accounts_controller.rb 4.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107
  1. # frozen_string_literal: true
  2. class Api::V1::AccountsController < Api::BaseController
  3. before_action -> { authorize_if_got_token! :read, :'read:accounts' }, except: [:create, :follow, :unfollow, :remove_from_followers, :block, :unblock, :mute, :unmute]
  4. before_action -> { doorkeeper_authorize! :follow, :write, :'write:follows' }, only: [:follow, :unfollow, :remove_from_followers]
  5. before_action -> { doorkeeper_authorize! :follow, :write, :'write:mutes' }, only: [:mute, :unmute]
  6. before_action -> { doorkeeper_authorize! :follow, :write, :'write:blocks' }, only: [:block, :unblock]
  7. before_action -> { doorkeeper_authorize! :write, :'write:accounts' }, only: [:create]
  8. before_action :require_user!, except: [:show, :create]
  9. before_action :set_account, except: [:create]
  10. before_action :check_account_approval, except: [:create]
  11. before_action :check_account_confirmation, except: [:create]
  12. before_action :check_enabled_registrations, only: [:create]
  13. skip_before_action :require_authenticated_user!, only: :create
  14. override_rate_limit_headers :follow, family: :follows
  15. def show
  16. cache_if_unauthenticated!
  17. render json: @account, serializer: REST::AccountSerializer
  18. end
  19. def create
  20. token = AppSignUpService.new.call(doorkeeper_token.application, request.remote_ip, account_params)
  21. response = Doorkeeper::OAuth::TokenResponse.new(token)
  22. headers.merge!(response.headers)
  23. self.response_body = Oj.dump(response.body)
  24. self.status = response.status
  25. rescue ActiveRecord::RecordInvalid => e
  26. render json: ValidationErrorFormatter.new(e, 'account.username': :username, 'invite_request.text': :reason).as_json, status: 422
  27. end
  28. def follow
  29. follow = FollowService.new.call(current_user.account, @account, reblogs: params.key?(:reblogs) ? truthy_param?(:reblogs) : nil, notify: params.key?(:notify) ? truthy_param?(:notify) : nil, languages: params.key?(:languages) ? params[:languages] : nil, with_rate_limit: true)
  30. options = @account.locked? || current_user.account.silenced? ? {} : { following_map: { @account.id => { reblogs: follow.show_reblogs?, notify: follow.notify?, languages: follow.languages } }, requested_map: { @account.id => false } }
  31. render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships(**options)
  32. end
  33. def block
  34. BlockService.new.call(current_user.account, @account)
  35. render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
  36. end
  37. def mute
  38. MuteService.new.call(current_user.account, @account, notifications: truthy_param?(:notifications), duration: (params[:duration]&.to_i || 0))
  39. render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
  40. end
  41. def unfollow
  42. UnfollowService.new.call(current_user.account, @account)
  43. render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
  44. end
  45. def remove_from_followers
  46. RemoveFromFollowersService.new.call(current_user.account, @account)
  47. render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
  48. end
  49. def unblock
  50. UnblockService.new.call(current_user.account, @account)
  51. render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
  52. end
  53. def unmute
  54. UnmuteService.new.call(current_user.account, @account)
  55. render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
  56. end
  57. private
  58. def set_account
  59. @account = Account.find(params[:id])
  60. end
  61. def check_account_approval
  62. raise(ActiveRecord::RecordNotFound) if @account.local? && @account.user_pending?
  63. end
  64. def check_account_confirmation
  65. raise(ActiveRecord::RecordNotFound) if @account.local? && !@account.user_confirmed?
  66. end
  67. def relationships(**options)
  68. AccountRelationshipsPresenter.new([@account], current_user.account_id, **options)
  69. end
  70. def account_params
  71. params.permit(:username, :email, :password, :agreement, :locale, :reason, :time_zone)
  72. end
  73. def check_enabled_registrations
  74. forbidden if single_user_mode? || omniauth_only? || !allowed_registrations?
  75. end
  76. def allowed_registrations?
  77. Setting.registrations_mode != 'none'
  78. end
  79. def omniauth_only?
  80. ENV['OMNIAUTH_ONLY'] == 'true'
  81. end
  82. end