixed. * Display a specific error message in case of index corruption Co-authored-by: Eugen Rochko <eugen@zeonfederated.com> Co-authored-by: Claire <claire.github-309c@sitedethib.com> Co-authored-by: Eugen Rochko <eugen@zeonfederated.com> Co-authored-by: Claire <claire.github-309c@sitedethib.com>
153 lines
4.4 KiB
Ruby
153 lines
4.4 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class AccountsController < ApplicationController
|
|
PAGE_SIZE = 20
|
|
PAGE_SIZE_MAX = 200
|
|
|
|
include AccountControllerConcern
|
|
include SignatureAuthentication
|
|
|
|
before_action :require_signature!, if: -> { request.format == :json && authorized_fetch_mode? }
|
|
before_action :set_cache_headers
|
|
before_action :set_body_classes
|
|
|
|
skip_around_action :set_locale, if: -> { [:json, :rss].include?(request.format&.to_sym) }
|
|
skip_before_action :require_functional!, unless: :whitelist_mode?
|
|
|
|
def show
|
|
respond_to do |format|
|
|
format.html do
|
|
expires_in 0, public: true unless user_signed_in?
|
|
|
|
@pinned_statuses = []
|
|
@endorsed_accounts = @account.endorsed_accounts.to_a.sample(4)
|
|
@featured_hashtags = @account.featured_tags.order(statuses_count: :desc)
|
|
|
|
if current_account && @account.blocking?(current_account)
|
|
@statuses = []
|
|
return
|
|
end
|
|
|
|
@pinned_statuses = cache_collection(@account.pinned_statuses, Status) if show_pinned_statuses?
|
|
@statuses = filtered_status_page
|
|
@statuses = cache_collection(@statuses, Status)
|
|
@rss_url = rss_url
|
|
|
|
unless @statuses.empty?
|
|
@older_url = older_url if @statuses.last.id > filtered_statuses.last.id
|
|
@newer_url = newer_url if @statuses.first.id < filtered_statuses.first.id
|
|
end
|
|
end
|
|
|
|
format.rss do
|
|
expires_in 1.minute, public: true
|
|
|
|
limit = params[:limit].present? ? [params[:limit].to_i, PAGE_SIZE_MAX].min : PAGE_SIZE
|
|
@statuses = filtered_statuses.without_reblogs.limit(limit)
|
|
@statuses = cache_collection(@statuses, Status)
|
|
render xml: RSS::AccountSerializer.render(@account, @statuses, params[:tag])
|
|
end
|
|
|
|
format.json do
|
|
expires_in 3.minutes, public: !(authorized_fetch_mode? && signed_request_account.present?)
|
|
render_with_cache json: @account, content_type: 'application/activity+json', serializer: ActivityPub::ActorSerializer, adapter: ActivityPub::Adapter
|
|
end
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
def set_body_classes
|
|
@body_classes = 'with-modals'
|
|
end
|
|
|
|
def show_pinned_statuses?
|
|
[replies_requested?, media_requested?, tag_requested?, params[:max_id].present?, params[:min_id].present?].none?
|
|
end
|
|
|
|
def filtered_statuses
|
|
default_statuses.tap do |statuses|
|
|
statuses.merge!(hashtag_scope) if tag_requested?
|
|
statuses.merge!(only_media_scope) if media_requested?
|
|
statuses.merge!(no_replies_scope) unless replies_requested?
|
|
end
|
|
end
|
|
|
|
def default_statuses
|
|
@account.statuses.where(visibility: [:public, :unlisted])
|
|
end
|
|
|
|
def only_media_scope
|
|
Status.where(id: account_media_status_ids)
|
|
end
|
|
|
|
def account_media_status_ids
|
|
@account.media_attachments.attached.reorder(nil).select(:status_id).group(:status_id)
|
|
end
|
|
|
|
def no_replies_scope
|
|
Status.without_replies
|
|
end
|
|
|
|
def hashtag_scope
|
|
tag = Tag.find_normalized(params[:tag])
|
|
|
|
if tag
|
|
Status.tagged_with(tag.id)
|
|
else
|
|
Status.none
|
|
end
|
|
end
|
|
|
|
def username_param
|
|
params[:username]
|
|
end
|
|
|
|
def rss_url
|
|
if tag_requested?
|
|
short_account_tag_url(@account, params[:tag], format: 'rss')
|
|
else
|
|
short_account_url(@account, format: 'rss')
|
|
end
|
|
end
|
|
|
|
def older_url
|
|
pagination_url(max_id: @statuses.last.id)
|
|
end
|
|
|
|
def newer_url
|
|
pagination_url(min_id: @statuses.first.id)
|
|
end
|
|
|
|
def pagination_url(max_id: nil, min_id: nil)
|
|
if tag_requested?
|
|
short_account_tag_url(@account, params[:tag], max_id: max_id, min_id: min_id)
|
|
elsif media_requested?
|
|
short_account_media_url(@account, max_id: max_id, min_id: min_id)
|
|
elsif replies_requested?
|
|
short_account_with_replies_url(@account, max_id: max_id, min_id: min_id)
|
|
else
|
|
short_account_url(@account, max_id: max_id, min_id: min_id)
|
|
end
|
|
end
|
|
|
|
def media_requested?
|
|
request.path.split('.').first.ends_with?('/media') && !tag_requested?
|
|
end
|
|
|
|
def replies_requested?
|
|
request.path.split('.').first.ends_with?('/with_replies') && !tag_requested?
|
|
end
|
|
|
|
def tag_requested?
|
|
request.path.split('.').first.ends_with?(Addressable::URI.parse("/tagged/#{params[:tag]}").normalize)
|
|
end
|
|
|
|
def filtered_status_page
|
|
filtered_statuses.paginate_by_id(PAGE_SIZE, params_slice(:max_id, :min_id, :since_id))
|
|
end
|
|
|
|
def params_slice(*keys)
|
|
params.slice(*keys).permit(*keys)
|
|
end
|
|
end
|