2018-08-18 02:03:12 +01:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
class AuthorizeInteractionsController < ApplicationController
|
|
|
|
include Authorization
|
|
|
|
|
|
|
|
layout 'modal'
|
|
|
|
|
|
|
|
before_action :authenticate_user!
|
|
|
|
before_action :set_body_classes
|
|
|
|
before_action :set_resource
|
2018-08-18 17:04:49 +01:00
|
|
|
before_action :set_pack
|
2018-08-18 02:03:12 +01:00
|
|
|
|
|
|
|
def show
|
|
|
|
if @resource.is_a?(Account)
|
|
|
|
render :show
|
|
|
|
elsif @resource.is_a?(Status)
|
|
|
|
redirect_to web_url("statuses/#{@resource.id}")
|
|
|
|
else
|
|
|
|
render :error
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def create
|
2020-03-08 14:17:39 +00:00
|
|
|
if @resource.is_a?(Account) && FollowService.new.call(current_account, @resource, with_rate_limit: true)
|
2018-08-18 02:03:12 +01:00
|
|
|
render :success
|
|
|
|
else
|
|
|
|
render :error
|
|
|
|
end
|
|
|
|
rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError
|
|
|
|
render :error
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def set_resource
|
|
|
|
@resource = located_resource || render(:error)
|
|
|
|
authorize(@resource, :show?) if @resource.is_a?(Status)
|
|
|
|
end
|
|
|
|
|
|
|
|
def located_resource
|
|
|
|
if uri_param_is_url?
|
|
|
|
ResolveURLService.new.call(uri_param)
|
|
|
|
else
|
|
|
|
account_from_remote_follow
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def account_from_remote_follow
|
|
|
|
ResolveAccountService.new.call(uri_param)
|
|
|
|
end
|
|
|
|
|
|
|
|
def uri_param_is_url?
|
|
|
|
parsed_uri.path && %w(http https).include?(parsed_uri.scheme)
|
|
|
|
end
|
|
|
|
|
|
|
|
def parsed_uri
|
|
|
|
Addressable::URI.parse(uri_param).normalize
|
|
|
|
end
|
|
|
|
|
|
|
|
def uri_param
|
|
|
|
params[:uri] || params.fetch(:acct, '').gsub(/\Aacct:/, '')
|
|
|
|
end
|
|
|
|
|
|
|
|
def set_body_classes
|
|
|
|
@body_classes = 'modal-layout'
|
|
|
|
end
|
2018-08-18 17:04:49 +01:00
|
|
|
|
|
|
|
def set_pack
|
|
|
|
use_pack 'modal'
|
|
|
|
end
|
2018-08-18 02:03:12 +01:00
|
|
|
end
|