Home Explore Help
Register Sign In
bida
/
bastodon
7
0
Fork 0
Files Issues 8 Pull Requests 0 Wiki
Tree: 839f893168
Branches Tags
bastodon
/
app
/
controllers
/
statuses_controller.rb

statuses_controller.rb 2.3 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576 
  1. # frozen_string_literal: true
    2. 

  2. 

  3. class StatusesController < ApplicationController
    4. 

  4.   include WebAppControllerConcern
    5. 

  5.   include StatusControllerConcern
    6. 

  6.   include SignatureAuthentication
    7. 

  7.   include Authorization
    8. 

  8.   include AccountOwnedConcern
    9. 

  9. 

  10.   before_action :require_account_signature!, only: [:show, :activity], if: -> { request.format == :json && authorized_fetch_mode? }
    11. 

  11.   before_action :set_status
    12. 

  12.   before_action :set_instance_presenter
    13. 

  13.   before_action :set_link_headers
    14. 

  14.   before_action :redirect_to_original, only: :show
    15. 

  15.   before_action :set_cache_headers
    16. 

  16.   before_action :set_body_classes, only: :embed
    17. 

  17. 

  18.   skip_around_action :set_locale, if: -> { request.format == :json }
    19. 

  19.   skip_before_action :require_functional!, only: [:show, :embed], unless: :whitelist_mode?
    20. 

  20. 

  21.   content_security_policy only: :embed do |p|
    22. 

  22.     p.frame_ancestors(false)
    23. 

  23.   end
    24. 

  24. 

  25.   def show
    26. 

  26.     respond_to do |format|
    27. 

  27.       format.html do
    28. 

  28.         expires_in 10.seconds, public: true if current_account.nil?
    29. 

  29.       end
    30. 

  30. 

  31.       format.json do
    32. 

  32.         expires_in 3.minutes, public: @status.distributable? && public_fetch_mode?
    33. 

  33.         render_with_cache json: @status, content_type: 'application/activity+json', serializer: ActivityPub::NoteSerializer, adapter: ActivityPub::Adapter
    34. 

  34.       end
    35. 

  35.     end
    36. 

  36.   end
    37. 

  37. 

  38.   def activity
    39. 

  39.     expires_in 3.minutes, public: @status.distributable? && public_fetch_mode?
    40. 

  40.     render_with_cache json: ActivityPub::ActivityPresenter.from_status(@status), content_type: 'application/activity+json', serializer: ActivityPub::ActivitySerializer, adapter: ActivityPub::Adapter
    41. 

  41.   end
    42. 

  42. 

  43.   def embed
    44. 

  44.     return not_found if @status.hidden? || @status.reblog?
    45. 

  45. 

  46.     expires_in 180, public: true
    47. 

  47.     response.headers['X-Frame-Options'] = 'ALLOWALL'
    48. 

  48. 

  49.     render layout: 'embedded'
    50. 

  50.   end
    51. 

  51. 

  52.   private
    53. 

  53. 

  54.   def set_body_classes
    55. 

  55.     @body_classes = 'with-modals'
    56. 

  56.   end
    57. 

  57. 

  58.   def set_link_headers
    59. 

  59.     response.headers['Link'] = LinkHeader.new([[ActivityPub::TagManager.instance.uri_for(@status), [%w(rel alternate), %w(type application/activity+json)]]])
    60. 

  60.   end
    61. 

  61. 

  62.   def set_status
    63. 

  63.     @status = @account.statuses.find(params[:id])
    64. 

  64.     authorize @status, :show?
    65. 

  65.   rescue Mastodon::NotPermittedError
    66. 

  66.     not_found
    67. 

  67.   end
    68. 

  68. 

  69.   def set_instance_presenter
    70. 

  70.     @instance_presenter = InstancePresenter.new
    71. 

  71.   end
    72. 

  72. 

  73.   def redirect_to_original
    74. 

  74.     redirect_to ActivityPub::TagManager.instance.url_for(@status.reblog) if @status.reblog?
    75. 

  75.   end
    76. 

  76. end
    77.