Etusivu Tutki Apua
Rekisteröidy Kirjaudu sisään
bida
/
bastodon
6
0
Fork 0
Tiedostot Ongelmat 7 Pull-pyynnöt 0 Wiki
Puu: a2bac98d81
Haarat Tagit
bastodon
/
app
/
controllers
/
api
/
v1
/
admin
/
accounts_controller.rb

accounts_controller.rb 4.0 KB
Historia Raaka

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159 
  1. # frozen_string_literal: true
    2. 

  2. 

  3. class Api::V1::Admin::AccountsController < Api::BaseController
    4. 

  4.   include Authorization
    5. 

  5.   include AccountableConcern
    6. 

  6. 

  7.   LIMIT = 100
    8. 

  8. 

  9.   before_action -> { authorize_if_got_token! :'admin:read', :'admin:read:accounts' }, only: [:index, :show]
    10. 

  10.   before_action -> { authorize_if_got_token! :'admin:write', :'admin:write:accounts' }, except: [:index, :show]
    11. 

  11.   before_action :set_accounts, only: :index
    12. 

  12.   before_action :set_account, except: :index
    13. 

  13.   before_action :require_local_account!, only: [:enable, :approve, :reject]
    14. 

  14. 

  15.   after_action :verify_authorized
    16. 

  16.   after_action :insert_pagination_headers, only: :index
    17. 

  17. 

  18.   FILTER_PARAMS = %i(
    19. 

  19.     local
    20. 

  20.     remote
    21. 

  21.     by_domain
    22. 

  22.     active
    23. 

  23.     pending
    24. 

  24.     disabled
    25. 

  25.     sensitized
    26. 

  26.     silenced
    27. 

  27.     suspended
    28. 

  28.     username
    29. 

  29.     display_name
    30. 

  30.     email
    31. 

  31.     ip
    32. 

  32.     staff
    33. 

  33.   ).freeze
    34. 

  34. 

  35.   PAGINATION_PARAMS = (%i(limit) + FILTER_PARAMS).freeze
    36. 

  36. 

  37.   def index
    38. 

  38.     authorize :account, :index?
    39. 

  39.     render json: @accounts, each_serializer: REST::Admin::AccountSerializer
    40. 

  40.   end
    41. 

  41. 

  42.   def show
    43. 

  43.     authorize @account, :show?
    44. 

  44.     render json: @account, serializer: REST::Admin::AccountSerializer
    45. 

  45.   end
    46. 

  46. 

  47.   def enable
    48. 

  48.     authorize @account.user, :enable?
    49. 

  49.     @account.user.enable!
    50. 

  50.     log_action :enable, @account.user
    51. 

  51.     render json: @account, serializer: REST::Admin::AccountSerializer
    52. 

  52.   end
    53. 

  53. 

  54.   def approve
    55. 

  55.     authorize @account.user, :approve?
    56. 

  56.     @account.user.approve!
    57. 

  57.     render json: @account, serializer: REST::Admin::AccountSerializer
    58. 

  58.   end
    59. 

  59. 

  60.   def reject
    61. 

  61.     authorize @account.user, :reject?
    62. 

  62.     DeleteAccountService.new.call(@account, reserve_email: false, reserve_username: false)
    63. 

  63.     render_empty
    64. 

  64.   end
    65. 

  65. 

  66.   def destroy
    67. 

  67.     authorize @account, :destroy?
    68. 

  68.     Admin::AccountDeletionWorker.perform_async(@account.id)
    69. 

  69.     render_empty
    70. 

  70.   end
    71. 

  71. 

  72.   def unsensitive
    73. 

  73.     authorize @account, :unsensitive?
    74. 

  74.     @account.unsensitize!
    75. 

  75.     log_action :unsensitive, @account
    76. 

  76.     render json: @account, serializer: REST::Admin::AccountSerializer
    77. 

  77.   end
    78. 

  78. 

  79.   def unsilence
    80. 

  80.     authorize @account, :unsilence?
    81. 

  81.     @account.unsilence!
    82. 

  82.     log_action :unsilence, @account
    83. 

  83.     render json: @account, serializer: REST::Admin::AccountSerializer
    84. 

  84.   end
    85. 

  85. 

  86.   def unsuspend
    87. 

  87.     authorize @account, :unsuspend?
    88. 

  88.     @account.unsuspend!
    89. 

  89.     Admin::UnsuspensionWorker.perform_async(@account.id)
    90. 

  90.     log_action :unsuspend, @account
    91. 

  91.     render json: @account, serializer: REST::Admin::AccountSerializer
    92. 

  92.   end
    93. 

  93. 

  94.   private
    95. 

  95. 

  96.   def set_accounts
    97. 

  97.     @accounts = filtered_accounts.order(id: :desc).includes(user: [:invite_request, :invite, :ips]).to_a_paginated_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
    98. 

  98.   end
    99. 

  99. 

  100.   def set_account
    101. 

  101.     @account = Account.find(params[:id])
    102. 

  102.   end
    103. 

  103. 

  104.   def filtered_accounts
    105. 

  105.     AccountFilter.new(translated_filter_params).results
    106. 

  106.   end
    107. 

  107. 

  108.   def filter_params
    109. 

  109.     params.permit(*FILTER_PARAMS)
    110. 

  110.   end
    111. 

  111. 

  112.   def translated_filter_params
    113. 

  113.     translated_params = { origin: 'local', status: 'active' }.merge(filter_params.slice(*AccountFilter::KEYS))
    114. 

  114. 

  115.     translated_params[:origin] = 'remote' if params[:remote].present?
    116. 

  116. 

  117.     %i(active pending disabled silenced suspended).each do |status|
    118. 

  118.       translated_params[:status] = status.to_s if params[status].present?
    119. 

  119.     end
    120. 

  120. 

  121.     if params[:staff].present?
    122. 

  122.       translated_params[:role_ids] = UserRole.that_can(:manage_reports).map(&:id)
    123. 

  123.     end
    124. 

  124. 

  125.     translated_params
    126. 

  126.   end
    127. 

  127. 

  128.   def insert_pagination_headers
    129. 

  129.     set_pagination_headers(next_path, prev_path)
    130. 

  130.   end
    131. 

  131. 

  132.   def next_path
    133. 

  133.     api_v1_admin_accounts_url(pagination_params(max_id: pagination_max_id)) if records_continue?
    134. 

  134.   end
    135. 

  135. 

  136.   def prev_path
    137. 

  137.     api_v1_admin_accounts_url(pagination_params(min_id: pagination_since_id)) unless @accounts.empty?
    138. 

  138.   end
    139. 

  139. 

  140.   def pagination_max_id
    141. 

  141.     @accounts.last.id
    142. 

  142.   end
    143. 

  143. 

  144.   def pagination_since_id
    145. 

  145.     @accounts.first.id
    146. 

  146.   end
    147. 

  147. 

  148.   def records_continue?
    149. 

  149.     @accounts.size == limit_param(LIMIT)
    150. 

  150.   end
    151. 

  151. 

  152.   def pagination_params(core_params)
    153. 

  153.     params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
    154. 

  154.   end
    155. 

  155. 

  156.   def require_local_account!
    157. 

  157.     forbidden unless @account.local? && @account.user.present?
    158. 

  158.   end
    159. 

  159. end
    160.